From 2a2cf2c1d37e9b397d4949dd4761d11224b44069 Mon Sep 17 00:00:00 2001
From: JM Faircloth <jmfaircloth@hashicorp.com>
Date: Mon, 13 Nov 2023 11:29:03 -0600
Subject: [PATCH] bootstrap: output application object ID for testing

---
 bootstrap/terraform/iam.tf | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/bootstrap/terraform/iam.tf b/bootstrap/terraform/iam.tf
index 56d7c011..f049640f 100644
--- a/bootstrap/terraform/iam.tf
+++ b/bootstrap/terraform/iam.tf
@@ -87,6 +87,7 @@ export AZURE_TEST_RESOURCE_GROUP=${azurerm_resource_group.vault_azure_rg.name}
 export AZURE_SUBSCRIPTION_ID=${data.azurerm_client_config.current.subscription_id}
 export AZURE_TENANT_ID=${data.azurerm_client_config.current.tenant_id}
 export AZURE_GROUP_NAME=${azuread_group.test_group.display_name}
+export AZURE_APPLICATION_OBJECT_ID=${azuread_application.vault_azure_app.object_id}
 export AZURE_CLIENT_ID=${azuread_application.vault_azure_app.application_id}
 export AZURE_CLIENT_SECRET=${azuread_service_principal_password.vault_azure_sp_pwd.value}
 EOF
@@ -108,6 +109,13 @@ output "group_name" {
   value = azuread_group.test_group.display_name
 }
 
+# Application Object ID for an existing service principal that can be used
+# instead of creating dynamic service principals
+# https://developer.hashicorp.com/vault/api-docs/secret/azure#application_object_id
+output "application_object_id" {
+  value = azuread_application.vault_azure_app.object_id
+}
+
 output "client_id" {
   value = azuread_application.vault_azure_app.application_id
 }