New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for required_resource_access in azurerm_function_app.identity where SystemAssigned #6557
Comments
@petersgiles I can probably help, but what is wrong with azurerm_role_assignment? |
Maybe nothing. How would I use with the managed service identity created on a function app as per my example to grant access to ms graph role Group.ReadWrite.All? This issue might be resolved with a specific example in the documentation. |
azurerm_role_assignment can be used only to assign role to Subscription Resources. It doesn't work with Azure AD permissions and roles. I would like to generalise the request to split ti to two parts: UserAssigned and SystemAssigned Managed Identities. In case when user creates Managed Identity (UserManaged) it will be great to be able to configure |
@petersgiles I tried your PowerShell commands and they work fine (permissions are getting assigned for UserAssigned Managed Identity), but it doesn't help with being able to use terraform to manage AD groups or other AD resources. As an example I get |
Since this issue has been reported a long time ago and relates to the version of provider we no longer support - I'm going to close it. Please open a new updated bug report on current versions of terraform and provider if this is still relevant. Thank you. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Community Note
Description
Normally i need to do this with Powershell which means changes I make aren't maintained in state (horrible)
New or Affected Resource(s)
Potential Terraform Configuration
References
The text was updated successfully, but these errors were encountered: