From 55b7697cf9088554885a9087cf3093c44ecd4052 Mon Sep 17 00:00:00 2001 From: Tom Bamford Date: Thu, 13 Jul 2023 02:36:33 +0100 Subject: [PATCH] azuread_conditional_access_policy: users block is always required to avoid presistent diff --- docs/resources/conditional_access_policy.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/resources/conditional_access_policy.md b/docs/resources/conditional_access_policy.md index 79bd9d4eaa..d6b630d97f 100644 --- a/docs/resources/conditional_access_policy.md +++ b/docs/resources/conditional_access_policy.md @@ -155,14 +155,14 @@ The following arguments are supported: `conditions` block supports the following: * `applications` - (Required) An `applications` block as documented below, which specifies applications and user actions included in and excluded from the policy. -* `client_applications` - (Optional) An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. Either `client_applications` or `users` must be specified (and not both). * `client_app_types` - (Required) A list of client application types included in the policy. Possible values are: `all`, `browser`, `mobileAppsAndDesktopClients`, `exchangeActiveSync`, `easSupported` and `other`. +* `client_applications` - (Optional) An `client_applications` block as documented below, which specifies service principals included in and excluded from the policy. * `devices` - (Optional) A `devices` block as documented below, which describes devices to be included in and excluded from the policy. A `devices` block can be added to an existing policy, but removing the `devices` block forces a new resource to be created. * `locations` - (Optional) A `locations` block as documented below, which specifies locations included in and excluded from the policy. * `platforms` - (Optional) A `platforms` block as documented below, which specifies platforms included in and excluded from the policy. * `sign_in_risk_levels` - (Optional) A list of sign-in risk levels included in the policy. Possible values are: `low`, `medium`, `high`, `hidden`, `none`, `unknownFutureValue`. * `user_risk_levels` - (Optional) A list of user risk levels included in the policy. Possible values are: `low`, `medium`, `high`, `hidden`, `none`, `unknownFutureValue`. -* `users` - (Optional) A `users` block as documented below, which specifies users, groups, and roles included in and excluded from the policy. Either `client_applications` or `users` must be specified (and not both). +* `users` - (Required) A `users` block as documented below, which specifies users, groups, and roles included in and excluded from the policy. ---