Azure Active Directory (Azure AD) v6.4.0, Apr 7 25

Azure Active Directory (Azure AD) v6.4.0 published on Monday, Apr 7, 2025 by Pulumi

azuread.User

Explore with Pulumi AI

Azure Active Directory (Azure AD) v6.4.0 published on Monday, Apr 7, 2025 by Pulumi

API Permissions

The following API permissions are required in order to use this resource.

When authenticated with a service principal, this resource requires one of the following application roles: User.ReadWrite.All or Directory.ReadWrite.All

When authenticated with a user principal, this resource requires one of the following directory roles: User Administrator or Global Administrator

import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";

const example = new azuread.User("example", {
    userPrincipalName: "jdoe@example.com",
    displayName: "J. Doe",
    mailNickname: "jdoe",
    password: "SecretP@sswd99!",
});

import pulumi
import pulumi_azuread as azuread

example = azuread.User("example",
    user_principal_name="jdoe@example.com",
    display_name="J. Doe",
    mail_nickname="jdoe",
    password="SecretP@sswd99!")

package main

import (
	"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := azuread.NewUser(ctx, "example", &azuread.UserArgs{
			UserPrincipalName: pulumi.String("jdoe@example.com"),
			DisplayName:       pulumi.String("J. Doe"),
			MailNickname:      pulumi.String("jdoe"),
			Password:          pulumi.String("SecretP@sswd99!"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureAD = Pulumi.AzureAD;

return await Deployment.RunAsync(() => 
{
    var example = new AzureAD.User("example", new()
    {
        UserPrincipalName = "jdoe@example.com",
        DisplayName = "J. Doe",
        MailNickname = "jdoe",
        Password = "SecretP@sswd99!",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.User;
import com.pulumi.azuread.UserArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new User("example", UserArgs.builder()
            .userPrincipalName("jdoe@example.com")
            .displayName("J. Doe")
            .mailNickname("jdoe")
            .password("SecretP@sswd99!")
            .build());

    }
}

resources:
  example:
    type: azuread:User
    properties:
      userPrincipalName: jdoe@example.com
      displayName: J. Doe
      mailNickname: jdoe
      password: SecretP@sswd99!

Create User Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

TypeScript
Python
Go
C#
Java
YAML

new User(name: string, args: UserArgs, opts?: CustomResourceOptions);

@overload
def User(resource_name: str,
         args: UserArgs,
         opts: Optional[ResourceOptions] = None)

@overload
def User(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         display_name: Optional[str] = None,
         user_principal_name: Optional[str] = None,
         given_name: Optional[str] = None,
         job_title: Optional[str] = None,
         company_name: Optional[str] = None,
         consent_provided_for_minor: Optional[str] = None,
         cost_center: Optional[str] = None,
         country: Optional[str] = None,
         department: Optional[str] = None,
         disable_password_expiration: Optional[bool] = None,
         disable_strong_password: Optional[bool] = None,
         business_phones: Optional[Sequence[str]] = None,
         mail: Optional[str] = None,
         employee_hire_date: Optional[str] = None,
         employee_id: Optional[str] = None,
         employee_type: Optional[str] = None,
         fax_number: Optional[str] = None,
         force_password_change: Optional[bool] = None,
         city: Optional[str] = None,
         account_enabled: Optional[bool] = None,
         division: Optional[str] = None,
         mail_nickname: Optional[str] = None,
         manager_id: Optional[str] = None,
         mobile_phone: Optional[str] = None,
         office_location: Optional[str] = None,
         onpremises_immutable_id: Optional[str] = None,
         other_mails: Optional[Sequence[str]] = None,
         password: Optional[str] = None,
         postal_code: Optional[str] = None,
         preferred_language: Optional[str] = None,
         show_in_address_list: Optional[bool] = None,
         state: Optional[str] = None,
         street_address: Optional[str] = None,
         surname: Optional[str] = None,
         usage_location: Optional[str] = None,
         age_group: Optional[str] = None)

func NewUser(ctx *Context, name string, args UserArgs, opts ...ResourceOption) (*User, error)

public User(string name, UserArgs args, CustomResourceOptions? opts = null)

public User(String name, UserArgs args)
public User(String name, UserArgs args, CustomResourceOptions options)

type: azuread:User
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args UserArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args UserArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args UserArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args UserArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args UserArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var userResource = new AzureAD.User("userResource", new()
{
    DisplayName = "string",
    UserPrincipalName = "string",
    GivenName = "string",
    JobTitle = "string",
    CompanyName = "string",
    ConsentProvidedForMinor = "string",
    CostCenter = "string",
    Country = "string",
    Department = "string",
    DisablePasswordExpiration = false,
    DisableStrongPassword = false,
    BusinessPhones = new[]
    {
        "string",
    },
    Mail = "string",
    EmployeeHireDate = "string",
    EmployeeId = "string",
    EmployeeType = "string",
    FaxNumber = "string",
    ForcePasswordChange = false,
    City = "string",
    AccountEnabled = false,
    Division = "string",
    MailNickname = "string",
    ManagerId = "string",
    MobilePhone = "string",
    OfficeLocation = "string",
    OnpremisesImmutableId = "string",
    OtherMails = new[]
    {
        "string",
    },
    Password = "string",
    PostalCode = "string",
    PreferredLanguage = "string",
    ShowInAddressList = false,
    State = "string",
    StreetAddress = "string",
    Surname = "string",
    UsageLocation = "string",
    AgeGroup = "string",
});

