Upgrade the azuread terraform provider

[adamrushuk]

• https://github.com/hashicorp/terraform-provider-azuread/releases/tag/v2.0.0
• Announcement - Upcoming changes in AzureAD v2.0 and Microsoft Graph Support hashicorp/terraform-provider-azuread#323 (comment)
• https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/guides/microsoft-graph

[adamrushuk]

azuread v2.x upgrade notes

Added Microsoft Graph application perms for terraform sp running pipeline:
Application.ReadWrite.All
Group.ReadWrite.All
User.ReadWrite.All

Changes required

• changed random_password.argocd.result to azuread_application_password.argocd.value (as AAD generates passwords now)
• changed azuread_application group_membership_claims value to a list, eg: group_membership_claims = ["All"]
• added security_enabled = true to azuread_group resources (inc azuread_group data resources)
• azuread_service_principal now has description and notes attributes to add useful context/info

errors

│ Error: Could not disable OAuth2 Permission Scopes for application with object ID "375ed8fa-e2a6-4544-9478-36fe0ab27a3d"
│
│ with azuread_application.argocd,
│ on argocd_sso.tf line 15, in resource "azuread_application" "argocd":
│ 15: resource "azuread_application" "argocd" {
│
│ disabling OAuth2 Permission Scopes for Application with object ID
│ "375ed8fa-e2a6-4544-9478-36fe0ab27a3d":
│ ApplicationsClient.BaseClient.Patch(): unexpected status 403 with OData
│ error: Authorization_RequestDenied: Insufficient privileges to complete the
│ operation.

TODO
may need to handle this: https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/guides/microsoft-graph#behaviour-change-default-user_impersonation-scope-for-applications
api {
oauth2_permission_scope {