Comments (1)
if someone is doing it via terraform here is some thing they can use
data "azurerm_client_config" "current" {}
data "azurerm_subscription" "subscription" {}
data "azurerm_blueprint_definition" "blueprint" {
name = var.bp_name
scope_id = var.bp_scope_id
}
data "azurerm_blueprint_published_version" "blueprint_version" {
scope_id = var.bp_scope_id
blueprint_name = var.bp_name
version = var.bp_version
}
resource "azurerm_resource_group" "blueprint_resourcegroup" {
name = local.resource_group
location = var.regions.primary
tags = var.tags
}
resource "azurerm_user_assigned_identity" "blueprint_identity" {
resource_group_name = azurerm_resource_group.blueprint_resourcegroup.name
location = azurerm_resource_group.blueprint_resourcegroup.location
name = "identity-bp-deployment"
}
resource "azurerm_role_assignment" "operator" {
scope = data.azurerm_subscription.subscription.id
role_definition_name = "Blueprint Operator"
principal_id = azurerm_user_assigned_identity.blueprint_identity.principal_id
}
resource "azurerm_role_assignment" "owner" {
scope = data.azurerm_subscription.subscription.id
role_definition_name = "Owner"
principal_id = azurerm_user_assigned_identity.blueprint_identity.principal_id
}
resource "azurerm_blueprint_assignment" "this" {
name = "assignment-${var.bp_name}"
target_subscription_id = data.azurerm_subscription.subscription.id
version_id = data.azurerm_blueprint_published_version.blueprint_version.id
location = azurerm_resource_group.blueprint_resourcegroup.location
lock_mode = "AllResourcesDoNotDelete"
lock_exclude_principals = flatten(concat(
var.blueprint_lock_exclude_principals == null ? [] :var.blueprint_lock_exclude_principals
))
identity {
type = "UserAssigned"
identity_ids = [azurerm_user_assigned_identity.blueprint_identity.id]
}
parameter_values = <<VALUES
{
"subscription_environment": {
"value": "${var.subscription_environment}"
},
"default_subscription_resourcegroup": {
"value": "${var.subscription_variable.default_subscription_resourcegroup}"
},
"default_base_name": {
"value": "${var.subscription_variable.default_base_name}"
}
}
VALUES
depends_on = [
azurerm_role_assignment.operator,
azurerm_role_assignment.owner
]
}
from azure-blueprints.
Related Issues (20)
- Parameter Names are Case Sensitive
- Blueprint as arm template deployment [for your example]
- Need guidance on properly formatted default access policy for keyvault in CAF Foundation HOT 1
- BluePrint configure resourceGroup tags from parameter HOT 3
- ARM-Template Sample for Full Blueprint definition HOT 1
- Assigning a Blueprint to a ManagementGroup HOT 7
- Deleting assignments using REST API HOT 2
- Creating or updating an assignment using REST API HOT 3
- Blueprint Assignment IaC Issue HOT 1
- Unable to use artifacts function to specify roleDefinitionId. HOT 3
- Authentication via managed identity for assign blueprint with rest api
- Need apiVersion on fw to ip reference in ASBF & ASBF_Gov
- Linter for azure blueprints HOT 1
- Set-AzBlueprintAssignment using earlier published version of the definition HOT 5
- Creating a blueprint of target scope 'managementGroup' fails HOT 1
- delegated subnet, created by blueprint, does not allow actions of service; blocked by deny assignment
- Assignment with user-assigned managed identity at management group scope : The request did not have a subscription or a valid tenant level resource provider HOT 2
- Blueprints HOT 3
- Deny assignment using blueprint for particular Management group HOT 1
- This repo is missing important files
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-blueprints.