Implemented the terraform module to allow principals (mostly managed identities and user assigned identities) to read, write or manage the most commonly used resources.
The supported roles for each role assignment are:
reader
writer
owner
As of the time of writing the following resources are supported as scopes of the role assignments:
Cosmos DB:
Account
Database
Collections
Event Hubs:
Namespace
Event Hub
Key Vault (both RBAC or Access Policies)
Secrets
Keys
Certificates
Redis
Storage Accounts
Queue (all in a storage account or single ones)
Table (all in a storage account or single ones)
Blob Container (all in a storage account or single ones)
More services that will be implemented in the next future are:
Service Bus
Function App
App Service
Notification Hub
Motivation and context
The aim of this module is to simplify the segmented management of RBAC assignments in Azure.
Other information
To request more supported services, please contact the DevEx team
Krusty93
commented
2 months ago
List of changes
Implemented the terraform module to allow principals (mostly managed identities and user assigned identities) to read, write or manage the most commonly used resources.
The supported roles for each role assignment are:
As of the time of writing the following resources are supported as scopes of the role assignments:
More services that will be implemented in the next future are:
Motivation and context
The aim of this module is to simplify the segmented management of RBAC assignments in Azure.
Other information
To request more supported services, please contact the DevEx team