Unable to add azuread_application to azuread_group_member

[4865783a5d]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureAD Provider) Version

Affected Resource(s)

• azuread_group_member
• azuread_application

Terraform Configuration Files

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.75.0"
    }

    azuread = {
        source = "hashicorp/azuread"
        version = "~> 2.39.0"
    }
  }

  required_version = "~> 1.5.0"
}

Expected Behavior

App Registration principal added as group member

Actual Behavior

Error: Could not retrieve principal object "2b4b36c1-xxx"
│
│   with azuread_group_member.members["xx/2b4b36c1-xxx"],
│   on main.tf line 7, in resource "azuread_group_member" "members":
│    7: resource "azuread_group_member" "members" {
│
│ DirectoryObjects.BaseClient.Get(): unexpected status 404 with OData error:
│ Request_ResourceNotFound: Resource '2b4b36c1-xx'
│ does not exist or one of its queried reference-property objects are not
│ present.

Steps to Reproduce

1. terraform apply

We ensured that we're using Application (client) ID.

[manicminer]

@4865783a5d Thanks for raising this issue. Applications are not security principals and cannot be added to groups - it is the linked service principal which can be assigned group membership.

We use GitHub issues for tracking feature requests and bugs in the Azure provider, and to maintain focus on that we instead ask that usage questions are raised via our Community Resources. Accordingly I'm going to close this issue, but I believe you should be able to get further assistance on the community discussion portal.