terraform-provider-azuread icon indicating copy to clipboard operation
terraform-provider-azuread copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Unable to set mapped_claims_enabled on azuread_application_registration (v2.45.0)

Open JensHeise opened this issue 8 months ago • 5 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureAD Provider) Version

Terraform v1.6.2
on darwin_amd64
+ provider registry.terraform.io/hashicorp/azuread v2.45.0

Affected Resource(s)

  • azuread_application
  • azuread_application_registration

Terraform Configuration Files

resource "azuread_application" "redacted" {
  display_name = "redacted"

  api {
    mapped_claims_enabled             = true
    requested_access_token_version = 2
  }
}
resource "azuread_application_registration" "redacted" {
  display_name = "redacted"

  requested_access_token_version = 2
  // mapped_claims_enabled             = true
}

Debug Output

N/A

Panic Output

N/A

Expected Behavior

Please see issue #1217 for a similar situation and thanks for solving it so quickly!

I am still trying to migrate my existing Azure AD App registration from azuread_application to the more granular azuread_application_registration now under version 2.45.0. There seems to lack the mapped_claims_enabled parameter under the new azuread_application_registration resource.

The search in the codebase again did not render results.

Thanks for looking into it!

Actual Behavior

N/A

Steps to Reproduce

N/A

Important Factoids

References

JensHeise avatar Oct 30 '23 09:10 JensHeise

Thanks for requesting this @JensHeise and apologies for this omission. We'll add this in the next provider release, which is currently targeted for next week.

manicminer avatar Oct 30 '23 21:10 manicminer

Hey @manicminer this issue came up in a recent discussion again. I just wanted to kindly ask if there's a timeline regarding this?

Cheers

bfqrst avatar Nov 29 '23 12:11 bfqrst

@bfqrst @JensHeise Sorry for the delay in getting to this - there's a challenge in implementing this reliably without breaking some users, as enabling mapped claims is reported to fail when holding the Application.ReadWrite.OwnedBy role. This may need to be a separate resource but I am experimenting further as it seems a little silly to have a resource with no properties just to flip a boolean!

manicminer avatar Nov 29 '23 21:11 manicminer

@bfqrst @JensHeise Sorry for the delay in getting to this - there's a challenge in implementing this reliably without breaking some users, as enabling mapped claims is reported to fail when holding the Application.ReadWrite.OwnedBy role. This may need to be a separate resource but I am experimenting further as it seems a little silly to have a resource with no properties just to flip a boolean!

Fair enough @manicminer, thanks for the update!

bfqrst avatar Nov 30 '23 07:11 bfqrst

I want to come back to this since our migration efforts came to a halt... Is there any news on this in the meantime? @manicminer

bfqrst avatar Mar 19 '24 09:03 bfqrst