From bf00f05152a24f39418a56a0803052816490ead6 Mon Sep 17 00:00:00 2001 From: Tom Bamford Date: Fri, 20 Oct 2023 02:40:01 +0100 Subject: [PATCH] address review, undocument deprecated properties --- docs/data-sources/application.md | 4 +--- docs/data-sources/service_principal.md | 6 ++---- docs/data-sources/service_principals.md | 4 +--- docs/resources/application.md | 1 - docs/resources/application_certificate.md | 6 +----- .../application_federated_identity_credential.md | 6 +----- docs/resources/application_password.md | 6 +----- docs/resources/application_pre_authorized.md | 12 ++---------- docs/resources/service_principal.md | 6 +----- 9 files changed, 10 insertions(+), 41 deletions(-) diff --git a/docs/data-sources/application.md b/docs/data-sources/application.md index c3b0c1b905..6fbf3d2024 100644 --- a/docs/data-sources/application.md +++ b/docs/data-sources/application.md @@ -30,12 +30,11 @@ output "application_object_id" { The following arguments are supported: -* `application_id` - (Optional, Deprecated) Specifies the Client ID of the application. * `client_id` - (Optional) Specifies the Client ID of the application. * `display_name` - (Optional) Specifies the display name of the application. * `object_id` - (Optional) Specifies the Object ID of the application. -~> One of `client_id`, `application_id`, `display_name`, or `object_id` must be specified. +~> One of `client_id`, `display_name`, or `object_id` must be specified. ## Attributes Reference @@ -44,7 +43,6 @@ The following attributes are exported: * `api` - An `api` block as documented below. * `app_role_ids` - A mapping of app role values to app role IDs, intended to be useful when referencing app roles in other resources in your configuration. * `app_roles` - A collection of `app_role` blocks as documented below. For more information see [official documentation on Application Roles](https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles). -* `application_id` - (Deprecated) The Client ID for the application. * `client_id` - The Client ID for the application. * `description` - A description of the application, as shown to end users. * `device_only_auth_enabled` - Specifies whether this application supports device authentication without a user. diff --git a/docs/data-sources/service_principal.md b/docs/data-sources/service_principal.md index 6dc2f0fe71..8ad0655a53 100644 --- a/docs/data-sources/service_principal.md +++ b/docs/data-sources/service_principal.md @@ -44,12 +44,11 @@ data "azuread_service_principal" "example" { The following arguments are supported: -* `application_id` - (Optional, Deprecated) The client ID of the application associated with this service principal. * `client_id` - (Optional) The client ID of the application associated with this service principal. * `display_name` - (Optional) The display name of the application associated with this service principal. * `object_id` - (Optional) The object ID of the service principal. -~> One of `client_id`, `application_id`, `display_name` or `object_id` must be specified. +~> One of `client_id`, `display_name` or `object_id` must be specified. ## Attributes Reference @@ -57,12 +56,11 @@ The following attributes are exported: * `account_enabled` - Whether the service principal account is enabled. * `alternative_names` - A list of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities. -* `application_id` - (Deprecated) The client ID of the application associated with this service principal. * `app_role_assignment_required` - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application. * `app_role_ids` - A mapping of app role values to app role IDs, as published by the associated application, intended to be useful when referencing app roles in other resources in your configuration. * `app_roles` - A list of app roles published by the associated application, as documented below. For more information [official documentation](https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles). * `application_tenant_id` - The tenant ID where the associated application is registered. -* `client_id` - (Deprecated) The client ID of the application associated with this service principal. +* `client_id` - The client ID of the application associated with this service principal. * `description` - A description of the service principal provided for internal end-users. * `display_name` - The display name of the application associated with this service principal. * `features` - A `features` block as described below. diff --git a/docs/data-sources/service_principals.md b/docs/data-sources/service_principals.md index 84c925f714..2db60af37a 100644 --- a/docs/data-sources/service_principals.md +++ b/docs/data-sources/service_principals.md @@ -55,14 +55,13 @@ data "azuread_service_principals" "example" { The following arguments are supported: -* `application_ids` - (Optional, Deprecated) A list of client IDs of the applications associated with the service principals. * `client_ids` - (Optional) A list of client IDs of the applications associated with the service principals. * `display_names` - (Optional) A list of display names of the applications associated with the service principals. * `ignore_missing` - (Optional) Ignore missing service principals and return all service principals that are found. The data source will still fail if no service principals are found. Defaults to false. * `object_ids` - (Optional) The object IDs of the service principals. * `return_all` - (Optional) When `true`, the data source will return all service principals. Cannot be used with `ignore_missing`. Defaults to false. -~> Either `return_all`, or one of `client_ids`, `application_ids`, `display_names` or `object_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. +~> Either `return_all`, or one of `client_ids`, `display_names` or `object_ids` must be specified. These _may_ be specified as an empty list, in which case no results will be returned. ## Attributes Reference @@ -80,7 +79,6 @@ The following attributes are exported: * `account_enabled` - Whether the service principal account is enabled. * `app_role_assignment_required` - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application. -* `application_id` - (Deprecated) The client ID of the application associated with this service principal. * `application_tenant_id` - The tenant ID where the associated application is registered. * `client_ids` - The client ID of the application associated with this service principal. * `display_name` - The display name of the application associated with this service principal. diff --git a/docs/resources/application.md b/docs/resources/application.md index d474b675f0..7b448e246b 100644 --- a/docs/resources/application.md +++ b/docs/resources/application.md @@ -331,7 +331,6 @@ The following arguments are supported: In addition to all arguments above, the following attributes are exported: * `app_role_ids` - A mapping of app role values to app role IDs, intended to be useful when referencing app roles in other resources in your configuration. -* `application_id` - (Deprecated) The Client ID for