如何使用Terraform将Active Directory添加到APIM? [英] How Do I Add Active Directory To APIM Using Terraform?
本文介绍了如何使用Terraform将Active Directory添加到APIM?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
Following this article you can link Azure API Management to Users/Groups in Azure Active Directory.
此刻,我正在使用 Terraform创建APIM实例
resource "azurerm_api_management" "test" {
name = "example-apim"
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${azurerm_resource_group.test.name}"
publisher_name = "My Company"
publisher_email = "company@terraform.io"
sku {
name = "Developer"
capacity = 1
}
}
如何向其中添加Active Directory身份提供程序?
How do I add the Active Directory Identity Provider to this?
推荐答案
This doesn't seem to be possible with terraform, however, it can be added by calling the REST API from the Azure CLI.
az rest -m put -u "https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/my-resource-group/providers/Microsoft.ApiManagement/service/my-apim/identityProviders/aad?api-version=2019-01-01" -b "{'properties':{'clientId':'xxxxx-xxx-xxxx-xxxx-xxxxxxxxxx','clientSecret':'super-secret-password','allowedTenants':['mysite.com']}}"
主体-b是已格式化为单行的json.
The body -b is json that has been formatted to a single line.
您需要从活动目录中查找clientId并知道clientSecret是什么.
You need to look up the clientId from active directory and know what the clientSecret is.
如果愿意,可以将此命令嵌入terraform中:
You can embedd this command in terraform if you wish:
resource "null_resource" "add-ad-identity-provider" {
provisioner "local-exec" {
command = "az rest -m put -u \"https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/my-resource-group/providers/Microsoft.ApiManagement/service/my-apim/identityProviders/aad?api-version=2019-01-01\" -b \"{'properties':{'clientId':'xxxxx-xxx-xxxx-xxxx-xxxxxxxxxx','clientSecret':'super-secret-password','allowedTenants':['mysite.com']}}\""
}
depends_on = ["azurerm_api_management.test"]
}
这篇关于如何使用Terraform将Active Directory添加到APIM?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
