terraform-provider-azuread
terraform-provider-azuread copied to clipboard
Unable to set mapped_claims_enabled on azuread_application_registration (v2.45.0)
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform (and AzureAD Provider) Version
Terraform v1.6.2
on darwin_amd64
+ provider registry.terraform.io/hashicorp/azuread v2.45.0
Affected Resource(s)
-
azuread_application
-
azuread_application_registration
Terraform Configuration Files
resource "azuread_application" "redacted" {
display_name = "redacted"
api {
mapped_claims_enabled = true
requested_access_token_version = 2
}
}
resource "azuread_application_registration" "redacted" {
display_name = "redacted"
requested_access_token_version = 2
// mapped_claims_enabled = true
}
Debug Output
N/A
Panic Output
N/A
Expected Behavior
Please see issue #1217 for a similar situation and thanks for solving it so quickly!
I am still trying to migrate my existing Azure AD App registration from azuread_application
to the more granular azuread_application_registration
now under version 2.45.0.
There seems to lack the mapped_claims_enabled
parameter under the new azuread_application_registration
resource.
The search in the codebase again did not render results.
Thanks for looking into it!
Actual Behavior
N/A
Steps to Reproduce
N/A
Important Factoids
References
Thanks for requesting this @JensHeise and apologies for this omission. We'll add this in the next provider release, which is currently targeted for next week.
Hey @manicminer this issue came up in a recent discussion again. I just wanted to kindly ask if there's a timeline regarding this?
Cheers
@bfqrst @JensHeise Sorry for the delay in getting to this - there's a challenge in implementing this reliably without breaking some users, as enabling mapped claims is reported to fail when holding the Application.ReadWrite.OwnedBy
role. This may need to be a separate resource but I am experimenting further as it seems a little silly to have a resource with no properties just to flip a boolean!
@bfqrst @JensHeise Sorry for the delay in getting to this - there's a challenge in implementing this reliably without breaking some users, as enabling mapped claims is reported to fail when holding the
Application.ReadWrite.OwnedBy
role. This may need to be a separate resource but I am experimenting further as it seems a little silly to have a resource with no properties just to flip a boolean!
Fair enough @manicminer, thanks for the update!
I want to come back to this since our migration efforts came to a halt... Is there any news on this in the meantime? @manicminer