diff --git a/azurerm/internal/clients/client.go b/azurerm/internal/clients/client.go
index d81fcca5d799..00a9e5a180a7 100644
--- a/azurerm/internal/clients/client.go
+++ b/azurerm/internal/clients/client.go
@@ -27,7 +27,6 @@ import (
eventgrid "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/eventgrid/client"
eventhub "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/eventhub/client"
frontdoor "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/frontdoor/client"
- graph "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/graph/client"
hdinsight "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/hdinsight/client"
healthcare "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/healthcare/client"
iothub "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/iothub/client"
@@ -96,7 +95,6 @@ type Client struct {
EventGrid *eventgrid.Client
Eventhub *eventhub.Client
Frontdoor *frontdoor.Client
- Graph *graph.Client
HDInsight *hdinsight.Client
HealthCare *healthcare.Client
IoTHub *iothub.Client
@@ -164,7 +162,6 @@ func (client *Client) Build(ctx context.Context, o *common.ClientOptions) error
client.EventGrid = eventgrid.NewClient(o)
client.Eventhub = eventhub.NewClient(o)
client.Frontdoor = frontdoor.NewClient(o)
- client.Graph = graph.NewClient(o)
client.HDInsight = hdinsight.NewClient(o)
client.HealthCare = healthcare.NewClient(o)
client.IoTHub = iothub.NewClient(o)
diff --git a/azurerm/internal/provider/services.go b/azurerm/internal/provider/services.go
index 70d8913b5c2f..0006ecf98b83 100644
--- a/azurerm/internal/provider/services.go
+++ b/azurerm/internal/provider/services.go
@@ -24,7 +24,6 @@ import (
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/eventgrid"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/eventhub"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/frontdoor"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/graph"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/hdinsight"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/healthcare"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/iothub"
@@ -88,7 +87,6 @@ func SupportedServices() []common.ServiceRegistration {
eventgrid.Registration{},
eventhub.Registration{},
frontdoor.Registration{},
- graph.Registration{},
hdinsight.Registration{},
healthcare.Registration{},
iothub.Registration{},
diff --git a/azurerm/internal/services/authorization/client/client.go b/azurerm/internal/services/authorization/client/client.go
index e3eeea6c84a3..756528480fa7 100644
--- a/azurerm/internal/services/authorization/client/client.go
+++ b/azurerm/internal/services/authorization/client/client.go
@@ -1,13 +1,15 @@
package client
import (
+ "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
"github.com/Azure/azure-sdk-for-go/services/preview/authorization/mgmt/2018-09-01-preview/authorization"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/common"
)
type Client struct {
- RoleAssignmentsClient *authorization.RoleAssignmentsClient
- RoleDefinitionsClient *authorization.RoleDefinitionsClient
+ RoleAssignmentsClient *authorization.RoleAssignmentsClient
+ RoleDefinitionsClient *authorization.RoleDefinitionsClient
+ ServicePrincipalsClient *graphrbac.ServicePrincipalsClient
}
func NewClient(o *common.ClientOptions) *Client {
@@ -17,8 +19,12 @@ func NewClient(o *common.ClientOptions) *Client {
roleDefinitionsClient := authorization.NewRoleDefinitionsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
o.ConfigureClient(&roleDefinitionsClient.Client, o.ResourceManagerAuthorizer)
+ servicePrincipalsClient := graphrbac.NewServicePrincipalsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
+ o.ConfigureClient(&servicePrincipalsClient.Client, o.ResourceManagerAuthorizer)
+
return &Client{
- RoleAssignmentsClient: &roleAssignmentsClient,
- RoleDefinitionsClient: &roleDefinitionsClient,
+ RoleAssignmentsClient: &roleAssignmentsClient,
+ RoleDefinitionsClient: &roleDefinitionsClient,
+ ServicePrincipalsClient: &servicePrincipalsClient,
}
}
diff --git a/azurerm/internal/services/authorization/data_source_client_config.go b/azurerm/internal/services/authorization/data_source_client_config.go
index 5a0dc5656dff..165e183611fa 100644
--- a/azurerm/internal/services/authorization/data_source_client_config.go
+++ b/azurerm/internal/services/authorization/data_source_client_config.go
@@ -60,7 +60,7 @@ func dataSourceArmClientConfigRead(d *schema.ResourceData, meta interface{}) err
var servicePrincipal *graphrbac.ServicePrincipal
if client.Account.AuthenticatedAsAServicePrincipal {
- spClient := client.Graph.ServicePrincipalsClient
+ spClient := client.Authorization.ServicePrincipalsClient
// Application & Service Principal is 1:1 per tenant. Since we know the appId (client_id)
// here, we can query for the Service Principal whose appId matches.
filter := fmt.Sprintf("appId eq '%s'", client.Account.ClientId)
diff --git a/azurerm/internal/services/batch/tests/data_source_batch_account_test.go b/azurerm/internal/services/batch/tests/data_source_batch_account_test.go
index f6a5762f5eab..f4fbabc1d666 100644
--- a/azurerm/internal/services/batch/tests/data_source_batch_account_test.go
+++ b/azurerm/internal/services/batch/tests/data_source_batch_account_test.go
@@ -130,7 +130,7 @@ data "azurerm_batch_account" "test" {
func testAccDataSourceAzureBatchAccount_userSubscription(data acceptance.TestData, tenantID string, subscriptionID string) string {
return fmt.Sprintf(`
-data "azurerm_azuread_service_principal" "test" {
+data "azuread_service_principal" "test" {
display_name = "Microsoft Azure Batch"
}
@@ -154,7 +154,7 @@ resource "azurerm_key_vault" "test" {
access_policy {
tenant_id = "%s"
- object_id = "${data.azurerm_azuread_service_principal.test.object_id}"
+ object_id = "${data.azuread_service_principal.test.object_id}"
secret_permissions = [
"get",
@@ -169,7 +169,7 @@ resource "azurerm_key_vault" "test" {
resource "azurerm_role_assignment" "contribrole" {
scope = "/subscriptions/%s"
role_definition_name = "Contributor"
- principal_id = "${data.azurerm_azuread_service_principal.test.object_id}"
+ principal_id = "${data.azuread_service_principal.test.object_id}"
}
resource "azurerm_batch_account" "test" {
diff --git a/azurerm/internal/services/graph/client/client.go b/azurerm/internal/services/graph/client/client.go
deleted file mode 100644
index 3b613652a5f8..000000000000
--- a/azurerm/internal/services/graph/client/client.go
+++ /dev/null
@@ -1,24 +0,0 @@
-package client
-
-import (
- "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/common"
-)
-
-type Client struct {
- ApplicationsClient *graphrbac.ApplicationsClient
- ServicePrincipalsClient *graphrbac.ServicePrincipalsClient
-}
-
-func NewClient(o *common.ClientOptions) *Client {
- ApplicationsClient := graphrbac.NewApplicationsClientWithBaseURI(o.GraphEndpoint, o.TenantID)
- o.ConfigureClient(&ApplicationsClient.Client, o.GraphAuthorizer)
-
- ServicePrincipalsClient := graphrbac.NewServicePrincipalsClientWithBaseURI(o.GraphEndpoint, o.TenantID)
- o.ConfigureClient(&ServicePrincipalsClient.Client, o.GraphAuthorizer)
-
- return &Client{
- ApplicationsClient: &ApplicationsClient,
- ServicePrincipalsClient: &ServicePrincipalsClient,
- }
-}
diff --git a/azurerm/internal/services/graph/data_source_azuread_application.go b/azurerm/internal/services/graph/data_source_azuread_application.go
deleted file mode 100644
index 870b51b2c928..000000000000
--- a/azurerm/internal/services/graph/data_source_azuread_application.go
+++ /dev/null
@@ -1,150 +0,0 @@
-package graph
-
-import (
- "fmt"
- "log"
- "time"
-
- "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
- "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
-)
-
-func dataSourceArmAzureADApplication() *schema.Resource {
- return &schema.Resource{
- DeprecationMessage: `The Azure Active Directory resources have been split out into their own Provider.
-
-Information on migrating to the new AzureAD Provider can be found here: https://terraform.io/docs/providers/azurerm/guides/migrating-to-azuread.html
-
-As such the Azure Active Directory resources within the AzureRM Provider are now deprecated and will be removed in v2.0 of the AzureRM Provider.
