Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/schumann-it/terraform-azureadb2c-b2c-directory
https://github.com/schumann-it/terraform-azureadb2c-b2c-directory
Last synced: about 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/schumann-it/terraform-azureadb2c-b2c-directory
- Owner: Schumann-IT
- License: mit
- Created: 2024-03-18T10:55:31.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2024-10-24T02:09:44.000Z (2 months ago)
- Last Synced: 2024-10-24T07:42:36.597Z (2 months ago)
- Language: HCL
- Size: 240 KB
- Stars: 2
- Watchers: 0
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# terraform-azureadb2c-directory
This module manages the configuration of an Azure AD B2C directory.
**Features:**
- Create app registrations according to [docs](https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy)
- Create policy keys according to [docs](https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy)
- Create custom apps (e.g. [saml](https://learn.microsoft.com/en-us/azure/active-directory-b2c/saml-service-provider?tabs=macos&pivots=b2c-custom-policy))
- Create custom policy keys (e.g. [saml certificate](https://learn.microsoft.com/en-us/azure/active-directory-b2c/saml-service-provider?tabs=macos&pivots=b2c-custom-policy#set-up-certificates))
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.4.0, < 2.0.0 |
| [azuread](#requirement\_azuread) | >= 2.38.0 |
| [azureadb2c](#requirement\_azureadb2c) | >= 0.4.0, < 1.0.0 |
| [azurerm](#requirement\_azurerm) | >= 3.11, < 4.0 |
## Providers
| Name | Version |
|------|---------|
| [azuread](#provider\_azuread) | >= 2.38.0 |
| [azureadb2c](#provider\_azureadb2c) | >= 0.4.0, < 1.0.0 |
| [azurerm](#provider\_azurerm) | >= 3.11, < 4.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| [custom\_app\_registrations](#module\_custom\_app\_registrations) | ./modules/app-registration | n/a |
| [identity\_experience\_framework\_app\_registration](#module\_identity\_experience\_framework\_app\_registration) | ./modules/app-registration | n/a |
| [proxy\_identity\_experience\_framework\_app\_registration](#module\_proxy\_identity\_experience\_framework\_app\_registration) | ./modules/app-registration | n/a |
## Resources
| Name | Type |
|------|------|
| [azureadb2c_application_patch.custom_app_registrations](https://registry.terraform.io/providers/Schumann-IT/azureadb2c/latest/docs/resources/application_patch) | resource |
| [azureadb2c_application_patch.identity_experience_framework_app_registration](https://registry.terraform.io/providers/Schumann-IT/azureadb2c/latest/docs/resources/application_patch) | resource |
| [azureadb2c_organizational_branding_localization.default](https://registry.terraform.io/providers/Schumann-IT/azureadb2c/latest/docs/resources/organizational_branding_localization) | resource |
| [azureadb2c_organizational_branding_localization.this](https://registry.terraform.io/providers/Schumann-IT/azureadb2c/latest/docs/resources/organizational_branding_localization) | resource |
| [azureadb2c_trustframework_keyset_certificate.certificate_keysets](https://registry.terraform.io/providers/Schumann-IT/azureadb2c/latest/docs/resources/trustframework_keyset_certificate) | resource |
| [azureadb2c_trustframework_keyset_key.encryption](https://registry.terraform.io/providers/Schumann-IT/azureadb2c/latest/docs/resources/trustframework_keyset_key) | resource |
| [azureadb2c_trustframework_keyset_key.key_keysets](https://registry.terraform.io/providers/Schumann-IT/azureadb2c/latest/docs/resources/trustframework_keyset_key) | resource |
| [azureadb2c_trustframework_keyset_key.signing](https://registry.terraform.io/providers/Schumann-IT/azureadb2c/latest/docs/resources/trustframework_keyset_key) | resource |
| [azurerm_resource_group.template_storage](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
| [azurerm_storage_account.template_storage](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) | resource |
| [azurerm_storage_container.template_storage](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource |
| [azuread_application.existing_custom_app_registrations](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/application) | data source |
| [azuread_application.extensions_app](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/application) | data source |
| [azurerm_aadb2c_directory.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/aadb2c_directory) | data source |
| [azurerm_resource_group.template_storage](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
