feat: update azurerm and azuread provider version

ishabakeh · ishabakeh · commit 3a6539fbe4f8 · 2023-11-23T16:31:24.000Z
diff --git a/.github/workflows/workflow.yaml b/.github/workflows/workflow.yaml
@@ -12,9 +12,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Check out code
-      uses: actions/checkout@v1
+      uses: actions/checkout@v2
 
-    - uses: hashicorp/setup-terraform@v1
+    - uses: hashicorp/setup-terraform@v3
       with:
         terraform_version: ^1.1
 
diff --git a/main.tf b/main.tf
@@ -1,13 +1,13 @@
 terraform {
-  required_version = ">= 1.1"
+  required_version = "> 1.1"
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.3.0"
+      version = "3.81.0"
     }
     azuread = {
       source  = "hashicorp/azuread"
-      version = "2.18.0"
+      version = "2.46.0"
     }
   }
 }
diff --git a/modules/meshcloud-idp-lookup-service-principal/module.tf b/modules/meshcloud-idp-lookup-service-principal/module.tf
@@ -1,21 +1,21 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = "> 1.0"
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.3.0"
+      version = "3.81.0"
     }
     azuread = {
       source  = "hashicorp/azuread"
-      version = "2.18.0"
+      version = "2.46.0"
     }
   }
 }
 
 data "azuread_application_published_app_ids" "well_known" {}
 
 data "azuread_service_principal" "msgraph" {
-  application_id = data.azuread_application_published_app_ids.well_known.result.MicrosoftGraph
+  client_id = data.azuread_application_published_app_ids.well_known.result.MicrosoftGraph
 }
 
 resource "azuread_application" "meshcloud_idp_lookup" {
@@ -50,7 +50,7 @@ resource "azuread_application" "meshcloud_idp_lookup" {
 }
 
 resource "azuread_service_principal" "meshcloud_idp_lookup" {
-  application_id = azuread_application.meshcloud_idp_lookup.application_id
+  client_id = azuread_application.meshcloud_idp_lookup.client_id
 }
 
 resource "azuread_app_role_assignment" "meshcloud_idp_lookup" {
diff --git a/modules/meshcloud-idp-lookup-service-principal/outputs.tf b/modules/meshcloud-idp-lookup-service-principal/outputs.tf
@@ -2,7 +2,7 @@ output "service_principal" {
   description = "Service Principal application id and object id"
   value = {
     object_id = azuread_service_principal.meshcloud_idp_lookup.id
-    app_id    = azuread_service_principal.meshcloud_idp_lookup.application_id
+    app_id    = azuread_service_principal.meshcloud_idp_lookup.client_id
     password  = "Execute `terraform output idp_lookup_service_principal_password` to see the password"
   }
 }
diff --git a/modules/meshcloud-metering-service-principal/module.tf b/modules/meshcloud-metering-service-principal/module.tf
@@ -2,15 +2,15 @@
 // Terraform Settings
 //---------------------------------------------------------------------------
 terraform {
-  required_version = ">= 1.0"
+  required_version = "> 1.0"
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.3.0"
+      version = "3.81.0"
     }
     azuread = {
       source  = "hashicorp/azuread"
-      version = "2.18.0"
+      version = "2.46.0"
     }
   }
 }
@@ -53,6 +53,7 @@ resource "azurerm_role_assignment" "meshcloud_metering" {
   scope                = var.scope
   role_definition_name = "Cost Management Reader"
   principal_id         = azuread_service_principal.meshcloud_metering.id
+  depends_on           = [azuread_service_principal.meshcloud_metering]
 }
 
 
@@ -78,7 +79,7 @@ resource "azuread_application" "meshcloud_metering" {
 // Create New Enterprise application and associate it with the previously created app
 //---------------------------------------------------------------------------
 resource "azuread_service_principal" "meshcloud_metering" {
-  application_id = azuread_application.meshcloud_metering.application_id
+  client_id = azuread_application.meshcloud_metering.client_id
   feature_tags {
     enterprise = true
   }
@@ -92,7 +93,7 @@ resource "time_rotating" "replicator_secret_rotation" {
 }
 
