feat: Add role_definition_name variable

armakuni · Oct 19, 2023 · 8d0d13b · 8d0d13b
1 parent 9c51069
commit 8d0d13b
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/main.tf b/main.tf
@@ -67,6 +67,6 @@ data "azurerm_client_config" "current" {}
 
 resource "azurerm_role_assignment" "dev_vm" {
   principal_id         = azurerm_linux_virtual_machine.dev_vm.identity[0].principal_id
-  role_definition_name = "Contributor"
+  role_definition_name = var.role_definition_name
   scope                = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 }
diff --git a/variables.tf b/variables.tf
@@ -31,6 +31,12 @@ variable "add_user_to_groups" {
   default     = []
 }
 
+variable "role_definition_name" {
+  type        = string
+  description = "The name of the role definition to attach to the VM"
+  default     = "Reader"
+}
+
 variable "ssh_public_key" {
   type        = string
   description = "The public SSH key used to connect to the VM"