terraform-provider-netapp-cloudmanager
terraform-provider-netapp-cloudmanager copied to clipboard
NetApp
User assigned Identity option on the connector in Azure
Hello
We need to assign a user-assigned identity to the connector in Azure.
Is there an option to attach the identity to the netapp-cloudmanager_connector_azure resource?
For reference, the azurerm_virtual_machine resource provides a way to assign an identity, like this:
resource "azurerm_virtual_machine" "main" {
name = "test"
...
identity {
type = "UserAssigned"
identity_ids = [azurerm_user_assigned_identity.example.id]
}
}
Does something similar exist for netapp-cloudmanager_connector_azure?
Regards Moon
Specifically, we use an Azure Private DNS Zone for Privatelink, hosted in a different subscription than CVO, as per https://docs.netapp.com/us-en/bluexp-cloud-volumes-ontap/task-enabling-private-link.html#provide-bluexp-with-details-about-your-azure-private-dns.
In order to grant the NetApp Connector permission to modify records in the zone, we would like to grant the Private DNS Zone Contributor role to a User Assigned Managed Identity, then assign the identity to the Connector VM. In this way, we don't need to worry about orchestrating the assignment of cross-subscription roles to VMs, whose identity change if they are rebuilt.
for now we are assigning like below,
"identity": { "type": "systemAssigned" }
Let us know how this needs to be altered for your request ?
for now we are assigning like below,
"identity": { "type": "systemAssigned" }
Let us know how this needs to be altered for your request ?
we need to be able to pass in the IDs of one of more pre-existing UserAssigned identities, like in @bryanheo's example above
identity {
type = "UserAssigned"
identity_ids = [azurerm_user_assigned_identity.example.id]
}