example, err := azuread.NewUser(ctx, "userResource", &azuread.UserArgs{
	DisplayName:               pulumi.String("string"),
	UserPrincipalName:         pulumi.String("string"),
	GivenName:                 pulumi.String("string"),
	JobTitle:                  pulumi.String("string"),
	CompanyName:               pulumi.String("string"),
	ConsentProvidedForMinor:   pulumi.String("string"),
	CostCenter:                pulumi.String("string"),
	Country:                   pulumi.String("string"),
	Department:                pulumi.String("string"),
	DisablePasswordExpiration: pulumi.Bool(false),
	DisableStrongPassword:     pulumi.Bool(false),
	BusinessPhones: pulumi.StringArray{
		pulumi.String("string"),
	},
	Mail:                  pulumi.String("string"),
	EmployeeHireDate:      pulumi.String("string"),
	EmployeeId:            pulumi.String("string"),
	EmployeeType:          pulumi.String("string"),
	FaxNumber:             pulumi.String("string"),
	ForcePasswordChange:   pulumi.Bool(false),
	City:                  pulumi.String("string"),
	AccountEnabled:        pulumi.Bool(false),
	Division:              pulumi.String("string"),
	MailNickname:          pulumi.String("string"),
	ManagerId:             pulumi.String("string"),
	MobilePhone:           pulumi.String("string"),
	OfficeLocation:        pulumi.String("string"),
	OnpremisesImmutableId: pulumi.String("string"),
	OtherMails: pulumi.StringArray{
		pulumi.String("string"),
	},
	Password:          pulumi.String("string"),
	PostalCode:        pulumi.String("string"),
	PreferredLanguage: pulumi.String("string"),
	ShowInAddressList: pulumi.Bool(false),
	State:             pulumi.String("string"),
	StreetAddress:     pulumi.String("string"),
	Surname:           pulumi.String("string"),
	UsageLocation:     pulumi.String("string"),
	AgeGroup:          pulumi.String("string"),
})

var userResource = new User("userResource", UserArgs.builder()
    .displayName("string")
    .userPrincipalName("string")
    .givenName("string")
    .jobTitle("string")
    .companyName("string")
    .consentProvidedForMinor("string")
    .costCenter("string")
    .country("string")
    .department("string")
    .disablePasswordExpiration(false)
    .disableStrongPassword(false)
    .businessPhones("string")
    .mail("string")
    .employeeHireDate("string")
    .employeeId("string")
    .employeeType("string")
    .faxNumber("string")
    .forcePasswordChange(false)
    .city("string")
    .accountEnabled(false)
    .division("string")
    .mailNickname("string")
    .managerId("string")
    .mobilePhone("string")
    .officeLocation("string")
    .onpremisesImmutableId("string")
    .otherMails("string")
    .password("string")
    .postalCode("string")
    .preferredLanguage("string")
    .showInAddressList(false)
    .state("string")
    .streetAddress("string")
    .surname("string")
    .usageLocation("string")
    .ageGroup("string")
    .build());

user_resource = azuread.User("userResource",
    display_name="string",
    user_principal_name="string",
    given_name="string",
    job_title="string",
    company_name="string",
    consent_provided_for_minor="string",
    cost_center="string",
    country="string",
    department="string",
    disable_password_expiration=False,
    disable_strong_password=False,
    business_phones=["string"],
    mail="string",
    employee_hire_date="string",
    employee_id="string",
    employee_type="string",
    fax_number="string",
    force_password_change=False,
    city="string",
    account_enabled=False,
    division="string",
    mail_nickname="string",
    manager_id="string",
    mobile_phone="string",
    office_location="string",
    onpremises_immutable_id="string",
    other_mails=["string"],
    password="string",
    postal_code="string",
    preferred_language="string",
    show_in_address_list=False,
    state="string",
    street_address="string",
    surname="string",
    usage_location="string",
    age_group="string")

const userResource = new azuread.User("userResource", {
    displayName: "string",
    userPrincipalName: "string",
    givenName: "string",
    jobTitle: "string",
    companyName: "string",
    consentProvidedForMinor: "string",
    costCenter: "string",
    country: "string",
    department: "string",
    disablePasswordExpiration: false,
    disableStrongPassword: false,
    businessPhones: ["string"],
    mail: "string",
    employeeHireDate: "string",
    employeeId: "string",
    employeeType: "string",
    faxNumber: "string",
    forcePasswordChange: false,
    city: "string",
    accountEnabled: false,
    division: "string",
    mailNickname: "string",
    managerId: "string",
    mobilePhone: "string",
    officeLocation: "string",
    onpremisesImmutableId: "string",
    otherMails: ["string"],
    password: "string",
    postalCode: "string",
    preferredLanguage: "string",
    showInAddressList: false,
    state: "string",
    streetAddress: "string",
    surname: "string",
    usageLocation: "string",
    ageGroup: "string",
});

