Skip to content

Commit

Permalink
Azure Active Directory RBAC enable/disable with var rbac_aad_azure_rb…
Browse files Browse the repository at this point in the history 
…ac_enabled
  • Loading branch information
@zioproto
zioproto committed Nov 14, 2022
1 parent 8b90d95 commit 20193a1
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
4 changes: 3 additions & 1 deletion locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,6 @@ locals {
name = var.log_analytics_workspace.name
}
) : null # Finally, the Log Analytics Workspace should be disabled.
}
# If var.rbac_aad_azure_rbac_enabled is null set the local to false. Otherise set the local to the var true/false value
rbac_aad_azure_rbac_enabled = var.rbac_aad_azure_rbac_enabled == null ? false : var.rbac_aad_azure_rbac_enabled
}
8 changes: 4 additions & 4 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,17 +95,17 @@ resource "azurerm_kubernetes_cluster" "main" {
}
}
dynamic "azure_active_directory_role_based_access_control" {
for_each = var.role_based_access_control_enabled && var.rbac_aad_managed ? ["rbac"] : []
for_each = var.role_based_access_control_enabled && local.rbac_aad_azure_rbac_enabled && var.rbac_aad_managed ? ["rbac"] : []

content {
admin_group_object_ids = var.rbac_aad_admin_group_object_ids
azure_rbac_enabled = var.rbac_aad_azure_rbac_enabled
azure_rbac_enabled = local.rbac_aad_azure_rbac_enabled
managed = true
tenant_id = var.rbac_aad_tenant_id
}
}
dynamic "azure_active_directory_role_based_access_control" {
for_each = var.role_based_access_control_enabled && !var.rbac_aad_managed ? ["rbac"] : []
for_each = var.role_based_access_control_enabled && local.rbac_aad_azure_rbac_enabled && !var.rbac_aad_managed ? ["rbac"] : []

content {
client_app_id = var.rbac_aad_client_app_id
Expand Down Expand Up @@ -253,4 +253,4 @@ resource "azurerm_log_analytics_solution" "main" {
product = "OMSGallery/ContainerInsights"
publisher = "Microsoft"
}
}
}

0 comments on commit 20193a1

Please sign in to comment.