-
Notifications
You must be signed in to change notification settings - Fork 2
/
main.tf
62 lines (54 loc) · 1.84 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
locals {
def_id = "${var.prefix}role-assignment-basic"
remote_backend = <<EOT
terraform {
required_version = ">= 1.0.0"
%{if var.terraform_state != null}backend "azurerm" {
subscription_id = "${var.terraform_state.subscription_id}"
resource_group_name = "${var.terraform_state.resource_group_name}"
storage_account_name = "${var.terraform_state.storage_account_name}"
container_name = "${var.terraform_state.container_name}"
key = "${coalesce(var.terraform_state.key_prefix, local.def_id)}/$${context.app.id}/$${context.env.id}/$${context.res.id}.tfstate"
}%{endif}
}
EOT
files = var.terraform_state != null ? {
"backend.tf" = local.remote_backend
} : {}
}
resource "humanitec_resource_definition" "main" {
driver_type = "humanitec/terraform"
id = local.def_id
name = local.def_id
type = "azure-role-assignments"
driver_account = var.driver_account
driver_inputs = {
values_string = jsonencode({
source = {
path = "modules/azure-role-assignments/basic"
rev = var.resource_packs_azure_rev
url = var.resource_packs_azure_url
}
append_logs_to_error = var.append_logs_to_error
credentials_config = {
environment = {
ARM_CLIENT_ID = "appId"
ARM_CLIENT_SECRET = "password"
ARM_TENANT_ID = "tenant"
}
}
files = local.files
variables = {
res_id = "$${context.res.id}"
app_id = "$${context.app.id}"
env_id = "$${context.env.id}"
name = var.name
subscription_id = var.subscription_id
prefix = var.prefix
role_definition_ids = var.role_definition_ids
scopes = var.scopes
principal_id = var.principal_id
}
})
}
}