type: azuread:User
properties:
    accountEnabled: false
    ageGroup: string
    businessPhones:
        - string
    city: string
    companyName: string
    consentProvidedForMinor: string
    costCenter: string
    country: string
    department: string
    disablePasswordExpiration: false
    disableStrongPassword: false
    displayName: string
    division: string
    employeeHireDate: string
    employeeId: string
    employeeType: string
    faxNumber: string
    forcePasswordChange: false
    givenName: string
    jobTitle: string
    mail: string
    mailNickname: string
    managerId: string
    mobilePhone: string
    officeLocation: string
    onpremisesImmutableId: string
    otherMails:
        - string
    password: string
    postalCode: string
    preferredLanguage: string
    showInAddressList: false
    state: string
    streetAddress: string
    surname: string
    usageLocation: string
    userPrincipalName: string

User Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The User resource accepts the following input properties:

DisplayName string: The name to display in the address book for the user.
UserPrincipalName string: The user principal name (UPN) of the user.
AccountEnabled bool: Whether or not the account should be enabled.
AgeGroup string: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
BusinessPhones List<string>: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
City string: The city in which the user is located.
CompanyName string: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
ConsentProvidedForMinor string: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
CostCenter string: The cost center associated with the user.
Country string: The country/region in which the user is located. Examples include: NO, JP, and GB.
Department string: The name for the department in which the user works.
DisablePasswordExpiration bool: Whether the user's password is exempt from expiring. Defaults to false.
DisableStrongPassword bool: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
Division string: The name of the division in which the user works.
EmployeeHireDate string: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
EmployeeId string: The employee identifier assigned to the user by the organisation.
EmployeeType string: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
FaxNumber string: The fax number of the user.
ForcePasswordChange bool: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
GivenName string: The given name (first name) of the user.
JobTitle string: The user’s job title.
Mail string: The SMTP address for the user. This property cannot be unset once specified.
MailNickname string: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
ManagerId string: The object ID of the user's manager.
MobilePhone string: The primary cellular telephone number for the user.
OfficeLocation string: The office location in the user's place of business.
OnpremisesImmutableId string: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
OtherMails List<string>: A list of additional email addresses for the user.
Password string: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
PostalCode string: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
PreferredLanguage string: The user's preferred language, in ISO 639-1 notation.
ShowInAddressList bool: Whether or not the Outlook global address list should include this user. Defaults to true.
State string: The state or province in the user's address.
StreetAddress string: The street address of the user's place of business.
Surname string: The user's surname (family name or last name).
UsageLocation string: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.

DisplayName string: The name to display in the address book for the user.
UserPrincipalName string: The user principal name (UPN) of the user.
AccountEnabled bool: Whether or not the account should be enabled.
AgeGroup string: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
BusinessPhones []string: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
City string: The city in which the user is located.
CompanyName string: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
ConsentProvidedForMinor string: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
CostCenter string: The cost center associated with the user.
Country string: The country/region in which the user is located. Examples include: NO, JP, and GB.
Department string: The name for the department in which the user works.
DisablePasswordExpiration bool: Whether the user's password is exempt from expiring. Defaults to false.
DisableStrongPassword bool: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
Division string: The name of the division in which the user works.
EmployeeHireDate string: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
EmployeeId string: The employee identifier assigned to the user by the organisation.
EmployeeType string: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
FaxNumber string: The fax number of the user.
ForcePasswordChange bool: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
GivenName string: The given name (first name) of the user.
JobTitle string: The user’s job title.
Mail string: The SMTP address for the user. This property cannot be unset once specified.
MailNickname string: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
ManagerId string: The object ID of the user's manager.
MobilePhone string: The primary cellular telephone number for the user.
OfficeLocation string: The office location in the user's place of business.
OnpremisesImmutableId string: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
OtherMails []string: A list of additional email addresses for the user.
Password string: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
PostalCode string: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
PreferredLanguage string: The user's preferred language, in ISO 639-1 notation.
ShowInAddressList bool: Whether or not the Outlook global address list should include this user. Defaults to true.
State string: The state or province in the user's address.
StreetAddress string: The street address of the user's place of business.
Surname string: The user's surname (family name or last name).
UsageLocation string: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.

displayName String: The name to display in the address book for the user.
userPrincipalName String: The user principal name (UPN) of the user.
accountEnabled Boolean: Whether or not the account should be enabled.
ageGroup String: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
businessPhones List<String>: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
city String: The city in which the user is located.
companyName String: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
consentProvidedForMinor String: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
costCenter String: The cost center associated with the user.
country String: The country/region in which the user is located. Examples include: NO, JP, and GB.
department String: The name for the department in which the user works.
disablePasswordExpiration Boolean: Whether the user's password is exempt from expiring. Defaults to false.
disableStrongPassword Boolean: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
division String: The name of the division in which the user works.
employeeHireDate String: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
employeeId String: The employee identifier assigned to the user by the organisation.
employeeType String: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
faxNumber String: The fax number of the user.
forcePasswordChange Boolean: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
givenName String: The given name (first name) of the user.
jobTitle String: The user’s job title.
mail String: The SMTP address for the user. This property cannot be unset once specified.
mailNickname String: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
managerId String: The object ID of the user's manager.
mobilePhone String: The primary cellular telephone number for the user.
officeLocation String: The office location in the user's place of business.
onpremisesImmutableId String: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
otherMails List<String>: A list of additional email addresses for the user.
password String: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
postalCode String: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferredLanguage String: The user's preferred language, in ISO 639-1 notation.
showInAddressList Boolean: Whether or not the Outlook global address list should include this user. Defaults to true.
state String: The state or province in the user's address.
streetAddress String: The street address of the user's place of business.
surname String: The user's surname (family name or last name).
usageLocation String: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.

