Add owners to app, sp and groups

XenitAB · Mar 1, 2023 · d1fb84f · d1fb84f
1 parent f7fdecb
commit d1fb84f
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 0 deletions.
diff --git a/terraform-module/azcagit.tf b/terraform-module/azcagit.tf
@@ -5,10 +5,12 @@ locals {
 
 resource "azuread_application" "azcagit" {
   display_name = "sp-${local.eln}-azcagit"
+  owners       = var.aad_resource_owner_object_ids
 }
 
 resource "azuread_service_principal" "azcagit" {
   application_id = azuread_application.azcagit.application_id
+  owners         = var.aad_resource_owner_object_ids
 }
 
 resource "azuread_application_password" "azcagit" {

diff --git a/terraform-module/platform.tf b/terraform-module/platform.tf
@@ -57,6 +57,7 @@ resource "azurerm_servicebus_namespace" "azcagit_trigger" {
 resource "azuread_group" "azcagit_trigger" {
   display_name     = "aad-${local.eln}"
   security_enabled = true
+  owners           = var.aad_resource_owner_object_ids
 }
 
 resource "azuread_group_member" "azcagit_trigger" {

diff --git a/terraform-module/variables.tf b/terraform-module/variables.tf
@@ -57,3 +57,9 @@ variable "network" {
     subnet_address_prefix         = "10.0.0.0/20"
   }
 }
+
+variable "aad_resource_owner_object_ids" {
+  description = "Add the list of object_ids as owners to the Azure AD applications, service principals and groups"
+  type        = list(string)
+  default     = []
+}