Skip to main content
The Microsoft 365 Terraform Provider offers comprehensive resource coverage across Microsoft 365 services. Resources are organized into logical categories for easy discovery.

Resource Categories

Device & App Management

Mobile apps, app configuration, and assignments

Device Management

Configuration policies, compliance, Windows Updates, and enrollment

Identity & Access

Conditional access, authentication strength, named locations, and security attributes

Applications

App registrations, service principals, and credentials

Groups & Users

Group management, user accounts, and membership

Microsoft Teams

Teams, channels, and settings

Quick Reference

Import Syntax

All resources support importing existing Microsoft 365 objects: 
terraform import <resource_type>.<name> <id>
For resources with composite IDs, refer to the specific resource documentation.

Common Patterns

Graph API Versions

Resources are available in two API versions:
  • Beta: microsoft365_graph_beta_* - Latest features, may change
  • v1.0: microsoft365_graph_* - Stable, production-ready

Resource Naming Convention

microsoft365_graph_{version}_{service}_{resource_type}
Examples:
  • microsoft365_graph_beta_device_and_app_management_win32_app
  • microsoft365_graph_beta_identity_and_access_conditional_access_policy
  • microsoft365_graph_beta_groups_group

Best Practices

Prefer microsoft365_graph_* (v1.0) resources in production environments. Use microsoft365_graph_beta_* only when you need features not yet available in stable API.
Use depends_on to ensure resources are created in the correct order, especially for assignments and nested configurations.
Use Terraform variables and secure backends for passwords, secrets, and credentials. Never commit sensitive values to version control.
Always test configuration changes in a development tenant before applying to production, especially for conditional access policies.

Resource State Management

Many Microsoft 365 resources support state management:
  • Conditional Access Policies: enabled, disabled, enabledForReportingButNotEnforced
  • Device Configurations: Active vs. retired states
  • App Assignments: Required, available, or uninstall intents
Some resources create irreversible changes when deleted. Review the specific resource documentation for deletion behavior.

Next Steps

Device & App Management

Explore mobile app resources

Device Management

Configure device policies

Identity & Access

Secure access with policies

Build docs developers (and LLMs) love

Get started for freeTalk to us