Resource: azuread_application_password

Manages a password credential associated with an application within Azure Active Directory. These are also referred to as client secrets during authentication.

API Permissions

The following API permissions are required in order to use this resource.

When authenticated with a service principal, this resource requires one of the following application roles: Application.ReadWrite.OwnedBy or Application.ReadWrite.All

When authenticated with a user principal, this resource requires one of the following directory roles: Application Administrator or Global Administrator

Example Usage

Basic example

resource "azuread_application_registration" "example" {
  display_name = "example"
}

resource "azuread_application_password" "example" {
  application_id = azuread_application_registration.example.id
}

Time-based rotation

resource "azuread_application_registration" "example" {
  display_name = "example"
}

resource "time_rotating" "example" {
  rotation_days = 7
}

resource "azuread_application_password" "example" {
  application_id = azuread_application_registration.example.id
  rotate_when_changed = {
    rotation = time_rotating.example.id
  }
}

Argument Reference

The following arguments are supported:

Attributes Reference

In addition to all arguments above, the following attributes are exported:

Import

This resource does not support importing.