spn.tf

data "azurerm_subscription" "primary" {}

resource "random_string" "password" {
  length  = 32
  special = true
}

locals {
  spn_name         = "tfexample"
  spn_expire       = "2020-01-01T00:00:00Z"
  spn_password     = "${random_string.password.result}"
  spn_subscription = "${data.azurerm_subscription.primary.id}"
}

resource "azurerm_azuread_application" "main" {
  name = "${local.spn_name}"
}

resource "azurerm_azuread_service_principal" "main" {
  application_id = "${azurerm_azuread_application.main.application_id}"
}

resource "azurerm_azuread_service_principal_password" "main" {
  service_principal_id = "${azurerm_azuread_service_principal.main.id}"
  value                = "${local.spn_password}"
  end_date             = "${local.spn_expire}"
}

resource "azurerm_role_assignment" "main" {
  scope                = "${local.spn_subscription}"
  role_definition_name = "Contributor"
  principal_id         = "${azurerm_azuread_service_principal.main.id}"
}

output "spn.id" {
  value = "${azurerm_azuread_service_principal.main.application_id}"
}

output "spn.password" {
  value = "${random_string.password.result}"
}