| [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
| [azurerm_storage_account.template_storage](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/storage_account) | data source |
| [azurerm_storage_container.template_storage](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/storage_container) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [client\_id](#input\_client\_id) | The Client ID which should be used when authenticating as a service principal. | `string` | n/a | yes |
| [client\_secret](#input\_client\_secret) | The application password to be used when authenticating using a client secret. | `string` | n/a | yes |
| [custom\_app\_registrations](#input\_custom\_app\_registrations) | A list of custom app registrations to create or update. For details see modules/app-registration | `any` | `[]` | no |
| [domain\_name](#input\_domain\_name) | The name of the b2c directory domain | `string` | n/a | yes |
| [identity\_experience\_framework\_app\_registration\_object\_id](#input\_identity\_experience\_framework\_app\_registration\_object\_id) | The object ID of the app registration for the identity experience framework | `string` | n/a | yes |
| [keysets](#input\_keysets) | A list of keysets to create or update |
list(object({
name = string
use = optional(string, null)
type = optional(string, null)
certificate = optional(string, null)
certificate_password = optional(string, null)
secret = optional(string, null)
})) | `[]` | no |
| [localizations](#input\_localizations) | A list of organization branding localizations to create or update | list(object({
lang = string,
background_color = optional(string, null),
banner_logo_file = optional(string, null),
background_image_file = optional(string, null),
square_logo_light_file = optional(string, null),
square_logo_dark_file = optional(string, null),
sign_in_page_text = optional(string, null),
username_hint_text = optional(string, null),
})) | `[]` | no |
| [proxy\_identity\_experience\_framework\_app\_registration\_object\_id](#input\_proxy\_identity\_experience\_framework\_app\_registration\_object\_id) | The object ID of the app registration for the proxy identity experience framework | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which the b2c directory has been created | `string` | n/a | yes |
| [template\_storage](#input\_template\_storage) | The storage account to use for the custom policy templates | object({
manage = bool
existing_storage_account_name = optional(string, null)
existing_storage_account_resource_group_name = optional(string, null)
existing_storage_container_name = optional(string, null)
storage_account_name = optional(string, null)
storage_account_resource_group_name = optional(string, null)
storage_account_location = optional(string, null)
storage_container_name = optional(string, null)
}) | n/a | yes |
## Outputs
| Name | Description |
|------|-------------|
| [custom\_app\_registrations](#output\_custom\_app\_registrations) | Custom app registrations |
| [custom\_certificates](#output\_custom\_certificates) | The ids of the custom certificates in the identity experience framework |
| [custom\_keys](#output\_custom\_keys) | The ids of the custom keys in the identity experience framework |
| [extension\_app\_registration\_application\_id](#output\_extension\_app\_registration\_application\_id) | The application id of the extension app registration |
| [extension\_app\_registration\_object\_id](#output\_extension\_app\_registration\_object\_id) | The object id of the extension app registration |
| [identity\_experience\_framework\_application\_id](#output\_identity\_experience\_framework\_application\_id) | The application id of the identity experience framework app registration |
| [identity\_experience\_framework\_encryption\_key\_id](#output\_identity\_experience\_framework\_encryption\_key\_id) | The id of the encryption key in the identity experience framework |
| [identity\_experience\_framework\_signing\_key\_id](#output\_identity\_experience\_framework\_signing\_key\_id) | The id of the signing key in the identity experience framework |
| [localizations](#output\_localizations) | The localizations |
| [proxy\_identity\_experience\_framework\_application\_id](#output\_proxy\_identity\_experience\_framework\_application\_id) | The application id of the proxy identity experience framework app registration |
| [storage\_account](#output\_storage\_account) | The template storage account |
| [storage\_container\_name](#output\_storage\_container\_name) | The name of the storage container |