shy-angle-69296
02/21/2024, 12:18 PMnew Pulumi.AzureAD.AppRoleAssignment(role.DisplayName, new AppRoleAssignmentArgs
{
AppRoleId = role.Id,
PrincipalObjectId = app.ObjectId,
ResourceObjectId = external.Apply(x => x.ObjectId),
});
The service principal used to provision the Pulumi resources has the Administrator permissions and also has the following Graph permissions:
• Application.ReadWrite.All
• AppRoleAssignment.ReadWrite.All
• Directory.ReadWrite.All