8000 GitHub - NolanT/terraform-azure-ad-application: Terraform module that creates an Azure AD application to provide Lacework read-only access to Azure Subscriptions and Tenants
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
/ terraform-azure-ad-application Public
forked from lacework/terraform-azure-ad-application

Terraform module that creates an Azure AD application to provide Lacework read-only access to Azure Subscriptions and Tenants

0 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

NolanT/terraform-azure-ad-application

BranchesTags
 
 

Repository files navigation

terraform-azure-ad-application

GitHub release Codefresh build status

Terraform module that creates an Azure Active Directory Application to provide Lacework read-only access to Azure Subscriptions and Tenants. Lacework logins to Azure using a service principal (an App Registration) with Directory.Read.All on MS Graph API which can also be achieved using a Directory Reader role on Azure AD

Requirements

Name Version
terraform >= 0.14
azuread ~> 2.25

Providers

Name Version
azuread ~> 2.25

Resources

Name Type
azuread_application.lacework resource
azuread_application_password.client_secret resource
azuread_directory_role.dir_reader resource
azuread_directory_role_assignment.lacework_dir_reader resource
azuread_service_principal.lacework resource
azuread_client_config.current data source

Inputs

Name Description Type Default Required
all_subscriptions [DEPRECATED] Use this input on upstream modules. (https://registry.terraform.io/modules/lacework/config/azure/latest?tab=inputs and https://registry.terraform.io/modules/lacework/activity-log/azure/latest?tab=inputs) bool false no
application_identifier_uris [DEPRECATED] A list of user-defined URI(s) for the Lacework AD Application list(string) [] no
application_name The name of the Azure Active Directory Application string "lacework_security_audit" no
application_owners The owners of the Azure Active Directory Application. If empty, current user will be owner list(string) [] no
enable_directory_reader Enable Directory Reader role for this principal. This will allow Lacework to read Users/Groups/Principals from MS Graph API bool true no
create Set to false to prevent the module from creating any resources bool true no
key_vault_ids [DEPRECATED] A list of Key Vault Ids used in your subscription for the Lacework AD App to have access to list(string) [] no
management_group_id [DEPRECATED] Use this input on upstream module: https://registry.terraform.io/modules/lacework/config/azure/latest?tab=inputs string "" no
password_length [DEPRECATED] The length of the Lacework AD Application password number 30 no
subscription_ids [DEPRECATED] Use this input on upstream modules. (https://registry.terraform.io/modules/lacework/config/azure/latest?tab=inputs and https://registry.terraform.io/modules/lacework/activity-log/azure/latest?tab=inputs) list(string) [] no
tenant_id [DEPRECATED] A Tenant ID different from the default defined inside the provider string "" no
use_management_group [DEPRECATED] Use this input on upstream module: https://registry.terraform.io/modules/lacework/config/azure/latest?tab=inputs bool false no

Outputs

Name Description
application_id The Lacework AD Application id
application_password The Lacework AD Application password
created Was the Active Directory Application created
service_principal_id The Lacework Service Principal id
tenant_id [DEPRECATED] A Tenant ID used to configure the AD Application

About

Terraform module that creates an Azure AD application to provide Lacework read-only access to Azure Subscriptions and Tenants

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

12 tags

Packages

No packages published

Languages

  • Shell 63.1%
  • HCL 33.9%
  • Makefile 3.0%
0