GitHub - tomarv2/terraform-azure-service-principal: Terraform module for Azure Service Principal

Terraform module for Azure Service Principal

Versions

Module tested for Terraform 1.0.1.
Azure provider version 3.21.1
main branch: Provider versions not pinned to keep up with Terraform releases
tags releases: Tags are pinned with versions (use latest tag in your releases)

Usage

Option 1:

terrafrom init
terraform plan -var='teamid=tryme' -var='prjid=project'
terraform apply -var='teamid=tryme' -var='prjid=project'
terraform destroy -var='teamid=tryme' -var='prjid=project'

Note: With this option please take care of remote state storage

Option 2:

Recommended method (stores remote state in storage using `prjid` and `teamid` to create directory structure):

Create python 3.8+ virtual environment

python3 -m venv <venv name>

Install package:

pip install tfremote --upgrade

Set below environment variables:

export TF_AZURE_STORAGE_ACCOUNT=tfstatexxxxx # Output of remote_state.sh
export TF_AZURE_CONTAINER=tfstate # Output of remote_state.sh
export ARM_ACCESS_KEY=xxxxxxxxxx # Output of remote_state.sh

Updated examples directory to required values
Run and verify the output before deploying:

tf -c=azure plan -var='teamid=foo' -var='prjid=bar'

Run below to deploy:

tf -c=azure apply -var='teamid=foo' -var='prjid=bar'

Run below to destroy:

tf -c=azure destroy -var='teamid=foo' -var='prjid=bar'

Note: Read more on tfremote Please refer to examples directory link for references.

Requirements

Name	Version
terraform	>= 1.0.1
azuread	2.29.0
azurerm	~> 3.21.1
random	3.1.0
time	0.7.2

Providers

Name	Version
azuread	2.29.0

Modules

No modules.

Resources

Name	Type
azuread_application.this	resource
azuread_application_password.this	resource

Inputs

Name	Description	Type	Default	Required
applications_config	Application configuration	`map(any)`	n/a	yes
extra_tags	Additional tags to associate	`map(string)`	`{}`	no
password	A password for the service principal.	`string`	`""`	no
prjid	Name of the project/stack e.g: mystack, nifieks, demoaci. Should not be changed after running 'tf apply'	`string`	n/a	yes
teamid	Name of the team/group e.g. devops, dataengineering. Should not be changed after running 'tf apply'	`string`	n/a	yes

Outputs

Name	Description
application_id	The client (application) ID.
client_password	A UUID used to uniquely identify this password credential.
client_secret	The password for the Service Principal.

Name		Name	Last commit message	Last commit date
Latest commit History 30 Commits
.github/workflows		.github/workflows
examples		examples
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
LICENSE		LICENSE
README.md		README.md
main.tf		main.tf
outputs.tf		outputs.tf
providers.tf		providers.tf
tags.tf		tags.tf
variables.tf		variables.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Terraform module for Azure Service Principal

Versions

Usage

Option 1:

Option 2:

Recommended method (stores remote state in storage using `prjid` and `teamid` to create directory structure):

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Releases 7

Packages

Contributors 2

Languages

License

tomarv2/terraform-azure-service-principal

Folders and files

Latest commit

History

Repository files navigation

Terraform module for Azure Service Principal

Versions

Usage

Option 1:

Option 2:

Recommended method (stores remote state in storage using prjid and teamid to create directory structure):

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 7

Packages 0

Contributors 2

Languages

Recommended method (stores remote state in storage using `prjid` and `teamid` to create directory structure):

Packages