[英]Azure Active Directory - how to assign application role to group programmatically
[英]Azure Role assign to group in TF
我正在嘗試創建一個新組並通過 terraform 為其分配所有者角色,但我面臨分配問題。
下面是代碼
data "azurerm_subscription" "primary" {
}
data "azuread_client_config" "current" {}
resource "azuread_group" "group" {
display_name = "azure-group"
security_enabled = False
}
resource "azurerm_role_assignment" "role-assign" {
scope = data.azurerm_subscription.primary.id
role_definition_name = "Owner"
principal_id = data.azuread_group.group.object_id
}
運行計划時會看到此錯誤
│ Error: Reference to undeclared resource
│
│ on main.tf line 18, in resource "azurerm_role_assignment" "role-assign":
│ 18: principal_id = data.azuread_group.group.object_id
│
│ A data resource "azuread_group" "group" has not been declared in the root module.```
您應該使用資源,而不是數據源。 所以而不是
principal_id = data.azuread_group.group.object_id
它應該是
principal_id = azuread_group.group.object_id
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.