add explicit object_id property to resources (#99)

hashicorp · Jun 6, 2019 · 1739172 · 1739172
1 parent d39844f
commit 1739172
Show file tree

Hide file tree

Showing 16 changed files with 48 additions and 8 deletions.
diff --git a/azuread/data_application_test.go b/azuread/data_application_test.go
@@ -105,7 +105,7 @@ func testAccAzureADApplicationDataSource_objectId(id string) string {
 %s
 
 data "azuread_application" "test" {
-  object_id = "${azuread_application.test.id}"
+  object_id = "${azuread_application.test.object_id}"
 }
 `, template)
 }
@@ -116,7 +116,7 @@ func testAccAzureADApplicationDataSource_objectIdComplete(id string) string {
 %s
 
 data "azuread_application" "test" {
-  object_id = "${azuread_application.test.id}"
+  object_id = "${azuread_application.test.object_id}"
 }
 `, template)
 }

diff --git a/azuread/data_group_test.go b/azuread/data_group_test.go
@@ -69,7 +69,7 @@ func testAccDataSourceAzureADGroup_objectId(id string) string {
 %s
 
 data "azuread_group" "test" {
-  object_id = "${azuread_group.test.id}"
+  object_id = "${azuread_group.test.object_id}"
 }
 `, testAccAzureADGroup(id))
 }
diff --git a/azuread/data_service_principal_test.go b/azuread/data_service_principal_test.go
@@ -102,7 +102,7 @@ func testAccAzureADServicePrincipalDataSource_byObjectId(id string) string {
 %s
 
 data "azuread_service_principal" "test" {
-  object_id = "${azuread_service_principal.test.id}"
+  object_id = "${azuread_service_principal.test.object_id}"
 }
 `, template)
 }
diff --git a/azuread/data_user_test.go b/azuread/data_user_test.go
@@ -68,7 +68,7 @@ func testAccAzureADUserDataSource_byObjectId(id, password string) string {
 %s
 
 data "azuread_user" "test" {
-	object_id = "${azuread_user.test.id}"
+	object_id = "${azuread_user.test.object_id}"
 }
 `, testAccADUser_basic(id, password))
 }
diff --git a/azuread/resource_application.go b/azuread/resource_application.go
@@ -176,6 +176,11 @@ func resourceApplication() *schema.Resource {
 					},
 				},
 			},
+
+			"object_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 		},
 	}
 }
@@ -346,6 +351,7 @@ func resourceApplicationRead(d *schema.ResourceData, meta interface{}) error {
 	d.Set("homepage", resp.Homepage)
 	d.Set("available_to_other_tenants", resp.AvailableToOtherTenants)
 	d.Set("oauth2_allow_implicit_flow", resp.Oauth2AllowImplicitFlow)
+	d.Set("object_id", resp.ObjectID)
 
 	if groupMembershipClaims, ok := resp.AdditionalProperties["groupMembershipClaims"]; ok {
 		d.Set("group_membership_claims", groupMembershipClaims)

diff --git a/azuread/resource_application_test.go b/azuread/resource_application_test.go
@@ -30,6 +30,7 @@ func TestAccAzureADApplication_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "oauth2_permissions.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "oauth2_permissions.0.admin_consent_description", fmt.Sprintf("Access %s", fmt.Sprintf("acctest%s", id))),
 					resource.TestCheckResourceAttrSet(resourceName, "application_id"),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 				),
 			},
 			{
@@ -62,6 +63,7 @@ func TestAccAzureADApplication_complete(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "group_membership_claims", "All"),
 					resource.TestCheckResourceAttr(resourceName, "required_resource_access.#", "2"),
 					resource.TestCheckResourceAttrSet(resourceName, "application_id"),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 				),
 			},
 			{

