forked from aztfmod/terraform-azurerm-caf
-
Notifications
You must be signed in to change notification settings - Fork 0
/
azuread.tf
executable file
·69 lines (53 loc) · 1.57 KB
/
azuread.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#
# Azure Active Directory Applications
#
module "azuread_applications" {
source = "./modules/azuread/applications"
depends_on = [module.keyvault_access_policies]
for_each = var.azuread_apps
azuread_api_permissions = try(var.azuread_api_permissions[each.key], {})
client_config = local.client_config
global_settings = local.global_settings
keyvaults = local.combined_objects_keyvaults
settings = each.value
user_type = var.user_type
}
output "aad_apps" {
value = module.azuread_applications
}
#
# Azure Active Directory Groups
#
module "azuread_groups" {
source = "./modules/azuread/groups"
for_each = var.azuread_groups
global_settings = local.global_settings
azuread_groups = each.value
tenant_id = local.client_config.tenant_id
}
output "azuread_groups" {
value = module.azuread_groups
}
module "azuread_groups_members" {
source = "./modules/azuread/groups_members"
for_each = var.azuread_groups
settings = each.value
azuread_groups = module.azuread_groups
group_id = module.azuread_groups[each.key].id
azuread_apps = module.azuread_applications
}
#
# Azure Active Directory Users
#
module "azuread_users" {
source = "./modules/azuread/users"
depends_on = [module.keyvault_access_policies]
for_each = var.azuread_users
client_config = local.client_config
global_settings = local.global_settings
keyvaults = local.combined_objects_keyvaults
settings = each.value
}
output "azuread_users" {
value = module.azuread_users
}