Skip to content

Instantly share code, notes, and snippets.

@jhanley-com
Last active Jan 6, 2021
Embed
What would you like to do?
Terraform Azure Service Principal - Part 1
# Test code for the question: https://stackoverflow.com/q/65525116/8016720
# Provides configuration details for the Azure Terraform provider
provider "azurerm" {
# !!! Must include features even if empty
features {}
}
variable "appName" { default = "testAppName" }
variable "subscriptionId" { default = "" }
resource "azuread_application" "appReg" {
name = var.appName
}
resource "azuread_service_principal" "example-sp" {
application_id = azuread_application.appReg.application_id
}
resource "azuread_service_principal_password" "example-sp_pwd" {
service_principal_id = azuread_service_principal.example-sp.id
value = "long-random-string"
end_date = "2021-06-02T01:02:03Z"
}
data "azurerm_subscription" "thisSubscription" {
subscription_id = var.subscriptionId
}
resource "azurerm_role_assignment" "example-sp_role_assignment" {
scope = data.azurerm_subscription.thisSubscription.id
role_definition_name = "Contributor"
principal_id = azuread_service_principal.example-sp.id
}
resource "azuread_application_app_role" "example-role" {
application_object_id = azuread_application.appReg.id
allowed_member_types = ["User", "Application"]
description = "Admins can manage roles and perform all task actions"
display_name = "Admin"
is_enabled = true
value = "administer"
}
output "application_id" {
value = azuread_application.appReg.application_id
}
output "appId" {
value = azuread_service_principal.example-sp.application_id
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment