EntraID
Azure Entra ID (formerly Azure AD) is Microsoft's cloud-based identity and access management service, enabling secure access to Azure resources and applications.
Example yaml file:
apiVersion: azure.boundless.software/v1alpha1
kind: EntraID
metadata:
name: entraid-sample
spec:
provider:
region: "eastus"
user:
displayName: "John Doe"
mailNickname: "johndoe"
domain: "example.com"
accountEnabled: true
passwordProfile:
password: "SecureP@ssw0rd123!"
forceChangePasswordNextLogin: true
assignedRoles:
- "User Administrator"
- "Application Administrator"
group:
displayName: "Engineering Team"
mailNickname: "eng-team"
securityEnabled: true
mailEnabled: true
groupType: "security"
description: "Engineering department team group"
members:
- name: "John Doe"
id: "user123"
- name: "Jane Smith"
id: "user456"
assignedRoles:
- "Team Lead"
enterpriseApplication:
displayName: "Sample App"
assignedRoles:
- "App Admin"
- "App User"
| Name | Type | Description |
|---|
| provider* | AzureProviderSpec | Provider specifies the Azure provider settings. |
| user | AzureUserSpec | User configuration for Entra ID. |
| group | AzureGroupSpec | Group configuration for Entra ID. |
| enterpriseApplication | AzureEnterpriseApplicationSpec | Enterprise Application configuration for Entra ID. |
AzureUserSpec
| Name | Type | Description |
|---|
| displayName* | string | The display name of the user. |
| mailNickname* | string | The mail nickname of the user. |
| domain | string | The domain for the user's principal name. |
| accountEnabled* | bool | Whether the user account is enabled. |
| passwordProfile* | AzureUserPasswordProfileSpec | Password configuration for the user. |
| assignedRoles | []string | Roles to be assigned to the user. |
AzureGroupSpec
| Name | Type | Description |
|---|
| displayName* | string | The display name of the group. |
| mailNickname | string | The mail nickname of the group. |
| securityEnabled | bool | Whether security features are enabled for the group. |
| mailEnabled | bool | Whether mail features are enabled for the group. |
| groupType* | string | Type of group (Microsoft 365 or security). |
| description | string | Description of the group. |
| members | []MemberSpec | Members to be added to the group. |
| assignedRoles | []string | Roles to be assigned to the group. |
Status
EntraIDStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Current condition of the EntraID resource. |
| user | AzureUserStatus | Status of the user configuration. |
| group | AzureGroupStatus | Status of the group configuration. |
| enterpriseApplication | AzureEnterpriseApplicationStatus | Status of the enterprise application configuration. |
AzureUserStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Current condition of the user. |
| displayName | string | Display name of the user. |
| mailNickname | string | Mail nickname of the user. |
| userPrincipalName | string | User principal name. |
| id | string | User ID. |
| assignedRoles | []AssignedRole | Roles assigned to the user. |
AzureGroupStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Current condition of the group. |
| displayName | string | Display name of the group. |
| mailNickname | string | Mail nickname of the group. |
| members | map[string]MemberStatus | Status of group members. |
| id | string | Group ID. |
| assignedRoles | []AssignedRole | Roles assigned to the group. |
AzureEnterpriseApplicationStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Current condition of the enterprise application. |
| name | string | Name of the enterprise application. |
| appId | string | Application ID. |
| id | string | Enterprise application ID. |
| servicePrincipal | ServicePrincipalStatus | Status of the service principal. |
| key | KeyStatus | Status of the application key. |
| roles | []AssignedRole | Roles assigned to the enterprise application. |
AzureUserPasswordProfileSpec
| Name | Type | Description |
|---|
| password* | string | The password of the user. |
| forceChangePasswordNextLogin* | bool | Whether the user must change their password on next login. |
MemberSpec
| Name | Type | Description |
|---|
| name | string | Name of the member. |
| id | string | ID of the member. |
AssignedRole
| Name | Type | Description |
|---|
| name | string | Name of the assigned role. |
MemberStatus
| Name | Type | Description |
|---|
| id | string | ID of the member. |
KeyStatus
| Name | Type | Description |
|---|
| name | string | Name of the key. |
| id | string | ID of the key. |
ServicePrincipalStatus
| Name | Type | Description |
|---|
| name | string | Name of the service principal. |
| appId | string | Application ID of the service principal. |
| id | string | ID of the service principal. |
