-
Notifications
You must be signed in to change notification settings - Fork 386
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FEATURE] SCIM service principal resource #28
Comments
issue is old and it doesn't seem it needs any attention. closing it for now |
Hi @nfx I hope we can reopen this issue, scim_service_principal is not implemented on this provider |
@tcz001 want to pick this up? |
why do we need to create SP through scim api? won't it simply work if SP is granted contributor role on workspace resource in Azure through either Portal UI or terraform role assignment resource? |
I have a project starting in few weeks which will need Active Directory and SCIM integration features in Terraform. I wonder whether it is possible to completely automate in Terraform the workspace creation and the AD configuration with SCIM enabled. |
@dfanesiDB , just in case, Active Directory should trigger SCIM provisioning as enterprise app, Terraform should be used only for defining groups & their permissions. And yes, it is possible to automate complete workspace, see the very first link in readme :) |
@nfx we need Service principal in scim because it's without the Admin permission by default, while Azure RBAC contributor role will be added as Admin by default and it has 2000 role assignments limitation, that's why we need this resource to be implemented |
yes, we will try to send a PR on this |
@nfx one quick question, should we name the resource as |
@tcz001 , To be clear, this is what we'd expect in PR:
|
As this ticket is closed, is the original requirement (below) now possible with terraform?
Are there any docs on this? I couldn't see anything here: There's also a question on this topic stackoverflow. |
Is your feature request related to a problem? Please describe.
I would like the scim service principal resource to be implemented, with acceptance tests and documented in the website docs. https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/scim/scim-sp
Describe the solution you'd like
This requires:
Describe alternatives you've considered
Design is straight forward follows the pattern of scim user.
Additional context
For more information read here: https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/scim/scim-sp. It enables you to use Terraform to add SCIM service principals to the workspace via SCIM.
The text was updated successfully, but these errors were encountered: