Skip to content

Commit

Permalink
update docs
Browse files Browse the repository at this point in the history
  • Loading branch information
uanid committed Oct 13, 2021
1 parent 628b8b6 commit dc6850c
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 25 deletions.
42 changes: 23 additions & 19 deletions website/docs/d/groups.html.markdown
Original file line number Diff line number Diff line change
@@ -1,36 +1,40 @@
---
layout: "msgraph"
subcategory: "ADGroup"
subcategory: "Groups"
page_title: "MsGraph: msgraph_groups"
description: |-
Get AWS CloudTrail Service Account ID for storing trail data in S3.
Get nested groups.
---

# Data Source: msgraph_groups

Use this data source to get the ARN of a certificate in AWS Certificate
Manager (ACM), you can reference
it by domain without having to hard code the ARNs as input.
The data source can get nested groups of top group.

You can assign role to all groups belong to big organization or division.

## Example Usage

```terraform
# Find a certificate that is issued
data "aws_acm_certificate" "issued" {
domain = "tf.example.com"
statuses = ["ISSUED"]
data "msgraph_groups" "my_groups" {
group_id = "4729d0a8-2cea-446b-95fb-43c7e8973816"
listup_nested_groups = true
}
# Find a certificate issued by (not imported into) ACM
data "aws_acm_certificate" "amazon_issued" {
domain = "tf.example.com"
types = ["AMAZON_ISSUED"]
most_recent = true
}
resource "msgraph_app_role_assignment" "my_assign" {
for_each = toset(data.msgraph_groups.my_groups.group_ids)
# Find a RSA 4096 bit certificate
data "aws_acm_certificate" "rsa_4096" {
domain = "tf.example.com"
key_types = ["RSA_4096"]
principal_id = each.key
resource_id = azuread_service_principal.my_app.object_id
app_role_id = azuread_application_app_role.my_role.role_id
}
```

## Arguments Reference

* `group_id` - (Required) The Group's UUID.
* `listup_nested_groups` - (Required) Bool flag of search nested groups.

## Attributes Reference

* `group_ids` - Type: String List, list of nested or single group ids.

19 changes: 13 additions & 6 deletions website/docs/r/app_role_assignment.html.markdown
Original file line number Diff line number Diff line change
@@ -1,36 +1,43 @@
---
layout: "msgraph"
subcategory: "ServicePrincipal"
subcategory: "EnterpriseApplication"
page_title: "MsGraph: msgraph_app_role_assignment"
description: |-
Get AWS CloudTrail Service Account ID for storing trail data in S3.
Assign user or groups to EnterpriseApplication
---

# Resource: msgraph_app_role_assignment

Assign Subscription's role to ServicePrincipal
Assign user or groups to EnterpriseApplication

## Example Usage

```terraform
resource "msgraph_app_role_assignment" "example" {
for_each = toset(data.msgraph_groups.example.group_ids)
# User or Group Id
principal_id = each.key
principal_id = "<uuid>"
# Enterprise Application Id
resource_id = "<uuid>"
# Application Role Id
app_role_id = "<uuid>"
tolerance_duplicate = true
}
```

## Arguments Reference

* `app_role_id` - (Required) The Application Role Id
* `principal_id` - (Required) The User or Group Id
* `resource_id` - (Required) The Enterprise Application Id
* `tolerance_duplicate` - (Optional) Allow create same `msgraph_app_role_assignment`. When this resource detect duplicated, then do nothing to real world.

## Attributes Reference

* `id` - App Role Assignment Resource Id

## Import

Not support Terraform import

0 comments on commit dc6850c

Please sign in to comment.