Stop requiring subscription ID to be configured for the provider

Configuring a subscription ID is a vestige from the provider split. We
don't use subscription_id anywhere and have no plans to. Any resource
that operates on a subscription or its dependents should belong in the
azurerm provider.

Although it's never used because we only use SDK clients that are
configured with a tenant ID, go-azure-helper requires it for sensible
reasons and it doesn't make sense to push this concern upstream for now.

We'll keep the configuration property around for now so that users have
time to remove it from their configurations.

azuread/config.go

@@ -19,7 +19,6 @@ import (
 
 // ArmClient contains the handles to all the specific Azure ADger resource classes' respective clients.
 type ArmClient struct {
-	subscriptionID   string
 	clientID         string
 	objectID         string
 	tenantID         string
@@ -57,7 +56,6 @@ func getArmClient(authCfg *authentication.Config, tfVersion string, ctx context.
 
 	// client declarations:
 	client := ArmClient{
-		subscriptionID:   authCfg.SubscriptionID,
 		clientID:         authCfg.ClientID,
 		objectID:         objectID,
 		tenantID:         authCfg.TenantID,

azuread/data_client_config.go

@@ -26,11 +26,6 @@ func dataClientConfig() *schema.Resource {
 				Computed: true,
 			},
 
-			"subscription_id": {
-				Type:     schema.TypeString,
-				Computed: true,
-			},
-
 			"object_id": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -62,7 +57,6 @@ func dataSourceArmClientConfigRead(d *schema.ResourceData, meta interface{}) err
 	d.SetId(time.Now().UTC().String())
 	d.Set("client_id", client.clientID)
 	d.Set("object_id", client.objectID)
-	d.Set("subscription_id", client.subscriptionID)
 	d.Set("tenant_id", client.tenantID)
 
 	return nil

azuread/data_client_config_test.go

@@ -13,7 +13,6 @@ func TestAccClientConfigDataSource_basic(t *testing.T) {
 	dsn := "data.azuread_client_config.current"
 	clientId := os.Getenv("ARM_CLIENT_ID")
 	tenantId := os.Getenv("ARM_TENANT_ID")
-	subscriptionId := os.Getenv("ARM_SUBSCRIPTION_ID")
 
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
@@ -24,7 +23,6 @@ func TestAccClientConfigDataSource_basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttr(dsn, "client_id", clientId),
 					resource.TestCheckResourceAttr(dsn, "tenant_id", tenantId),
-					resource.TestCheckResourceAttr(dsn, "subscription_id", subscriptionId),
 					testAzureRMClientConfigGUIDAttr(dsn, "object_id"),
 				),
 			},

azuread/provider.go

@@ -12,10 +12,11 @@ import (
 func Provider() terraform.ResourceProvider {
 	p := &schema.Provider{
 		Schema: map[string]*schema.Schema{
+			// TODO: remove subscription_id field at next major version
 			"subscription_id": {
-				Type:        schema.TypeString,
-				Optional:    true,
-				DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""),
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "",
 			},
 
 			"client_id": {
@@ -100,11 +101,13 @@ func Provider() terraform.ResourceProvider {
 
 func providerConfigure(p *schema.Provider) schema.ConfigureFunc {
 	return func(d *schema.ResourceData) (interface{}, error) {
+		// When constructing the Builder, we use the tenant ID for the subscription ID.
+		// Although this has no effect since we never consume it, this practise mimics
+		// the Azure CLI and it seems the most sensible value to use after a nonsense string.
 		builder := &authentication.Builder{
-			// TODO: remove the requirement on the Subscription ID
-			SubscriptionID:     d.Get("subscription_id").(string),
 			ClientID:           d.Get("client_id").(string),
 			ClientSecret:       d.Get("client_secret").(string),
+			SubscriptionID:     d.Get("tenant_id").(string),
 			TenantID:           d.Get("tenant_id").(string),
 			Environment:        d.Get("environment").(string),
 			MsiEndpoint:        d.Get("msi_endpoint").(string),

azuread/provider_test.go

@@ -32,7 +32,6 @@ func TestProvider_impl(t *testing.T) {
 
 func testAccPreCheck(t *testing.T) {
 	variables := []string{
-		"ARM_SUBSCRIPTION_ID",
 		"ARM_CLIENT_ID",
 		"ARM_CLIENT_SECRET",
 		"ARM_TENANT_ID",