diff --git a/docs/resources/service_principal_certificate.md b/docs/resources/service_principal_certificate.md index 80f36ea31..615d1eb7d 100644 --- a/docs/resources/service_principal_certificate.md +++ b/docs/resources/service_principal_certificate.md @@ -26,7 +26,7 @@ resource "azuread_application" "example" { } resource "azuread_service_principal" "example" { - application_id = azuread_application.example.application_id + client_id = azuread_application.example.client_id } resource "azuread_service_principal_certificate" "example" { @@ -45,7 +45,7 @@ resource "azuread_application" "example" { } resource "azuread_service_principal" "example" { - application_id = azuread_application.example.application_id + client_id = azuread_application.example.client_id } resource "azuread_service_principal_certificate" "example" { @@ -71,7 +71,7 @@ The following arguments are supported: ~> One of `end_date` or `end_date_relative` must be set. The maximum duration is determined by Azure AD. * `key_id` - (Optional) A UUID used to uniquely identify this certificate. If not specified a UUID will be automatically generated. Changing this field forces a new resource to be created. -* `service_principal_id` - (Required) The object ID of the service principal for which this certificate should be created. Changing this field forces a new resource to be created. +* `service_principal_id` - (Required) The ID of the service principal for which this certificate should be created. Changing this field forces a new resource to be created. * `start_date` - (Optional) The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created. * `type` - (Required) The type of key/certificate. Must be one of `AsymmetricX509Cert` or `Symmetric`. Changing this fields forces a new resource to be created. * `value` - (Required) The certificate data, which can be PEM encoded, base64 encoded DER or hexadecimal encoded DER. See also the `encoding` argument. diff --git a/docs/resources/service_principal_claims_mapping_policy_assignment.md b/docs/resources/service_principal_claims_mapping_policy_assignment.md index 542f6ed0d..0d5468fec 100644 --- a/docs/resources/service_principal_claims_mapping_policy_assignment.md +++ b/docs/resources/service_principal_claims_mapping_policy_assignment.md @@ -28,7 +28,7 @@ resource "azuread_service_principal_claims_mapping_policy_assignment" "app" { The following arguments are supported: * `claims_mapping_policy_id` - (Required) The ID of the claims mapping policy to assign. -* `service_principal_id` - (Required) The object ID of the service principal for the policy assignment. +* `service_principal_id` - (Required) The ID of the service principal for the policy assignment. ## Attributes Reference diff --git a/docs/resources/service_principal_password.md b/docs/resources/service_principal_password.md index 502aa8a11..9daecf946 100644 --- a/docs/resources/service_principal_password.md +++ b/docs/resources/service_principal_password.md @@ -30,7 +30,7 @@ resource "azuread_service_principal" "example" { } resource "azuread_service_principal_password" "example" { - service_principal_id = azuread_service_principal.example.object_id + service_principal_id = azuread_service_principal.example.id } ``` @@ -50,7 +50,7 @@ resource "time_rotating" "example" { } resource "azuread_service_principal_password" "example" { - service_principal_id = azuread_service_principal.example.object_id + service_principal_id = azuread_service_principal.example.id rotate_when_changed = { rotation = time_rotating.example.id } @@ -66,7 +66,7 @@ The following arguments are supported: * `end_date` - (Optional) The end date until which the password is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). Changing this field forces a new resource to be created. * `end_date_relative` - (Optional) A relative duration for which the password is valid until, for example `240h` (10 days) or `2400h30m`. Changing this field forces a new resource to be created. * `rotate_when_changed` - (Optional) A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created. -* `service_principal_id` - (Required) The object ID of the service principal for which this password should be created. Changing this field forces a new resource to be created. +* `service_principal_id` - (Required) The ID of the service principal for which this password should be created. Changing this field forces a new resource to be created. * `start_date` - (Optional) The start date from which the password is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. ## Attributes Reference diff --git a/docs/resources/service_principal_token_signing_certificate.md b/docs/resources/service_principal_token_signing_certificate.md index 52787dc4e..9df3d0dcc 100644 --- a/docs/resources/service_principal_token_signing_certificate.md +++ b/docs/resources/service_principal_token_signing_certificate.md @@ -26,7 +26,7 @@ resource "azuread_application" "example" { } resource "azuread_service_principal" "example" { - client_id = azuread_application.example.application_id + client_id = azuread_application.example.client_id } resource "azuread_service_principal_token_signing_certificate" "example" { @@ -42,7 +42,7 @@ resource "azuread_application" "example" { } resource "azuread_service_principal" "example" { - client_id = azuread_application.example.application_id + client_id = azuread_application.example.client_id } resource "azuread_service_principal_token_signing_certificate" "example" { @@ -61,7 +61,7 @@ The following arguments are supported: ~> If not specified, it will default to `CN=Microsoft Azure Federated SSO Certificate`. * `end_date` - (Optional) The end date until which the token signing certificate is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). Changing this field forces a new resource to be created. -* `service_principal_id` - (Required) The object ID of the service principal for which this certificate should be created. Changing this field forces a new resource to be created. +* `service_principal_id` - (Required) The ID of the service principal for which this certificate should be created. Changing this field forces a new resource to be created. ## Attributes Reference diff --git a/docs/resources/synchronization_job.md b/docs/resources/synchronization_job.md index 0b3b79d39..44458e943 100644 --- a/docs/resources/synchronization_job.md +++ b/docs/resources/synchronization_job.md @@ -21,22 +21,17 @@ data "azuread_application_template" "example" { display_name = "Azure Databricks SCIM Provisioning Connector" } -resource "azuread_application" "example" { +resource "azuread_application_from_template" "example" { display_name = "example" template_id = data.azuread_application_template.example.template_id - feature_tags { - enterprise = true - gallery = true - } } -resource "azuread_service_principal" "example" { - client_id = azuread_application.example.application_id - use_existing = true +data "azuread_service_principal" "example" { + object_id = azuread_application_from_template.example.service_principal_object_id } resource "azuread_synchronization_secret" "example" { - service_principal_id = azuread_service_principal.example.id + service_principal_id = data.azuread_service_principal.example.id credential { key = "BaseAddress" @@ -49,7 +44,7 @@ resource "azuread_synchronization_secret" "example" { } resource "azuread_synchronization_job" "example" { - service_principal_id = azuread_service_principal.example.id + service_principal_id = data.azuread_service_principal.example.id template_id = "dataBricks" enabled = true } @@ -60,8 +55,8 @@ resource "azuread_synchronization_job" "example" { The following arguments are supported: -* `enabled` - (Optional) Whether or not the provisioning job is enabled. Default state is `true`. -* `service_principal_id` - (Required) The object ID of the service principal for which this synchronization job should be created. Changing this field forces a new resource to be created. +* `enabled` - (Optional) Whether the provisioning job is enabled. Default state is `true`. +* `service_principal_id` - (Required) The ID of the service principal for which this synchronization job should be created. Changing this field forces a new resource to be created. * `template_id` - (Required) Identifier of the synchronization template this job is based on. ## Attributes Reference diff --git a/docs/resources/synchronization_job_provision_on_demand.md b/docs/resources/synchronization_job_provision_on_demand.md index 64c48bf0b..b1038ed63 100644 --- a/docs/resources/synchronization_job_provision_on_demand.md +++ b/docs/resources/synchronization_job_provision_on_demand.md @@ -29,22 +29,17 @@ data "azuread_application_template" "example" { display_name = "Azure Databricks SCIM Provisioning Connector" } -resource "azuread_application" "example" { +resource "azuread_application_from_template" "example" { display_name = "example" template_id = data.azuread_application_template.example.template_id - feature_tags { - enterprise = true - gallery = true - } } -resource "azuread_service_principal" "example" { - client_id = azuread_application.example.client_id - use_existing = true +data "azuread_service_principal" "example" { + object_id = azuread_application_from_template.example.service_principal_object_id } resource "azuread_synchronization_secret" "example" { - service_principal_id = azuread_service_principal.example.id + service_principal_id = data.azuread_service_principal.example.id credential { key = "BaseAddress" @@ -57,13 +52,13 @@ resource "azuread_synchronization_secret" "example" { } resource "azuread_synchronization_job" "example" { - service_principal_id = azuread_service_principal.example.id + service_principal_id = data.azuread_service_principal.example.id template_id = "dataBricks" enabled = true } resource "azuread_synchronization_job_provision_on_demand" "example" { - service_principal_id = azuread_service_principal.example.id + service_principal_id = azuread_synchronization_job.example.service_principal_id synchronization_job_id = azuread_synchronization_job.example.id parameter { # see specific synchronization schema for rule id https://learn.microsoft.com/en-us/graph/api/synchronization-synchronizationschema-get?view=graph-rest-beta @@ -82,9 +77,9 @@ resource "azuread_synchronization_job_provision_on_demand" "example" { The following arguments are supported: -* `synchronization_job_id` (Required) Identifier of the synchronization template this job is based on. +* `synchronization_job_id` (Required) The ID of the synchronization job. * `parameter` (Required) One or more `parameter` blocks as documented below. -* `service_principal_id` (Required) The object ID of the service principal for the synchronization job. +* `service_principal_id` (Required) The ID of the service principal for the synchronization job. * `triggers` (Optional) Map of arbitrary keys and values that, when changed, will trigger a re-invocation. To force a re-invocation without changing these keys/values, use the [`terraform taint` command](https://www.terraform.io/docs/commands/taint.html). --- diff --git a/docs/resources/synchronization_secret.md b/docs/resources/synchronization_secret.md index 2388bb42b..3ae9625b1 100644 --- a/docs/resources/synchronization_secret.md +++ b/docs/resources/synchronization_secret.md @@ -21,22 +21,17 @@ data "azuread_application_template" "example" { display_name = "Azure Databricks SCIM Provisioning Connector" } -resource "azuread_application" "example" { +resource "azuread_application_from_template" "example" { display_name = "example" template_id = data.azuread_application_template.example.template_id - feature_tags { - enterprise = true - gallery = true - } } -resource "azuread_service_principal" "example" { - client_id = azuread_application.example.application_id - use_existing = true +data "azuread_service_principal" "example" { + object_id = azuread_application_from_template.example.service_principal_object_id } resource "azuread_synchronization_secret" "example" { - service_principal_id = azuread_service_principal.example.id + service_principal_id = data.azuread_service_principal.example.id credential { key = "BaseAddress" @@ -55,7 +50,7 @@ resource "azuread_synchronization_secret" "example" { The following arguments are supported: * `credential` - (Optional) One or more `credential` blocks as documented below. -* `service_principal_id` - (Required) The object ID of the service principal for which this synchronization secrets should be stored. Changing this field forces a new resource to be created. +* `service_principal_id` - (Required) The ID of the service principal for which this synchronization secrets should be stored. Changing this field forces a new resource to be created. ---