We’re using Terraform to build our cloud infrastructure. Previously we had a few service principals created without Terraform that are being used right now on production and can’t be changed. Now we want to move to Terraform the creation of that service principals, but we’re unable to import the previous ones while keeping a structure to create new ones using random_string.
resource "azuread_service_principal_password" "service-images" {
for_each = toset(var.profiles)
service_principal_id = azuread_service_principal.service-images[each.value].id
end_date = "2222-01-01T23:00:00Z"
value = random_string.images_password[each.value].result
}
resource "random_string" "images_password" {
for_each = toset(var.profiles)
length = 32
special = true
}
When we create a new service principal (by adding an element to var.profiles list) it works fine, but when it’s a already used service principal, we’re worried that Terraform will smash the previous value and go down in production.
Also, Terraform seems to have an import interface for azuread_service_principal_password:
terraform import azuread_service_principal_password.test 00000000-0000-0000-0000-000000000000/11111111-1111-1111-1111-111111111111
Where first part is ServicePrincipalObjectId and second part is ServicePrincipalPasswordKeyId, however I can’t find that latter value on Azure Portal (where is it?).
How would you proceed?