[MODULE] azure managed identities

[gustavoborragan]

Description

We need to create a Terraform module for generating MIs (Managed identities). The module will allow creating MIs, allowing you to give 1-n permissions to a scope and adding 0-20 federated credentials, paying special attention to the different possible audiences.

Resource Configurations

The module should allow for configuring the following resources:

• azurerm_federated_identity_credential
• azurerm_role_assignment
• azurerm_user_assigned_identity

Input Variables

name: xxx
resource_group_name: xxx
location: xxx
tags:
  foo: bar
# tags_from_rg: true # Will inherit the tags from the resource group exclusively
rbac: # 1-n
  - name: foo
    scope: scope-foo
    roles:
      - xxx
  - name: bar
    scope: scope-bar
    roles: # 1-n
      - xxx
      - yyy
      - zzz
federated_credentials: # {} | 0-20
   - name: foo-K8s
     type: K8s # subject like: system:serviceaccount:<namespace>:<serviceaccount>
     issuer: xxx
     namespace: xxx
     service_account_name: xxx
   - name: bar-github
     type: github # subject like: repo:{Organization}/{Repository}:{Entity}
     issuer: xxx
     organization: xxx
     repository: xxx
     entity: xxx

Output Variables

• MI id