diff --git a/main.tf b/main.tf index 915dbf4..754aaf8 100644 --- a/main.tf +++ b/main.tf @@ -27,6 +27,7 @@ resource "azuread_group" "groups" { for_each = var.groups display_name = "demo-${each.value}-${local.suffix}" prevent_duplicate_names = true + security_enabled = true } # ------------------ @@ -205,4 +206,4 @@ module "service_connections" { module.arm_environments, module.service_principals ] -} \ No newline at end of file +} diff --git a/modules/service-principal/main.tf b/modules/service-principal/main.tf index 0fde849..813902a 100644 --- a/modules/service-principal/main.tf +++ b/modules/service-principal/main.tf @@ -2,22 +2,12 @@ # ------------------ # See https://docs.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals -resource "random_password" "secret" { - length = 30 - special = true - min_numeric = 5 - min_special = 2 - override_special = "-_%@?" -} - resource "azuread_application" "app" { display_name = local.name } resource "azuread_application_password" "workspace_sp_secret" { application_object_id = azuread_application.app.object_id - value = random_password.secret.result - end_date_relative = var.password_lifetime } resource "azuread_service_principal" "sp" { diff --git a/modules/service-principal/outputs.tf b/modules/service-principal/outputs.tf index 40b4c02..59f46b0 100644 --- a/modules/service-principal/outputs.tf +++ b/modules/service-principal/outputs.tf @@ -7,11 +7,11 @@ output "aad_app" { } output "display_name" { - value = azuread_application.app.display_name + value = azuread_application.app.display_name } output "principal_id" { - value = azuread_service_principal.sp.id + value = azuread_service_principal.sp.id } output "client_id" { @@ -20,7 +20,7 @@ output "client_id" { } output "client_secret" { - value = random_password.secret.result - description = "Client Secret for Service Principal" + value = azuread_application_password.workspace_sp_secret.value + description = "Client Secret for Service Principal to be imported into Key Vault" sensitive = true }