time bound support for directory_role_eligibility_schedule_request and

[MattWhite-personal]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The directory_role_eligibility_schedule_request resource allows a user to be assigned to an eligible or active role in Entra ID. To support least privilege and time bound access it is possible to use Graph API to define a schedule when the role is available to the end user - https://learn.microsoft.com/en-us/graph/api/resources/requestschedule?view=graph-rest-1.0

New or Affected Resource(s)

• azuread_directory_role_eligibility_schedule_request

Potential Terraform Configuration

resource "azuread_directory_role_eligibility_schedule_request" "example" {
  role_definition_id = azuread_directory_role.example.template_id
  principal_id       = azuread_user.example.object_id
  directory_scope_id = "/"
  justification      = "Example"
  schedule = {
    startDateTime = "2023-12-01 00:00:00" #string ideally parsed and validated to a dateTime format, if not set defaults to "now"
    endDateTime = "2024-11-30 23:59:59" #string ideally parsed and validated to a dateTime format
  }
}

References

Couldn't find any references to similar issues