How Do I Query 2 Different Azure Directories When Using Terraform?
Question
I am configuring my infrastructure in one Azure Directory with terraform and so I have set the Azure CLI to use that subscription:
az account set --subscription xxxxxxxx-0000-xxxx-YYYY-zzzzzzzzzzzz
Part of the setup is to add Active Directory Groups to APIM Management.
I create the groups and query AD for their ids using az cli in local-exec .
However, Active Directory is in a different subscription to where the infrastructure is being created so this step fails.
How can I switch directory/subscription for this one call?
1 answers
solution1
0 2019-08-22 18:58:09
I create the groups and query AD for their ids using az cli in local-exec.
You can query for groups with datasource azuread_group and/or manage resource azuread_group instead of az cli .
To use datasource/resource with multiple subscriptions you should authenticate multiple providers with aliases with different subscription_id like that:
provider "azuread" {
subscription_id = "xxxxxxxx-0000-xxxx-YYYY-zzzzzzzzzzzz"
}
provider "azuread" {
subscription_id = "another-subscription-id"
alias = "custom"
}
resource "azurerm_api_management" "test" {
...
}
resource "azuread_group" "mygroup" {
provider = azuread.custom
name = "my-group"
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.