[英]Azure Active Directory - how to assign application role to group programmatically
[英]Azure Role assign to group in TF
我正在尝试创建一个新组并通过 terraform 为其分配所有者角色,但我面临分配问题。
下面是代码
data "azurerm_subscription" "primary" {
}
data "azuread_client_config" "current" {}
resource "azuread_group" "group" {
display_name = "azure-group"
security_enabled = False
}
resource "azurerm_role_assignment" "role-assign" {
scope = data.azurerm_subscription.primary.id
role_definition_name = "Owner"
principal_id = data.azuread_group.group.object_id
}
运行计划时会看到此错误
│ Error: Reference to undeclared resource
│
│ on main.tf line 18, in resource "azurerm_role_assignment" "role-assign":
│ 18: principal_id = data.azuread_group.group.object_id
│
│ A data resource "azuread_group" "group" has not been declared in the root module.```
您应该使用资源,而不是数据源。 所以而不是
principal_id = data.azuread_group.group.object_id
它应该是
principal_id = azuread_group.group.object_id
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.