[英]Azure Role assign to group in TF
我正在嘗試創建一個新組並通過 terraform 為其分配所有者角色,但我面臨分配問題。
下面是代碼
data "azurerm_subscription" "primary" {
}
data "azuread_client_config" "current" {}
resource "azuread_group" "group" {
display_name = "azure-group"
security_enabled = False
}
resource "azurerm_role_assignment" "role-assign" {
scope = data.azurerm_subscription.primary.id
role_definition_name = "Owner"
principal_id = data.azuread_group.group.object_id
}
運行計划時會看到此錯誤
│ Error: Reference to undeclared resource
│
│ on main.tf line 18, in resource "azurerm_role_assignment" "role-assign":
│ 18: principal_id = data.azuread_group.group.object_id
│
│ A data resource "azuread_group" "group" has not been declared in the root module.```
您應該使用資源,而不是數據源。 所以而不是
principal_id = data.azuread_group.group.object_id
它應該是
principal_id = azuread_group.group.object_id
Azure Active Directory-如何以編程方式分配應用程序角色以進行分組
[英]Azure Active Directory - how to assign application role to group programmatically
如何將“Storage Blob Data Reader”角色分配給 azure 中的用戶/組?
[英]How to assign “Storage Blob Data Reader” role to a user/group in azure?
在 Azure 門戶中,我在添加添加角色分配 -> 分配訪問權限 -> “Azure AD 用戶、組或服務原則”時沒有找到此選項
[英]In Azure Portal I didn't find this option while adding Add role assignment -> Assign Access to -> “Azure AD user, group, or service principle”
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.