Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New resource: azurerm_federated_identity_credential #19199

Merged
merged 2 commits into from
Nov 10, 2022
Merged

New resource: azurerm_federated_identity_credential #19199

merged 2 commits into from
Nov 10, 2022

Conversation

favoretti
Copy link
Collaborator

Fixes #18617

@favoretti
Copy link
Collaborator Author 

$ TF_ACC=1 go test -v ./internal/services/managedidentity -timeout=1000m -run='TestAccFederatedIdentityCredential'
=== RUN   TestAccFederatedIdentityCredential_basic
=== PAUSE TestAccFederatedIdentityCredential_basic
=== RUN   TestAccFederatedIdentityCredential_requiresImport
=== PAUSE TestAccFederatedIdentityCredential_requiresImport
=== CONT  TestAccFederatedIdentityCredential_basic
=== CONT  TestAccFederatedIdentityCredential_requiresImport
--- PASS: TestAccFederatedIdentityCredential_basic (190.41s)
--- PASS: TestAccFederatedIdentityCredential_requiresImport (210.06s)
PASS
ok  	github.com/hashicorp/terraform-provider-azurerm/internal/services/managedidentity	211.229s

@favoretti
Copy link
Collaborator Author

image

@favoretti
Copy link
Collaborator Author

No regressions after API upgrade either it seems:
image

katbyte
katbyte approved these changes Nov 10, 2022
View reviewed changes
Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @favoretti - LGTM 🍄

@katbyte katbyte merged commit 529c6b4 into hashicorp:main Nov 10, 2022
@github-actions github-actions bot added this to the v3.31.0 milestone Nov 10, 2022
katbyte added a commit that referenced this pull request Nov 10, 2022
@katbyte
CHANGELOG #19199
819cda5
@dhirschfeld dhirschfeld mentioned this pull request Nov 10, 2022
Closed
@github-actions
Copy link

This functionality has been released in v3.31.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@weisdd
Copy link
Contributor

weisdd commented Nov 11, 2022

@favoretti I've just tried to use the resource and noticed that the documentation has a small defect. - location is actually not part of the resource spec, and it's not needed at all. So, all references to location should be removed.

@favoretti
Copy link
Collaborator Author

@weisdd oh, you're completely correct, fixed it here: #19254
Resource itself works though, right?

@weisdd
Copy link
Contributor

weisdd commented Nov 11, 2022

@favoretti the resource itself works well. - In our corporate terraform module, I replaced raw azapi resources with azurerm_federated_identity_credential, and then ran terraform apply, it all went flawlessly. Happy to see there are no migration issues.

Thanks for fixing the docs :)

@TeamDman
Copy link

TeamDman commented Dec 4, 2022

Example script for future reference

resource "azurerm_user_assigned_identity" "gifts" {
  resource_group_name = azurerm_resource_group.main.name
  name = "gifts"
  location = "canadacentral"
}

resource "azurerm_federated_identity_credential" "gifts" {
  resource_group_name = azurerm_resource_group.main.name
  parent_id = azurerm_user_assigned_identity.gifts.id
  name = "gifts"
  issuer = azurerm_kubernetes_cluster.main.oidc_issuer_url
  subject = "system:serviceaccount:gifts:gifts"
  audience = ["api://AzureADTokenExchange"]
}

The azuread_application_federated_identity_credential resource from the azuread provider one asks for an application id instead of the reference to the managed identity which had me confused for a bit until I noticed that there's also an azurerm resource

@github-actions
Copy link

github-actions bot commented Jan 4, 2023

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jan 4, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@katbyte katbyte katbyte approved these changes

Assignees
No one assigned
Labels
documentation service/authorization size/XL
Projects
None yet
Milestone
v3.31.0
Development

Successfully merging this pull request may close these issues.

Support for azurerm_managed_identity_federated_identity_credential
4 participants
@favoretti @weisdd @TeamDman @katbyte