azurerm_key_vault_managed_hardware_security_module_role_assignment

Manages a Managed Hardware Security Module Role Assignment.

Example Usage

data "azurerm_key_vault_managed_hardware_security_module_role_definition" "user" {
  vault_base_url = azurerm_key_vault_managed_hardware_security_module.test.hsm_uri
  name           = "21dbd100-6940-42c2-9190-5d6cb909625b"
  scope          = "/"
}

resource "azurerm_key_vault_managed_hardware_security_module_role_assignment" "example" {
  name               = "a9dbe818-56e7-5878-c0ce-a1477692c1d6"
  managed_hsm_id     = azurerm_key_vault_managed_hardware_security_module.example.id
  scope              = "${data.azurerm_key_vault_managed_hardware_security_module_role_definition.user.scope}"
  role_definition_id = "${data.azurerm_key_vault_managed_hardware_security_module_role_definition.user.resource_id}"
  principal_id       = "${data.azurerm_client_config.current.object_id}"
}

Arguments Reference

The following arguments are supported:

Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

Import

Managed Hardware Security Modules can be imported using the resource id, e.g.

terraform import azurerm_key_vault_managed_hardware_security_module_role_assignment.example https://0000.managedhsm.azure.net///RoleAssignment/00000000-0000-0000-0000-000000000000