Skip to content

data-platform-hq/terraform-azurerm-workload-identity-federation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.github/workflows
.github/workflows
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.releaserc.json
.releaserc.json
 
 
.terraform-docs.yml
.terraform-docs.yml
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

Azure <> Terraform module

Terraform module for creation Azure <>

Usage

Requirements

Name Version
terraform >= 1.0.0
azuredevops >=0.11.0
azurerm >= 3.40.0

Providers

Name Version
azuredevops >=0.11.0
azurerm >= 3.40.0

Modules

No modules.

Resources

Name Type
azuredevops_serviceendpoint_azurerm.this resource
azurerm_federated_identity_credential.this resource
azurerm_key_vault_access_policy.assigned_identity resource
azurerm_role_assignment.this resource
azurerm_user_assigned_identity.this resource
azuredevops_project.this data source

Inputs

Name Description Type Default Required
ado_project_name ADO Project Name string n/a yes
ado_workload_identity_federation_enabled Workload Identity Federation enable bool true no
custom_federated_identity_credential_name Specifies the name of the Federated Identity Credential string "" no
custom_serviceendpoint_name Specifies the name of the ADO Service Connection string "" no
key_vault_policy_config List of object with parameters to create Key Vault Access Policy 
list(object({
    key_vault_name     = string
    key_vault_id       = string
    tenant_id          = string
    key_permissions    = optional(list(string), ["Get", "List", "Encrypt", "Decrypt"])
    secret_permissions = optional(list(string), ["Get", "List"])
  }))
 [] no
location Azure Region string n/a yes
resource_group The name of the resource group string n/a yes
role_assignment_default_role_name Role name for Role Assignment string "Reader" no
role_assignment_scope ADO Service Connection target Subscription Id string n/a yes
role_assignments_allowed This variable determines whether Service Principal used by Terraform can assign Roles to Azure resources bool true no
service_endpoint_description Service endpoint description string "" no
subscription_id ADO Service Connection target Subscription Id string n/a yes
subscription_name Short name of subscription used for Service Connection string "dev" no
tenant_id ADO Service Connection target Tenant Id string n/a yes
user_assigned_identity_name Specifies the name of the User Assigned Identity string n/a yes

Outputs

Name Description
user_assigned_identity_client_id Built client id of single User Assigned Identity
user_assigned_identity_id Built ID of single User Assigned Identity
user_assigned_identity_name Built name of single User Assigned Identity
user_assigned_identity_principal_id Built principal id of single User Assigned Identity

License

Apache 2 Licensed. For more information please see LICENSE

About

Terraform module for creation Azure User Assigned Identity

registry.terraform.io/modules/data-platform-hq/workload-identity-federation/azurerm/latest

Topics

azure azurerm terraform-module workload-identity-federation

Resources

Readme

License

View license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 2

v1.0.1 Latest
Jun 11, 2024
+ 1 release

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages