Skip to content

Commit

Permalink
Merge pull request #7 from telekom-mms/user_assigned_identity
Browse files Browse the repository at this point in the history 
Module now contains a resource for managing user assigned identities
  • Loading branch information
@schurzi
schurzi authored Oct 9, 2024
2 parents 6d9beda + d497934 commit 6f94e5f
Show file tree
Hide file tree
Showing 6 changed files with 77 additions and 0 deletions.
9 changes: 9 additions & 0 deletions examples/apply_main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
module "authorization" {
source = "registry.terraform.io/telekom-mms/authorization/azurerm"
user_assigned_identity = {
uai-mms = {
location = "westeurope"
resource_group_name = "rg-mms-github"
}
}
}
14 changes: 14 additions & 0 deletions examples/full_main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
module "authorization" {
source = "registry.terraform.io/telekom-mms/authorization/azurerm"
user_assigned_identity = {
uai-mms = {
location = "westeurope"
resource_group_name = "rg-mms-github"
tags = {
project = "mms-github"
environment = terraform.workspace
managed-by = "terraform"
}
}
}
}
9 changes: 9 additions & 0 deletions examples/min_main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
module "authorization" {
source = "registry.terraform.io/telekom-mms/authorization/azurerm"
user_assigned_identity = {
uai-mms = {
location = "westeurope"
resource_group_name = "rg-mms-github"
}
}
}
9 changes: 9 additions & 0 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,12 @@ resource "azurerm_role_assignment" "role_assignment" {
description = local.role_assignment[each.key].description
skip_service_principal_aad_check = local.role_assignment[each.key].skip_service_principal_aad_check
}

resource "azurerm_user_assigned_identity" "user_assigned_identity" {
for_each = var.user_assigned_identity

name = local.user_assigned_identity[each.key].name == "" ? each.key : local.user_assigned_identity[each.key].name
location = local.user_assigned_identity[each.key].location
resource_group_name = local.user_assigned_identity[each.key].resource_group_name
tags = local.user_assigned_identity[each.key].tags
}
15 changes: 15 additions & 0 deletions outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,17 @@ output "role_assignments" {
}
}

output "user_assigned_identity" {
description = "Outputs all attributes of resource_type."
value = {
for user_assigned_identity in keys(azurerm_user_assigned_identity.user_assigned_identity) :
user_assigned_identity => {
for key, value in azurerm_user_assigned_identity.user_assigned_identity[user_assigned_identity] :
key => value
}
}
}

output "variables" {
description = "Displays all configurable variables passed by the module. __default__ = predefined values per module. __merged__ = result of merging the default values and custom values passed to the module"
value = {
Expand All @@ -21,6 +32,10 @@ output "variables" {
for key in keys(var.role_assignment) :
key => local.role_assignment[key]
}
user_assigned_identity = {
for key in keys(var.user_assigned_identity) :
key => local.user_assigned_identity[key]
}
}
}
}
21 changes: 21 additions & 0 deletions variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,11 @@ variable "role_assignment" {
default = {}
description = "Resource definition, default settings are defined within locals and merged with var settings. For more information look at [Outputs](#Outputs)."
}
variable "user_assigned_identity" {
type = any
default = {}
description = "Resource definition, default settings are defined within locals and merged with var settings. For more information look at [Outputs](#Outputs)."
}

locals {
default = {
Expand All @@ -17,13 +22,22 @@ locals {
description = null
skip_service_principal_aad_check = null
}

user_assigned_identity = {
name = ""
tags = {}
}
}

// compare and merge custom and default values
role_assignment_values = {
for role_assignment in keys(var.role_assignment) :
role_assignment => merge(local.default.role_assignment, var.role_assignment[role_assignment])
}
user_assigned_identity_values = {
for user_assigned_identity in keys(var.user_assigned_identity) :
user_assigned_identity => merge(local.default.user_assigned_identity, var.user_assigned_identity[user_assigned_identity])
}

// deep merge of all custom and default values
role_assignment = {
Expand All @@ -33,4 +47,11 @@ locals {
{}
)
}
user_assigned_identity = {
for user_assigned_identity in keys(var.user_assigned_identity) :
user_assigned_identity => merge(
local.user_assigned_identity_values[user_assigned_identity],
{}
)
}
}

0 comments on commit 6f94e5f

Please sign in to comment.