diff --git a/azuread/resource_group.go b/azuread/resource_group.go
@@ -30,6 +30,11 @@ func resourceGroup() *schema.Resource {
 				ForceNew:     true,
 				ValidateFunc: validation.NoZeroValues,
 			},
+
+			"object_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 		},
 	}
 }
@@ -42,9 +47,9 @@ func resourceGroupCreate(d *schema.ResourceData, meta interface{}) error {
 
 	properties := graphrbac.GroupCreateParameters{
 		DisplayName:     &name,
-		MailEnabled:     p.Bool(false),                 //we're defaulting to false, as the API currently only supports the creation of non-mail enabled security groups.
-		MailNickname:    p.String(uuid.New().String()), //this matches the portal behavior
-		SecurityEnabled: p.Bool(true),                  //we're defaulting to true, as the API currently only supports the creation of non-mail enabled security groups.
+		MailEnabled:     p.Bool(false),                 // we're defaulting to false, as the API currently only supports the creation of non-mail enabled security groups.
+		MailNickname:    p.String(uuid.New().String()), // this matches the portal behavior
+		SecurityEnabled: p.Bool(true),                  // we're defaulting to true, as the API currently only supports the creation of non-mail enabled security groups.
 	}
 
 	group, err := client.Create(ctx, properties)
@@ -82,6 +87,7 @@ func resourceGroupRead(d *schema.ResourceData, meta interface{}) error {
 	}
 
 	d.Set("name", resp.DisplayName)
+	d.Set("object_id", resp.ObjectID)
 	return nil
 }
 

diff --git a/azuread/resource_group_test.go b/azuread/resource_group_test.go
@@ -28,6 +28,7 @@ func TestAccAzureADGroup_basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureADGroupExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "name", fmt.Sprintf("acctest%s", id)),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 				),
 			},
 			{
@@ -57,6 +58,7 @@ func TestAccAzureADGroup_complete(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureADGroupExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "name", fmt.Sprintf("acctest%s", id)),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 				),
 			},
 			{

diff --git a/azuread/resource_service_principal.go b/azuread/resource_service_principal.go
@@ -50,6 +50,11 @@ func resourceServicePrincipal() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+
+			"object_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 		},
 	}
 }
@@ -107,6 +112,7 @@ func resourceServicePrincipalRead(d *schema.ResourceData, meta interface{}) erro
 
 	d.Set("application_id", app.AppID)
 	d.Set("display_name", app.DisplayName)
+	d.Set("object_id", app.ObjectID)
 
 	// tags doesn't exist as a property, so extract it
 	if iTags, ok := app.AdditionalProperties["tags"]; ok {

diff --git a/azuread/resource_service_principal_test.go b/azuread/resource_service_principal_test.go
@@ -26,6 +26,7 @@ func TestAccAzureADServicePrincipal_basic(t *testing.T) {
 					testCheckADServicePrincipalExists(resourceName),
 					resource.TestCheckResourceAttrSet(resourceName, "display_name"),
 					resource.TestCheckResourceAttrSet(resourceName, "application_id"),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 				),
 			},
 			{
@@ -51,6 +52,7 @@ func TestAccAzureADServicePrincipal_complete(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testCheckADServicePrincipalExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "tags.#", "3"),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 				),
 			},
 			{

diff --git a/azuread/resource_user.go b/azuread/resource_user.go
@@ -68,6 +68,11 @@ func resourceUser() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+
+			"object_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 		},
 	}
 }
@@ -139,6 +144,7 @@ func resourceUserRead(d *schema.ResourceData, meta interface{}) error {
 	d.Set("mail", user.Mail)
 	d.Set("mail_nickname", user.MailNickname)
 	d.Set("account_enabled", user.AccountEnabled)
+	d.Set("object_id", user.ObjectID)
 	return nil
 }
 

