azapi_resource

This resource can manage any Azure resource manager resource.

Example Usage

terraform {
  required_providers {
    azapi = {
      source = "Azure/azapi"
    }
  }
}

provider "azapi" {
}

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "example-rg"
  location = "west europe"
}

resource "azurerm_user_assigned_identity" "example" {
  name                = "example"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
}

// manage a container registry resource
resource "azapi_resource" "example" {
  type      = "Microsoft.ContainerRegistry/registries@2020-11-01-preview"
  name      = "registry1"
  parent_id = azurerm_resource_group.example.id

  location = azurerm_resource_group.example.location
  identity {
    type         = "SystemAssigned, UserAssigned"
    identity_ids = [azurerm_user_assigned_identity.example.id]
  }

  body = {
    sku = {
      name = "Standard"
    }
    properties = {
      adminUserEnabled = true
    }
  }

  tags = {
    "Key" = "Value"
  }

  response_export_values = ["properties.loginServer", "properties.policies.quarantinePolicy.status"]
}

// it will output "registry1.azurecr.io"
output "login_server" {
  value = azapi_resource.example.output.properties.loginServer
}

// it will output "disabled"
output "quarantine_policy" {
  value = azapi_resource.example.output.properties.policies.quarantinePolicy.status
}

Arguments Reference

The following arguments are supported:

For child level resources, the parent_id should be the ID of its parent resource, for example, subnet resource's parent_id is the ID of the vnet.

For type Microsoft.Resources/resourceGroups, the parent_id could be omitted, it defaults to subscription ID specified in provider or the default subscription(You could check the default subscription by azure cli command: az account show).


{
  properties = {
    loginServer = "registry1.azurecr.io"
    policies = {
      quarantinePolicy = {
        status = "disabled"
      }
    }
  }
}

A identity block supports the following:

Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

// it will output "registry1.azurecr.io"
output "login_server" {
  value = azapi_resource.example.output.properties.loginServer
}

// it will output "disabled"
output "quarantine_policy" {
  value = azapi_resource.example.output.properties.policies.quarantinePolicy.status
}

A identity block exports the following:

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

Import

Azure resource can be imported using the resource id, e.g.

terraform import azapi_resource.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resGroup1/providers/Microsoft.MachineLearningServices/workspaces/workspace1/computes/cluster1

It also supports specifying API version by using the resource id with api-version as a query parameter, e.g.

terraform import azapi_resource.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resGroup1/providers/Microsoft.MachineLearningServices/workspaces/workspace1/computes/cluster1?api-version=2021-07-01