Assign Entra security groups to the enterprise app. Args: sp_id (str): The service principal object ID. group_ids (list[str]): List of group object IDs to assign.
(*, sp_id: str, group_ids: list[str])
| 266 | |
| 267 | |
| 268 | def assign_groups_to_app(*, sp_id: str, group_ids: list[str]) -> None: |
| 269 | """ |
| 270 | Assign Entra security groups to the enterprise app. |
| 271 | |
| 272 | Args: |
| 273 | sp_id (str): The service principal object ID. |
| 274 | group_ids (list[str]): List of group object IDs to assign. |
| 275 | """ |
| 276 | for group_id in group_ids: |
| 277 | logger.info("Assigning group %s to enterprise app %s", group_id, sp_id) |
| 278 | body = { |
| 279 | "principalId": group_id, |
| 280 | "resourceId": sp_id, |
| 281 | "appRoleId": "00000000-0000-0000-0000-000000000000", |
| 282 | } |
| 283 | run_az( |
| 284 | args=[ |
| 285 | "rest", |
| 286 | "--method", |
| 287 | "POST", |
| 288 | "--url", |
| 289 | f"https://graph.microsoft.com/v1.0/servicePrincipals/{sp_id}/appRoleAssignments", |
| 290 | "--body", |
| 291 | json.dumps(body), |
| 292 | ] |
| 293 | ) |
| 294 | |
| 295 | |
| 296 | def create_sql_server_and_db( |