This provider instruments Microsoft’s Graph API to allow managing Intune and Entra ID configuration objects and policies via Terraform and OpenTofu.
- see Docs for guides as well as data source and resource definitions
- see TerraProvider QuickStart for a simple reference implementation and samples of resources with this provider.
Visit TerraProvider.com for more information.
# Configure Terraform
terraform {
required_providers {
azuread = {
source = "terraprovider/microsoft365wp"
}
}
}
# Create an Intune Compliance Policy
resource "microsoft365wp_device_compliance_policy" "all" {
display_name = "Windows - Defender for Endpoint"
assignments = [
{
target = { all_licensed_users = {} }
}
]
windows10 = {
device_threat_protection_enabled = true
}
scheduled_actions_for_rule = [
{
scheduled_action_configurations = [
{
action_type = "block"
grace_period_hours = 6
},
]
},
]
}
You can authenticate using an Entra ID Service Principal, see either using a Client Secret or OpenID Connect.
In both cases the following ENV variables must be set:
ARM_TENANT_ID
ARM_CLIENT_ID
and if you use a Client Secret, also set ARM_CLIENT_SECRET