the application. * `client_id` - The Client ID for the application. * `disabled_by_microsoft` - Whether Microsoft has disabled the registered application. If the application is disabled, this will be a string indicating the status/reason, e.g. `DisabledDueToViolationOfServicesAgreement` * `logo_url` - CDN URL to the application's logo, as uploaded with the `logo_image` property. diff --git a/docs/resources/application_certificate.md b/docs/resources/application_certificate.md index afa1c1608f..6cb1288f37 100644 --- a/docs/resources/application_certificate.md +++ b/docs/resources/application_certificate.md @@ -120,11 +120,7 @@ resource "azuread_application_certificate" "example" { The following arguments are supported: -* `application_id` - (Optional) The resource ID of the application for which this certificate should be created. Changing this field forces a new resource to be created. -* `application_object_id` - (Optional, Deprecated) The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created. - -~> One of `application_id` or `application_object_id` must be specified. - +* `application_id` - (Required) The resource ID of the application for which this certificate should be created. Changing this field forces a new resource to be created. * `encoding` - (Optional) Specifies the encoding used for the supplied certificate data. Must be one of `pem`, `base64` or `hex`. Defaults to `pem`. -> **Tip for Azure Key Vault** The `hex` encoding option is useful for consuming certificate data from the [azurerm_key_vault_certificate](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_certificate) resource. diff --git a/docs/resources/application_federated_identity_credential.md b/docs/resources/application_federated_identity_credential.md index 9cc0eb9854..c3576173b7 100644 --- a/docs/resources/application_federated_identity_credential.md +++ b/docs/resources/application_federated_identity_credential.md @@ -37,11 +37,7 @@ resource "azuread_application_federated_identity_credential" "example" { The following arguments are supported: -* `application_id` - (Optional) The resource ID of the application for which this federated identity credential should be created. Changing this field forces a new resource to be created. -* `application_object_id` - (Optional, Deprecated) The object ID of the application for which this federated identity credential should be created. Changing this field forces a new resource to be created. - -~> One of `application_id` or `application_object_id` must be specified. - +* `application_id` - (Required) The resource ID of the application for which this federated identity credential should be created. Changing this field forces a new resource to be created. * `audiences` - (Required) List of audiences that can appear in the external token. This specifies what should be accepted in the `aud` claim of incoming tokens. * `description` - (Optional) A description for the federated identity credential. * `display_name` - (Required) A unique display name for the federated identity credential. Changing this forces a new resource to be created. diff --git a/docs/resources/application_password.md b/docs/resources/application_password.md index 1a5fc8a5f1..8f518c1c76 100644 --- a/docs/resources/application_password.md +++ b/docs/resources/application_password.md @@ -53,11 +53,7 @@ resource "azuread_application_password" "example" { The following arguments are supported: -* `application_id` - (Optional) The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created. -* `application_object_id` - (Optional, Deprecated) The object ID of the application for which this password should be created. Changing this field forces a new resource to be created. - -~> One of `application_id` or `application_object_id` must be specified. - +* `application_id` - (Required) The resource ID of the application for which this password should be created. Changing this field forces a new resource to be created. * `display_name` - (Optional) A display name for the password. Changing this field forces a new resource to be created. * `end_date` - (Optional) The end date until which the password is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). Changing this field forces a new resource to be created. * `end_date_relative` - (Optional) A relative duration for which the password is valid until, for example `240h` (10 days) or `2400h30m`. Changing this field forces a new resource to be created. diff --git a/docs/resources/application_pre_authorized.md b/docs/resources/application_pre_authorized.md index 0d75818d87..3aa008c12c 100644 --- a/docs/resources/application_pre_authorized.md +++ b/docs/resources/application_pre_authorized.md @@ -64,16 +64,8 @@ resource "azuread_application_pre_authorized" "example" { The following arguments are supported: -* `application_id` - (Optional) The resource ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created. -* `application_object_id` - (Optional, Deprecated) The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created. - -~> One of `application_id` or `application_object_id` must be specified. - -* `authorized_app_id` - (Optional, Deprecated) The client ID of the application being authorized. Changing this field forces a new resource to be created. -* `authorized_client_id` - (Optional) The client ID of the application being authorized. Changing this field forces a new resource to be created. - -~> One of `authorized_client_id` or `authorized_app_id` must be specified. - +* `application_id` - (Required) The resource ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created. +* `authorized_client_id` - (Required) The client ID of the application being authorized. Changing this field forces a new resource to be created. * `permission_ids` - (Required) A set of permission scope IDs required by the authorized application. ## Attributes Reference diff --git a/docs/resources/service_principal.md b/docs/resources/service_principal.md index 24ddfa2d5f..6d63b8c07c 100644 --- a/docs/resources/service_principal.md +++ b/docs/resources/service_principal.md @@ -93,11 +93,7 @@ The following arguments are supported: * `account_enabled` - (Optional) Whether or not the service principal account is enabled. Defaults to `true`. * `alternative_names` - (Optional) A set of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities. * `app_role_assignment_required` - (Optional) Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application. Defaults to `false`. -* `application_id` - (Optional, Deprecated) The client ID of the application for which to create a service principal. -* `client_id` - (Optional) The client ID of the application for which to create a service principal. - -~. At least one of `client_id` or `application_id` must be specified. - +* `client_id` - (Required) The client ID of the application for which to create a service principal. * `description` - (Optional) A description of the service principal provided for internal end-users. * `feature_tags` - (Optional) A `feature_tags` block as described below. Cannot be used together with the `tags` property.