英文:
How to create azure app registration and client secret using terraform
问题
我正在尝试创建一个用于Azure应用注册和客户端密钥的Terraform代码(具有对订阅的读取访问权限的服务主体)。
基本上,我正在尝试将Azuresafe与Terraform集成,并尝试逐步了解如何配置。这里有文档。如果已经有任何Terraform代码可供审查等等,将会很有帮助,或者关于我想了解如何创建应用注册和客户端密钥。
# 创建新的应用注册
resource "azuread_application" "app" {
display_name = var.azuread_app_display_name
}
# 创建服务主体
resource "azuread_service_principal" "app" {
application_id = azuread_application.app.application_id
}
# 创建服务主体密码
resource "azuread_service_principal_password" "app" {
application_object_id = azuread_application.app.object_id
}
英文:
I am trying to create an Terraform code for Azure app registration and client secret (A service principal with Read access to the subscription)
Basically, I am trying to Integrate Azuresafe with Terraform and trying to identify how to configure step by step.https://docs.safe.security/docs/azure. If there is already any terrafrom code out there to review etc.. will be helpful or for this I would like to understand how to create a app registration and clien secret.
# Create new app registration
resource "azuread_application" "app" {
display_name = var.azuread_app_display_name
}
# Create a service principal
resource "azuread_service_principal" "app" {
application_id = azuread_application.app.application_id
}
# Create Service Principal password
resource "azuread_service_principal_password" "app" {
application_object_id = azuread_application.app.object_id
}
答案1
得分: 1
我尝试使用Terraform创建Azure应用程序注册、服务主体和客户端密钥,并成功完成了它们的配置。
根据需求,我们需要在我们的活动订阅中为Azure应用程序注册及其密钥、服务主体提供只读访问权限。为此,我们需要赋予贡献者级别的访问权限。
我的Terraform代码如下:
main.tf
resource "azuread_application" "app" {
display_name = "Azuresafe Application VK"
}
resource "azuread_service_principal" "app" {
application_id = azuread_application.app.application_id
}
resource "azuread_application_password" "example" {
application_object_id = azuread_application.app.object_id
}
# 输出服务主体和密码
output "app" {
value = azuread_application.app.id
sensitive = true
}
output "app_password" {
value = azuread_application_password.example.value
sensitive = true
}
输出:
现在执行terraform_output
命令来检查应用程序和应用程序密钥。
terraform_output
门户输出:
应用程序注册
应用程序注册密码
英文:
> I tried to create Azure app registration, Service principal & client secret using Terraform and I was successfully able to provision them
Here as per the requirement, we need need to provision Azure App registration & its secret, Service principal in read-only access. For this, we need contributor-level access to our active subscription.
my terraform code
main.tf
resource "azuread_application" "app" {
display_name = "Azuresafe Application VK"
}
resource "azuread_service_principal" "app" {
application_id = azuread_application.app.application_id
}
resource "azuread_application_password" "example" {
application_object_id = azuread_application.app.object_id
}
# Output the Service Principal and password
output "app" {
value = azuread_application.app.id
sensitive = true
}
output "app_password" {
value = azuread_application_password.example.value
sensitive = true
}
Output:
now execute the terrafrom_output
command to check the app and app_secret
terraform_output
Portal Output:
App Registration
App registration password
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论