-`,
- Read: dataSourceArmAzureADApplicationRead,
-
- Timeouts: &schema.ResourceTimeout{
- Read: schema.DefaultTimeout(5 * time.Minute),
- },
-
- Schema: map[string]*schema.Schema{
- "object_id": {
- Type: schema.TypeString,
- Optional: true,
- Computed: true,
- ConflictsWith: []string{"name"},
- },
-
- "name": {
- Type: schema.TypeString,
- Optional: true,
- Computed: true,
- ConflictsWith: []string{"object_id"},
- },
-
- "homepage": {
- Type: schema.TypeString,
- Computed: true,
- },
-
- "identifier_uris": {
- Type: schema.TypeList,
- Computed: true,
- Elem: &schema.Schema{
- Type: schema.TypeString,
- },
- },
-
- "reply_urls": {
- Type: schema.TypeList,
- Computed: true,
- Elem: &schema.Schema{
- Type: schema.TypeString,
- },
- },
-
- "available_to_other_tenants": {
- Type: schema.TypeBool,
- Computed: true,
- },
-
- "oauth2_allow_implicit_flow": {
- Type: schema.TypeBool,
- Computed: true,
- },
-
- "application_id": {
- Type: schema.TypeString,
- Computed: true,
- },
- },
- }
-}
-
-func dataSourceArmAzureADApplicationRead(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ApplicationsClient
- ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- var application graphrbac.Application
-
- if oId, ok := d.GetOk("object_id"); ok {
- // use the object_id to find the Azure AD application
- objectId := oId.(string)
- resp, err := client.Get(ctx, objectId)
- if err != nil {
- if utils.ResponseWasNotFound(resp.Response) {
- return fmt.Errorf("Error: AzureAD Application with ID %q was not found", objectId)
- }
-
- return fmt.Errorf("Error making Read request on AzureAD Application with ID %q: %+v", objectId, err)
- }
-
- application = resp
- } else {
- // use the name to find the Azure AD application
- name := d.Get("name").(string)
- filter := fmt.Sprintf("displayName eq '%s'", name)
- log.Printf("[DEBUG] [data_source_azuread_application] Using filter %q", filter)
-
- resp, err := client.ListComplete(ctx, filter)
-
- if err != nil {
- return fmt.Errorf("Error listing Azure AD Applications: %+v", err)
- }
-
- var app *graphrbac.Application
- for _, v := range *resp.Response().Value {
- if v.DisplayName != nil {
- if *v.DisplayName == name {
- app = &v
- break
- }
- }
- }
-
- if app == nil {
- return fmt.Errorf("Couldn't locate an Azure AD Application with a name of %q", name)
- }
-
- application = *app
- }
-
- d.SetId(*application.ObjectID)
-
- d.Set("object_id", application.ObjectID)
- d.Set("name", application.DisplayName)
- d.Set("application_id", application.AppID)
- d.Set("homepage", application.Homepage)
- d.Set("available_to_other_tenants", application.AvailableToOtherTenants)
- d.Set("oauth2_allow_implicit_flow", application.Oauth2AllowImplicitFlow)
-
- if err := d.Set("identifier_uris", application.IdentifierUris); err != nil {
- return fmt.Errorf("Error setting `identifier_uris`: %+v", err)
- }
-
- if err := d.Set("reply_urls", application.ReplyUrls); err != nil {
- return fmt.Errorf("Error setting `reply_urls`: %+v", err)
- }
-
- return nil
-}
diff --git a/azurerm/internal/services/graph/data_source_azuread_service_principal.go b/azurerm/internal/services/graph/data_source_azuread_service_principal.go
deleted file mode 100644
index fa054e83bb9f..000000000000
--- a/azurerm/internal/services/graph/data_source_azuread_service_principal.go
+++ /dev/null
@@ -1,133 +0,0 @@
-package graph
-
-import (
- "fmt"
- "log"
- "time"
-
- "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
- "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
-)
-
-func dataSourceArmActiveDirectoryServicePrincipal() *schema.Resource {
- return &schema.Resource{
- DeprecationMessage: `The Azure Active Directory resources have been split out into their own Provider.
-
-Information on migrating to the new AzureAD Provider can be found here: https://terraform.io/docs/providers/azurerm/guides/migrating-to-azuread.html
-
-As such the Azure Active Directory resources within the AzureRM Provider are now deprecated and will be removed in v2.0 of the AzureRM Provider.
-`,
- Read: dataSourceArmActiveDirectoryServicePrincipalRead,
-
- Timeouts: &schema.ResourceTimeout{
- Read: schema.DefaultTimeout(5 * time.Minute),
- },
-
- Schema: map[string]*schema.Schema{
- "object_id": {
- Type: schema.TypeString,
- Optional: true,
- Computed: true,
- ConflictsWith: []string{"display_name", "application_id"},
- },
-
- "display_name": {
- Type: schema.TypeString,
- Optional: true,
- Computed: true,
- ConflictsWith: []string{"object_id", "application_id"},
- },
-
- "application_id": {
- Type: schema.TypeString,
- Optional: true,
- Computed: true,
- ConflictsWith: []string{"object_id", "display_name"},
- },
- },
- }
-}
-
-func dataSourceArmActiveDirectoryServicePrincipalRead(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ServicePrincipalsClient
- ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- var servicePrincipal *graphrbac.ServicePrincipal
-
- if v, ok := d.GetOk("object_id"); ok {
- //use the object_id to find the Azure AD service principal
- objectId := v.(string)
- app, err := client.Get(ctx, objectId)
- if err != nil {
- if utils.ResponseWasNotFound(app.Response) {
- return fmt.Errorf("Service Principal with Object ID %q was not found!", objectId)
- }
-
- return fmt.Errorf("Error retrieving Service Principal ID %q: %+v", objectId, err)
- }
-
- servicePrincipal = &app
- } else if _, ok := d.GetOk("display_name"); ok {
- // use the display_name to find the Azure AD service principal
- displayName := d.Get("display_name").(string)
- filter := fmt.Sprintf("displayName eq '%s'", displayName)
- log.Printf("[DEBUG] [data_source_azuread_service_principal] Using filter %q", filter)
-
- apps, err := client.ListComplete(ctx, filter)
- if err != nil {
- return fmt.Errorf("Error listing Service Principals: %+v", err)
- }
-
- for _, app := range *apps.Response().Value {
- if app.DisplayName == nil {
- continue
- }
-
- if *app.DisplayName == displayName {
- servicePrincipal = &app
- break
- }
- }
-
- if servicePrincipal == nil {
- return fmt.Errorf("A Service Principal with the Display Name %q was not found", displayName)
- }
- } else {
- // use the application_id to find the Azure AD service principal
- applicationId := d.Get("application_id").(string)
- filter := fmt.Sprintf("appId eq '%s'", applicationId)
- log.Printf("[DEBUG] [data_source_azuread_service_principal] Using filter %q", filter)
-
- apps, err := client.ListComplete(ctx, filter)
- if err != nil {
- return fmt.Errorf("Error listing Service Principals: %+v", err)
- }
-
- for _, app := range *apps.Response().Value {
- if app.AppID == nil {
- continue
- }
-
- if *app.AppID == applicationId {
- servicePrincipal = &app
- break
- }
- }
-
- if servicePrincipal == nil {
- return fmt.Errorf("A Service Principal for Application ID %q was not found", applicationId)
- }
- }
-
- d.SetId(*servicePrincipal.ObjectID)
-
- d.Set("application_id", servicePrincipal.AppID)
- d.Set("display_name", servicePrincipal.DisplayName)
- d.Set("object_id", servicePrincipal.ObjectID)
-
- return nil
-}
diff --git a/azurerm/internal/services/graph/registration.go b/azurerm/internal/services/graph/registration.go
deleted file mode 100644
index 1db0f8b85692..000000000000
--- a/azurerm/internal/services/graph/registration.go
+++ /dev/null
@@ -1,27 +0,0 @@
-package graph
-
-import (
- "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
-)
-
-type Registration struct{}
-
-// Name is the name of this Service
-func (r Registration) Name() string {
- return "Graph"
-}
-
-// SupportedDataSources returns the supported Data Sources supported by this Service
-func (r Registration) SupportedDataSources() map[string]*schema.Resource {
- return map[string]*schema.Resource{
- "azurerm_azuread_application": dataSourceArmAzureADApplication(),
- "azurerm_azuread_service_principal": dataSourceArmActiveDirectoryServicePrincipal()}
-}
-
-// SupportedResources returns the supported Resources supported by this Service
-func (r Registration) SupportedResources() map[string]*schema.Resource {
- return map[string]*schema.Resource{
- "azurerm_azuread_application": resourceArmActiveDirectoryApplication(),
- "azurerm_azuread_service_principal_password": resourceArmActiveDirectoryServicePrincipalPassword(),
- "azurerm_azuread_service_principal": resourceArmActiveDirectoryServicePrincipal()}
-}
diff --git a/azurerm/internal/services/graph/resource_arm_azuread_application.go b/azurerm/internal/services/graph/resource_arm_azuread_application.go
deleted file mode 100644
index fb779fbec982..000000000000
--- a/azurerm/internal/services/graph/resource_arm_azuread_application.go
+++ /dev/null
@@ -1,262 +0,0 @@
-package graph
-
-import (
- "fmt"
- "log"
- "time"
-
- "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
- "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
- "github.com/hashicorp/terraform-plugin-sdk/helper/validation"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
-)
-
-func resourceArmActiveDirectoryApplication() *schema.Resource {
- return &schema.Resource{
- DeprecationMessage: `The Azure Active Directory resources have been split out into their own Provider.
-
-Information on migrating to the new AzureAD Provider can be found here: https://terraform.io/docs/providers/azurerm/guides/migrating-to-azuread.html
-
-As such the Azure Active Directory resources within the AzureRM Provider are now deprecated and will be removed in v2.0 of the AzureRM Provider.
