azurerm_marketplace_role_assignment

Assigns a given Principal (User or Group) to a given Role in a Private Azure Marketplace.

Example Usage (using a role definition name)

data "azurerm_client_config" "example" {
}

resource "azurerm_marketplace_role_assignment" "example" {
  role_definition_name = "Marketplace Admin"
  principal_id         = data.azurerm_client_config.example.object_id

  lifecycle {
    ignore_changes = [
      name,
      role_definition_id,
    ]
  }
}

Example Usage (using a role definition ID)

data "azurerm_client_config" "example" {
}

data "azurerm_role_definition" "example" {
  name = "Log Analytics Reader"
}

resource "azurerm_marketplace_role_assignment" "example" {
  role_definition_id = "${data.azurerm_role_definition.example.id}"
  principal_id       = data.azurerm_client_config.example.object_id

  lifecycle {
    ignore_changes = [
      role_definition_name,
    ]
  }
}

Argument Reference

The following arguments are supported:

Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

Import

Role Assignments can be imported using the resource id, e.g.

terraform import azurerm_marketplace_role_assignment.example /providers/Microsoft.Marketplace/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000
/providers/Microsoft.Marketplace/providers/Microsoft.Authorization/roleAssignments/00000000-0000-0000-0000-000000000000|00000000-0000-0000-0000-000000000000