search

hashicorp / terraform-provider-azurerm

Terraform provider for Azure Resource Manager
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs
Mozilla Public License 2.0
4.54k stars 4.61k forks source link

Support for SystemAssigned Identities in azurerm_media_services_account resource #16813

Open Don-Olu opened 2 years ago

Don-Olu commented 2 years ago

Is there an existing issue for this?

Community Note

Description

Allow the use of userAssigned type in azurerm_media_services_account to improve security for users that want to use Azure media service for private streaming.

The feature exist using the portal.

This would also allow the use of specific use of storage authentication on the resources. storage_authentication_type = "ManagedIdentity"``

Also, it would allow allignment with the identity blocks such as VM and App gateway.

New or Affected Resource(s)/Data Source(s)

azurerm_media_services_account

Potential Terraform Configuration

resource "azurerm_media_services_account" "media_services" {
  name                          = "var.name"
  location                      = azurerm_resource_group.rg.location
  resource_group_name           = azurerm_resource_group.rg.name

  identity {
    type         = "UserAssigned"
    principal_id = azurerm_user_assigned_identity.example.principal_id
    identity_ids = azurerm_user_assigned_identity.example.id 
    tenant_id    = principal_id = azurerm_user_assigned_identity.example.tenant_id
}

References

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#identity

tombuildsstuff commented 2 years ago

Support for this is available in API Version 2021-11-01

Don-Olu commented 2 years ago

@tombuildsstuff identity { type = "system Assigned" } do exist however, there is none for user assigned .

Also, when using storage_authentication_type = "ManagedIdentity" there is no way to specify which managed identity to use