This provider instruments Microsoft’s Graph API to allow managing Intune and Entra ID configuration objects and policies via Terraform and OpenTofu.
- see Docs for guides as well as data source and resource definitions
- see TerraProvider QuickStart for a simple reference implementation and samples of resources with this provider.
Visit TerraProvider.com for more information.
# Configure Terraform terraform { required_providers { azuread = { source = "terraprovider/microsoft365wp" } } } # Create an Intune Compliance Policy resource "microsoft365wp_device_compliance_policy" "all" { display_name = "Windows - Defender for Endpoint" assignments = [ { target = { all_licensed_users = {} } } ] windows10 = { device_threat_protection_enabled = true } scheduled_actions_for_rule = [ { scheduled_action_configurations = [ { action_type = "block" grace_period_hours = 6 }, ] }, ] } You can authenticate using an Entra ID Service Principal, see either using a Client Secret or OpenID Connect.
In both cases the following ENV variables must be set:
ARM_TENANT_IDARM_CLIENT_ID
and if you use a Client Secret, also set ARM_CLIENT_SECRET