 resource "azuread_application_password" "application_pw" {
-  application_object_id = azuread_application.meshcloud_metering.object_id
+  application_id = azuread_application.meshcloud_metering.id
   rotate_when_changed = {
     rotation = time_rotating.replicator_secret_rotation.id
   }
diff --git a/modules/meshcloud-metering-service-principal/outputs.tf b/modules/meshcloud-metering-service-principal/outputs.tf
@@ -2,7 +2,7 @@ output "credentials" {
   description = "Service Principal application id and object id"
   value = {
     Enterprise_Application_Object_ID = azuread_service_principal.meshcloud_metering.id
-    Application_Client_ID            = azuread_application.meshcloud_metering.application_id
+    Application_Client_ID            = azuread_application.meshcloud_metering.client_id
     Client_Secret                    = "Execute `terraform output metering_client_secret` to see the password"
   }
 }
diff --git a/modules/meshcloud-replicator-service-principal/module.tf b/modules/meshcloud-replicator-service-principal/module.tf
@@ -2,15 +2,15 @@
 // Terraform Settings
 //---------------------------------------------------------------------------
 terraform {
-  required_version = ">= 1.0"
+  required_version = "> 1.0"
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.3.0"
+      version = "3.81.0"
     }
     azuread = {
       source  = "hashicorp/azuread"
-      version = "2.18.0"
+      version = "2.46.0"
     }
   }
 }
@@ -71,7 +71,7 @@ resource "azurerm_role_definition" "meshcloud_replicator" {
 data "azuread_application_published_app_ids" "well_known" {}
 
 data "azuread_service_principal" "msgraph" {
-  application_id = data.azuread_application_published_app_ids.well_known.result.MicrosoftGraph
+  client_id = data.azuread_application_published_app_ids.well_known.result.MicrosoftGraph
 }
 
 //---------------------------------------------------------------------------
@@ -148,7 +148,7 @@ resource "time_rotating" "replicator_secret_rotation" {
   rotation_days = 365
 }
 resource "azuread_application_password" "application_pw" {
-  application_object_id = azuread_application.meshcloud_replicator.object_id
+  application_id = azuread_application.meshcloud_replicator.id
   rotate_when_changed = {
     rotation = time_rotating.replicator_secret_rotation.id
   }
@@ -158,7 +158,7 @@ resource "azuread_application_password" "application_pw" {
 // Create new Enterprise Application and associate it with the previous application
 //---------------------------------------------------------------------------
 resource "azuread_service_principal" "meshcloud_replicator" {
-  application_id = azuread_application.meshcloud_replicator.application_id
+  client_id = azuread_application.meshcloud_replicator.client_id
   feature_tags {
     enterprise = true
   }
@@ -176,6 +176,7 @@ resource "azurerm_role_assignment" "meshcloud_replicator" {
   scope              = var.scope
   role_definition_id = azurerm_role_definition.meshcloud_replicator.role_definition_resource_id
   principal_id       = azuread_service_principal.meshcloud_replicator.id
+  depends_on         = [azuread_service_principal.meshcloud_replicator]
 }
 
 //---------------------------------------------------------------------------
@@ -185,18 +186,21 @@ resource "azuread_app_role_assignment" "meshcloud_replicator-directory" {
   app_role_id         = data.azuread_service_principal.msgraph.app_role_ids["Directory.Read.All"]
   principal_object_id = azuread_service_principal.meshcloud_replicator.object_id
   resource_object_id  = data.azuread_service_principal.msgraph.object_id
+  depends_on          = [azuread_application.meshcloud_replicator]
 }
 
 resource "azuread_app_role_assignment" "meshcloud_replicator-group" {
   app_role_id         = data.azuread_service_principal.msgraph.app_role_ids["Group.ReadWrite.All"]
   principal_object_id = azuread_service_principal.meshcloud_replicator.object_id
   resource_object_id  = data.azuread_service_principal.msgraph.object_id
+  depends_on          = [azuread_application.meshcloud_replicator]
 }
 
 resource "azuread_app_role_assignment" "meshcloud_replicator-user" {
   app_role_id         = data.azuread_service_principal.msgraph.app_role_ids["User.Invite.All"]
   principal_object_id = azuread_service_principal.meshcloud_replicator.object_id
   resource_object_id  = data.azuread_service_principal.msgraph.object_id
+  depends_on          = [azuread_application.meshcloud_replicator]
 }
 
 
diff --git a/modules/meshcloud-replicator-service-principal/outputs.tf b/modules/meshcloud-replicator-service-principal/outputs.tf
@@ -2,7 +2,7 @@ output "credentials" {
   description = "Service Principal application id and object id"
   value = {
     Enterprise_Application_Object_ID = azuread_service_principal.meshcloud_replicator.id
-    Application_Client_ID            = azuread_application.meshcloud_replicator.application_id
+    Application_Client_ID            = azuread_application.meshcloud_replicator.client_id
     Client_Secret                    = "Execute `terraform output replicator_client_secret` to see the password"
   }
 }
diff --git a/modules/meshcloud-sso/module.tf b/modules/meshcloud-sso/module.tf
@@ -1,21 +1,21 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = "> 1.0"
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.3.0"
+      version = "3.81.0"
     }
     azuread = {
       source  = "hashicorp/azuread"
-      version = "2.18.0"
+      version = "2.46.0"
     }
   }
 }
 
 data "azuread_application_published_app_ids" "well_known" {}
 
 data "azuread_service_principal" "msgraph" {
-  application_id = data.azuread_application_published_app_ids.well_known.result.MicrosoftGraph
+  client_id = data.azuread_application_published_app_ids.well_known.result.MicrosoftGraph
 }
 
 resource "azuread_application" "meshcloud_sso" {
@@ -44,5 +44,5 @@ resource "azuread_application" "meshcloud_sso" {
 }
 
 resource "azuread_application_password" "meshcloud_sso" {
-  application_object_id = azuread_application.meshcloud_sso.object_id
+  application_id = azuread_application.meshcloud_sso.id
 }
diff --git a/modules/meshcloud-sso/outputs.tf b/modules/meshcloud-sso/outputs.tf
@@ -2,7 +2,7 @@ output "app_registration" {
   description = "Application registration application id and object id"
   value = {
     object_id = azuread_application.meshcloud_sso.object_id
-    app_id    = azuread_application.meshcloud_sso.application_id
+    app_id    = azuread_application.meshcloud_sso.client_id
   }
 }
 
diff --git a/modules/uami-blueprint-user-principal/module.tf b/modules/uami-blueprint-user-principal/module.tf
@@ -1,13 +1,13 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = "> 1.0"
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.3.0"
+      version = "3.81.0"
     }
     azuread = {
       source  = "hashicorp/azuread"
-      version = "2.18.0"
+      version = "2.46.0"
     }
   }
 }
@@ -17,7 +17,7 @@ resource "azuread_application" "uami_blueprint_principal" {
 }
 
 resource "azuread_service_principal" "uami_blueprint_principal" {
-  application_id = azuread_application.uami_blueprint_principal.application_id
+  client_id = azuread_application.uami_blueprint_principal.client_id
 }
 
 resource "azuread_service_principal_password" "service_principal_pw" {
@@ -30,6 +30,7 @@ resource "azurerm_role_assignment" "service_principal_pw" {
   principal_id         = azuread_service_principal.uami_blueprint_principal.id
   scope                = "/subscriptions/${var.subscriptions[count.index]}"
   role_definition_name = "Contributor"
+  depends_on           = [azuread_service_principal.uami_blueprint_principal]
 }
 