displayName string: The name to display in the address book for the user.
userPrincipalName string: The user principal name (UPN) of the user.
accountEnabled boolean: Whether or not the account should be enabled.
ageGroup string: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
businessPhones string[]: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
city string: The city in which the user is located.
companyName string: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
consentProvidedForMinor string: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
costCenter string: The cost center associated with the user.
country string: The country/region in which the user is located. Examples include: NO, JP, and GB.
department string: The name for the department in which the user works.
disablePasswordExpiration boolean: Whether the user's password is exempt from expiring. Defaults to false.
disableStrongPassword boolean: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
division string: The name of the division in which the user works.
employeeHireDate string: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
employeeId string: The employee identifier assigned to the user by the organisation.
employeeType string: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
faxNumber string: The fax number of the user.
forcePasswordChange boolean: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
givenName string: The given name (first name) of the user.
jobTitle string: The user’s job title.
mail string: The SMTP address for the user. This property cannot be unset once specified.
mailNickname string: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
managerId string: The object ID of the user's manager.
mobilePhone string: The primary cellular telephone number for the user.
officeLocation string: The office location in the user's place of business.
onpremisesImmutableId string: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
otherMails string[]: A list of additional email addresses for the user.
password string: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
postalCode string: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferredLanguage string: The user's preferred language, in ISO 639-1 notation.
showInAddressList boolean: Whether or not the Outlook global address list should include this user. Defaults to true.
state string: The state or province in the user's address.
streetAddress string: The street address of the user's place of business.
surname string: The user's surname (family name or last name).
usageLocation string: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.

display_name str: The name to display in the address book for the user.
user_principal_name str: The user principal name (UPN) of the user.
account_enabled bool: Whether or not the account should be enabled.
age_group str: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
business_phones Sequence[str]: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
city str: The city in which the user is located.
company_name str: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
consent_provided_for_minor str: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
cost_center str: The cost center associated with the user.
country str: The country/region in which the user is located. Examples include: NO, JP, and GB.
department str: The name for the department in which the user works.
disable_password_expiration bool: Whether the user's password is exempt from expiring. Defaults to false.
disable_strong_password bool: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
division str: The name of the division in which the user works.
employee_hire_date str: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
employee_id str: The employee identifier assigned to the user by the organisation.
employee_type str: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
fax_number str: The fax number of the user.
force_password_change bool: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
given_name str: The given name (first name) of the user.
job_title str: The user’s job title.
mail str: The SMTP address for the user. This property cannot be unset once specified.
mail_nickname str: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
manager_id str: The object ID of the user's manager.
mobile_phone str: The primary cellular telephone number for the user.
office_location str: The office location in the user's place of business.
onpremises_immutable_id str: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
other_mails Sequence[str]: A list of additional email addresses for the user.
password str: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
postal_code str: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferred_language str: The user's preferred language, in ISO 639-1 notation.
show_in_address_list bool: Whether or not the Outlook global address list should include this user. Defaults to true.
state str: The state or province in the user's address.
street_address str: The street address of the user's place of business.
surname str: The user's surname (family name or last name).
usage_location str: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.

displayName String: The name to display in the address book for the user.
userPrincipalName String: The user principal name (UPN) of the user.
accountEnabled Boolean: Whether or not the account should be enabled.
ageGroup String: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
businessPhones List<String>: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
city String: The city in which the user is located.
companyName String: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
consentProvidedForMinor String: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
costCenter String: The cost center associated with the user.
country String: The country/region in which the user is located. Examples include: NO, JP, and GB.
department String: The name for the department in which the user works.
disablePasswordExpiration Boolean: Whether the user's password is exempt from expiring. Defaults to false.
disableStrongPassword Boolean: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
division String: The name of the division in which the user works.
employeeHireDate String: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
employeeId String: The employee identifier assigned to the user by the organisation.
employeeType String: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
faxNumber String: The fax number of the user.
forcePasswordChange Boolean: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
givenName String: The given name (first name) of the user.
jobTitle String: The user’s job title.
mail String: The SMTP address for the user. This property cannot be unset once specified.
mailNickname String: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
managerId String: The object ID of the user's manager.
mobilePhone String: The primary cellular telephone number for the user.
officeLocation String: The office location in the user's place of business.
onpremisesImmutableId String: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
otherMails List<String>: A list of additional email addresses for the user.
password String: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
postalCode String: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferredLanguage String: The user's preferred language, in ISO 639-1 notation.
showInAddressList Boolean: Whether or not the Outlook global address list should include this user. Defaults to true.
state String: The state or province in the user's address.
streetAddress String: The street address of the user's place of business.
surname String: The user's surname (family name or last name).
usageLocation String: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.

