Ste*_*enG 4 azure azure-active-directory azure-cli terraform
对于集成,服务定义了以下要运行的命令
az ad sp create-for-rbac --role reader --scopes /subscriptions/{subscription_id}
我没有运行命令,而是想知道等效的 terraform 代码az ad sp create-for-rbac是什么?
provider "azuread" {
version = "=0.3.0"
}
resource "azuread_application" "auth" {
name = "auth"
}
resource "azuread_service_principal" "auth" {
application_id = "${azuread_application.auth.application_id}"
}
resource "random_string" "password" {
length = 16
special = true
override_special = "/@\" "
}
resource "azuread_service_principal_password" "auth" {
service_principal_id = "${azuread_service_principal.auth.id}"
value = "${random_string.password.result}"
end_date_relative = "240h"
}
output "client_secret" {
value = "${random_string.password.result}"
description = "Client Secret"
}
provider "azurerm" {
version = "=1.24.0"
}
data "azurerm_subscription" "primary" {}
data "azurerm_client_config" "current" {}
resource "azurerm_role_assignment" "auth" {
scope = "${data.azurerm_subscription.primary.id}"
role_definition_name = "Reader"
principal_id = "${azuread_service_principal.auth.id}"
}
| 归档时间: |
|
| 查看次数: |
1307 次 |
| 最近记录: |