-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
d/azurerm_builtin_role_definition
- loading available role definitions from Azure
#770
d/azurerm_builtin_role_definition
- loading available role definitions from Azure
#770
Conversation
Are the API names the same as the ones already listed? In all cases? We may need some mapping for legacy names if not. I'll have to run some acceptance testing. |
I made a diff check with this result: new in the API:
removed in the API:
for the VirtualMachineContributor role we could do a mapping to Virtual Machine Contributor. |
I'll look in to this and reply back here when I track down an answer |
My guess would be that's more likely to be subscription specific (given resources are enabled by Resource Provider)
We need to proceed carefully here, since the
|
@tombuildsstuff I added a validation that will error on preview roles |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hey @jansepke
Thanks for pushing those updates (and apologies for the delayed re-review!) - this mostly LGTM now, if we can add a migration path for users using the existing VirtualMachineContributor
name this otherwise looks good to merge 👍
Thanks!
"VirtualMachineContributor": "/providers/Microsoft.Authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c", | ||
"Web Plan Contributor": "/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b", | ||
"Website Contributor": "/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772", | ||
filter := fmt.Sprintf("roleName eq '%s'", name) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
in order to keep compatibility with folks using the VirtualMachineContributor
key (e.g. so that we don't need to bump the major version number of the Provider) - can we add an if statement above this, which we can remove in a future version of Terraform? e.g.
if name == "VirtualMachineContributor" {
name = "Virtual Machine Contributor"
}
filter := fmt.Sprintf("roleName eq '%s'", name)
@tombuildsstuff I added the if statement and also removed the validation, because this will now happen on the azure API side |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hey @jansepke
Thanks for pushing the latest changes, I've taken a look through and this now LGTM :)
iI'll kick off the acceptance tests now..
Thanks!
azurerm_builtin_role_definition
- loading available role definitions from Azure
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks! |
and fix a small typo.
should we remove the validation list so we do not need to add new roles?