Outputs

All input properties are implicitly available as output properties. Additionally, the User resource produces the following output properties:

AboutMe string: A freeform field for the user to describe themselves
CreationType string: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
ExternalUserState string: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
Id string: The provider-assigned unique ID for this managed resource.
ImAddresses List<string>: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
ObjectId string: The object ID of the user.
OnpremisesDistinguishedName string: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSamAccountName string: The on-premise SAM account name of the user.
OnpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSyncEnabled bool: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
OnpremisesUserPrincipalName string: The on-premise user principal name of the user.
ProxyAddresses List<string>: List of email addresses for the user that direct to the same mailbox.
UserType string: The user type in the directory. Possible values are Guest or Member.

AboutMe string: A freeform field for the user to describe themselves
CreationType string: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
ExternalUserState string: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
Id string: The provider-assigned unique ID for this managed resource.
ImAddresses []string: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
ObjectId string: The object ID of the user.
OnpremisesDistinguishedName string: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSamAccountName string: The on-premise SAM account name of the user.
OnpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSyncEnabled bool: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
OnpremisesUserPrincipalName string: The on-premise user principal name of the user.
ProxyAddresses []string: List of email addresses for the user that direct to the same mailbox.
UserType string: The user type in the directory. Possible values are Guest or Member.

aboutMe String: A freeform field for the user to describe themselves
creationType String: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
externalUserState String: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
id String: The provider-assigned unique ID for this managed resource.
imAddresses List<String>: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
objectId String: The object ID of the user.
onpremisesDistinguishedName String: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesDomainName String: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSamAccountName String: The on-premise SAM account name of the user.
onpremisesSecurityIdentifier String: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled Boolean: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
onpremisesUserPrincipalName String: The on-premise user principal name of the user.
proxyAddresses List<String>: List of email addresses for the user that direct to the same mailbox.
userType String: The user type in the directory. Possible values are Guest or Member.

aboutMe string: A freeform field for the user to describe themselves
creationType string: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
externalUserState string: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
id string: The provider-assigned unique ID for this managed resource.
imAddresses string[]: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
objectId string: The object ID of the user.
onpremisesDistinguishedName string: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSamAccountName string: The on-premise SAM account name of the user.
onpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled boolean: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
onpremisesUserPrincipalName string: The on-premise user principal name of the user.
proxyAddresses string[]: List of email addresses for the user that direct to the same mailbox.
userType string: The user type in the directory. Possible values are Guest or Member.

about_me str: A freeform field for the user to describe themselves
creation_type str: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
external_user_state str: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
id str: The provider-assigned unique ID for this managed resource.
im_addresses Sequence[str]: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
object_id str: The object ID of the user.
onpremises_distinguished_name str: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_domain_name str: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_sam_account_name str: The on-premise SAM account name of the user.
onpremises_security_identifier str: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_sync_enabled bool: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
onpremises_user_principal_name str: The on-premise user principal name of the user.
proxy_addresses Sequence[str]: List of email addresses for the user that direct to the same mailbox.
user_type str: The user type in the directory. Possible values are Guest or Member.

aboutMe String: A freeform field for the user to describe themselves
creationType String: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
externalUserState String: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
id String: The provider-assigned unique ID for this managed resource.
imAddresses List<String>: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
objectId String: The object ID of the user.
onpremisesDistinguishedName String: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesDomainName String: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSamAccountName String: The on-premise SAM account name of the user.
onpremisesSecurityIdentifier String: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled Boolean: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
onpremisesUserPrincipalName String: The on-premise user principal name of the user.
proxyAddresses List<String>: List of email addresses for the user that direct to the same mailbox.
userType String: The user type in the directory. Possible values are Guest or Member.

Look up Existing User Resource

Get an existing User resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: UserState, opts?: CustomResourceOptions): User

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        about_me: Optional[str] = None,
        account_enabled: Optional[bool] = None,
        age_group: Optional[str] = None,
        business_phones: Optional[Sequence[str]] = None,
        city: Optional[str] = None,
        company_name: Optional[str] = None,
        consent_provided_for_minor: Optional[str] = None,
        cost_center: Optional[str] = None,
        country: Optional[str] = None,
        creation_type: Optional[str] = None,
        department: Optional[str] = None,
        disable_password_expiration: Optional[bool] = None,
        disable_strong_password: Optional[bool] = None,
        display_name: Optional[str] = None,
        division: Optional[str] = None,
        employee_hire_date: Optional[str] = None,
        employee_id: Optional[str] = None,
        employee_type: Optional[str] = None,
        external_user_state: Optional[str] = None,
        fax_number: Optional[str] = None,
        force_password_change: Optional[bool] = None,
        given_name: Optional[str] = None,
        im_addresses: Optional[Sequence[str]] = None,
        job_title: Optional[str] = None,
        mail: Optional[str] = None,
        mail_nickname: Optional[str] = None,
        manager_id: Optional[str] = None,
        mobile_phone: Optional[str] = None,
        object_id: Optional[str] = None,
        office_location: Optional[str] = None,
        onpremises_distinguished_name: Optional[str] = None,
        onpremises_domain_name: Optional[str] = None,
        onpremises_immutable_id: Optional[str] = None,
        onpremises_sam_account_name: Optional[str] = None,
        onpremises_security_identifier: Optional[str] = None,
        onpremises_sync_enabled: Optional[bool] = None,
        onpremises_user_principal_name: Optional[str] = None,
        other_mails: Optional[Sequence[str]] = None,
        password: Optional[str] = None,
        postal_code: Optional[str] = None,
        preferred_language: Optional[str] = None,
        proxy_addresses: Optional[Sequence[str]] = None,
        show_in_address_list: Optional[bool] = None,
        state: Optional[str] = None,
        street_address: Optional[str] = None,
        surname: Optional[str] = None,
        usage_location: Optional[str] = None,
        user_principal_name: Optional[str] = None,
        user_type: Optional[str] = None) -> User

