terraform-provider-azuread icon indicating copy to clipboard operation
terraform-provider-azuread copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

New root level resource for Application Required Resource Access

Open danstis opened this issue 3 years ago • 1 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

As a user of the provider, I would like the Application's required_resource_access to also be configurable as a root level resource, so I can have a template that deploys two separate applications that have required resource access permissions to each other.

Currently when attempting to do this, Terraform correctly throws an error that a circular dependency exists. However this is the desired state and it can be configured using the portal manually.

New or Affected Resource(s)

  • azuread_application_required_resource_access (new)

Potential Terraform Configuration

resource "azuread_application_required_resource_access" "example" {
  application_object_id = azuread_application.example.application_id # App ID of the app to define this resource access for
  resource_app_id       = "00000000-0000-0000-0000-000000000000" # ID of the resource app
  resource_access {
    id   = "00000000-0000-0000-0000-000000000000"
    type = "Scope"
  }
}

danstis avatar May 17 '22 04:05 danstis

Are there any plans on introducing this to the provider?

shmyer avatar Aug 02 '22 16:08 shmyer

Error: Invalid resource type

on latestB2B.tf line 348, in resource "azuread_application_required_resource_access" "resource_appid": 348: resource "azuread_application_required_resource_access" "resource_appid" {

The provider hashicorp/azuread does not support resource type "azuread_application_required_resource_access".

Hakeem3242 avatar Oct 07 '22 09:10 Hakeem3242

The provider hashicorp/azuread does not support resource type "azuread_application_required_resource_access".

This is not an existing resource type, it was my suggestion for how this potentially could be implemented.

danstis avatar Oct 10 '22 00:10 danstis

We'll be adding the azuread_application_api_access resource in the next release, which represents a decoupled required_resource_access from the azuread_application resource. There are also other narrowly-scoped resources for managing different parts of an application, that will enable more complex self-referencing and double-referencing for applications that consume or depend on each other.

manicminer avatar Oct 17 '23 23:10 manicminer

Incase others are looking for it, it seems to be here in the latest version: https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/application_api_access

danstis avatar Oct 23 '23 05:10 danstis