uniqueName for Users - Githubissues

microsoftgraph / msgraph-bicep-types

Repo contains Microsoft Graph resource types to integrate with bicep templates.

MIT License

46 stars 7 forks source link

uniqueName for Users #135

Open slavizh opened 5 months ago

slavizh commented 5 months ago

Is your feature request related to a problem? Please describe. Users can be members of groups. Due to that would be good if you can add them to groups using existing syntax. Currently that is not possible due to users not being part of the resources available in Bicep Graph.

Describe the solution you'd like With this I would like not specifically to be able to deploy users with Bicep Graph but to at least being able to reference them by unique name. As uniqueName is something that can be updated by Graph API and it is something that most Graph resources in Bicep have would makes things easier if you can use existing syntax for users before being able to deploy the users via Bicep. I would assume just adding uniqueName to user resources it will be a lot easier than just making it available for creation via Bicep.

Additional context Add any other context or screenshots about the feature request here.

dkershaw10 commented 5 months ago

@eketo-msft we should take a look at this. This makes sense to me. I wonder if we should do the same for devices, while we are at it. @slavizh already has a legitimate ask for adding uniqueName property to groups too - #128

slavizh commented 5 months ago

Additionally to add scenario to this - there are many Azure resources that allow configuring (via Bicep) Microsoft Entra users, groups or service principals for authenticating to the service's data plane.

eketo-msft commented 5 months ago

@slavizh, would userPrincipalName work for your scenarios? It's not an alternate key (officially) and it can change, but it is unique and there is reluctance to add additional "name" properties to the User resource.

slavizh commented 5 months ago

@eketo-msft yes it should be sufficient.

eketo-msft commented 3 weeks ago

Quick update: We added support for UPN as an alternative key on the User resource in MS Graph. Next up we're working on Bicep type support so it can be used with the existing keyword. That is likely to land in early December due to lockdowns for the US elections and Thanksgiving holidays.

slavizh commented 3 weeks ago

@eketo-msft awesome! that will make referencing users even more easier.

alex-frankel commented 3 weeks ago

@eketo-msft - does that mean something like this will work?

resource user 'Microsoft.Graph/users@v1.0' existing = {
  userPrincipalName: 'alfran@microsoft.com'
}

output objectId string = user.objectId

If so, then I think it will also close this issue: https://github.com/Azure/bicep/issues/645

eketo-msft commented 3 weeks ago

@alex-frankel, exactly. It will allow reading an existing user by UPN and then referencing the user for operations, like managing membership, which require objectId (or id in MS Graph).

alex-frankel commented 3 weeks ago

Amazing! You will make a lot of people happy with this one!