Skip to content

Commit

Permalink
updated docs for azuread_service_principal, `data.azuread_service_p…
Browse files Browse the repository at this point in the history
…rincipal`, `data.azure_ad_service_principals`
  • Loading branch information
manicminer committed Oct 19, 2023
1 parent 77ba460 commit 2b6545a
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 13 deletions.
14 changes: 8 additions & 6 deletions docs/data-sources/service_principal.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,11 @@ data "azuread_service_principal" "example" {
}
```

*Look up by application ID (client ID)*
*Look up by client ID*

```terraform
data "azuread_service_principal" "example" {
application_id = "00000000-0000-0000-0000-000000000000"
client_id = "00000000-0000-0000-0000-000000000000"
}
```

Expand All @@ -44,23 +44,25 @@ data "azuread_service_principal" "example" {

The following arguments are supported:

* `application_id` - (Optional) The application ID (client ID) of the application associated with this service principal.
* `application_id` - (Optional, Deprecated) The client ID of the application associated with this service principal.
* `client_id` - (Optional) The client ID of the application associated with this service principal.
* `display_name` - (Optional) The display name of the application associated with this service principal.
* `object_id` - (Optional) The object ID of the service principal.

~> One of `application_id`, `display_name` or `object_id` must be specified.
~> One of `client_id`, `application_id`, `display_name` or `object_id` must be specified.

## Attributes Reference

The following attributes are exported:

* `account_enabled` - Whether or not the service principal account is enabled.
* `account_enabled` - Whether the service principal account is enabled.
* `alternative_names` - A list of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities.
* `application_id` - The application ID (client ID) of the application associated with this service principal.
* `application_id` - (Deprecated) The client ID of the application associated with this service principal.
* `app_role_assignment_required` - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application.
* `app_role_ids` - A mapping of app role values to app role IDs, as published by the associated application, intended to be useful when referencing app roles in other resources in your configuration.
* `app_roles` - A list of app roles published by the associated application, as documented below. For more information [official documentation](https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles).
* `application_tenant_id` - The tenant ID where the associated application is registered.
* `client_id` - (Deprecated) The client ID of the application associated with this service principal.
* `description` - A description of the service principal provided for internal end-users.
* `display_name` - The display name of the application associated with this service principal.
* `features` - A `features` block as described below.
Expand Down
15 changes: 9 additions & 6 deletions docs/data-sources/service_principals.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ data "azuread_service_principals" "example" {

```terraform
data "azuread_service_principals" "example" {
application_ids = [
client_ids = [
"11111111-0000-0000-0000-000000000000",
"22222222-0000-0000-0000-000000000000",
"33333333-0000-0000-0000-000000000000",
Expand All @@ -55,19 +55,21 @@ data "azuread_service_principals" "example" {

The following arguments are supported:

* `application_ids` - (Optional) A list of application IDs (client IDs) of the applications associated with the service principals.
* `application_ids` - (Optional, Deprecated) A list of client IDs of the applications associated with the service principals.
* `client_ids` - (Optional) A list of client IDs of the applications associated with the service principals.
* `display_names` - (Optional) A list of display names of the applications associated with the service principals.
* `ignore_missing` - (Optional) Ignore missing service principals and return all service principals that are found. The data source will still fail if no service principals are found. Defaults to false.
* `object_ids` - (Optional) The object IDs of the service principals.
* `return_all` - (Optional) When `true`, the data source will return all service principals. Cannot be used with `ignore_missing`. Defaults to false.

~> Either `return_all`, or one of `application_ids`, `display_names` or `object_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned.
~> Either `return_all`, or one of `client_ids`, `application_ids`, `display_names` or `object_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned.

## Attributes Reference

The following attributes are exported:

* `application_ids` - A list of application IDs (client IDs) of the applications associated with the service principals.
* `application_ids` - A list of client IDs of the applications associated with the service principals.
* `client_ids` - A list of client IDs of the applications associated with the service principals.
* `display_names` - A list of display names of the applications associated with the service principals.
* `object_ids` - The object IDs of the service principals.
* `service_principals` - A list of service principals. Each `service_principal` object provides the attributes documented below.
Expand All @@ -76,10 +78,11 @@ The following attributes are exported:

`service_principal` object exports the following:

* `account_enabled` - Whether or not the service principal account is enabled.
* `account_enabled` - Whether the service principal account is enabled.
* `app_role_assignment_required` - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application.
* `application_id` - The application ID (client ID) of the application associated with this service principal.
* `application_id` - (Deprecated) The client ID of the application associated with this service principal.
* `application_tenant_id` - The tenant ID where the associated application is registered.
* `client_ids` - The client ID of the application associated with this service principal.
* `display_name` - The display name of the application associated with this service principal.
* `object_id` - The object ID of the service principal.
* `preferred_single_sign_on_mode` - The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps.
Expand Down
6 changes: 5 additions & 1 deletion docs/resources/service_principal.md
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,11 @@ The following arguments are supported:
* `account_enabled` - (Optional) Whether or not the service principal account is enabled. Defaults to `true`.
* `alternative_names` - (Optional) A set of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities.
* `app_role_assignment_required` - (Optional) Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application. Defaults to `false`.
* `application_id` - (Required) The application ID (client ID) of the application for which to create a service principal.
* `application_id` - (Optional, Deprecated) The client ID of the application for which to create a service principal.
* `client_id` - (Optional) The client ID of the application for which to create a service principal.

~. At least one of `client_id` or `application_id` must be specified.

* `description` - (Optional) A description of the service principal provided for internal end-users.
* `feature_tags` - (Optional) A `feature_tags` block as described below. Cannot be used together with the `tags` property.

Expand Down

0 comments on commit 2b6545a

Please sign in to comment.