Changes to provision bundle Server
All Submissions:
- [YES/NO] Have you added an explanation of what your changes do and why you'd like us to include them? YES
- [YES/NO] I have updated the documentation accordingly. NO
- [YES/NO/NA] My code follows the code style of this project. YES
Current Behavior or Linked Issues
Work Item : https://dev.azure.com/OpenEnergyPlatform/Open%20Energy%20Platform/_workitems/edit/240/ The changes are for provisioning the bundle server which OPA will use to evaluate the policies. Changes includes new container creation where policies will be stored, API permission and role assignment to storage account.
Does this introduce a breaking change?
- [YES/NO]
Other information
Plan :
# azurerm_role_assignment.storage_app_access will be created
+ resource "azurerm_role_assignment" "storage_app_access" {
+ id = (known after apply)
+ name = (known after apply)
+ principal_id = "osdu-mvp-crdev-vq1b-app"
+ principal_type = (known after apply)
+ role_definition_id = (known after apply)
+ role_definition_name = "Storage Blob Data Contributor"
+ scope = "/subscriptions/7c052588-ead2-45c9-9346-5b156a157bd1/resourceGroups/osdu-mvp-crdev-vq1b-rg/providers/Microsoft.Storage/storageAccounts/osdumvpcrdevvq1btbl"
+ skip_service_principal_aad_check = (known after apply)
}
# module.ad_application.azuread_application.main[0] will be updated in-place
~ resource "azuread_application" "main" {
id = "177a585c-e08a-4cec-a6ee-f1831024e8c8"
name = "osdu-mvp-crdev-vq1b-app"
# (14 unchanged attributes hidden)
+ required_resource_access {
+ resource_app_id = "e406a681-f3d4-42a8-90b6-c2b029497af1"
+ resource_access {
+ id = "03e0da56-190b-40ad-a80c-ea378c433f7f"
+ type = "Scope"
}
}
# (1 unchanged block hidden)
}
# module.storage_account.azurerm_storage_container.main[0] will be created
+ resource "azurerm_storage_container" "main" {
+ container_access_type = "private"
+ has_immutability_policy = (known after apply)
+ has_legal_hold = (known after apply)
+ id = (known after apply)
+ metadata = (known after apply)
+ name = "policy-bundles"
+ resource_manager_id = (known after apply)
+ storage_account_name = "osdumvpcrdevvq1btbl"
}
Plan: 2 to add, 3 to change, 0 to destroy.
Changes to Outputs:
+ storage_containers = {
+ policy-bundles = {
+ id = (known after apply)
+ name = "policy-bundles"
}
}
Edited by Aayushi Jain