I am trying to create an Terraform code for Azure app registration and client secret (A service principal with Read access to the subscription)
Basically, I am trying to Integrate Azuresafe with Terraform and trying to identify how to configure step by step.https://docs.safe.security/docs/azure. If there is already any terrafrom code out there to review etc.. will be helpful or for this I would like to understand how to create a app registration and clien secret.
# Create new app registration
resource "azuread_application" "app" {
display_name = var.azuread_app_display_name
}
# Create a service principal
resource "azuread_service_principal" "app" {
application_id = azuread_application.app.application_id
}
# Create Service Principal password
resource "azuread_service_principal_password" "app" {
application_object_id = azuread_application.app.object_id
}
I tried to create Azure app registration, Service principal & client secret using Terraform and I was successfully able to provision them
Here as per the requirement, we need need to provision Azure App registration & its secret, Service principal in read-only access. For this, we need contributor-level access to our active subscription.
my terraform code
main.tf
resource "azuread_application" "app" {
display_name = "Azuresafe Application VK"
}
resource "azuread_service_principal" "app" {
application_id = azuread_application.app.application_id
}
resource "azuread_application_password" "example" {
application_object_id = azuread_application.app.object_id
}
# Output the Service Principal and password
output "app" {
value = azuread_application.app.id
sensitive = true
}
output "app_password" {
value = azuread_application_password.example.value
sensitive = true
}
Output:
now execute the terrafrom_output
command to check the app and app_secret
terraform_output
Portal Output:
App Registration
App registration password