-`,
- Create: resourceArmActiveDirectoryApplicationCreate,
- Read: resourceArmActiveDirectoryApplicationRead,
- Update: resourceArmActiveDirectoryApplicationUpdate,
- Delete: resourceArmActiveDirectoryApplicationDelete,
- Importer: &schema.ResourceImporter{
- State: schema.ImportStatePassthrough,
- },
-
- Timeouts: &schema.ResourceTimeout{
- Create: schema.DefaultTimeout(30 * time.Minute),
- Read: schema.DefaultTimeout(5 * time.Minute),
- Update: schema.DefaultTimeout(30 * time.Minute),
- Delete: schema.DefaultTimeout(30 * time.Minute),
- },
-
- Schema: map[string]*schema.Schema{
- "name": {
- Type: schema.TypeString,
- Required: true,
- ValidateFunc: validation.StringIsNotEmpty,
- },
-
- "homepage": {
- Type: schema.TypeString,
- Optional: true,
- Computed: true,
- ValidateFunc: validation.IsURLWithHTTPS,
- },
-
- "identifier_uris": {
- Type: schema.TypeList,
- Optional: true,
- Computed: true,
- MinItems: 1,
- Elem: &schema.Schema{
- Type: schema.TypeString,
- ValidateFunc: validation.IsURLWithScheme([]string{"http", "https"}),
- },
- },
-
- "reply_urls": {
- Type: schema.TypeList,
- Optional: true,
- Computed: true,
- Elem: &schema.Schema{
- Type: schema.TypeString,
- ValidateFunc: validation.IsURLWithScheme([]string{"http", "https"}),
- },
- },
-
- "available_to_other_tenants": {
- Type: schema.TypeBool,
- Optional: true,
- },
-
- "oauth2_allow_implicit_flow": {
- Type: schema.TypeBool,
- Optional: true,
- },
-
- "application_id": {
- Type: schema.TypeString,
- Computed: true,
- },
- },
- }
-}
-
-func resourceArmActiveDirectoryApplicationCreate(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ApplicationsClient
- ctx, cancel := timeouts.ForCreate(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- // NOTE: name isn't the Resource ID here, so we don't check it exists
- name := d.Get("name").(string)
- availableToOtherTenants := d.Get("available_to_other_tenants").(bool)
-
- properties := graphrbac.ApplicationCreateParameters{
- DisplayName: &name,
- Homepage: expandAzureRmActiveDirectoryApplicationHomepage(d, name),
- IdentifierUris: expandAzureRmActiveDirectoryApplicationIdentifierUris(d),
- ReplyUrls: expandAzureRmActiveDirectoryApplicationReplyUrls(d),
- AvailableToOtherTenants: utils.Bool(availableToOtherTenants),
- }
-
- if v, ok := d.GetOk("oauth2_allow_implicit_flow"); ok {
- properties.Oauth2AllowImplicitFlow = utils.Bool(v.(bool))
- }
-
- app, err := client.Create(ctx, properties)
- if err != nil {
- return err
- }
-
- d.SetId(*app.ObjectID)
-
- return resourceArmActiveDirectoryApplicationRead(d, meta)
-}
-
-func resourceArmActiveDirectoryApplicationUpdate(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ApplicationsClient
- ctx, cancel := timeouts.ForUpdate(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- name := d.Get("name").(string)
-
- var properties graphrbac.ApplicationUpdateParameters
-
- if d.HasChange("name") {
- properties.DisplayName = &name
- }
-
- if d.HasChange("homepage") {
- properties.Homepage = expandAzureRmActiveDirectoryApplicationHomepage(d, name)
- }
-
- if d.HasChange("identifier_uris") {
- properties.IdentifierUris = expandAzureRmActiveDirectoryApplicationIdentifierUris(d)
- }
-
- if d.HasChange("reply_urls") {
- properties.ReplyUrls = expandAzureRmActiveDirectoryApplicationReplyUrls(d)
- }
-
- if d.HasChange("available_to_other_tenants") {
- availableToOtherTenants := d.Get("available_to_other_tenants").(bool)
- properties.AvailableToOtherTenants = utils.Bool(availableToOtherTenants)
- }
-
- if d.HasChange("oauth2_allow_implicit_flow") {
- oauth := d.Get("oauth2_allow_implicit_flow").(bool)
- properties.Oauth2AllowImplicitFlow = utils.Bool(oauth)
- }
-
- if _, err := client.Patch(ctx, d.Id(), properties); err != nil {
- return fmt.Errorf("Error patching Azure AD Application with ID %q: %+v", d.Id(), err)
- }
-
- return resourceArmActiveDirectoryApplicationRead(d, meta)
-}
-
-func resourceArmActiveDirectoryApplicationRead(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ApplicationsClient
- ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- resp, err := client.Get(ctx, d.Id())
- if err != nil {
- if utils.ResponseWasNotFound(resp.Response) {
- log.Printf("[DEBUG] Azure AD Application with ID %q was not found - removing from state", d.Id())
- d.SetId("")
- return nil
- }
-
- return fmt.Errorf("Error retrieving Azure AD Application with ID %q: %+v", d.Id(), err)
- }
-
- d.Set("name", resp.DisplayName)
- d.Set("application_id", resp.AppID)
- d.Set("homepage", resp.Homepage)
- d.Set("available_to_other_tenants", resp.AvailableToOtherTenants)
- d.Set("oauth2_allow_implicit_flow", resp.Oauth2AllowImplicitFlow)
-
- identifierUris := make([]string, 0)
- if s := resp.IdentifierUris; s != nil {
- identifierUris = *s
- }
- if err := d.Set("identifier_uris", identifierUris); err != nil {
- return fmt.Errorf("Error setting `identifier_uris`: %+v", err)
- }
-
- replyUrls := make([]string, 0)
- if s := resp.ReplyUrls; s != nil {
- replyUrls = *s
- }
- if err := d.Set("reply_urls", replyUrls); err != nil {
- return fmt.Errorf("Error setting `reply_urls`: %+v", err)
- }
-
- return nil
-}
-
-func resourceArmActiveDirectoryApplicationDelete(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ApplicationsClient
- ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- // in order to delete an application which is available to other tenants, we first have to disable this setting
- availableToOtherTenants := d.Get("available_to_other_tenants").(bool)
- if availableToOtherTenants {
- log.Printf("[DEBUG] Azure AD Application is available to other tenants - disabling that feature before deleting.")
- properties := graphrbac.ApplicationUpdateParameters{
- AvailableToOtherTenants: utils.Bool(false),
- }
-
- if _, err := client.Patch(ctx, d.Id(), properties); err != nil {
- return fmt.Errorf("Error patching Azure AD Application with ID %q: %+v", d.Id(), err)
- }
- }
-
- resp, err := client.Delete(ctx, d.Id())
- if err != nil {
- if !utils.ResponseWasNotFound(resp) {
- return fmt.Errorf("Error Deleting Azure AD Application with ID %q: %+v", d.Id(), err)
- }
- }
-
- return nil
-}
-
-func expandAzureRmActiveDirectoryApplicationHomepage(d *schema.ResourceData, name string) *string {
- if v, ok := d.GetOk("homepage"); ok {
- return utils.String(v.(string))
- }
-
- return utils.String(fmt.Sprintf("https://%s", name))
-}
-
-func expandAzureRmActiveDirectoryApplicationIdentifierUris(d *schema.ResourceData) *[]string {
- identifierUris := d.Get("identifier_uris").([]interface{})
- identifiers := make([]string, 0)
-
- for _, id := range identifierUris {
- identifiers = append(identifiers, id.(string))
- }
-
- return &identifiers
-}
-
-func expandAzureRmActiveDirectoryApplicationReplyUrls(d *schema.ResourceData) *[]string {
- replyUrls := d.Get("reply_urls").([]interface{})
- urls := make([]string, 0)
-
- for _, url := range replyUrls {
- urls = append(urls, url.(string))
- }
-
- return &urls
-}
diff --git a/azurerm/internal/services/graph/resource_arm_azuread_service_principal.go b/azurerm/internal/services/graph/resource_arm_azuread_service_principal.go
deleted file mode 100644
index 7f00756957ce..000000000000
--- a/azurerm/internal/services/graph/resource_arm_azuread_service_principal.go
+++ /dev/null
@@ -1,142 +0,0 @@
-package graph
-
-import (
- "fmt"
- "log"
- "time"
-
- "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
- "github.com/hashicorp/go-azure-helpers/response"
- "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
-)
-
-var servicePrincipalResourceName = "azurerm_service_principal"
-
-func resourceArmActiveDirectoryServicePrincipal() *schema.Resource {
- return &schema.Resource{
- DeprecationMessage: `The Azure Active Directory resources have been split out into their own Provider.
-
-Information on migrating to the new AzureAD Provider can be found here: https://terraform.io/docs/providers/azurerm/guides/migrating-to-azuread.html
-
-As such the Azure Active Directory resources within the AzureRM Provider are now deprecated and will be removed in v2.0 of the AzureRM Provider.
-`,
- Create: resourceArmActiveDirectoryServicePrincipalCreate,
- Read: resourceArmActiveDirectoryServicePrincipalRead,
- Delete: resourceArmActiveDirectoryServicePrincipalDelete,
- Importer: &schema.ResourceImporter{
- State: schema.ImportStatePassthrough,
- },
-
- Timeouts: &schema.ResourceTimeout{
- Create: schema.DefaultTimeout(30 * time.Minute),
- Read: schema.DefaultTimeout(5 * time.Minute),
- Update: schema.DefaultTimeout(30 * time.Minute),
- Delete: schema.DefaultTimeout(30 * time.Minute),
- },
-
- Schema: map[string]*schema.Schema{
- "application_id": {
- Type: schema.TypeString,
- Required: true,
- ForceNew: true,
- },
- "display_name": {
- Type: schema.TypeString,
- Computed: true,
- },
- },
- }
-}
-
-func resourceArmActiveDirectoryServicePrincipalCreate(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ServicePrincipalsClient
- ctx, cancel := timeouts.ForCreate(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- applicationId := d.Get("application_id").(string)
-
- apps, err := client.ListComplete(ctx, "")
- if err != nil {
- return fmt.Errorf("Error checking for existence of Service Principal %q: %+v", applicationId, err)
- }
-
- for apps.NotDone() {
- a := apps.Value()
- if a.AppID == nil || a.ObjectID == nil {
- continue
- }
-
- if *a.AppID == applicationId {
- return tf.ImportAsExistsError("azurerm_azuread_service_principal", *a.ObjectID)
- }
-
- e := apps.Next()
- if e != nil {
- return e
- }
- }
-
- properties := graphrbac.ServicePrincipalCreateParameters{
- AppID: utils.String(applicationId),
- // there's no way of retrieving this, and there's no way of changing it
- // given there's no way to change it - we'll just default this to true
- AccountEnabled: utils.Bool(true),
- }
-
- app, err := client.Create(ctx, properties)
- if err != nil {
- return fmt.Errorf("Error creating Service Principal %q: %+v", applicationId, err)
- }
-
- objectId := *app.ObjectID
- resp, err := client.Get(ctx, objectId)
- if err != nil {
- return fmt.Errorf("Error retrieving Service Principal ID %q: %+v", objectId, err)
- }
-
- d.SetId(*resp.ObjectID)
-
- return resourceArmActiveDirectoryServicePrincipalRead(d, meta)
-}
-
-func resourceArmActiveDirectoryServicePrincipalRead(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ServicePrincipalsClient
- ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- objectId := d.Id()
- app, err := client.Get(ctx, objectId)
- if err != nil {
- if utils.ResponseWasNotFound(app.Response) {
- log.Printf("[DEBUG] Service Principal with Object ID %q was not found - removing from state!", objectId)
- d.SetId("")
- return nil
- }
- return fmt.Errorf("Error retrieving Service Principal ID %q: %+v", objectId, err)
- }
-
- d.Set("application_id", app.AppID)
- d.Set("display_name", app.DisplayName)
-
- return nil
-}
-
-func resourceArmActiveDirectoryServicePrincipalDelete(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ServicePrincipalsClient
- ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- applicationId := d.Id()
- app, err := client.Delete(ctx, applicationId)
- if err != nil {
- if !response.WasNotFound(app.Response) {
- return fmt.Errorf("Error deleting Service Principal ID %q: %+v", applicationId, err)
- }
- }
-
- return nil
-}
diff --git a/azurerm/internal/services/graph/resource_arm_azuread_service_principal_password.go b/azurerm/internal/services/graph/resource_arm_azuread_service_principal_password.go
deleted file mode 100644
index 196005893b75..000000000000
--- a/azurerm/internal/services/graph/resource_arm_azuread_service_principal_password.go
+++ /dev/null
@@ -1,272 +0,0 @@
-package graph
-
-import (
- "fmt"
- "log"
- "strings"
- "time"
-
- "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
- "github.com/Azure/go-autorest/autorest/date"
- "github.com/hashicorp/go-uuid"
- "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
- "github.com/hashicorp/terraform-plugin-sdk/helper/validation"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/locks"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
-)
-
-func resourceArmActiveDirectoryServicePrincipalPassword() *schema.Resource {
- return &schema.Resource{
- DeprecationMessage: `The Azure Active Directory resources have been split out into their own Provider.