func GetUser(ctx *Context, name string, id IDInput, state *UserState, opts ...ResourceOption) (*User, error)

public static User Get(string name, Input<string> id, UserState? state, CustomResourceOptions? opts = null)

public static User get(String name, Output<String> id, UserState state, CustomResourceOptions options)

resources:  _:    type: azuread:User    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AboutMe string: A freeform field for the user to describe themselves
AccountEnabled bool: Whether or not the account should be enabled.
AgeGroup string: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
BusinessPhones List<string>: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
City string: The city in which the user is located.
CompanyName string: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
ConsentProvidedForMinor string: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
CostCenter string: The cost center associated with the user.
Country string: The country/region in which the user is located. Examples include: NO, JP, and GB.
CreationType string: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
Department string: The name for the department in which the user works.
DisablePasswordExpiration bool: Whether the user's password is exempt from expiring. Defaults to false.
DisableStrongPassword bool: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
DisplayName string: The name to display in the address book for the user.
Division string: The name of the division in which the user works.
EmployeeHireDate string: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
EmployeeId string: The employee identifier assigned to the user by the organisation.
EmployeeType string: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
ExternalUserState string: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
FaxNumber string: The fax number of the user.
ForcePasswordChange bool: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
GivenName string: The given name (first name) of the user.
ImAddresses List<string>: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
JobTitle string: The user’s job title.
Mail string: The SMTP address for the user. This property cannot be unset once specified.
MailNickname string: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
ManagerId string: The object ID of the user's manager.
MobilePhone string: The primary cellular telephone number for the user.
ObjectId string: The object ID of the user.
OfficeLocation string: The office location in the user's place of business.
OnpremisesDistinguishedName string: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesImmutableId string: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
OnpremisesSamAccountName string: The on-premise SAM account name of the user.
OnpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSyncEnabled bool: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
OnpremisesUserPrincipalName string: The on-premise user principal name of the user.
OtherMails List<string>: A list of additional email addresses for the user.
Password string: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
PostalCode string: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
PreferredLanguage string: The user's preferred language, in ISO 639-1 notation.
ProxyAddresses List<string>: List of email addresses for the user that direct to the same mailbox.
ShowInAddressList bool: Whether or not the Outlook global address list should include this user. Defaults to true.
State string: The state or province in the user's address.
StreetAddress string: The street address of the user's place of business.
Surname string: The user's surname (family name or last name).
UsageLocation string: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.
UserPrincipalName string: The user principal name (UPN) of the user.
UserType string: The user type in the directory. Possible values are Guest or Member.

AboutMe string: A freeform field for the user to describe themselves
AccountEnabled bool: Whether or not the account should be enabled.
AgeGroup string: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
BusinessPhones []string: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
City string: The city in which the user is located.
CompanyName string: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
ConsentProvidedForMinor string: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
CostCenter string: The cost center associated with the user.
Country string: The country/region in which the user is located. Examples include: NO, JP, and GB.
CreationType string: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
Department string: The name for the department in which the user works.
DisablePasswordExpiration bool: Whether the user's password is exempt from expiring. Defaults to false.
DisableStrongPassword bool: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
DisplayName string: The name to display in the address book for the user.
Division string: The name of the division in which the user works.
EmployeeHireDate string: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
EmployeeId string: The employee identifier assigned to the user by the organisation.
EmployeeType string: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
ExternalUserState string: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
FaxNumber string: The fax number of the user.
ForcePasswordChange bool: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
GivenName string: The given name (first name) of the user.
ImAddresses []string: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
JobTitle string: The user’s job title.
Mail string: The SMTP address for the user. This property cannot be unset once specified.
MailNickname string: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
ManagerId string: The object ID of the user's manager.
MobilePhone string: The primary cellular telephone number for the user.
ObjectId string: The object ID of the user.
OfficeLocation string: The office location in the user's place of business.
OnpremisesDistinguishedName string: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesImmutableId string: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
OnpremisesSamAccountName string: The on-premise SAM account name of the user.
OnpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
OnpremisesSyncEnabled bool: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
OnpremisesUserPrincipalName string: The on-premise user principal name of the user.
OtherMails []string: A list of additional email addresses for the user.
Password string: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
PostalCode string: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
PreferredLanguage string: The user's preferred language, in ISO 639-1 notation.
ProxyAddresses []string: List of email addresses for the user that direct to the same mailbox.
ShowInAddressList bool: Whether or not the Outlook global address list should include this user. Defaults to true.
State string: The state or province in the user's address.
StreetAddress string: The street address of the user's place of business.
Surname string: The user's surname (family name or last name).
UsageLocation string: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.
UserPrincipalName string: The user principal name (UPN) of the user.
UserType string: The user type in the directory. Possible values are Guest or Member.

