drdamour
drdamour
@jchannon did samples get added somewhere?
hm, not to be flippant, but based on what? have people successfully created em from the tests?
not stale and would love a fix
yeah the cname lookup should leverage https://godoc.org/github.com/miekg/dns the way it is now it doesn't even respect the dns server config in the provider, it just uses the host machines dns
@vittoriocanilli FYI the filtering settings aren't asscoiated with the application registry (azuread_application), they are associated with the service principal /enterprise application so they can be specific to each tenant.
man...i dug into this a bit and got pretty stumped. It appears the portal refers to this as something called defaultClaimIssuancePolicy: ``` "defaultClaimIssuancePolicy": { "version": 1, "defaultTokenType": "JWT", "allowPassThruUsers": "true",...
looking deeper it seems token issuance policies can only be assigned to applications, not service principals so that can't be the right thing...this stuff is pretty dense
hoping for group equivalent to https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/pim_eligible_role_assignment like `azuread_eligable_group_assignment` and https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/pim_active_role_assignment subset of request in #68
think https://github.com/hashicorp/terraform-provider-azurerm/pull/23295 is a proposal for this functionality
pretty sure your problem is case sensitivity. All the policy stuff uses PascalCase and you are using camelCase