-
-Information on migrating to the new AzureAD Provider can be found here: https://terraform.io/docs/providers/azurerm/guides/migrating-to-azuread.html
-
-As such the Azure Active Directory resources within the AzureRM Provider are now deprecated and will be removed in v2.0 of the AzureRM Provider.
-`,
- Create: resourceArmActiveDirectoryServicePrincipalPasswordCreate,
- Read: resourceArmActiveDirectoryServicePrincipalPasswordRead,
- Delete: resourceArmActiveDirectoryServicePrincipalPasswordDelete,
- Importer: &schema.ResourceImporter{
- State: schema.ImportStatePassthrough,
- },
-
- Timeouts: &schema.ResourceTimeout{
- Create: schema.DefaultTimeout(30 * time.Minute),
- Read: schema.DefaultTimeout(5 * time.Minute),
- Update: schema.DefaultTimeout(30 * time.Minute),
- Delete: schema.DefaultTimeout(30 * time.Minute),
- },
-
- Schema: map[string]*schema.Schema{
- "service_principal_id": {
- Type: schema.TypeString,
- Required: true,
- ForceNew: true,
- ValidateFunc: validation.IsUUID,
- },
-
- "key_id": {
- Type: schema.TypeString,
- Optional: true,
- Computed: true,
- ForceNew: true,
- ValidateFunc: validation.IsUUID,
- },
-
- "value": {
- Type: schema.TypeString,
- Required: true,
- ForceNew: true,
- Sensitive: true,
- },
-
- "start_date": {
- Type: schema.TypeString,
- Optional: true,
- Computed: true,
- ForceNew: true,
- ValidateFunc: validate.RFC3339Time,
- },
-
- "end_date": {
- Type: schema.TypeString,
- Required: true,
- ForceNew: true,
- ValidateFunc: validate.RFC3339Time,
- },
- },
- }
-}
-
-func resourceArmActiveDirectoryServicePrincipalPasswordCreate(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ServicePrincipalsClient
- ctx, cancel := timeouts.ForCreate(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- objectId := d.Get("service_principal_id").(string)
- value := d.Get("value").(string)
- // errors will be handled by the validation
- endDate, _ := time.Parse(time.RFC3339, d.Get("end_date").(string))
-
- var keyId string
- if v, ok := d.GetOk("key_id"); ok {
- keyId = v.(string)
- } else {
- kid, err := uuid.GenerateUUID()
- if err != nil {
- return err
- }
-
- keyId = kid
- }
-
- credential := graphrbac.PasswordCredential{
- KeyID: utils.String(keyId),
- Value: utils.String(value),
- EndDate: &date.Time{Time: endDate},
- }
-
- if v, ok := d.GetOk("start_date"); ok {
- // errors will be handled by the validation
- startDate, _ := time.Parse(time.RFC3339, v.(string))
- credential.StartDate = &date.Time{Time: startDate}
- }
-
- locks.ByName(objectId, servicePrincipalResourceName)
- defer locks.UnlockByName(objectId, servicePrincipalResourceName)
-
- existingCredentials, err := client.ListPasswordCredentials(ctx, objectId)
- if err != nil {
- return fmt.Errorf("Error Listing Password Credentials for Service Principal %q: %+v", objectId, err)
- }
-
- updatedCredentials := make([]graphrbac.PasswordCredential, 0)
- if existingCredentials.Value != nil {
- for _, v := range *existingCredentials.Value {
- if v.KeyID == nil {
- continue
- }
-
- if *v.KeyID == keyId {
- return tf.ImportAsExistsError("azurerm_azuread_service_principal_password", fmt.Sprintf("%s/%s", objectId, keyId))
- }
- }
-
- updatedCredentials = *existingCredentials.Value
- }
-
- updatedCredentials = append(updatedCredentials, credential)
-
- parameters := graphrbac.PasswordCredentialsUpdateParameters{
- Value: &updatedCredentials,
- }
- _, err = client.UpdatePasswordCredentials(ctx, objectId, parameters)
- if err != nil {
- return fmt.Errorf("Error creating Password Credential %q for Service Principal %q: %+v", keyId, objectId, err)
- }
-
- d.SetId(fmt.Sprintf("%s/%s", objectId, keyId))
-
- return resourceArmActiveDirectoryServicePrincipalPasswordRead(d, meta)
-}
-
-func resourceArmActiveDirectoryServicePrincipalPasswordRead(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ServicePrincipalsClient
- ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- id := strings.Split(d.Id(), "/")
- if len(id) != 2 {
- return fmt.Errorf("ID should be in the format {objectId}/{keyId} - but got %q", d.Id())
- }
-
- objectId := id[0]
- keyId := id[1]
-
- // ensure the parent Service Principal exists
- servicePrincipal, err := client.Get(ctx, objectId)
- if err != nil {
- // the parent Service Principal has been removed - skip it
- if utils.ResponseWasNotFound(servicePrincipal.Response) {
- log.Printf("[DEBUG] Service Principal with Object ID %q was not found - removing from state!", objectId)
- d.SetId("")
- return nil
- }
- return fmt.Errorf("Error retrieving Service Principal ID %q: %+v", objectId, err)
- }
-
- credentials, err := client.ListPasswordCredentials(ctx, objectId)
- if err != nil {
- return fmt.Errorf("Error Listing Password Credentials for Service Principal with Object ID %q: %+v", objectId, err)
- }
-
- var credential *graphrbac.PasswordCredential
- for _, c := range *credentials.Value {
- if c.KeyID == nil {
- continue
- }
-
- if *c.KeyID == keyId {
- credential = &c
- break
- }
- }
-
- if credential == nil {
- log.Printf("[DEBUG] Service Principal Password %q (Object ID %q) was not found - removing from state!", keyId, objectId)
- d.SetId("")
- return nil
- }
-
- // value is available in the SDK but isn't returned from the API
- d.Set("key_id", credential.KeyID)
- d.Set("service_principal_id", objectId)
-
- if endDate := credential.EndDate; endDate != nil {
- d.Set("end_date", endDate.Format(time.RFC3339))
- }
-
- if startDate := credential.StartDate; startDate != nil {
- d.Set("start_date", startDate.Format(time.RFC3339))
- }
-
- return nil
-}
-
-func resourceArmActiveDirectoryServicePrincipalPasswordDelete(d *schema.ResourceData, meta interface{}) error {
- client := meta.(*clients.Client).Graph.ServicePrincipalsClient
- ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
- defer cancel()
-
- id := strings.Split(d.Id(), "/")
- if len(id) != 2 {
- return fmt.Errorf("ID should be in the format {objectId}/{keyId} - but got %q", d.Id())
- }
-
- objectId := id[0]
- keyId := id[1]
-
- locks.ByName(objectId, servicePrincipalResourceName)
- defer locks.UnlockByName(objectId, servicePrincipalResourceName)
-
- // ensure the parent Service Principal exists
- servicePrincipal, err := client.Get(ctx, objectId)
- if err != nil {
- // the parent Service Principal was removed - skip it
- if utils.ResponseWasNotFound(servicePrincipal.Response) {
- return nil
- }
-
- return fmt.Errorf("Error retrieving Service Principal ID %q: %+v", objectId, err)
- }
-
- existing, err := client.ListPasswordCredentials(ctx, objectId)
- if err != nil {
- return fmt.Errorf("Error Listing Password Credentials for Service Principal with Object ID %q: %+v", objectId, err)
- }
-
- updatedCredentials := make([]graphrbac.PasswordCredential, 0)
- for _, credential := range *existing.Value {
- if credential.KeyID == nil {
- continue
- }
-
- if *credential.KeyID != keyId {
- updatedCredentials = append(updatedCredentials, credential)
- }
- }
-
- parameters := graphrbac.PasswordCredentialsUpdateParameters{
- Value: &updatedCredentials,
- }
- _, err = client.UpdatePasswordCredentials(ctx, objectId, parameters)
- if err != nil {
- return fmt.Errorf("Error removing Password %q from Service Principal %q: %+v", keyId, objectId, err)
- }
-
- return nil
-}
diff --git a/azurerm/internal/services/graph/tests/data_source_azuread_application_test.go b/azurerm/internal/services/graph/tests/data_source_azuread_application_test.go
deleted file mode 100644
index 89013b867249..000000000000
--- a/azurerm/internal/services/graph/tests/data_source_azuread_application_test.go
+++ /dev/null
@@ -1,126 +0,0 @@
-package tests
-
-import (
- "fmt"
- "testing"
-
- "github.com/google/uuid"
- "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
-)
-
-func TestAccDataSourceAzureRMAzureADApplication_byObjectId(t *testing.T) {
- data := acceptance.BuildTestData(t, "data.azurerm_azuread_application", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryApplicationDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryApplication_basic(id),
- },
- {
- Config: testAccDataSourceAzureRMAzureADApplication_objectId(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryApplicationExists(data.ResourceName),
- resource.TestCheckResourceAttr(data.ResourceName, "name", fmt.Sprintf("acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "homepage", fmt.Sprintf("https://acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "identifier_uris.#", "0"),
- resource.TestCheckResourceAttr(data.ResourceName, "reply_urls.#", "0"),
- resource.TestCheckResourceAttr(data.ResourceName, "oauth2_allow_implicit_flow", "false"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- ),
- },
- },
- })
-}
-
-func TestAccDataSourceAzureRMAzureADApplication_byObjectIdComplete(t *testing.T) {
- data := acceptance.BuildTestData(t, "data.azurerm_azuread_application", "test")
- id := uuid.New().String()
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryApplicationDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryApplication_complete(id),
- },
- {
- Config: testAccDataSourceAzureRMAzureADApplication_objectIdComplete(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryApplicationExists(data.ResourceName),
- resource.TestCheckResourceAttr(data.ResourceName, "name", fmt.Sprintf("acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "homepage", fmt.Sprintf("https://homepage-%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "identifier_uris.#", "1"),
- resource.TestCheckResourceAttr(data.ResourceName, "reply_urls.#", "1"),
- resource.TestCheckResourceAttr(data.ResourceName, "oauth2_allow_implicit_flow", "true"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- ),
- },
- },
- })
-}
-
-func TestAccDataSourceAzureRMAzureADApplication_byName(t *testing.T) {
- data := acceptance.BuildTestData(t, "data.azurerm_azuread_application", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryApplicationDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryApplication_basic(id),
- },
- {
- Config: testAccDataSourceAzureRMAzureADApplication_name(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryApplicationExists(data.ResourceName),
- resource.TestCheckResourceAttr(data.ResourceName, "name", fmt.Sprintf("acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "homepage", fmt.Sprintf("https://acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "identifier_uris.#", "0"),
- resource.TestCheckResourceAttr(data.ResourceName, "reply_urls.#", "0"),
- resource.TestCheckResourceAttr(data.ResourceName, "oauth2_allow_implicit_flow", "false"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- ),
- },
- },
- })
-}
-
-func testAccDataSourceAzureRMAzureADApplication_objectId(id string) string {
- template := testAccAzureRMActiveDirectoryApplication_basic(id)
- return fmt.Sprintf(`
-%s
-
-data "azurerm_azuread_application" "test" {
- object_id = "${azurerm_azuread_application.test.id}"
-}
-`, template)
-}
-
-func testAccDataSourceAzureRMAzureADApplication_objectIdComplete(id string) string {
- template := testAccAzureRMActiveDirectoryApplication_complete(id)
- return fmt.Sprintf(`
-%s
-
-data "azurerm_azuread_application" "test" {
- object_id = "${azurerm_azuread_application.test.id}"
-}
-`, template)
-}
-
-func testAccDataSourceAzureRMAzureADApplication_name(id string) string {
- template := testAccAzureRMActiveDirectoryApplication_basic(id)
- return fmt.Sprintf(`
-%s
-
-data "azurerm_azuread_application" "test" {
- name = "${azurerm_azuread_application.test.name}"
-}
-`, template)
-}
diff --git a/azurerm/internal/services/graph/tests/data_source_azuread_service_principal_test.go b/azurerm/internal/services/graph/tests/data_source_azuread_service_principal_test.go
deleted file mode 100644
index 57c3bda84a4d..000000000000
--- a/azurerm/internal/services/graph/tests/data_source_azuread_service_principal_test.go
+++ /dev/null
@@ -1,109 +0,0 @@
-package tests
-
-import (
- "fmt"
- "testing"
-
- "github.com/google/uuid"
- "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
-)
-
-func TestAccDataSourceAzureRMAzureADServicePrincipal_byApplicationId(t *testing.T) {
- data := acceptance.BuildTestData(t, "data.azurerm_azuread_service_principal", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryServicePrincipalDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccDataSourceAzureRMAzureADServicePrincipal_byApplicationId(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryServicePrincipalExists(data.ResourceName),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "object_id"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "display_name"),
- ),
- },
- },
- })
-}
-
-func TestAccDataSourceAzureRMAzureADServicePrincipal_byDisplayName(t *testing.T) {
- data := acceptance.BuildTestData(t, "data.azurerm_azuread_service_principal", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryServicePrincipalDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccDataSourceAzureRMAzureADServicePrincipal_byDisplayName(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryServicePrincipalExists(data.ResourceName),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "object_id"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "display_name"),
- ),
- },
- },
- })
-}
-
-func TestAccDataSourceAzureRMAzureADServicePrincipal_byObjectId(t *testing.T) {
- data := acceptance.BuildTestData(t, "data.azurerm_azuread_service_principal", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryServicePrincipalDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccDataSourceAzureRMAzureADServicePrincipal_byObjectId(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryServicePrincipalExists(data.ResourceName),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "object_id"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "display_name"),
- ),
- },
- },
- })
-}
-
-func testAccDataSourceAzureRMAzureADServicePrincipal_byApplicationId(id string) string {
- template := testAccAzureRMActiveDirectoryServicePrincipal_basic(id)
- return fmt.Sprintf(`
-%s
-
-data "azurerm_azuread_service_principal" "test" {
- application_id = "${azurerm_azuread_service_principal.test.application_id}"
-}
-`, template)
-}
-
-func testAccDataSourceAzureRMAzureADServicePrincipal_byDisplayName(id string) string {
- template := testAccAzureRMActiveDirectoryServicePrincipal_basic(id)
- return fmt.Sprintf(`
-%s
-
-data "azurerm_azuread_service_principal" "test" {
- display_name = "${azurerm_azuread_service_principal.test.display_name}"
-}
-`, template)
-}
-
-func testAccDataSourceAzureRMAzureADServicePrincipal_byObjectId(id string) string {
- template := testAccAzureRMActiveDirectoryServicePrincipal_basic(id)
- return fmt.Sprintf(`
-%s
-
-data "azurerm_azuread_service_principal" "test" {
- object_id = "${azurerm_azuread_service_principal.test.id}"
-}
-`, template)
-}
diff --git a/azurerm/internal/services/graph/tests/resource_arm_azuread_application_test.go b/azurerm/internal/services/graph/tests/resource_arm_azuread_application_test.go
deleted file mode 100644
index 5696dae8302e..000000000000
--- a/azurerm/internal/services/graph/tests/resource_arm_azuread_application_test.go
+++ /dev/null
@@ -1,195 +0,0 @@
-package tests
-
-import (
- "fmt"
- "testing"
-
- "github.com/google/uuid"
- "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
- "github.com/hashicorp/terraform-plugin-sdk/terraform"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
-)
-
-func TestAccAzureRMActiveDirectoryApplication_basic(t *testing.T) {
- data := acceptance.BuildTestData(t, "azurerm_azuread_application", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryApplicationDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryApplication_basic(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryApplicationExists(data.ResourceName),
- resource.TestCheckResourceAttr(data.ResourceName, "name", fmt.Sprintf("acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "homepage", fmt.Sprintf("https://acctest%s", id)),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- ),
- },
- data.ImportStep(),
- },
- })
-}
-
-func TestAccAzureRMActiveDirectoryApplication_availableToOtherTenants(t *testing.T) {
- data := acceptance.BuildTestData(t, "azurerm_azuread_application", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryApplicationDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryApplication_availableToOtherTenants(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryApplicationExists(data.ResourceName),
- resource.TestCheckResourceAttr(data.ResourceName, "available_to_other_tenants", "true"),
- ),
- },
- data.ImportStep(),
- },
- })
-}
-
-func TestAccAzureRMActiveDirectoryApplication_complete(t *testing.T) {
- data := acceptance.BuildTestData(t, "azurerm_azuread_application", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryApplicationDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryApplication_complete(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryApplicationExists(data.ResourceName),
- resource.TestCheckResourceAttr(data.ResourceName, "name", fmt.Sprintf("acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "homepage", fmt.Sprintf("https://homepage-%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "identifier_uris.#", "1"),
- resource.TestCheckResourceAttr(data.ResourceName, "reply_urls.#", "1"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- ),
- },
- data.ImportStep(),
- },
- })
-}
-
-func TestAccAzureRMActiveDirectoryApplication_update(t *testing.T) {
- data := acceptance.BuildTestData(t, "azurerm_azuread_application", "test")
- id := uuid.New().String()
-
- updatedId := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryApplicationDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryApplication_basic(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryApplicationExists(data.ResourceName),
- resource.TestCheckResourceAttr(data.ResourceName, "name", fmt.Sprintf("acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "homepage", fmt.Sprintf("https://acctest%s", id)),
- resource.TestCheckResourceAttr(data.ResourceName, "identifier_uris.#", "0"),
- resource.TestCheckResourceAttr(data.ResourceName, "reply_urls.#", "0"),
- ),
- },
- {
- Config: testAccAzureRMActiveDirectoryApplication_complete(updatedId),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryApplicationExists(data.ResourceName),
- resource.TestCheckResourceAttr(data.ResourceName, "name", fmt.Sprintf("acctest%s", updatedId)),
- resource.TestCheckResourceAttr(data.ResourceName, "homepage", fmt.Sprintf("https://homepage-%s", updatedId)),
