Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix 101-cosmos-db-aad-rbac example (#144)

Browse Source
This commit is contained in:
Dingjia Chen
2023-02-14 00:01:24 -06:00
committed by GitHub
parent 911b419f25
commit 5557a85e0b
3 changed files with 33 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
quickstart/101-cosmos-db-aad-rbac/main.tf
View File

@@ -1,7 +1,11 @@
data "azurerm_client_config" "current" {} data "azurerm_client_config" "current" {}
locals {
current_user_object_id = coalesce(var.msi_id, data.azurerm_client_config.current.object_id)
}
resource "azurerm_resource_group" "example" { resource "azurerm_resource_group" "example" {
name = var.resource_group_name name = "${random_pet.prefix.id}-rg"
location = var.location location = var.location
} }
@@ -81,6 +85,10 @@ resource "azurerm_cosmosdb_sql_role_assignment" "example" {
resource_group_name = azurerm_resource_group.example.name resource_group_name = azurerm_resource_group.example.name
account_name = azurerm_cosmosdb_account.example.name account_name = azurerm_cosmosdb_account.example.name
role_definition_id = azurerm_cosmosdb_sql_role_definition.example.id role_definition_id = azurerm_cosmosdb_sql_role_definition.example.id
principal_id = data.azurerm_client_config.current.object_id principal_id = local.current_user_object_id
scope = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/resourceGroups/${azurerm_resource_group.example.name}/providers/Microsoft.DocumentDB/databaseAccounts/${azurerm_cosmosdb_account.example.name}" scope = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/resourceGroups/${azurerm_resource_group.example.name}/providers/Microsoft.DocumentDB/databaseAccounts/${azurerm_cosmosdb_account.example.name}"
} }
resource "random_pet" "prefix" {
prefix = var.name_prefix
}

8
quickstart/101-cosmos-db-aad-rbac/providers.tf
View File

@@ -1,8 +1,14 @@
terraform { terraform {
required_version = ">= 1.0"
required_providers { required_providers {
azurerm = { azurerm = {
source = "hashicorp/azurerm" source = "hashicorp/azurerm"
version = ">=3.0.0" version = ">=3.0, < 4.0"
}
random = {
source = "hashicorp/random"
version = ">= 3.0"
} }
} }
} }

18
quickstart/101-cosmos-db-aad-rbac/variables.tf
View File

@@ -1,30 +1,43 @@
variable "resource_group_name" { variable "name_prefix" {
type = string type = string
description = "Resource group name" default = "101-cosmos-db-aad-rbac"
description = "Prefix for resource group name"
} }
variable "location" { variable "location" {
type = string type = string
default = "westus"
description = "Resource group location" description = "Resource group location"
} }
variable "cosmosdb_account_name" { variable "cosmosdb_account_name" {
type = string type = string
default = "default-account-name"
description = "Cosmos db account name" description = "Cosmos db account name"
} }
variable "cosmosdb_account_location" { variable "cosmosdb_account_location" {
type = string type = string
default = "westus"
description = "Cosmos db account location" description = "Cosmos db account location"
} }
variable "cosmosdb_sqldb_name" { variable "cosmosdb_sqldb_name" {
type = string type = string
default = "default-sqldb-name"
description = "value" description = "value"
} }
variable "msi_id" {
type = string
default = null
description = "If you're executing the test with user assigned identity, please pass the identity principal id to this variable."
}
variable "throughput" { variable "throughput" {
type = number type = number
default = 400
description = "Cosmos db database throughput" description = "Cosmos db database throughput"
validation { validation {
condition = var.throughput >= 400 && var.throughput <= 1000000 condition = var.throughput >= 400 && var.throughput <= 1000000
@@ -38,5 +51,6 @@ variable "throughput" {
variable "sql_container_name" { variable "sql_container_name" {
type = string type = string
default = "default-sql-container-name"
description = "SQL API container name." description = "SQL API container name."
} }