azuredevops_variable_group

Manages variable groups within Azure DevOps.

Example Usage

resource "azuredevops_project" "example" {
  name               = "Example Project"
  work_item_template = "Agile"
  version_control    = "Git"
  visibility         = "private"
  description        = "Managed by Terraform"
}

resource "azuredevops_variable_group" "example" {
  project_id   = azuredevops_project.example.id
  name         = "Example Variable Group"
  description  = "Example Variable Group Description"
  allow_access = true

  variable {
    name  = "key1"
    value = "val1"
  }

  variable {
    name         = "key2"
    secret_value = "val2"
    is_secret    = true
  }
}

Example Usage With AzureRM Key Vault

resource "azuredevops_project" "example" {
  name               = "Example Project"
  work_item_template = "Agile"
  version_control    = "Git"
  visibility         = "private"
  description        = "Managed by Terraform"
}

resource "azuredevops_serviceendpoint_azurerm" "example" {
  project_id            = azuredevops_project.example.id
  service_endpoint_name = "Example AzureRM"
  description           = "Managed by Terraform"
  credentials {
    serviceprincipalid  = "00000000-0000-0000-0000-000000000000"
    serviceprincipalkey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  }
  azurerm_spn_tenantid      = "00000000-0000-0000-0000-000000000000"
  azurerm_subscription_id   = "00000000-0000-0000-0000-000000000000"
  azurerm_subscription_name = "Example Subscription Name"
}

resource "azuredevops_variable_group" "example" {
  project_id   = azuredevops_project.example.id
  name         = "Example Variable Group"
  description  = "Example Variable Group Description"
  allow_access = true

  key_vault {
    name                = "example-kv"
    service_endpoint_id = azuredevops_serviceendpoint_azurerm.example.id
  }

  variable {
    name = "key1"
  }

  variable {
    name = "key2"
  }
}

Argument Reference

The following arguments are supported:

A variable block supports the following:

A key_vault block supports the following:

Attributes Reference

In addition to all arguments above, the following attributes are exported:

Import

Variable groups containing secret values cannot be imported.

Azure DevOps Variable groups can be imported using the project name/variable group ID or by the project Guid/variable group ID, e.g.

terraform import azuredevops_variable_group.example "Example Project/10"

or

terraform import azuredevops_variable_group.example 00000000-0000-0000-0000-000000000000/0

_Note that for secret variables, the import command retrieve blank value in the tfstate._

PAT Permissions Required