This construct creates and manages a Microsoft Entra ID Application
Project description
@reapit-cdk/entra-id-application
This construct creates and manages a Microsoft Entra ID Application
Package Installation:
yarn add --dev @reapit-cdk/entra-id-application
# or
npm install @reapit-cdk/entra-id-application --save-dev
Usage
import { CfnOutput, Stack, App, Duration } from 'aws-cdk-lib'
import { EntraIDApplication } from '@reapit-cdk/entra-id-application'
import { Secret } from 'aws-cdk-lib/aws-secretsmanager'
const app = new App()
const stack = new Stack(app, 'stack-name')
const entraApp = new EntraIDApplication(stack, 'entra-id-app', {
/**
* 1. Create an application in Entra ID with scopes:
* - Application.ReadWrite.All
* 2. Create a client secret which lasts a day
* 3. Run the setup script and follow the instructions from there.
* (Clone the repo
* run yarn
* cd packages/constructs/entra-id-application
* yarn setup
* --clientId <client id aka app id>
* --clientSecret <client secret value>
* --tenantId <your tenant id>
* --keyId <secret id>
* )
*/
bootstrapClientSecret: Secret.fromSecretCompleteArn(stack, 'bootstrap-client-secret', 'bootstrap-client-secret-arn'),
config: {
displayName: 'My Application',
requiredResourceAccess: [
{
resourceAppId: '00000003-0000-0000-c000-000000000000', // microsoft graph
resourceAccess: [
{
id: '14dad69e-099b-42c9-810b-d002981feec1', // user: profile
type: 'Scope',
},
{
id: '37f7f235-527c-4136-accd-4a02d197296e', // user: openid
type: 'Scope',
},
{
id: '64a6cdd6-aab1-4aaf-94b8-3cc8405e90d0', // user: email
type: 'Scope',
},
],
},
],
web: {
redirectUris: ['https://example.org'],
},
},
})
const { secret } = entraApp.createKey(stack, 'key', {
keyInfo: {
displayName: 'api',
},
validFor: Duration.days(31),
})
new CfnOutput(stack, 'appId', {
value: entraApp.getAttString('appId'),
})
new CfnOutput(stack, 'client-secret-arn', {
value: secret.secretArn,
})
// This is the client secret (don't do this)
new CfnOutput(stack, 'client-secret-secretText', {
value: secret.secretValueFromJson('secretText').toString(),
})
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for reapit-cdk.entra-id-application-0.1.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 08979b595a3e63ba047b63a7d3bf522b0f1b958816a79e9114b923c48f16fea9 |
|
MD5 | e100858df4c57ff8f8c4c5e4c376cda4 |
|
BLAKE2b-256 | dc9f04926a7881cad677459212fb3849b701594b1d2700290d8a065b9e485e3d |
Close
Hashes for reapit_cdk.entra_id_application-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 35a2e26c3d2675a8bbcea8bce162438521d6671c7d36a348d0bc52220203815e |
|
MD5 | 1ff8d74438f9e8d5b9742825faf51aa2 |
|
BLAKE2b-256 | d937c4e3baff07f69d4ff0447fa90e1d212ef58e148537ded80a581a957ca45d |