aboutMe String: A freeform field for the user to describe themselves
accountEnabled Boolean: Whether or not the account should be enabled.
ageGroup String: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
businessPhones List<String>: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
city String: The city in which the user is located.
companyName String: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
consentProvidedForMinor String: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
costCenter String: The cost center associated with the user.
country String: The country/region in which the user is located. Examples include: NO, JP, and GB.
creationType String: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
department String: The name for the department in which the user works.
disablePasswordExpiration Boolean: Whether the user's password is exempt from expiring. Defaults to false.
disableStrongPassword Boolean: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
displayName String: The name to display in the address book for the user.
division String: The name of the division in which the user works.
employeeHireDate String: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
employeeId String: The employee identifier assigned to the user by the organisation.
employeeType String: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
externalUserState String: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
faxNumber String: The fax number of the user.
forcePasswordChange Boolean: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
givenName String: The given name (first name) of the user.
imAddresses List<String>: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
jobTitle String: The user’s job title.
mail String: The SMTP address for the user. This property cannot be unset once specified.
mailNickname String: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
managerId String: The object ID of the user's manager.
mobilePhone String: The primary cellular telephone number for the user.
objectId String: The object ID of the user.
officeLocation String: The office location in the user's place of business.
onpremisesDistinguishedName String: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesDomainName String: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesImmutableId String: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
onpremisesSamAccountName String: The on-premise SAM account name of the user.
onpremisesSecurityIdentifier String: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled Boolean: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
onpremisesUserPrincipalName String: The on-premise user principal name of the user.
otherMails List<String>: A list of additional email addresses for the user.
password String: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
postalCode String: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferredLanguage String: The user's preferred language, in ISO 639-1 notation.
proxyAddresses List<String>: List of email addresses for the user that direct to the same mailbox.
showInAddressList Boolean: Whether or not the Outlook global address list should include this user. Defaults to true.
state String: The state or province in the user's address.
streetAddress String: The street address of the user's place of business.
surname String: The user's surname (family name or last name).
usageLocation String: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.
userPrincipalName String: The user principal name (UPN) of the user.
userType String: The user type in the directory. Possible values are Guest or Member.

aboutMe string: A freeform field for the user to describe themselves
accountEnabled boolean: Whether or not the account should be enabled.
ageGroup string: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
businessPhones string[]: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
city string: The city in which the user is located.
companyName string: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
consentProvidedForMinor string: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
costCenter string: The cost center associated with the user.
country string: The country/region in which the user is located. Examples include: NO, JP, and GB.
creationType string: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
department string: The name for the department in which the user works.
disablePasswordExpiration boolean: Whether the user's password is exempt from expiring. Defaults to false.
disableStrongPassword boolean: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
displayName string: The name to display in the address book for the user.
division string: The name of the division in which the user works.
employeeHireDate string: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
employeeId string: The employee identifier assigned to the user by the organisation.
employeeType string: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
externalUserState string: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
faxNumber string: The fax number of the user.
forcePasswordChange boolean: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
givenName string: The given name (first name) of the user.
imAddresses string[]: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
jobTitle string: The user’s job title.
mail string: The SMTP address for the user. This property cannot be unset once specified.
mailNickname string: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
managerId string: The object ID of the user's manager.
mobilePhone string: The primary cellular telephone number for the user.
objectId string: The object ID of the user.
officeLocation string: The office location in the user's place of business.
onpremisesDistinguishedName string: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesDomainName string: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesImmutableId string: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
onpremisesSamAccountName string: The on-premise SAM account name of the user.
onpremisesSecurityIdentifier string: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled boolean: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
onpremisesUserPrincipalName string: The on-premise user principal name of the user.
otherMails string[]: A list of additional email addresses for the user.
password string: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
postalCode string: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferredLanguage string: The user's preferred language, in ISO 639-1 notation.
proxyAddresses string[]: List of email addresses for the user that direct to the same mailbox.
showInAddressList boolean: Whether or not the Outlook global address list should include this user. Defaults to true.
state string: The state or province in the user's address.
streetAddress string: The street address of the user's place of business.
surname string: The user's surname (family name or last name).
usageLocation string: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.
userPrincipalName string: The user principal name (UPN) of the user.
userType string: The user type in the directory. Possible values are Guest or Member.

