Fix 301-service-fabric

2023-11-15 10:01:51 +08:00 · 2023-11-15 10:01:51 +08:00 · 06cb83b693
commit 06cb83b693
parent e009588b2e
1 changed files with 21 additions and 11 deletions
--- a/quickstart/301-service-fabric/azuread.tf
+++ b/quickstart/301-service-fabric/azuread.tf
@ -1,10 +1,10 @@
 # Service Fabric Cluster
 resource "azuread_application" "cluster" {
-  name = "${var.name}-cluster-${var.environment}"
+  display_name = "${var.name}-cluster-${var.environment}"
 }

 resource "azuread_service_principal" "cluster" {
-  application_id = "${azuread_application.cluster.application_id}"
+  application_id = azuread_application.cluster.application_id
 }

 resource "random_string" "cluster_password" {
@ -13,35 +13,45 @@ resource "random_string" "cluster_password" {
 }

 resource "azuread_service_principal_password" "cluster" {
-  service_principal_id = "${azuread_service_principal.cluster.id}"
-  value                = "${random_string.cluster_password.result}"
+  service_principal_id = azuread_service_principal.cluster.id
+  value                = random_string.cluster_password.result
  end_date             = "2099-01-01T01:00:00Z"
 }

+resource "random_uuid" "admin" {
+}
+
+resource "random_uuid" "reader" {
+}
+
 # Service Fabric Client
 resource "azuread_application" "client" {
-  name = "${var.name}-client-${var.environment}"
-  reply_urls = ["https://${azurerm_public_ip.sf.fqdn}:19080/Explorer/index.html"]
+  display_name  = "${var.name}-client-${var.environment}"
+  redirect_uris = ["https://${azurerm_public_ip.sf.fqdn}:19080/Explorer/index.html"]

  app_role {
+    id = random_uuid.admin.result
+
    allowed_member_types = [
      "User",
    ]

    description  = "Admins can manage roles and perform all task actions"
    display_name = "Admin"
-    is_enabled   = true
+    enabled      = true
    value        = "Admin"
  }

  app_role {
+    id = random_uuid.reader.result
+
    allowed_member_types = [
      "User",
    ]

    description  = "ReadOnly roles have limited query access"
    display_name = "ReadOnly"
-    is_enabled   = true
+    enabled      = true
    value        = "User"
  }

@ -57,7 +67,7 @@ resource "azuread_application" "client" {
 }

 resource "azuread_service_principal" "client" {
-  application_id = "${azuread_application.client.application_id}"
+  application_id = azuread_application.client.application_id
 }

 resource "random_string" "client_password" {
@ -66,7 +76,7 @@ resource "random_string" "client_password" {
 }

 resource "azuread_service_principal_password" "client" {
-  service_principal_id = "${azuread_service_principal.client.id}"
-  value                = "${random_string.client_password.result}"
+  service_principal_id = azuread_service_principal.client.id
+  value                = random_string.client_password.result
  end_date             = "2099-01-01T01:00:00Z"
 }