This construct creates and manages a Microsoft Entra ID Application
Project description
@reapit-cdk/entra-id-application
This construct creates and manages a Microsoft Entra ID Application
Package Installation:
yarn add --dev @reapit-cdk/entra-id-application
# or
npm install @reapit-cdk/entra-id-application --save-dev
Usage
import { CfnOutput, Stack, App, Duration } from 'aws-cdk-lib'
import { EntraIDApplication } from '@reapit-cdk/entra-id-application'
import { Secret } from 'aws-cdk-lib/aws-secretsmanager'
const app = new App()
const stack = new Stack(app, 'stack-name')
const entraApp = new EntraIDApplication(stack, 'entra-id-app', {
/**
* 1. Create an application in Entra ID with scopes:
* - Application.ReadWrite.All
* 2. Create a client secret which lasts a day
* 3. Run the setup script and follow the instructions from there.
* (Clone the repo
* run yarn
* cd packages/constructs/entra-id-application
* yarn setup
* --clientId <client id aka app id>
* --clientSecret <client secret value>
* --tenantId <your tenant id>
* --keyId <secret id>
* )
*/
bootstrapClientSecret: Secret.fromSecretCompleteArn(stack, 'bootstrap-client-secret', 'bootstrap-client-secret-arn'),
config: {
displayName: 'My Application',
requiredResourceAccess: [
{
resourceAppId: '00000003-0000-0000-c000-000000000000', // microsoft graph
resourceAccess: [
{
id: '14dad69e-099b-42c9-810b-d002981feec1', // user: profile
type: 'Scope',
},
{
id: '37f7f235-527c-4136-accd-4a02d197296e', // user: openid
type: 'Scope',
},
{
id: '64a6cdd6-aab1-4aaf-94b8-3cc8405e90d0', // user: email
type: 'Scope',
},
],
},
],
web: {
redirectUris: ['https://example.org'],
},
},
})
const { secret } = entraApp.createKey(stack, 'key', {
keyInfo: {
displayName: 'api',
},
validFor: Duration.days(31),
})
new CfnOutput(stack, 'appId', {
value: entraApp.getAttString('appId'),
})
new CfnOutput(stack, 'client-secret-arn', {
value: secret.secretArn,
})
// This is the client secret (don't do this)
new CfnOutput(stack, 'client-secret-secretText', {
value: secret.secretValueFromJson('secretText').toString(),
})
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file reapit-cdk.entra-id-application-0.1.0.tar.gz.
File metadata
- Download URL: reapit-cdk.entra-id-application-0.1.0.tar.gz
- Upload date:
- Size: 259.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 08979b595a3e63ba047b63a7d3bf522b0f1b958816a79e9114b923c48f16fea9 |
|
| MD5 | e100858df4c57ff8f8c4c5e4c376cda4 |
|
| BLAKE2b-256 | dc9f04926a7881cad677459212fb3849b701594b1d2700290d8a065b9e485e3d |
File details
Details for the file reapit_cdk.entra_id_application-0.1.0-py3-none-any.whl.
File metadata
- Download URL: reapit_cdk.entra_id_application-0.1.0-py3-none-any.whl
- Upload date:
- Size: 263.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 35a2e26c3d2675a8bbcea8bce162438521d6671c7d36a348d0bc52220203815e |
|
| MD5 | 1ff8d74438f9e8d5b9742825faf51aa2 |
|
| BLAKE2b-256 | d937c4e3baff07f69d4ff0447fa90e1d212ef58e148537ded80a581a957ca45d |