 # facilitate migration from v0.1.0 of the module
diff --git a/modules/uami-blueprint-user-principal/outputs.tf b/modules/uami-blueprint-user-principal/outputs.tf
@@ -1,7 +1,7 @@
 output "service_principal" {
   value = {
     object_id = azuread_service_principal.uami_blueprint_principal.id
-    app_id    = azuread_service_principal.uami_blueprint_principal.application_id
+    app_id    = azuread_service_principal.uami_blueprint_principal.client_id
     password  = "Execute `terraform output uami_blueprint_user_principal_password` to see the password"
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -1,13 +1,13 @@`
`1`	`1`	`terraform {`
`2`		`- required_version = ">= 1.1"`
	`2`	`+ required_version = "> 1.1"`
`3`	`3`	`required_providers {`
`4`	`4`	`azurerm = {`
`5`	`5`	`source = "hashicorp/azurerm"`
`6`		`- version = "3.3.0"`
	`6`	`+ version = "3.81.0"`
`7`	`7`	`}`
`8`	`8`	`azuread = {`
`9`	`9`	`source = "hashicorp/azuread"`
`10`		`- version = "2.18.0"`
	`10`	`+ version = "2.46.0"`
`11`	`11`	`}`
`12`	`12`	`}`
`13`	`13`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,21 +1,21 @@`
`1`	`1`	`terraform {`
`2`		`- required_version = ">= 1.0"`
	`2`	`+ required_version = "> 1.0"`
`3`	`3`	`required_providers {`
`4`	`4`	`azurerm = {`
`5`	`5`	`source = "hashicorp/azurerm"`
`6`		`- version = "3.3.0"`
	`6`	`+ version = "3.81.0"`
`7`	`7`	`}`
`8`	`8`	`azuread = {`
`9`	`9`	`source = "hashicorp/azuread"`
`10`		`- version = "2.18.0"`
	`10`	`+ version = "2.46.0"`
`11`	`11`	`}`
`12`	`12`	`}`
`13`	`13`	`}`
`14`	`14`
`15`	`15`	`data "azuread_application_published_app_ids" "well_known" {}`
`16`	`16`
`17`	`17`	`data "azuread_service_principal" "msgraph" {`
`18`		`- application_id = data.azuread_application_published_app_ids.well_known.result.MicrosoftGraph`
	`18`	`+ client_id = data.azuread_application_published_app_ids.well_known.result.MicrosoftGraph`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`resource "azuread_application" "meshcloud_idp_lookup" {`
`@@ -50,7 +50,7 @@ resource "azuread_application" "meshcloud_idp_lookup" {`
`50`	`50`	`}`
`51`	`51`
`52`	`52`	`resource "azuread_service_principal" "meshcloud_idp_lookup" {`
`53`		`- application_id = azuread_application.meshcloud_idp_lookup.application_id`
	`53`	`+ client_id = azuread_application.meshcloud_idp_lookup.client_id`
`54`	`54`	`}`
`55`	`55`
`56`	`56`	`resource "azuread_app_role_assignment" "meshcloud_idp_lookup" {`
Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@ output "service_principal" {`
`2`	`2`	`description = "Service Principal application id and object id"`
`3`	`3`	`value = {`
`4`	`4`	`object_id = azuread_service_principal.meshcloud_idp_lookup.id`
`5`		`- app_id = azuread_service_principal.meshcloud_idp_lookup.application_id`
	`5`	`+ app_id = azuread_service_principal.meshcloud_idp_lookup.client_id`
`6`	`6`	password = "Execute `terraform output idp_lookup_service_principal_password` to see the password"
`7`	`7`	`}`
`8`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,15 +2,15 @@`
`2`	`2`	`// Terraform Settings`
`3`	`3`	`//---------------------------------------------------------------------------`
`4`	`4`	`terraform {`
`5`		`- required_version = ">= 1.0"`
	`5`	`+ required_version = "> 1.0"`
`6`	`6`	`required_providers {`
`7`	`7`	`azurerm = {`
`8`	`8`	`source = "hashicorp/azurerm"`
`9`		`- version = "3.3.0"`
	`9`	`+ version = "3.81.0"`
`10`	`10`	`}`
`11`	`11`	`azuread = {`
`12`	`12`	`source = "hashicorp/azuread"`
`13`		`- version = "2.18.0"`
	`13`	`+ version = "2.46.0"`
`14`	`14`	`}`
`15`	`15`	`}`
`16`	`16`	`}`
`@@ -53,6 +53,7 @@ resource "azurerm_role_assignment" "meshcloud_metering" {`
`53`	`53`	`scope = var.scope`
`54`	`54`	`role_definition_name = "Cost Management Reader"`
`55`	`55`	`principal_id = azuread_service_principal.meshcloud_metering.id`
	`56`	`+ depends_on = [azuread_service_principal.meshcloud_metering]`
`56`	`57`	`}`
`57`	`58`
`58`	`59`
`@@ -78,7 +79,7 @@ resource "azuread_application" "meshcloud_metering" {`
`78`	`79`	`// Create New Enterprise application and associate it with the previously created app`
`79`	`80`	`//---------------------------------------------------------------------------`
`80`	`81`	`resource "azuread_service_principal" "meshcloud_metering" {`
`81`		`- application_id = azuread_application.meshcloud_metering.application_id`
	`82`	`+ client_id = azuread_application.meshcloud_metering.client_id`
`82`	`83`	`feature_tags {`
`83`	`84`	`enterprise = true`
`84`	`85`	`}`
`@@ -92,7 +93,7 @@ resource "time_rotating" "replicator_secret_rotation" {`
`92`	`93`	`}`
`93`	`94`
`94`	`95`	`resource "azuread_application_password" "application_pw" {`
`95`		`- application_object_id = azuread_application.meshcloud_metering.object_id`
	`96`	`+ application_id = azuread_application.meshcloud_metering.id`
`96`	`97`	`rotate_when_changed = {`
`97`	`98`	`rotation = time_rotating.replicator_secret_rotation.id`
`98`	`99`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@ output "credentials" {`
`2`	`2`	`description = "Service Principal application id and object id"`
`3`	`3`	`value = {`
`4`	`4`	`Enterprise_Application_Object_ID = azuread_service_principal.meshcloud_metering.id`
`5`		`- Application_Client_ID = azuread_application.meshcloud_metering.application_id`
	`5`	`+ Application_Client_ID = azuread_application.meshcloud_metering.client_id`
`6`	`6`	Client_Secret = "Execute `terraform output metering_client_secret` to see the password"
`7`	`7`	`}`
`8`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@ output "app_registration" {`
`2`	`2`	`description = "Application registration application id and object id"`
`3`	`3`	`value = {`
`4`	`4`	`object_id = azuread_application.meshcloud_sso.object_id`
`5`		`- app_id = azuread_application.meshcloud_sso.application_id`
	`5`	`+ app_id = azuread_application.meshcloud_sso.client_id`
`6`	`6`	`}`
`7`	`7`	`}`
`8`	`8`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`output "service_principal" {`
`2`	`2`	`value = {`
`3`	`3`	`object_id = azuread_service_principal.uami_blueprint_principal.id`
`4`		`- app_id = azuread_service_principal.uami_blueprint_principal.application_id`
	`4`	`+ app_id = azuread_service_principal.uami_blueprint_principal.client_id`
`5`	`5`	password = "Execute `terraform output uami_blueprint_user_principal_password` to see the password"
`6`	`6`	`}`
`7`	`7`	`}`