forked from hashicorp/terraform-provider-azurerm
/
resource_arm_azuread_service_principal.go
129 lines (104 loc) · 3.83 KB
/
resource_arm_azuread_service_principal.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
package azurerm
import (
"fmt"
"log"
"github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
"github.com/hashicorp/terraform/helper/schema"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/response"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
)
var servicePrincipalResourceName = "azurerm_service_principal"
func resourceArmActiveDirectoryServicePrincipal() *schema.Resource {
return &schema.Resource{
DeprecationMessage: `The Azure Active Directory resources have been split out into their own Provider.
Information on migrating to the new AzureAD Provider can be found here: https://terraform.io/docs/providers/azurerm/guides/migrating-to-azuread.html
As such the Azure Active Directory resources within the AzureRM Provider are now deprecated and will be removed in v2.0 of the AzureRM Provider.
`,
Create: resourceArmActiveDirectoryServicePrincipalCreate,
Read: resourceArmActiveDirectoryServicePrincipalRead,
Delete: resourceArmActiveDirectoryServicePrincipalDelete,
Importer: &schema.ResourceImporter{
State: schema.ImportStatePassthrough,
},
Schema: map[string]*schema.Schema{
"application_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"display_name": {
Type: schema.TypeString,
Computed: true,
},
},
}
}
func resourceArmActiveDirectoryServicePrincipalCreate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*ArmClient).servicePrincipalsClient
ctx := meta.(*ArmClient).StopContext
applicationId := d.Get("application_id").(string)
apps, err := client.ListComplete(ctx, "")
if err != nil {
return fmt.Errorf("Error checking for existence of Service Principal %q: %+v", applicationId, err)
}
for apps.NotDone() {
a := apps.Value()
if a.AppID == nil || a.ObjectID == nil {
continue
}
if *a.AppID == applicationId {
return tf.ImportAsExistsError("azurerm_azuread_service_principal", *a.ObjectID)
}
e := apps.Next()
if e != nil {
return e
}
}
properties := graphrbac.ServicePrincipalCreateParameters{
AppID: utils.String(applicationId),
// there's no way of retrieving this, and there's no way of changing it
// given there's no way to change it - we'll just default this to true
AccountEnabled: utils.Bool(true),
}
app, err := client.Create(ctx, properties)
if err != nil {
return fmt.Errorf("Error creating Service Principal %q: %+v", applicationId, err)
}
objectId := *app.ObjectID
resp, err := client.Get(ctx, objectId)
if err != nil {
return fmt.Errorf("Error retrieving Service Principal ID %q: %+v", objectId, err)
}
d.SetId(*resp.ObjectID)
return resourceArmActiveDirectoryServicePrincipalRead(d, meta)
}
func resourceArmActiveDirectoryServicePrincipalRead(d *schema.ResourceData, meta interface{}) error {
client := meta.(*ArmClient).servicePrincipalsClient
ctx := meta.(*ArmClient).StopContext
objectId := d.Id()
app, err := client.Get(ctx, objectId)
if err != nil {
if utils.ResponseWasNotFound(app.Response) {
log.Printf("[DEBUG] Service Principal with Object ID %q was not found - removing from state!", objectId)
d.SetId("")
return nil
}
return fmt.Errorf("Error retrieving Service Principal ID %q: %+v", objectId, err)
}
d.Set("application_id", app.AppID)
d.Set("display_name", app.DisplayName)
return nil
}
func resourceArmActiveDirectoryServicePrincipalDelete(d *schema.ResourceData, meta interface{}) error {
client := meta.(*ArmClient).servicePrincipalsClient
ctx := meta.(*ArmClient).StopContext
applicationId := d.Id()
app, err := client.Delete(ctx, applicationId)
if err != nil {
if !response.WasNotFound(app.Response) {
return fmt.Errorf("Error deleting Service Principal ID %q: %+v", applicationId, err)
}
}
return nil
}