From 8d0d13bd66a673755645e9068b898912bedb8190 Mon Sep 17 00:00:00 2001
From: Tom Oram <tom.oram@armakuni.com>
Date: Thu, 19 Oct 2023 16:16:03 +0100
Subject: [PATCH] feat: Add role_definition_name variable

---
 main.tf      | 2 +-
 variables.tf | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index 66f02e6..ed27dc2 100644
--- a/main.tf
+++ b/main.tf
@@ -67,6 +67,6 @@ data "azurerm_client_config" "current" {}
 
 resource "azurerm_role_assignment" "dev_vm" {
   principal_id         = azurerm_linux_virtual_machine.dev_vm.identity[0].principal_id
-  role_definition_name = "Contributor"
+  role_definition_name = var.role_definition_name
   scope                = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 }
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 261b274..1663ef1 100644
--- a/variables.tf
+++ b/variables.tf
@@ -31,6 +31,12 @@ variable "add_user_to_groups" {
   default     = []
 }
 
+variable "role_definition_name" {
+  type        = string
+  description = "The name of the role definition to attach to the VM"
+  default     = "Reader"
+}
+
 variable "ssh_public_key" {
   type        = string
   description = "The public SSH key used to connect to the VM"