diff --git a/azuread/resource_user_test.go b/azuread/resource_user_test.go
@@ -26,6 +26,7 @@ func TestAccAzureADUser_basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testCheckADUserExists(resourceName),
 					resource.TestCheckResourceAttrSet(resourceName, "user_principal_name"),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 					resource.TestCheckResourceAttr(resourceName, "display_name", fmt.Sprintf("acctest%s", id)),
 					resource.TestCheckResourceAttr(resourceName, "mail_nickname", fmt.Sprintf("acctest%s", id)),
 					resource.TestCheckResourceAttr(resourceName, "account_enabled", "true"),
@@ -59,6 +60,7 @@ func TestAccAzureADUser_complete(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testCheckADUserExists(resourceName),
 					resource.TestCheckResourceAttrSet(resourceName, "user_principal_name"),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 					resource.TestCheckResourceAttr(resourceName, "display_name", fmt.Sprintf("acctestupdate%s", id)),
 					resource.TestCheckResourceAttr(resourceName, "mail_nickname", fmt.Sprintf("acctestupdate%s", id)),
 					resource.TestCheckResourceAttr(resourceName, "account_enabled", "false"),
@@ -93,6 +95,7 @@ func TestAccAzureADUser_update(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testCheckADUserExists(resourceName),
 					resource.TestCheckResourceAttrSet(resourceName, "user_principal_name"),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 					resource.TestCheckResourceAttr(resourceName, "display_name", fmt.Sprintf("acctest%s", id)),
 					resource.TestCheckResourceAttr(resourceName, "mail_nickname", fmt.Sprintf("acctest%s", id)),
 					resource.TestCheckResourceAttr(resourceName, "account_enabled", "true"),
@@ -103,6 +106,7 @@ func TestAccAzureADUser_update(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testCheckADUserExists(resourceName),
 					resource.TestCheckResourceAttrSet(resourceName, "user_principal_name"),
+					resource.TestCheckResourceAttrSet(resourceName, "object_id"),
 					resource.TestCheckResourceAttr(resourceName, "display_name", fmt.Sprintf("acctestupdate%s", id)),
 					resource.TestCheckResourceAttr(resourceName, "mail_nickname", fmt.Sprintf("acctestupdate%s", id)),
 					resource.TestCheckResourceAttr(resourceName, "account_enabled", "false"),

diff --git a/website/docs/d/group.html.markdown b/website/docs/d/group.html.markdown
@@ -36,3 +36,4 @@ The following arguments are supported:
 The following attributes are exported:
 
 * `id` - The Object ID of the Azure AD Group.
+
diff --git a/website/docs/r/application.html.markdown b/website/docs/r/application.html.markdown
@@ -98,6 +98,8 @@ The following attributes are exported:
 
 * `application_id` - The Application ID.
 
+* `object_id` - The Application's Object ID.
+
 * `oauth2_permissions` - A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a `oauth2_permission` block as documented below.
 
 ---

diff --git a/website/docs/r/service_principal.html.markdown b/website/docs/r/service_principal.html.markdown
@@ -48,6 +48,8 @@ The following attributes are exported:
 
 * `application_id` - The Application ID (appId) for the Service Principal.
 
+* `object_id` - The Service Principal's Object ID.
+
 * `display_name` - The Display Name of the Azure Active Directory Application associated with this Service Principal.
 
 ## Import

diff --git a/website/docs/r/user.html.markdown b/website/docs/r/user.html.markdown
@@ -39,5 +39,6 @@ The following arguments are supported:
 
 The following attributes are exported:
 
+* `object_id` - The Object ID of the Azure AD User.
 * `id` - The Object ID of the Azure AD User.
 * `mail` - The primary email address of the Azure AD User.
Original file line number	Diff line number	Diff line change
Expand Up		@@ -36,3 +36,4 @@ The following arguments are supported:
		The following attributes are exported:

		* `id` - The Object ID of the Azure AD Group.
-Original file line number
+Diff line change
@@ Expand Up / @@ -98,6 +98,8 @@ The following attributes are exported: @@
     * `application_id` - The Application ID.
+    * `object_id` - The Application's Object ID.
     * `oauth2_permissions` - A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a `oauth2_permission` block as documented below.
     ---
@@ Expand Down @@