You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey 👋 thanks for sharing this terraform example. You have included custom policies. However, they are not used in main.tf so how to actually use them during provisioning?
The text was updated successfully, but these errors were encountered:
Hello @regel , that's a great question and I've searched for it when I started this project. Unfortunately, there is no way to use the azureadTerraform provider to manage Trust Framework Policy (custom policy) or to configure the User Flow. The reason is: the Terraform provider uses Microsoft Graph and the beta version in Microsoft Graph (which supports managing the Trust Framework policy and user flow) is in preview, see this opened issue from the official hashicorp repo. There are some alternatives to import the custom policy:
Manually import the xml file in the Azure portal (I chose this one 🥲);
You can import the custom policies automatically via ieftool, see this example;
Maybe, you can also try the beta version of Microsoft Graph directly, but I've never tried this before and there is a note from microsoft about that:
Important: APIs under the /beta version in Microsoft Graph are in preview and are subject to change. Use of these APIs in production applications is not supported.
I'll let this issue open, if Microsoft Graph or hashicorp launch any updates, I'm gonna update this project too.
I'm not sure if the above allows for the definition of custom policies via their own XML files, or not.
The microsoft graph client has apparently been upgraded to support the upload of policies. It is used in Github action workflows, which sound like an acceptable alternative if terraform cannot write these custom policies.
Hey 👋 thanks for sharing this terraform example. You have included custom policies. However, they are not used in main.tf so how to actually use them during provisioning?
The text was updated successfully, but these errors were encountered: