terraform-azurerm-caf icon indicating copy to clipboard operation
terraform-azurerm-caf copied to clipboard

Published 20 hours ago verified publisher icon aztfmod

Add VMSS to assignable scope for builtin RBAC roles

Open yves-vogl opened this issue 2 years ago • 0 comments

Community Note

  • Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

To allow a more restrictive permission set on VMSS (e.g. for a Azure DevOps Service Connection) I want to assign the Contributor role to an identity.

New or Affected Resource(s

azurerm

Potential Configuration file

role_mapping = {
  built_in_role_mapping = {
    virtual_machine_scale_sets = {
      vmss1 = {
        "Contributor" = {
          azuread_apps = {
            keys = ["example_app"]
          }
        }
      }
    }
  }
}



### References

_No response_

yves-vogl avatar Jul 18 '22 10:07 yves-vogl