Sub Tenant

[mattboston]

We are trying to build out our Azure account with an Azure Active Directory B2C sub-tenant. For most of the resources in parent tenant, aztfy works fine, but we're unable to get it to run against the sub-tenant. I was finally able to use "az login" to log into the sub-tenant. In the pic, the sub-tenant's parent is QA.

Because the only resource in the sub-tenant is AAD B2C directory and Active Directory, there's no Resource Group defined. So when I try to run "aztfy rg *" I get the following error in the second pic.

[magodo]

@mattboston Can you try the latest version of aztfy? The error in above pic is from exportTemplate call, which is now removed in the latest version.

[mattboston]

Now I get the following error. With an AAD B2C sub-tenant there are no resource groups.

[magodo]

@mattboston Is your resource group name *? The argument is meant to be the name of the resource group.

[mattboston]

To create the AAD B2C service/sub-tenant, I created it in the parent tenant which has a RG, but I'm trying to connect to the sub-tenant which has no RG to get all the resources of the AAD B2C (all the SSO/SAML configuration). It's possible that terraform may not even be able to based on this blog post.

https://codez.deedx.cz/posts/automating-azure-ad-b2c-creation-with-terraform/

[magodo]

@mattboston Have you tried to use other modes than rg, like res and query, which allows you to specify more flexible resource(s).

[mattboston]

Unfortunately I haven't had much time to deal w/ this since I first posted. From what I can see Terraform/Microsoft provide very little coverage for the AAD B2C sub-tenants. So far it's the one area that we have an extremely long runbook to setup/configure B2C in each of our environments.