- resource.TestCheckResourceAttr(data.ResourceName, "identifier_uris.#", "1"),
- resource.TestCheckResourceAttr(data.ResourceName, "reply_urls.#", "1"),
- ),
- },
- },
- })
-}
-
-func testCheckAzureRMActiveDirectoryApplicationExists(resourceName string) resource.TestCheckFunc {
- return func(s *terraform.State) error {
- client := acceptance.AzureProvider.Meta().(*clients.Client).Graph.ApplicationsClient
- ctx := acceptance.AzureProvider.Meta().(*clients.Client).StopContext
-
- rs, ok := s.RootModule().Resources[resourceName]
- if !ok {
- return fmt.Errorf("Not found: %q", resourceName)
- }
-
- resp, err := client.Get(ctx, rs.Primary.ID)
-
- if err != nil {
- if utils.ResponseWasNotFound(resp.Response) {
- return fmt.Errorf("Bad: Azure AD Application %q does not exist", rs.Primary.ID)
- }
- return fmt.Errorf("Bad: Get on Azure AD applicationsClient: %+v", err)
- }
-
- return nil
- }
-}
-
-func testCheckAzureRMActiveDirectoryApplicationDestroy(s *terraform.State) error {
- client := acceptance.AzureProvider.Meta().(*clients.Client).Graph.ApplicationsClient
- ctx := acceptance.AzureProvider.Meta().(*clients.Client).StopContext
-
- for _, rs := range s.RootModule().Resources {
- if rs.Type != "azurerm_azuread_application" {
- continue
- }
-
- resp, err := client.Get(ctx, rs.Primary.ID)
-
- if err != nil {
- if utils.ResponseWasNotFound(resp.Response) {
- return nil
- }
-
- return err
- }
-
- return fmt.Errorf("Azure AD Application still exists:\n%#v", resp)
- }
-
- return nil
-}
-
-func testAccAzureRMActiveDirectoryApplication_basic(id string) string {
- return fmt.Sprintf(`
-resource "azurerm_azuread_application" "test" {
- name = "acctest%s"
-}
-`, id)
-}
-
-func testAccAzureRMActiveDirectoryApplication_availableToOtherTenants(id string) string {
- return fmt.Sprintf(`
-resource "azurerm_azuread_application" "test" {
- name = "acctest%s"
- identifier_uris = ["https://%s.hashicorptest.com"]
- available_to_other_tenants = true
-}
-`, id, id)
-}
-
-func testAccAzureRMActiveDirectoryApplication_complete(id string) string {
- return fmt.Sprintf(`
-resource "azurerm_azuread_application" "test" {
- name = "acctest%s"
- homepage = "https://homepage-%s"
- identifier_uris = ["http://%s.hashicorptest.com/00000000-0000-0000-0000-00000000"]
- reply_urls = ["http://%s.hashicorptest.com"]
- oauth2_allow_implicit_flow = true
-}
-`, id, id, id, id)
-}
diff --git a/azurerm/internal/services/graph/tests/resource_arm_azuread_service_principal_password_test.go b/azurerm/internal/services/graph/tests/resource_arm_azuread_service_principal_password_test.go
deleted file mode 100644
index 1fc0fb8f445e..000000000000
--- a/azurerm/internal/services/graph/tests/resource_arm_azuread_service_principal_password_test.go
+++ /dev/null
@@ -1,206 +0,0 @@
-package tests
-
-import (
- "fmt"
- "strings"
- "testing"
-
- "github.com/hashicorp/go-uuid"
- "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
- "github.com/hashicorp/terraform-plugin-sdk/terraform"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/features"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
-)
-
-func TestAccAzureRMActiveDirectoryServicePrincipalPassword_basic(t *testing.T) {
- data := acceptance.BuildTestData(t, "azurerm_azuread_service_principal_password", "test")
- applicationId, err := uuid.GenerateUUID()
- if err != nil {
- t.Fatal(err)
- }
- value, err := uuid.GenerateUUID()
- if err != nil {
- t.Fatal(err)
- }
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryServicePrincipalDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryServicePrincipalPassword_basic(applicationId, value),
- Check: resource.ComposeTestCheckFunc(
- // can't assert on Value since it's not returned
- testCheckAzureRMActiveDirectoryServicePrincipalPasswordExists(data.ResourceName),
- resource.TestCheckResourceAttrSet(data.ResourceName, "start_date"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "key_id"),
- resource.TestCheckResourceAttr(data.ResourceName, "end_date", "2020-01-01T01:02:03Z"),
- ),
- },
- },
- })
-}
-
-func TestAccAzureRMActiveDirectoryServicePrincipalPassword_requiresImport(t *testing.T) {
- if !features.ShouldResourcesBeImported() {
- t.Skip("Skipping since resources aren't required to be imported")
- return
- }
-
- data := acceptance.BuildTestData(t, "azurerm_azuread_service_principal_password", "test")
- applicationId, err := uuid.GenerateUUID()
- if err != nil {
- t.Fatal(err)
- }
- value, err := uuid.GenerateUUID()
- if err != nil {
- t.Fatal(err)
- }
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryServicePrincipalDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryServicePrincipalPassword_basic(applicationId, value),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryServicePrincipalPasswordExists(data.ResourceName),
- ),
- },
- {
- Config: testAccAzureRMActiveDirectoryServicePrincipalPassword_requiresImport(applicationId, value),
- ExpectError: acceptance.RequiresImportError("azurerm_azuread_service_principal_password"),
- },
- },
- })
-}
-
-func TestAccAzureRMActiveDirectoryServicePrincipalPassword_customKeyId(t *testing.T) {
- data := acceptance.BuildTestData(t, "azurerm_azuread_service_principal_password", "test")
- applicationId, err := uuid.GenerateUUID()
- if err != nil {
- t.Fatal(err)
- }
- keyId, err := uuid.GenerateUUID()
- if err != nil {
- t.Fatal(err)
- }
- value, err := uuid.GenerateUUID()
- if err != nil {
- t.Fatal(err)
- }
- config := testAccAzureRMActiveDirectoryServicePrincipalPassword_customKeyId(applicationId, keyId, value)
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryServicePrincipalDestroy,
- Steps: []resource.TestStep{
- {
- Config: config,
- Check: resource.ComposeTestCheckFunc(
- // can't assert on Value since it's not returned
- testCheckAzureRMActiveDirectoryServicePrincipalPasswordExists(data.ResourceName),
- resource.TestCheckResourceAttrSet(data.ResourceName, "start_date"),
- resource.TestCheckResourceAttr(data.ResourceName, "key_id", keyId),
- resource.TestCheckResourceAttr(data.ResourceName, "end_date", "2020-01-01T01:02:03Z"),
- ),
- },
- },
- })
-}
-
-func testCheckAzureRMActiveDirectoryServicePrincipalPasswordExists(resourceName string) resource.TestCheckFunc {
- return func(s *terraform.State) error {
- client := acceptance.AzureProvider.Meta().(*clients.Client).Graph.ServicePrincipalsClient
- ctx := acceptance.AzureProvider.Meta().(*clients.Client).StopContext
-
- rs, ok := s.RootModule().Resources[resourceName]
- if !ok {
- return fmt.Errorf("Not found: %q", resourceName)
- }
-
- id := strings.Split(rs.Primary.ID, "/")
- objectId := id[0]
- keyId := id[1]
- resp, err := client.Get(ctx, objectId)
-
- if err != nil {
- if utils.ResponseWasNotFound(resp.Response) {
- return fmt.Errorf("Bad: Azure AD Service Principal %q does not exist", objectId)
- }
- return fmt.Errorf("Bad: Get on Azure AD servicePrincipalsClient: %+v", err)
- }
-
- credentials, err := client.ListPasswordCredentials(ctx, objectId)
- if err != nil {
- return fmt.Errorf("Error Listing Password Credentials for Service Principal %q: %+v", objectId, err)
- }
-
- for _, credential := range *credentials.Value {
- if credential.KeyID == nil {
- continue
- }
-
- if *credential.KeyID == keyId {
- return nil
- }
- }
-
- return fmt.Errorf("Password Credential %q was not found in Service Principal %q", keyId, objectId)
- }
-}
-
-func testAccAzureRMActiveDirectoryServicePrincipalPassword_basic(applicationId, value string) string {
- return fmt.Sprintf(`
-resource "azurerm_azuread_application" "test" {
- name = "acctestspa%s"
-}
-
-resource "azurerm_azuread_service_principal" "test" {
- application_id = "${azurerm_azuread_application.test.application_id}"
-}
-
-resource "azurerm_azuread_service_principal_password" "test" {
- service_principal_id = "${azurerm_azuread_service_principal.test.id}"
- value = "%s"
- end_date = "2020-01-01T01:02:03Z"
-}
-`, applicationId, value)
-}
-
-func testAccAzureRMActiveDirectoryServicePrincipalPassword_requiresImport(applicationId, value string) string {
- template := testAccAzureRMActiveDirectoryServicePrincipalPassword_basic(applicationId, value)
- return fmt.Sprintf(`
-%s
-
-resource "azurerm_azuread_service_principal_password" "import" {
- service_principal_id = "${azurerm_azuread_service_principal_password.test.service_principal_id}"
- value = "${azurerm_azuread_service_principal_password.test.value}"
- end_date = "${azurerm_azuread_service_principal_password.test.end_date}"
-}
-`, template)
-}
-
-func testAccAzureRMActiveDirectoryServicePrincipalPassword_customKeyId(applicationId, keyId, value string) string {
- return fmt.Sprintf(`
-resource "azurerm_azuread_application" "test" {
- name = "acctestspa%s"
-}
-
-resource "azurerm_azuread_service_principal" "test" {
- application_id = "${azurerm_azuread_application.test.application_id}"
-}
-
-resource "azurerm_azuread_service_principal_password" "test" {
- service_principal_id = "${azurerm_azuread_service_principal.test.id}"
- key_id = "%s"
- value = "%s"
- end_date = "2020-01-01T01:02:03Z"
-}
-`, applicationId, keyId, value)
-}
diff --git a/azurerm/internal/services/graph/tests/resource_arm_azuread_service_principal_test.go b/azurerm/internal/services/graph/tests/resource_arm_azuread_service_principal_test.go
