-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
36 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,36 +1,40 @@ | ||
--- | ||
layout: "msgraph" | ||
subcategory: "ADGroup" | ||
subcategory: "Groups" | ||
page_title: "MsGraph: msgraph_groups" | ||
description: |- | ||
Get AWS CloudTrail Service Account ID for storing trail data in S3. | ||
Get nested groups. | ||
--- | ||
|
||
# Data Source: msgraph_groups | ||
|
||
Use this data source to get the ARN of a certificate in AWS Certificate | ||
Manager (ACM), you can reference | ||
it by domain without having to hard code the ARNs as input. | ||
The data source can get nested groups of top group. | ||
|
||
You can assign role to all groups belong to big organization or division. | ||
|
||
## Example Usage | ||
|
||
```terraform | ||
# Find a certificate that is issued | ||
data "aws_acm_certificate" "issued" { | ||
domain = "tf.example.com" | ||
statuses = ["ISSUED"] | ||
data "msgraph_groups" "my_groups" { | ||
group_id = "4729d0a8-2cea-446b-95fb-43c7e8973816" | ||
listup_nested_groups = true | ||
} | ||
# Find a certificate issued by (not imported into) ACM | ||
data "aws_acm_certificate" "amazon_issued" { | ||
domain = "tf.example.com" | ||
types = ["AMAZON_ISSUED"] | ||
most_recent = true | ||
} | ||
resource "msgraph_app_role_assignment" "my_assign" { | ||
for_each = toset(data.msgraph_groups.my_groups.group_ids) | ||
# Find a RSA 4096 bit certificate | ||
data "aws_acm_certificate" "rsa_4096" { | ||
domain = "tf.example.com" | ||
key_types = ["RSA_4096"] | ||
principal_id = each.key | ||
resource_id = azuread_service_principal.my_app.object_id | ||
app_role_id = azuread_application_app_role.my_role.role_id | ||
} | ||
``` | ||
|
||
## Arguments Reference | ||
|
||
* `group_id` - (Required) The Group's UUID. | ||
* `listup_nested_groups` - (Required) Bool flag of search nested groups. | ||
|
||
## Attributes Reference | ||
|
||
* `group_ids` - Type: String List, list of nested or single group ids. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,36 +1,43 @@ | ||
--- | ||
layout: "msgraph" | ||
subcategory: "ServicePrincipal" | ||
subcategory: "EnterpriseApplication" | ||
page_title: "MsGraph: msgraph_app_role_assignment" | ||
description: |- | ||
Get AWS CloudTrail Service Account ID for storing trail data in S3. | ||
Assign user or groups to EnterpriseApplication | ||
--- | ||
|
||
# Resource: msgraph_app_role_assignment | ||
|
||
Assign Subscription's role to ServicePrincipal | ||
Assign user or groups to EnterpriseApplication | ||
|
||
## Example Usage | ||
|
||
```terraform | ||
resource "msgraph_app_role_assignment" "example" { | ||
for_each = toset(data.msgraph_groups.example.group_ids) | ||
# User or Group Id | ||
principal_id = each.key | ||
principal_id = "<uuid>" | ||
# Enterprise Application Id | ||
resource_id = "<uuid>" | ||
# Application Role Id | ||
app_role_id = "<uuid>" | ||
tolerance_duplicate = true | ||
} | ||
``` | ||
|
||
## Arguments Reference | ||
|
||
* `app_role_id` - (Required) The Application Role Id | ||
* `principal_id` - (Required) The User or Group Id | ||
* `resource_id` - (Required) The Enterprise Application Id | ||
* `tolerance_duplicate` - (Optional) Allow create same `msgraph_app_role_assignment`. When this resource detect duplicated, then do nothing to real world. | ||
|
||
## Attributes Reference | ||
|
||
* `id` - App Role Assignment Resource Id | ||
|
||
## Import | ||
|
||
Not support Terraform import |