From a0d767705d9f9f295c7507499da481fe4f3c3b50 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Mon, 16 Jan 2023 17:49:57 +0100 Subject: [PATCH] fix(dns) use ad_application_password instead of sp_password (#33) Signed-off-by: Damien Duportal Signed-off-by: Damien Duportal --- dns.tf | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/dns.tf b/dns.tf index f21d848..98f2dc3 100644 --- a/dns.tf +++ b/dns.tf @@ -33,7 +33,7 @@ resource "azurerm_dns_ns_record" "child_zone_ns_records" { resource "azuread_application" "letsencrypt_dns_challenges" { for_each = { for key, value in local.lets_encrypt_dns_challenged_domains : key => value if value == "service_principal" } - display_name = replace(each.key, ".", "_") + display_name = "letsencrypt-${each.key}" owners = [data.azuread_client_config.current.object_id] tags = [for key, value in local.default_tags : "${key}:${value}"] @@ -48,11 +48,12 @@ resource "azuread_service_principal" "child_zone_service_principals" { application_id = azuread_application.letsencrypt_dns_challenges[each.key].application_id } -resource "azuread_service_principal_password" "child_zone_service_principal_passwords" { +resource "azuread_application_password" "child_zone_app_passwords" { for_each = { for key, value in local.lets_encrypt_dns_challenged_domains : key => value if value == "service_principal" } - display_name = "Service Principal secret for ${each.key} Let's Encrypt DNS-01 challenges" - service_principal_id = azuread_service_principal.child_zone_service_principals[each.key].object_id + display_name = "test-ddu-1" + + application_object_id = azuread_application.letsencrypt_dns_challenges[each.key].id } resource "azurerm_role_assignment" "child_zone_service_principal_assignements" {