Manages a single Identifier URI for an application registration.
This resource is analogous to the identifier_uris
property in the azuread_application
resource. When using these resources together, you should use the ignore_changes
lifecycle meta-argument (see example below).
The following API permissions are required in order to use this resource.
When authenticated with a service principal, this resource requires one of the following application roles: Application.ReadWrite.OwnedBy
or Application.ReadWrite.All
When authenticated with a user principal, this resource may require one of the following directory roles: Application Administrator
or Global Administrator
resource "azuread_application_registration" "example" {
display_name = "example"
}
resource "azuread_application_identifier_uri" "example" {
application_id = azuread_application_registration.example.id
identifier_uri = "https://app.hashitown.com"
}
Usage with azuread_application resource
resource "azuread_application" "example" {
display_name = "example"
lifecycle {
ignore_changes = [
identifier_uris,
]
}
}
resource "azuread_application_identifier_uri" "example" {
application_id = azuread_application.example.id
# ...
}
The following arguments are supported:
application_id
- (Required) The resource ID of the application registration. Changing this forces a new resource to be created.identifier_uri
- (Required) The user-defined URI that uniquely identifies an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant. Changing this forces a new resource to be created.No additional attributes are exported.
Application Identifier URIs can be imported using the object ID of the application and the base64-encoded identifier URI, in the following format.
terraform import azuread_application_identifier_uri.example /applications/00000000-0000-0000-0000-000000000000/identifierUris/aHR0cHM6Ly9leGFtcGxlLm5ldC8=