about_me str: A freeform field for the user to describe themselves
account_enabled bool: Whether or not the account should be enabled.
age_group str: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
business_phones Sequence[str]: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
city str: The city in which the user is located.
company_name str: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
consent_provided_for_minor str: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
cost_center str: The cost center associated with the user.
country str: The country/region in which the user is located. Examples include: NO, JP, and GB.
creation_type str: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
department str: The name for the department in which the user works.
disable_password_expiration bool: Whether the user's password is exempt from expiring. Defaults to false.
disable_strong_password bool: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
display_name str: The name to display in the address book for the user.
division str: The name of the division in which the user works.
employee_hire_date str: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
employee_id str: The employee identifier assigned to the user by the organisation.
employee_type str: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
external_user_state str: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
fax_number str: The fax number of the user.
force_password_change bool: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
given_name str: The given name (first name) of the user.
im_addresses Sequence[str]: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
job_title str: The user’s job title.
mail str: The SMTP address for the user. This property cannot be unset once specified.
mail_nickname str: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
manager_id str: The object ID of the user's manager.
mobile_phone str: The primary cellular telephone number for the user.
object_id str: The object ID of the user.
office_location str: The office location in the user's place of business.
onpremises_distinguished_name str: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_domain_name str: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_immutable_id str: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
onpremises_sam_account_name str: The on-premise SAM account name of the user.
onpremises_security_identifier str: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremises_sync_enabled bool: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
onpremises_user_principal_name str: The on-premise user principal name of the user.
other_mails Sequence[str]: A list of additional email addresses for the user.
password str: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
postal_code str: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferred_language str: The user's preferred language, in ISO 639-1 notation.
proxy_addresses Sequence[str]: List of email addresses for the user that direct to the same mailbox.
show_in_address_list bool: Whether or not the Outlook global address list should include this user. Defaults to true.
state str: The state or province in the user's address.
street_address str: The street address of the user's place of business.
surname str: The user's surname (family name or last name).
usage_location str: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.
user_principal_name str: The user principal name (UPN) of the user.
user_type str: The user type in the directory. Possible values are Guest or Member.

aboutMe String: A freeform field for the user to describe themselves
accountEnabled Boolean: Whether or not the account should be enabled.
ageGroup String: The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset.
businessPhones List<String>: A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect.
city String: The city in which the user is located.
companyName String: The company name which the user is associated. This property can be useful for describing the company that an external user comes from.
consentProvidedForMinor String: Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset.
costCenter String: The cost center associated with the user.
country String: The country/region in which the user is located. Examples include: NO, JP, and GB.
creationType String: Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified).
department String: The name for the department in which the user works.
disablePasswordExpiration Boolean: Whether the user's password is exempt from expiring. Defaults to false.
disableStrongPassword Boolean: Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false.
displayName String: The name to display in the address book for the user.
division String: The name of the division in which the user works.
employeeHireDate String: The hire date of the user, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z).
employeeId String: The employee identifier assigned to the user by the organisation.
employeeType String: Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor.
externalUserState String: For an external user invited to the tenant, this property represents the invited user's invitation status. Possible values are PendingAcceptance or Accepted.
faxNumber String: The fax number of the user.
forcePasswordChange Boolean: Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false.
givenName String: The given name (first name) of the user.
imAddresses List<String>: A list of instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user.
jobTitle String: The user’s job title.
mail String: The SMTP address for the user. This property cannot be unset once specified.
mailNickname String: The mail alias for the user. Defaults to the user name part of the user principal name (UPN).
managerId String: The object ID of the user's manager.
mobilePhone String: The primary cellular telephone number for the user.
objectId String: The object ID of the user.
officeLocation String: The office location in the user's place of business.
onpremisesDistinguishedName String: The on-premises distinguished name (DN) of the user, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesDomainName String: The on-premises FQDN, also called dnsDomainName, synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesImmutableId String: The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account.
onpremisesSamAccountName String: The on-premise SAM account name of the user.
onpremisesSecurityIdentifier String: The on-premises security identifier (SID), synchronised from the on-premises directory when Azure AD Connect is used.
onpremisesSyncEnabled Boolean: Whether this user is synchronised from an on-premises directory (true), no longer synchronised (false), or has never been synchronised (null).
onpremisesUserPrincipalName String: The on-premise user principal name of the user.
otherMails List<String>: A list of additional email addresses for the user.
password String: The password for the user. The password must satisfy minimum requirements as specified by the password policy. The maximum length is 256 characters. This property is required when creating a new user
postalCode String: The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferredLanguage String: The user's preferred language, in ISO 639-1 notation.
proxyAddresses List<String>: List of email addresses for the user that direct to the same mailbox.
showInAddressList Boolean: Whether or not the Outlook global address list should include this user. Defaults to true.
state String: The state or province in the user's address.
streetAddress String: The street address of the user's place of business.
surname String: The user's surname (family name or last name).
usageLocation String: The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set.
userPrincipalName String: The user principal name (UPN) of the user.
userType String: The user type in the directory. Possible values are Guest or Member.

Import

Users can be imported using their object ID, e.g.

$ pulumi import azuread:index/user:User my_user /users/00000000-0000-0000-0000-000000000000

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Azure Active Directory (Azure AD) pulumi/pulumi-azuread
License: Apache-2.0
Notes: This Pulumi package is based on the azuread Terraform Provider.

Azure Active Directory (Azure AD) v6.4.0 published on Monday, Apr 7, 2025 by Pulumi

pulumi/pulumi-azuread

azuread.User

On this page

On this page

API Permissions

Example Usage

Create User Resource

Constructor syntax

Parameters

Constructor example

User Resource Properties

Inputs

Outputs

Look up Existing User Resource

Import

Package Details

On this page

On this page