No attribute reference for id in azuread_service_principal

[dunefro]

While trying to create an Azure AD application using the below code

resource "azuread_application" "example_platform_features_application" {
  count            = var.platform_feature_enabled ? var.feature_cluster_integration_enabled ? 1 : 0 : 0
  display_name     = local.azuread_application
  sign_in_audience = var.cluster_integration_sign_in_audience
}

resource "azuread_service_principal" "example_platform_features_service_principal" {
  count     = var.platform_feature_enabled ? var.feature_cluster_integration_enabled ? 1 : 0 : 0
  client_id = azuread_application.example_platform_features_application[0].client_id
}

resource "azuread_service_principal_password" "example_platform_features_service_principal_password" {
  count                = var.platform_feature_enabled ? var.feature_cluster_integration_enabled ? 1 : 0 : 0
  service_principal_id = azuread_service_principal.example_platform_features_service_principal[0].id
  display_name         = local.service_principal_password
  end_date             = var.cluster_integration_service_principal_password_expiry_end_date
}

resource "azurerm_role_assignment" "example_reader_role_assignment" {
  count                = var.platform_feature_enabled ? var.feature_cluster_integration_enabled ? 1 : 0 : 0
  scope                = var.cluster_id
  role_definition_name = var.cluster_integration_service_principal_role
  principal_id         = azuread_service_principal.example_platform_features_service_principal[0].object_id
}

not able to understand what to pass in service_principal_id as the documentation says to pass azuread_service_principal.example_platform_features_service_principal[0].id but there is no such attribute as id present in the azuread_service_principal

Our earlier code used to work with object_id but that gives error now

* Failed to execute "terraform plan" in ./.terragrunt-cache/Bh81P5AnhN06Do31Njb7W2JEydY/-ANmbeL8HKW9fNaXcg32qKy6Gck
  ╷
  │ Error: parsing "b783af0e-9da3-43a9-ad00-fb8608002ffd": parsing the ServicePrincipal ID: the number of segments didn't match
  │ 
  │ Expected a ServicePrincipal ID that matched (containing 2 segments):
  │ 
  │ > /servicePrincipals/servicePrincipalId
  │ 
  │ However this value was provided (which was parsed into 0 segments):
  │ 
  │ > b783af0e-9da3-43a9-ad00-fb8608002ffd
  │ 
  │ The following Segments are expected:
  │ 
  │ * Segment 0 - this should be the literal value "servicePrincipals"
  │ * Segment 1 - this should be the user specified value for this servicePrincipalId [for example "servicePrincipalId"]
  │ 
  │ The following Segments were parsed:
  │ 
  │ * Segment 0 - not found
  │ * Segment 1 - not found
  │ 
  │ 
  │   with azuread_service_principal_password.example_platform_features_service_principal_password[0],
  │   on cluster_integration.tf line 14, in resource "azuread_service_principal_password" "example_platform_features_service_principal_password":
  │   14:   service_principal_id = azuread_service_principal.example_platform_features_service_principal[0].object_id
  │ 
  ╵

  exit status 1

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureAD Provider) Version:

# terraform
Terraform v1.9.8
on darwin_arm64

# AzureAD
azuread = {
  source  = "hashicorp/azuread"
  version = "~> 3.0"
}

Affected Resource(s)

• azuread_service_principal
• azuread_service_principal_password

Expected Behavior

If we are to use id then there must be an attribute that is exported and should be present in the docs

Actual Behavior

An attribute is exported with id and a good difference should be known on what to use

Steps to Reproduce

1. terraform apply with basic example of service principal as given here

References

• https://github.com/hashicorp/terraform-provider-azuread/blob/main/internal/services/serviceprincipals/service_principal_resource.go#L70

[Skyb0rg]

Its a bug with the new 3.x.x Version...

the id in version 3.x is: /servicePrincipals/servicePrincipalId it should be only : servicePrincipalId

i have a similar error and will post a new issue in a few moments.

azurerm_role_assignment.prod_contributor["skitty"] must be replaced

~ principal_id = "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx" -> "/groups/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx" # forces replacement

but wenn you try to replace this, MS Api told you that "/groups" schould not be infront of this id!!!