deleted file mode 100644
index 27feaf53519a..000000000000
--- a/azurerm/internal/services/graph/tests/resource_arm_azuread_service_principal_test.go
+++ /dev/null
@@ -1,135 +0,0 @@
-package tests
-
-import (
- "fmt"
- "testing"
-
- "github.com/google/uuid"
- "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
- "github.com/hashicorp/terraform-plugin-sdk/terraform"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/features"
- "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
-)
-
-func TestAccAzureRMActiveDirectoryServicePrincipal_basic(t *testing.T) {
- data := acceptance.BuildTestData(t, "azurerm_azuread_service_principal", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryServicePrincipalDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryServicePrincipal_basic(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryServicePrincipalExists(data.ResourceName),
- resource.TestCheckResourceAttrSet(data.ResourceName, "display_name"),
- resource.TestCheckResourceAttrSet(data.ResourceName, "application_id"),
- ),
- },
- data.ImportStep(),
- },
- })
-}
-
-func TestAccAzureRMActiveDirectoryServicePrincipal_requiresImport(t *testing.T) {
- if !features.ShouldResourcesBeImported() {
- t.Skip("Skipping since resources aren't required to be imported")
- return
- }
-
- data := acceptance.BuildTestData(t, "azurerm_azuread_service_principal", "test")
- id := uuid.New().String()
-
- resource.ParallelTest(t, resource.TestCase{
- PreCheck: func() { acceptance.PreCheck(t) },
- Providers: acceptance.SupportedProviders,
- CheckDestroy: testCheckAzureRMActiveDirectoryServicePrincipalDestroy,
- Steps: []resource.TestStep{
- {
- Config: testAccAzureRMActiveDirectoryServicePrincipal_basic(id),
- Check: resource.ComposeTestCheckFunc(
- testCheckAzureRMActiveDirectoryServicePrincipalExists(data.ResourceName),
- ),
- },
- {
- Config: testAccAzureRMActiveDirectoryServicePrincipal_requiresImport(id),
- ExpectError: acceptance.RequiresImportError("azurerm_azuread_service_principal"),
- },
- },
- })
-}
-
-func testCheckAzureRMActiveDirectoryServicePrincipalExists(resourceName string) resource.TestCheckFunc {
- return func(s *terraform.State) error {
- client := acceptance.AzureProvider.Meta().(*clients.Client).Graph.ServicePrincipalsClient
- ctx := acceptance.AzureProvider.Meta().(*clients.Client).StopContext
-
- rs, ok := s.RootModule().Resources[resourceName]
- if !ok {
- return fmt.Errorf("Not found: %q", resourceName)
- }
-
- resp, err := client.Get(ctx, rs.Primary.ID)
-
- if err != nil {
- if utils.ResponseWasNotFound(resp.Response) {
- return fmt.Errorf("Bad: Azure AD Service Principal %q does not exist", rs.Primary.ID)
- }
- return fmt.Errorf("Bad: Get on Azure AD servicePrincipalsClient: %+v", err)
- }
-
- return nil
- }
-}
-
-func testCheckAzureRMActiveDirectoryServicePrincipalDestroy(s *terraform.State) error {
- client := acceptance.AzureProvider.Meta().(*clients.Client).Graph.ServicePrincipalsClient
- ctx := acceptance.AzureProvider.Meta().(*clients.Client).StopContext
-
- for _, rs := range s.RootModule().Resources {
- if rs.Type != "azurerm_azuread_service_principal" {
- continue
- }
-
- resp, err := client.Get(ctx, rs.Primary.ID)
-
- if err != nil {
- if utils.ResponseWasNotFound(resp.Response) {
- return nil
- }
-
- return err
- }
-
- return fmt.Errorf("Azure AD Service Principal still exists:\n%#v", resp)
- }
-
- return nil
-}
-
-func testAccAzureRMActiveDirectoryServicePrincipal_basic(id string) string {
- return fmt.Sprintf(`
-resource "azurerm_azuread_application" "test" {
- name = "acctestspa%s"
-}
-
-resource "azurerm_azuread_service_principal" "test" {
- application_id = "${azurerm_azuread_application.test.application_id}"
-}
-`, id)
-}
-
-func testAccAzureRMActiveDirectoryServicePrincipal_requiresImport(id string) string {
- template := testAccAzureRMActiveDirectoryServicePrincipal_basic(id)
- return fmt.Sprintf(`
-%s
-
-resource "azurerm_azuread_service_principal" "import" {
- application_id = "${azurerm_azuread_service_principal.test.application_id}"
-}
-`, template)
-}
diff --git a/website/azurerm.erb b/website/azurerm.erb
index 544f172f72be..0ea9b471ad15 100644
--- a/website/azurerm.erb
+++ b/website/azurerm.erb
@@ -122,14 +122,6 @@
azurerm_availability_set
-
- azurerm_azuread_application
-
-
-
- azurerm_azuread_service_principal
-
-
azurerm_batch_account
@@ -817,23 +809,6 @@
-
- Azure Active Directory Resources
-
-
-
Backup Resources
diff --git a/website/docs/d/azuread_application.html.markdown b/website/docs/d/azuread_application.html.markdown
deleted file mode 100644
index 35781061e41f..000000000000
--- a/website/docs/d/azuread_application.html.markdown
+++ /dev/null
@@ -1,57 +0,0 @@
----
-subcategory: "Azure Active Directory"
-layout: "azurerm"
-page_title: "Azure Resource Manager: azurerm_azuread_application"
-description: |-
- Gets information about an existing Application within Azure Active Directory.
----
-
-# Data Source: azurerm_azuread_application
-
-Use this data source to access information about an existing Application within Azure Active Directory.
-
-~> **Note:** The Azure Active Directory resources have been split out into [a new AzureAD Provider](http://terraform.io/docs/providers/azuread/index.html) - as such the AzureAD resources within the AzureRM Provider are deprecated and will be removed in the next major version (2.0). Information on how to migrate from the existing resources to the new AzureAD Provider [can be found here](../guides/migrating-to-azuread.html).
-
--> **NOTE:** If you're authenticating using a Service Principal then it must have permissions to both `Read and write all applications` and `Sign in and read user profile` within the `Windows Azure Active Directory` API.
-
-## Example Usage
-
-```hcl
-data "azurerm_azuread_application" "example" {
- name = "My First AzureAD Application"
-}
-
-output "azure_active_directory_object_id" {
- value = data.azurerm_azuread_application.example.id
-}
-```
-
-## Argument Reference
-
-* `object_id` - (Optional) Specifies the Object ID of the Application within Azure Active Directory.
-
-* `name` - (Optional) Specifies the name of the Application within Azure Active Directory.
-
--> **NOTE:** Either an `object_id` or `name` must be specified.
-
-## Attributes Reference
-
-* `id` - the Object ID of the Azure Active Directory Application.
-
-* `application_id` - the Application ID of the Azure Active Directory Application.
-
-* `available_to_other_tenants` - Is this Azure AD Application available to other tenants?
-
-* `identifier_uris` - A list of user-defined URI(s) that uniquely identify a Web application within it's Azure AD tenant, or within a verified custom domain if the application is multi-tenant.
-
-* `oauth2_allow_implicit_flow` - Does this Azure AD Application allow OAuth2.0 implicit flow tokens?
-
-* `object_id` - the Object ID of the Azure Active Directory Application.
-
-* `reply_urls` - A list of URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.
-
-## Timeouts
-
-The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
-
-* `read` - (Defaults to 5 minutes) Used when retrieving the Application within Azure Active Directory.
diff --git a/website/docs/d/azuread_service_principal.html.markdown b/website/docs/d/azuread_service_principal.html.markdown
deleted file mode 100644
index 4e6a255876c7..000000000000
--- a/website/docs/d/azuread_service_principal.html.markdown
+++ /dev/null
@@ -1,64 +0,0 @@
----
-subcategory: "Azure Active Directory"
-layout: "azurerm"
-page_title: "Azure Resource Manager: azurerm_azuread_service_principal"
-description: |-
- Gets information about an existing Service Principal associated with an Application within Azure Active Directory.
-
----
-
-# Data Source: azurerm_azuread_service_principal
-
-Gets information about an existing Service Principal associated with an Application within Azure Active Directory.
-
-~> **Note:** The Azure Active Directory resources have been split out into [a new AzureAD Provider](http://terraform.io/docs/providers/azuread/index.html) - as such the AzureAD resources within the AzureRM Provider are deprecated and will be removed in the next major version (2.0). Information on how to migrate from the existing resources to the new AzureAD Provider [can be found here](../guides/migrating-to-azuread.html).
-
--> **NOTE:** If you're authenticating using a Service Principal then it must have permissions to both `Read and write all applications` and `Sign in and read user profile` within the `Windows Azure Active Directory` API.
-
-## Example Usage (by Application Display Name)
-
-```hcl
-data "azurerm_azuread_service_principal" "example" {
- display_name = "my-awesome-application"
-}
-```
-
-## Example Usage (by Application ID)
-
-```hcl
-data "azurerm_azuread_service_principal" "example" {
- application_id = "00000000-0000-0000-0000-000000000000"
-}
-```
-
-## Example Usage (by Object ID)
-
-```hcl
-data "azurerm_azuread_service_principal" "example" {
- object_id = "00000000-0000-0000-0000-000000000000"
-}
-```
-
-## Argument Reference
-
-The following arguments are supported:
-
-* `application_id` - (Optional) The ID of the Azure AD Application for which to create a Service Principal.
