search

microsoftgraph / msgraph-bicep-types

Repo contains Microsoft Graph resource types to integrate with bicep templates.
MIT License
44 stars 7 forks source link

Generate a default value for the group's uniqueName property #143

Open dkershaw10 opened 4 months ago

dkershaw10 commented 4 months ago

Is your feature request related to a problem? Please describe. In Bicep, fetching an existing resource is done based on the resource's unique name property. However, when trying to fetch an existing group from Graph that wasn't provisioned using Bicep, then chances are it doesn't have a uniqueName. Provisioning a uniqueName isn't always straightforward. I can imagine there are many companies, like ours, with a lot of teams that do their own Bicep deployments and only have read access. If their central team is not filling the uniqueName value, leaving a lot of unused potential on the table.

Describe the solution you'd like If not set, the system should generate a default value for uniqueName so that the group can be referenced from a Bicep file.

Additional context One proposal is to create a new naming policy rule in Group Settings for uniqueName that if set allows the system to set a default value (if a value is not supplied by the caller). It would be based on a rule that contains some templating to make the name human readable (maybe using the group's displayName and description and maybe AI :)), and provide uniqueness - maybe through a date-time suffix.

Filed on behalf of a customer.

See #141

paul-towler commented 2 months ago

I've come up with this module to either create a new group or get an existing group:

targetScope = 'subscription'

extension microsoftGraph

param description string
param displayName string
param members array = []
param owners array = []
param exists bool = false

// Helper functions
func getChar(str string, index int) string => substring(str, index % length(str), 1)

// Helper Variables
var uniqueStringForResource  = uniqueString(tenant().tenantId, displayName)
var randomPart = take(replace(uniqueStringForResource, '-', ''), 8)
var letterPart = getChar('abcdefghijklmnopqrstuvwxyz', length(uniqueStringForResource))

// Combine them into the desired format
var mailnick = format('{0}-{1}', randomPart, letterPart)

// Create a new Entra ID Group
resource rEntraIdGroup 'Microsoft.Graph/groups@v1.0' = if (!exists) {
  description: description
  displayName: displayName
  mailEnabled: false
  mailNickname: mailnick
  members: members
  owners: owners
  securityEnabled: true
  uniqueName: uniqueStringForResource
}

// Get existing Entra ID Group
resource rEntraIdGroupExisting 'Microsoft.Graph/groups@v1.0' existing = if (exists) {
  uniqueName: uniqueStringForResource
}

// Outputs
output group object = exists ? rEntraIdGroupExisting : rEntraIdGroup