Azurerm Provider: Allow Accessing current user object ID

Description

I’m trying to create a certificate in Azure key vault with CDKTF. To do that, I need a key vault policy applied that allows the CDKTF user to do this action. The code I’ve got to do that currently looks like this:

// The deploying user (us right now in CDKTF context) need to be able to manage certificates
const deployerAccessForCertificates = new KeyVaultAccessPolicyA(
    construct,
    `deploy-key-vault-access`,
    {
        keyVaultId: vault.id,
        objectId: process.env.AZURE_APP_REGISTRATION_OBJECT_ID ?? '',
        tenantId: vault.tenantId,
        certificatePermissions: ['Create', 'Get', 'List', 'Delete'],
    }
);

This is really annoying though, because I’m already authenticating successfully and I’d like to have one less constant to pull from the Azure console. I see that this is supported in the azurerm provider now, how do I access it from CDK code? E.g. I’d like the objectId value in the above snippet to be able to grab the current user’s objectId.

References

No response

Help Wanted

[ ] I'm interested in contributing a fix myself

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

hashicorp / terraform-cdk