cli: fix Terraform resource group dependencies (#1048)

This commit is contained in:
Moritz Sanft 2023-01-20 18:59:59 +01:00 committed by GitHub
parent 6708aff984
commit b8648261e3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -48,13 +48,13 @@ resource "azurerm_user_assigned_identity" "identity_uami" {
# Assign roles to managed identity
resource "azurerm_role_assignment" "virtual_machine_contributor_role" {
scope = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
scope = azurerm_resource_group.identity_resource_group.id
role_definition_name = "Virtual Machine Contributor"
principal_id = azurerm_user_assigned_identity.identity_uami.principal_id
}
resource "azurerm_role_assignment" "application_insights_component_contributor_role" {
scope = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
scope = azurerm_resource_group.identity_resource_group.id
role_definition_name = "Application Insights Component Contributor"
principal_id = azurerm_user_assigned_identity.identity_uami.principal_id
}
@ -73,7 +73,7 @@ resource "azuread_service_principal" "application_principal" {
# Set identity as base resource group owner
resource "azurerm_role_assignment" "owner_role" {
scope = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
scope = azurerm_resource_group.identity_resource_group.id
role_definition_name = "Owner"
principal_id = azuread_service_principal.application_principal.object_id
}