I'm working on automating the creation of an Azure AD B2C tenant in Terraform, I can get many parts of it set up in Terraform but some parts I realize I can't, specifically Identity Experience Framework Custom Policies. I decided I would use PowerShell to upload these XML documents. I see that AzureAD is being deprecated this year, so I shouldn't use that PowerShell Module. Microsoft says that we should be using MgGraph now instead of AzureAD, and references the conversion documentation to go from AzureAD to MgGraph. The problem is that the exact functionality I need does not seem to be in MgGraph, specifically functions referenced in this SO answer, Get-AzureADMSTrustFrameworkPolicy
, Set-AzureADMSTrustFrameworkPolicy
which is now obsolete. (Referencing the most recent answer).
QUESTION So how do people automate the addition/removal of Custom Policies in Identity Experience Framework in a way that isn't going to be deprecated this year?
I really want to avoid needing to manually create these policies and the associated secrets. It seems like it should be straightforward to just upload a document and create a key, so hoping I'm just missing something obvious.
cmdlet mapping AzModule to MgGraph: https://learn.microsoft.com/en-us/powershell/microsoftgraph/azuread-msoline-cmdlet-map?view=graph-powershell-1.0
MSGraph REST API Docu: https://learn.microsoft.com/en-us/graph/api/overview?view=graph-rest-1.0
The API Calls for your specific need: https://learn.microsoft.com/en-us/graph/api/resources/trustframeworkpolicy?view=graph-rest-beta
switch to beta api
select-mgprofile -name beta
cmdlet to interact with the API:
invoke-MgGraphRequest