[英]Azure Role assign to group in TF
我正在尝试创建一个新组并通过 terraform 为其分配所有者角色,但我面临分配问题。
下面是代码
data "azurerm_subscription" "primary" {
}
data "azuread_client_config" "current" {}
resource "azuread_group" "group" {
display_name = "azure-group"
security_enabled = False
}
resource "azurerm_role_assignment" "role-assign" {
scope = data.azurerm_subscription.primary.id
role_definition_name = "Owner"
principal_id = data.azuread_group.group.object_id
}
运行计划时会看到此错误
│ Error: Reference to undeclared resource
│
│ on main.tf line 18, in resource "azurerm_role_assignment" "role-assign":
│ 18: principal_id = data.azuread_group.group.object_id
│
│ A data resource "azuread_group" "group" has not been declared in the root module.```
您应该使用资源,而不是数据源。 所以而不是
principal_id = data.azuread_group.group.object_id
它应该是
principal_id = azuread_group.group.object_id
Azure Active Directory-如何以编程方式分配应用程序角色以进行分组
[英]Azure Active Directory - how to assign application role to group programmatically
如何将“Storage Blob Data Reader”角色分配给 azure 中的用户/组?
[英]How to assign “Storage Blob Data Reader” role to a user/group in azure?
在 Azure 门户中,我在添加添加角色分配 -> 分配访问权限 -> “Azure AD 用户、组或服务原则”时没有找到此选项
[英]In Azure Portal I didn't find this option while adding Add role assignment -> Assign Access to -> “Azure AD user, group, or service principle”
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.