search

Azure / bicep

Bicep is a declarative language for describing and deploying Azure resources
MIT License
3.25k stars 754 forks source link

MS Graph (AAD) provider for bicep #7724

Closed spmanjunath closed 5 months ago

spmanjunath commented 2 years ago

There appears to be no clean way of registering a new application (App registration) in Azure AD using Bicep. The suggested alternate approach involves using,

For the above approach, the User identity should be created beforehand which defeats the purpose (of enveloping everything related to app deployment in a Bicep file) as it need to be created manually, or, through Powershell scripts.

I see a similar request as part of ARM, was wondering if this feature can be considered for future implementation by Bicep team.

Note: It appears that Terraform supports similar requirement.

alex-frankel commented 5 months ago

@veikkoeeva - if this is a blocking issue, can you open a net-new issue in either the deployment-stacks or msgraph-bicep-types GitHub repos?

I'll leave this issue open for discussion in the short term, but I'm thinking we should eventually lock it.

slavizh commented 5 months ago

Graph resources not working with deployment stacks is a know issue that is documented on the official docs. Graph folks are aware.

barbara-goeller commented 2 months ago

@dkershaw10 throughout this post you said that the MS Graph provider supports also AAD B2C, at least app registrations. I am currently trying to get that run but can't make it work. What I tried so far is to create a simple application definition (as described in the official docu). So far everything is clear. The problem now comes up when I try to deploy the bicep file. The quickstart templates say one should just use az deployment group create --resource-group <resource-group> --template-file main.bicep but in an AAD B2C tenant I do not have any resource group so this does not work. Another try was to use az deployment tenant create --template-file .\aadB2C-setup.bicep --location WestEU instead to do a deployment on tenant level but this gives me the following error: image Also there is a similar issue looking in the Graph Extension repo, but without any reaction. Can you please clarify where your information comes from that B2C is supported and how to make it work?

barbara-goeller commented 1 month ago

FYI: There is a workaround for that described in https://github.com/microsoftgraph/msgraph-bicep-types/issues/166.