Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix 301-service-fabric

Browse Source
This commit is contained in:
neil-yechenwei 2023-11-15 10:01:51 +08:00 committed by lonegunmanb
parent e009588b2e
commit 06cb83b693
1 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
quickstart/301-service-fabric/azuread.tf
View File

@ -1,10 +1,10 @@
# Service Fabric Cluster # Service Fabric Cluster
resource "azuread_application" "cluster" { resource "azuread_application" "cluster" {
name = "${var.name}-cluster-${var.environment}" display_name = "${var.name}-cluster-${var.environment}"
} }
resource "azuread_service_principal" "cluster" { resource "azuread_service_principal" "cluster" {
application_id = "${azuread_application.cluster.application_id}" application_id = azuread_application.cluster.application_id
} }
resource "random_string" "cluster_password" { resource "random_string" "cluster_password" {
@ -13,35 +13,45 @@ resource "random_string" "cluster_password" {
} }
resource "azuread_service_principal_password" "cluster" { resource "azuread_service_principal_password" "cluster" {
service_principal_id = "${azuread_service_principal.cluster.id}" service_principal_id = azuread_service_principal.cluster.id
value = "${random_string.cluster_password.result}" value = random_string.cluster_password.result
end_date = "2099-01-01T01:00:00Z" end_date = "2099-01-01T01:00:00Z"
} }
resource "random_uuid" "admin" {
}
resource "random_uuid" "reader" {
}
# Service Fabric Client # Service Fabric Client
resource "azuread_application" "client" { resource "azuread_application" "client" {
name = "${var.name}-client-${var.environment}" display_name = "${var.name}-client-${var.environment}"
reply_urls = ["https://${azurerm_public_ip.sf.fqdn}:19080/Explorer/index.html"] redirect_uris = ["https://${azurerm_public_ip.sf.fqdn}:19080/Explorer/index.html"]
app_role { app_role {
id = random_uuid.admin.result
allowed_member_types = [ allowed_member_types = [
"User", "User",
] ]
description = "Admins can manage roles and perform all task actions" description = "Admins can manage roles and perform all task actions"
display_name = "Admin" display_name = "Admin"
is_enabled = true enabled = true
value = "Admin" value = "Admin"
} }
app_role { app_role {
id = random_uuid.reader.result
allowed_member_types = [ allowed_member_types = [
"User", "User",
] ]
description = "ReadOnly roles have limited query access" description = "ReadOnly roles have limited query access"
display_name = "ReadOnly" display_name = "ReadOnly"
is_enabled = true enabled = true
value = "User" value = "User"
} }
@ -57,7 +67,7 @@ resource "azuread_application" "client" {
} }
resource "azuread_service_principal" "client" { resource "azuread_service_principal" "client" {
application_id = "${azuread_application.client.application_id}" application_id = azuread_application.client.application_id
} }
resource "random_string" "client_password" { resource "random_string" "client_password" {
@ -66,7 +76,7 @@ resource "random_string" "client_password" {
} }
resource "azuread_service_principal_password" "client" { resource "azuread_service_principal_password" "client" {
service_principal_id = "${azuread_service_principal.client.id}" service_principal_id = azuread_service_principal.client.id
value = "${random_string.client_password.result}" value = random_string.client_password.result
end_date = "2099-01-01T01:00:00Z" end_date = "2099-01-01T01:00:00Z"
} }