-
-* `object_id` - (Optional) The ID of the Azure AD Service Principal.
-
-* `display_name` - (Optional) The Display Name of the Azure AD Application associated with this Service Principal.
-
--> **NOTE:** At least one of `application_id`, `display_name` or `object_id` must be specified.
-
-## Attributes Reference
-
-The following attributes are exported:
-
-* `id` - The Object ID for the Service Principal.
-
-## Timeouts
-
-The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
-
-* `read` - (Defaults to 5 minutes) Used when retrieving the Service Principal.
diff --git a/website/docs/r/azuread_application.html.markdown b/website/docs/r/azuread_application.html.markdown
deleted file mode 100644
index f0c3afe7e545..000000000000
--- a/website/docs/r/azuread_application.html.markdown
+++ /dev/null
@@ -1,68 +0,0 @@
----
-subcategory: "Azure Active Directory"
-layout: "azurerm"
-page_title: "Azure Resource Manager: azurerm_azuread_application"
-description: |-
- Manages an Application within Azure Active Directory.
-
----
-
-# azurerm_azuread_application
-
-Manages an Application within Azure Active Directory.
-
-~> **NOTE:** The Azure Active Directory resources have been split out into [a new AzureAD Provider](http://terraform.io/docs/providers/azuread/index.html) - as such the AzureAD resources within the AzureRM Provider are deprecated and will be removed in the next major version (2.0). Information on how to migrate from the existing resources to the new AzureAD Provider [can be found here](../guides/migrating-to-azuread.html).
-
--> **NOTE:** If you're authenticating using a Service Principal then it must have permissions to both `Read and write all applications` and `Sign in and read user profile` within the legacy `Windows Azure Active Directory` API.
-
-## Example Usage
-
-```hcl
-resource "azurerm_azuread_application" "example" {
- name = "example"
- homepage = "https://homepage"
- identifier_uris = ["https://uri"]
- reply_urls = ["https://replyurl"]
- available_to_other_tenants = false
- oauth2_allow_implicit_flow = true
-}
-```
-
-## Argument Reference
-
-The following arguments are supported:
-
-* `name` - (Required) The display name for the application.
-
-* `homepage` - (optional) The URL to the application's home page. If no homepage is specified this defaults to `https://{name}`.
-
-* `identifier_uris` - (Optional) A list of user-defined URI(s) that uniquely identify a Web application within it's Azure AD tenant, or within a verified custom domain if the application is multi-tenant.
-
-* `reply_urls` - (Optional) A list of URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.
-
-* `available_to_other_tenants` - (Optional) Is this Azure AD Application available to other tenants? Defaults to `false`.
-
-* `oauth2_allow_implicit_flow` - (Optional) Does this Azure AD Application allow OAuth2.0 implicit flow tokens? Defaults to `false`.
-
-## Attributes Reference
-
-The following attributes are exported:
-
-* `application_id` - The ID of the Azure Active Directory Application.
-
-## Timeouts
-
-The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
-
-* `create` - (Defaults to 30 minutes) Used when creating the Azure Active Directory Application.
-* `update` - (Defaults to 30 minutes) Used when updating the Azure Active Directory Application.
-* `read` - (Defaults to 5 minutes) Used when retrieving the Azure Active Directory Application.
-* `delete` - (Defaults to 30 minutes) Used when deleting the Azure Active Directory Application.
-
-## Import
-
-Azure Active Directory Applications can be imported using the `object id`, e.g.
-
-```shell
-terraform import azurerm_azuread_application.example 00000000-0000-0000-0000-000000000000
-```
diff --git a/website/docs/r/azuread_service_principal.html.markdown b/website/docs/r/azuread_service_principal.html.markdown
deleted file mode 100644
index 897b0b4d0009..000000000000
--- a/website/docs/r/azuread_service_principal.html.markdown
+++ /dev/null
@@ -1,64 +0,0 @@
----
-subcategory: "Azure Active Directory"
-layout: "azurerm"
-page_title: "Azure Resource Manager: azurerm_azuread_service_principal"
-description: |-
- Manages a Service Principal associated with an Application within Azure Active Directory.
-
----
-
-# azurerm_azuread_service_principal
-
-Manages a Service Principal associated with an Application within Azure Active Directory.
-
-~> **NOTE:** The Azure Active Directory resources have been split out into [a new AzureAD Provider](http://terraform.io/docs/providers/azuread/index.html) - as such the AzureAD resources within the AzureRM Provider are deprecated and will be removed in the next major version (2.0). Information on how to migrate from the existing resources to the new AzureAD Provider [can be found here](../guides/migrating-to-azuread.html).
-
--> **NOTE:** If you're authenticating using a Service Principal then it must have permissions to both `Read and write all applications` and `Sign in and read user profile` within the `Windows Azure Active Directory` API.
-
-## Example Usage
-
-```hcl
-resource "azurerm_azuread_application" "example" {
- name = "example"
- homepage = "http://homepage"
- identifier_uris = ["http://uri"]
- reply_urls = ["http://replyurl"]
- available_to_other_tenants = false
- oauth2_allow_implicit_flow = true
-}
-
-resource "azurerm_azuread_service_principal" "example" {
- application_id = azurerm_azuread_application.example.application_id
-}
-```
-
-## Argument Reference
-
-The following arguments are supported:
-
-* `application_id` - (Required) The ID of the Azure AD Application for which to create a Service Principal.
-
-## Attributes Reference
-
-The following attributes are exported:
-
-* `id` - The Object ID for the Azure Active Directory Service Principal.
-
-* `display_name` - The Display Name of the Azure Active Directory Application associated with this Service Principal.
-
-## Timeouts
-
-The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
-
-* `create` - (Defaults to 30 minutes) Used when creating the Azure Active Directory Service Principal.
-* `update` - (Defaults to 30 minutes) Used when updating the Azure Active Directory Service Principal.
-* `read` - (Defaults to 5 minutes) Used when retrieving the Azure Active Directory Service Principal.
-* `delete` - (Defaults to 30 minutes) Used when deleting the Azure Active Directory Service Principal.
-
-## Import
-
-Azure Active Directory Service Principals can be imported using the `object id`, e.g.
-
-```shell
-terraform import azurerm_azuread_service_principal.example 00000000-0000-0000-0000-000000000000
-```
diff --git a/website/docs/r/azuread_service_principal_password.html.markdown b/website/docs/r/azuread_service_principal_password.html.markdown
deleted file mode 100644
index 5d60b859de8a..000000000000
--- a/website/docs/r/azuread_service_principal_password.html.markdown
+++ /dev/null
@@ -1,79 +0,0 @@
----
-subcategory: "Azure Active Directory"
-layout: "azurerm"
-page_title: "Azure Resource Manager: azurerm_azuread_service_principal_password"
-description: |-
- Manages a Password associated with a Service Principal within Azure Active Directory.
-
----
-
-# azurerm_azuread_service_principal_password
-
-Manages a Password associated with a Service Principal within Azure Active Directory.
-
-~> **NOTE:** The Azure Active Directory resources have been split out into [a new AzureAD Provider](http://terraform.io/docs/providers/azuread/index.html) - as such the AzureAD resources within the AzureRM Provider are deprecated and will be removed in the next major version (2.0). Information on how to migrate from the existing resources to the new AzureAD Provider [can be found here](../guides/migrating-to-azuread.html).
-
--> **NOTE:** If you're authenticating using a Service Principal then it must have permissions to both `Read and write all applications` and `Sign in and read user profile` within the `Windows Azure Active Directory` API.
-
-## Example Usage
-
-```hcl
-resource "azurerm_azuread_application" "example" {
- name = "example"
- homepage = "https://homepage"
- identifier_uris = ["https://uri"]
- reply_urls = ["https://replyurl"]
- available_to_other_tenants = false
- oauth2_allow_implicit_flow = true
-}
-
-resource "azurerm_azuread_service_principal" "example" {
- application_id = azurerm_azuread_application.example.application_id
-}
-
-resource "azurerm_azuread_service_principal_password" "example" {
- service_principal_id = azurerm_azuread_service_principal.example.id
- value = "VT=uSgbTanZhyz@%nL9Hpd+Tfay_MRV#"
- end_date = "2020-01-01T01:02:03Z"
-}
-```
-
-## Argument Reference
-
-The following arguments are supported:
-
-* `service_principal_id` - (Required) The ID of the Service Principal for which this password should be created. Changing this field forces a new resource to be created.
-
-* `value` - (Required) The Password for this Service Principal.
-
-* `end_date` - (Required) The End Date which the Password is valid until, formatted as a RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). Changing this field forces a new resource to be created.
-
-* `key_id` - (Optional) A GUID used to uniquely identify this Key. If not specified a GUID will be created. Changing this field forces a new resource to be created.
-
-* `start_date` - (Optional) The Start Date which the Password is valid from, formatted as a RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, the current date is used. Changing this field forces a new resource to be created.
-
-
-## Attributes Reference
-
-The following attributes are exported:
-
-* `id` - The Key ID for the Azure Active Directory Service Principal Password.
-
-## Timeouts
-
-The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
-
-* `create` - (Defaults to 30 minutes) Used when creating the Azure Active Directory Service Principal Password.
-* `update` - (Defaults to 30 minutes) Used when updating the Azure Active Directory Service Principal Password.
-* `read` - (Defaults to 5 minutes) Used when retrieving the Azure Active Directory Service Principal Password.
-* `delete` - (Defaults to 30 minutes) Used when deleting the Azure Active Directory Service Principal Password.
-
-## Import
-
-Service Principal Passwords can be imported using the `object id`, e.g.
-
-```shell
-terraform import azurerm_azuread_service_principal_password.example 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111
-```
-
--> **NOTE:** This ID format is unique to Terraform and is composed of the Service Principal's Object ID and the Service Principal Password's Key ID in the format `{ServicePrincipalObjectId}/{ServicePrincipalPasswordKeyId}`.