From b135af3c37c9f126cb385bf6412860c2cfbb1b20 Mon Sep 17 00:00:00 2001 From: Johannes Rudolph Date: Mon, 25 Nov 2024 20:43:54 +0100 Subject: [PATCH] feat: upgrade minimum terraform provider versions one key change in azurerm is that service principals now need to be referenced by object_id for assignment instead of by id because the provider changed the internal format --- CHANGELOG.md | 2 ++ README.md | 6 +++--- main.tf | 4 ++-- modules/meshcloud-mca-service-principal/module.tf | 4 ++-- modules/meshcloud-metering-service-principal/README.md | 6 +++--- modules/meshcloud-metering-service-principal/module.tf | 6 +++--- .../meshcloud-metering-service-principal/outputs.tf | 2 +- .../meshcloud-replicator-service-principal/README.md | 6 +++--- .../meshcloud-replicator-service-principal/module.tf | 10 +++++----- .../meshcloud-replicator-service-principal/outputs.tf | 2 +- modules/meshcloud-sso/README.md | 2 +- modules/meshcloud-sso/module.tf | 2 +- 12 files changed, 27 insertions(+), 25 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f1b6ec4..6ed01db 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +- Upgraded minimum terraform provider versions + ## [v0.10.0] ### Added diff --git a/README.md b/README.md index 5a13751..6ca28bd 100644 --- a/README.md +++ b/README.md @@ -172,15 +172,15 @@ Before opening a Pull Request, please do the following: |------|---------| | [terraform](#requirement\_terraform) | > 1.1 | | [azapi](#requirement\_azapi) | >=1.13.1 | -| [azuread](#requirement\_azuread) | >=2.46.0 | -| [azurerm](#requirement\_azurerm) | >=3.81.0 | +| [azuread](#requirement\_azuread) | >=3.0.2 | +| [azurerm](#requirement\_azurerm) | >=4.11.0 | ## Providers | Name | Version | |------|---------| | [azuread](#provider\_azuread) | 3.0.2 | -| [azurerm](#provider\_azurerm) | 4.5.0 | +| [azurerm](#provider\_azurerm) | 4.11.0 | ## Modules diff --git a/main.tf b/main.tf index b976251..1db215a 100644 --- a/main.tf +++ b/main.tf @@ -3,11 +3,11 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = ">=3.81.0" + version = ">=4.11.0" } azuread = { source = "hashicorp/azuread" - version = ">=2.46.0" + version = ">=3.0.2" } azapi = { source = "Azure/azapi" diff --git a/modules/meshcloud-mca-service-principal/module.tf b/modules/meshcloud-mca-service-principal/module.tf index 7f6d1af..7bca36e 100644 --- a/modules/meshcloud-mca-service-principal/module.tf +++ b/modules/meshcloud-mca-service-principal/module.tf @@ -7,11 +7,11 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = ">=3.81.0" + version = ">=4.11.0" } azuread = { source = "hashicorp/azuread" - version = ">=2.46.0" + version = ">=3.0.2" } azapi = { source = "Azure/azapi" diff --git a/modules/meshcloud-metering-service-principal/README.md b/modules/meshcloud-metering-service-principal/README.md index 0861ecc..b25ba60 100644 --- a/modules/meshcloud-metering-service-principal/README.md +++ b/modules/meshcloud-metering-service-principal/README.md @@ -4,15 +4,15 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | > 1.0 | -| [azuread](#requirement\_azuread) | >=2.46.0 | -| [azurerm](#requirement\_azurerm) | >=3.81.0 | +| [azuread](#requirement\_azuread) | >=3.0.2 | +| [azurerm](#requirement\_azurerm) | >=4.11.0 | ## Providers | Name | Version | |------|---------| | [azuread](#provider\_azuread) | 3.0.2 | -| [azurerm](#provider\_azurerm) | 4.5.0 | +| [azurerm](#provider\_azurerm) | 4.11.0 | | [time](#provider\_time) | 0.12.1 | ## Modules diff --git a/modules/meshcloud-metering-service-principal/module.tf b/modules/meshcloud-metering-service-principal/module.tf index 893d13e..5140f97 100644 --- a/modules/meshcloud-metering-service-principal/module.tf +++ b/modules/meshcloud-metering-service-principal/module.tf @@ -6,11 +6,11 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = ">=3.81.0" + version = ">=4.11.0" } azuread = { source = "hashicorp/azuread" - version = ">=2.46.0" + version = ">=3.0.2" } } } @@ -22,7 +22,7 @@ resource "azurerm_role_assignment" "meshcloud_metering" { for_each = toset(var.assignment_scopes) scope = each.key role_definition_name = "Cost Management Reader" - principal_id = azuread_service_principal.meshcloud_metering.id + principal_id = azuread_service_principal.meshcloud_metering.object_id depends_on = [azuread_service_principal.meshcloud_metering] } diff --git a/modules/meshcloud-metering-service-principal/outputs.tf b/modules/meshcloud-metering-service-principal/outputs.tf index 1d37e6f..2827382 100644 --- a/modules/meshcloud-metering-service-principal/outputs.tf +++ b/modules/meshcloud-metering-service-principal/outputs.tf @@ -1,7 +1,7 @@ output "credentials" { description = "Service Principal application id and object id" value = { - Enterprise_Application_Object_ID = azuread_service_principal.meshcloud_metering.id + Enterprise_Application_Object_ID = azuread_service_principal.meshcloud_metering.object_id Application_Client_ID = azuread_application.meshcloud_metering.client_id Client_Secret = var.create_password ? "Execute `terraform output metering_service_principal_password` to see the password" : "No password was created" } diff --git a/modules/meshcloud-replicator-service-principal/README.md b/modules/meshcloud-replicator-service-principal/README.md index 50b8b54..6b176cf 100644 --- a/modules/meshcloud-replicator-service-principal/README.md +++ b/modules/meshcloud-replicator-service-principal/README.md @@ -4,15 +4,15 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | > 1.0 | -| [azuread](#requirement\_azuread) | >=2.46.0 | -| [azurerm](#requirement\_azurerm) | >=3.81.0 | +| [azuread](#requirement\_azuread) | >=3.0.2 | +| [azurerm](#requirement\_azurerm) | >=4.11.0 | ## Providers | Name | Version | |------|---------| | [azuread](#provider\_azuread) | 3.0.2 | -| [azurerm](#provider\_azurerm) | 4.5.0 | +| [azurerm](#provider\_azurerm) | 4.11.0 | | [terraform](#provider\_terraform) | n/a | | [time](#provider\_time) | 0.12.1 | diff --git a/modules/meshcloud-replicator-service-principal/module.tf b/modules/meshcloud-replicator-service-principal/module.tf index 76225b4..01101a4 100644 --- a/modules/meshcloud-replicator-service-principal/module.tf +++ b/modules/meshcloud-replicator-service-principal/module.tf @@ -6,11 +6,11 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = ">=3.81.0" + version = ">=4.11.0" } azuread = { source = "hashicorp/azuread" - version = ">=2.46.0" + version = ">=3.0.2" } } } @@ -187,20 +187,20 @@ resource "azurerm_role_assignment" "meshcloud_replicator" { for_each = toset(var.assignment_scopes) scope = each.key role_definition_id = azurerm_role_definition.meshcloud_replicator.role_definition_resource_id - principal_id = azuread_service_principal.meshcloud_replicator.id + principal_id = azuread_service_principal.meshcloud_replicator.object_id } resource "azurerm_role_assignment" "meshcloud_replicator_subscription_canceler" { for_each = toset(var.can_cancel_subscriptions_in_scopes) scope = each.key role_definition_id = azurerm_role_definition.meshcloud_replicator_subscription_canceler.role_definition_resource_id - principal_id = azuread_service_principal.meshcloud_replicator.id + principal_id = azuread_service_principal.meshcloud_replicator.object_id } resource "azurerm_role_assignment" "meshcloud_replicator_rg_deleter" { for_each = toset(var.can_delete_rgs_in_scopes) scope = each.key - principal_id = azuread_service_principal.meshcloud_replicator.id + principal_id = azuread_service_principal.meshcloud_replicator.object_id # The azurerm provider requires this must be a scoped id, so unfortuantely we need to construct the id of the role # definition at the assignment scope in order to make this stable for subsequent terraform apply's. diff --git a/modules/meshcloud-replicator-service-principal/outputs.tf b/modules/meshcloud-replicator-service-principal/outputs.tf index cfa3f59..64d6bcb 100644 --- a/modules/meshcloud-replicator-service-principal/outputs.tf +++ b/modules/meshcloud-replicator-service-principal/outputs.tf @@ -1,7 +1,7 @@ output "credentials" { description = "Service Principal application id and object id" value = { - Enterprise_Application_Object_ID = azuread_service_principal.meshcloud_replicator.id + Enterprise_Application_Object_ID = azuread_service_principal.meshcloud_replicator.object_id Application_Client_ID = azuread_application.meshcloud_replicator.client_id Client_Secret = var.create_password ? "Execute `terraform output replicator_service_principal_password` to see the password" : "No password was created" } diff --git a/modules/meshcloud-sso/README.md b/modules/meshcloud-sso/README.md index 5a8bd50..7a94c92 100644 --- a/modules/meshcloud-sso/README.md +++ b/modules/meshcloud-sso/README.md @@ -4,7 +4,7 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | > 1.0 | -| [azuread](#requirement\_azuread) | >=2.46.0 | +| [azuread](#requirement\_azuread) | >=3.0.2 | ## Providers diff --git a/modules/meshcloud-sso/module.tf b/modules/meshcloud-sso/module.tf index 85b9c9e..620bdf2 100644 --- a/modules/meshcloud-sso/module.tf +++ b/modules/meshcloud-sso/module.tf @@ -3,7 +3,7 @@ terraform { required_providers { azuread = { source = "hashicorp/azuread" - version = ">=2.46.0" + version = ">=3.0.2" } } }