Terraform azurerm read current signed in user?

Question

Looking at the documentation I am unable to find a data source which gives me the current user (preferably the email) logged in to az when using the azurerm provider in terraform.

This information is available when I run az ad signed-in-user and I would like to use it to tag the resources created by terraform in azure.

Is this not possible right now?

Answer 1

You can use azurerm_client_config to get the AD object ID for the current user and then look up the returned object id with azuread_user to get the user principal name (UPN). Then, the UPN can be assigned to a tag. In the code below, outputs are not necessary but are helpful for validation because their values appear in the plan.

data "azurerm_client_config" "current" { }

data "azuread_user" "current_user" {
  object_id = data.azurerm_client_config.current.object_id
}

resource "azurerm_resource_group" "example-rg" {
  name     = "example-rg"
  location = "westus"
  tags = {
    userCreated = data.azuread_user.current_user.user_principal_name
  }
}

output "object_id" {
  value = data.azurerm_client_config.current.object_id
}

output "user_principal_name" {
  value = data.azuread_user.current_user.user_principal_name
}