From f9874514ae91a2e2b245298c13323b6e133f45dc Mon Sep 17 00:00:00 2001 From: Stanley Zhang Date: Thu, 1 Jul 2021 09:47:47 +1200 Subject: [PATCH] add basic support for delegation --- main.tf | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/main.tf b/main.tf index 434def5..a4bbc16 100644 --- a/main.tf +++ b/main.tf @@ -1,9 +1,9 @@ #Azure Generic vNet Module -data azurerm_resource_group "vnet" { +data "azurerm_resource_group" "vnet" { name = var.resource_group_name } -resource azurerm_virtual_network "vnet" { +resource "azurerm_virtual_network" "vnet" { name = var.vnet_name resource_group_name = data.azurerm_resource_group.vnet.name location = var.vnet_location != null ? var.vnet_location : data.azurerm_resource_group.vnet.location @@ -21,6 +21,15 @@ resource "azurerm_subnet" "subnet" { service_endpoints = lookup(var.subnet_service_endpoints, var.subnet_names[count.index], null) enforce_private_link_endpoint_network_policies = lookup(var.subnet_enforce_private_link_endpoint_network_policies, var.subnet_names[count.index], false) enforce_private_link_service_network_policies = lookup(var.subnet_enforce_private_link_service_network_policies, var.subnet_names[count.index], false) + + dynamic "delegation" { + for_each = lookup(var.subnet_delegation, var_subnet_names[count.index], {}) + name = lookup(delegation.value, "name") + service_delegation { + name = lookup(delegation.value, "service_name") + actions = lookup(delegation.value, "service_actions", []) + } + } } locals { @@ -40,4 +49,4 @@ resource "azurerm_subnet_route_table_association" "vnet" { for_each = var.route_tables_ids route_table_id = each.value subnet_id = local.azurerm_subnets[each.key] -} \ No newline at end of file +}