49 lines
1.5 KiB
Bash
49 lines
1.5 KiB
Bash
|
#!/bin/bash
|
||
|
|
#
|
||
|
|
# Phase 3: Entra ID Configuration
|
||
|
|
# Note: Most steps require manual configuration in Azure Portal
|
||
|
|
#
|
||
|
|
|
||
|
|
set -euo pipefail
|
||
|
|
|
||
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||
|
|
source "${SCRIPT_DIR}/config.sh"
|
||
|
|
|
||
|
|
log_info "=========================================="
|
||
|
|
log_info "Phase 3: Entra ID Configuration"
|
||
|
|
log_info "=========================================="
|
||
|
|
|
||
|
|
log_warning "This phase requires manual steps in Azure Portal"
|
||
|
|
log_info "See docs/deployment/DEPLOYMENT_GUIDE.md for detailed instructions"
|
||
|
|
|
||
|
|
# Check if secrets already exist
|
||
|
|
log_step "3.1 Checking for existing Entra ID configuration..."
|
||
|
|
|
||
|
|
ENTRA_TENANT_ID=$(az keyvault secret show \
|
||
|
|
--vault-name "${KEY_VAULT_NAME}" \
|
||
|
|
--name "entra-tenant-id" \
|
||
|
|
--query value -o tsv 2>/dev/null || echo "")
|
||
|
|
|
||
|
|
if [ -n "${ENTRA_TENANT_ID}" ]; then
|
||
|
|
log_success "Entra ID configuration found in Key Vault"
|
||
|
|
log_info "Tenant ID: ${ENTRA_TENANT_ID}"
|
||
|
|
else
|
||
|
|
log_warning "Entra ID configuration not found"
|
||
|
|
log_info "Please complete manual steps:"
|
||
|
|
log_info " 1. Create App Registration in Azure Portal"
|
||
|
|
log_info " 2. Configure API permissions"
|
||
|
|
log_info " 3. Create client secret"
|
||
|
|
log_info " 4. Enable Verified ID service"
|
||
|
|
log_info " 5. Create credential manifest"
|
||
|
|
log_info ""
|
||
|
|
log_info "Then run: scripts/deploy/store-entra-secrets.sh"
|
||
|
|
fi
|
||
|
|
|
||
|
|
# Save state
|
||
|
|
save_state "phase3" "manual-steps-required"
|
||
|
|
|
||
|
|
log_success "=========================================="
|
||
|
|
log_success "Phase 3: Entra ID - Manual steps required"
|
||
|
|
log_success "=========================================="
|
||
|
|
|