terraform-azurerm-caf-enterprise-scale
terraform-azurerm-caf-enterprise-scale copied to clipboard
Published
20 hours ago •
Azure
Azure
Feature Request - Role Assignment with Conditions
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Description
Is your feature request related to a problem?
I would like to create Role Assignment with Condition, currently terraform resource allow for this operation
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment
Description of this variable on resource: condition - (Optional) The condition that limits the resources that the role can be assigned to. Changing this forces a new resource to be created.
condition_version - (Optional) The version of the condition. Possible values are 1.0 or 2.0. Changing this forces a new resource to be created.
Describe the solution you'd like
Change variable schema access_control from map of key-value to map of map key-value:
Current map of key-value:
"access_control" = {
"Contributor" = [
"principal ids", # principal ids
"principal ids",
]
"Reader" = [
"principal ids",
]
"Role Based Access Control Administrator" = [
"principal ids",
]
}
Proposed map of map key-value:
"access_control" = {
"Contributor" = {
"members" = ["principal ids"] }
"Role Based Access Control Administrator" = {
"condition_version" = "2.0", <-- Condition version,
"condition" = {} <-- Condition policy.
"members" = ["principal ids"]
}
}
