Create a service principal and configure it's access to Azure resources.
⚠️ Warning: This module will happily expose service principal credentials. All arguments including the service principal password will be persisted into Terraform state, into any plan files, and in some cases in the console output while runningterraform planandterraform apply. Read more about sensitive data in state.
module "service_principal" {
source = "innovationnorway/service-principal/azuread"
name = "example"
years = 1
}resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "westeurope"
}
module "service_principal" {
source = "innovationnorway/service-principal/azuread"
name = "example"
years = 1
role = "Contributor"
scopes = [azurerm_resource_group.example.id]
}| Name | Type | Description |
|---|---|---|
name |
string |
Required. The name of the service principal. |
password |
string |
A password for the service principal. If missing, Terraform will generate a password. |
end_date |
string |
The date after which the password expire. This should be UTC RFC3339 time string (YYYY-MM-DDTHH:MM:SSZ). |
years |
number |
The number of years after which the password expire. Either this or end_date should be specified, but not both. |
role |
string |
The name of a built-in or custom role for the service principal. |
scopes |
list |
A list of scopes the role assignment applies to. |