Updated script to use certificate name

Author: alrios-ms

Deployment/Deploy-Resources.ps1

@@ -404,6 +404,7 @@ function Set-GMMResources {
 
     $parameterObject = Get-TemplateAsHashtable -TemplateFilePath $ParameterFilePath
     $setRBACPermissions = $parameterObject.parameters["setRBACPermissions"].value ?? $false;
+    $certificateName = $parameterObject.parameters["certificateName"].value ?? "not-set";
 
     # deploy resource groups
     Write-Host "`nCreating resource groups"
@@ -438,7 +439,8 @@ function Set-GMMResources {
         -SolutionAbbreviation $SolutionAbbreviation `
         -EnvironmentAbbreviation $EnvironmentAbbreviation `
         -ScriptsDirectory "$scriptsDirectory\Scripts" `
-        -SecondaryTenantId $SecondaryTenantId
+        -SecondaryTenantId $SecondaryTenantId `
+        -CertificateName $certificateName
 
     # add app registrations to common parameters
     $commonParametersObject.parameters["apiAppClientId"] = @{ "value" = $appRegistrations.APIApplicationId }
@@ -799,7 +801,9 @@ function Set-GMMAppRegistrations {
         [Parameter(Mandatory = $false)]
         [System.Nullable[Guid]]$SecondaryTenantId,
         [Parameter(Mandatory = $False)]
-        [boolean] $SkipIfApplicationExists = $True
+        [boolean] $SkipIfApplicationExists = $True,
+        [Parameter(Mandatory = $False)]
+        [string] $CertificateName
     )
 
     Write-Host "`nSetting GMM App Registrations"
@@ -842,6 +846,7 @@ function Set-GMMAppRegistrations {
         -SaveToKeyVault $true `
         -SkipPrompts $true `
         -SkipIfApplicationExists $true `
+        -CertificateName $CertificateName `
         -Clean $false
 
     $null = Set-AzContext -Tenant $mainTenantId

Deployment/localTemplate.bicep

@@ -18,6 +18,7 @@ param setRBACPermissions bool = true
 param authenticationType string
 param skipMailNotifications bool = false
 param isMailApplicationPermissionGranted bool = false
+param certificateName string = 'not-set'
 
 // prereqs parameters
 // parameters for prereqs key vault

Deployment/parameters.json

@@ -190,6 +190,12 @@
         "description": "The type of authentication to use for the App Configuration. UserAssignedManagedIdentity is recommended and will use <solution>-identity-<environment>-Graph. ClientSecret and Certificate will use <solution>-Graph-<environment>."
       }
     },
+    "certificateName": {
+      "value": "not-set",
+      "metadata": {
+        "description": "The name of the certificate in the Key Vault. This is required if the authenticationType is Certificate. This is only used by application <solutionAbbreviation>-Graph-<EnvironmentAbbreviation>. See https://learn.microsoft.com/en-us/azure/key-vault/certificates/quick-create-portal for more information on certificates."
+      }
+    },
     "pipeline": {
       "value": "PopulateDestinationPipeline"
     },