Skip to content

Commit

Permalink
AAD app roles
Browse files Browse the repository at this point in the history
  • Loading branch information
@damoodamoo
damoodamoo committed Aug 30, 2023
1 parent a4e6f7f commit d828a63
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
1 change: 1 addition & 0 deletions apps/app/aad_app/locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,5 @@

locals {
app_identifier_uri = "api://${var.webapp_name}"
app_roles_safe = var.auth_settings.app_roles == null ? [] : var.auth_settings.app_roles
}
4 changes: 2 additions & 2 deletions apps/app/aad_app/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ resource "azuread_service_principal" "msgraph" {
}

resource "random_uuid" "app_role_guids" {
for_each = { for r in var.auth_settings.app_roles : r.value => r }
for_each = { for r in local.app_roles_safe : r.value => r }
}

resource "azuread_application" "webapp_auth" {
Expand Down Expand Up @@ -82,7 +82,7 @@ resource "azuread_application" "webapp_auth" {
}

dynamic "app_role" {
for_each = toset(var.auth_settings.app_roles)
for_each = toset(local.app_roles_safe)

content {
id = random_uuid.app_role_guids[app_role.value.value].result
Expand Down

0 comments on commit d828a63

Please sign in to comment.