fix: Switch variable name

dploeger · dploeger · commit 3af5094ea3d8 · 2023-08-01T16:14:18.000+02:00
diff --git a/README.md b/README.md
@@ -135,21 +135,6 @@ Type: `string`
 
 The following input variables are optional (have default values):
 
-### add\_identity\_to\_group
-
-Description: The name of a group which is assigned to appropriate roles in the subscription to manage resources that are required by the AKS.  
-Setting this to a non empty string will add the AKS managed identity to this group.
-
-You need the following API permissions (with admin consent) on a service prinicpal to make this work:
-
-* Directory.Read.All
-* Group.Read.All
-* Group.ReadWrite.All
-
-Type: `string`
-
-Default: `""`
-
 ### availability\_zones
 
 Description: availability zones to spread the cluster nodes across, if omitted, only one avilability zone is used
@@ -190,6 +175,21 @@ Type: `string`
 
 Default: `"basic"`
 
+### managed\_identity\_security\_group
+
+Description: The name of a group which is assigned to appropriate roles in the subscription to manage resources that are required by the AKS.  
+Setting this to a non empty string will add the AKS managed identity to this group.
+
+You need the following API permissions (with admin consent) on a service prinicpal to make this work:
+
+* Directory.Read.All
+* Group.Read.All
+* Group.ReadWrite.All
+
+Type: `string`
+
+Default: `""`
+
 ### max\_pods
 
 Description: Amount of pods allowed on each node (be aware that kubernetes system pods are also counted
diff --git a/managed_identity.tf b/managed_identity.tf
@@ -1,12 +1,12 @@
 # Assign the k8s managed identity to a security group
 
 data "azuread_group" "ownersgroup" {
-  count        = var.add_identity_to_group == "" ? 0 : 1
-  display_name = var.add_identity_to_group
+  count        = var.managed_identity_security_group == "" ? 0 : 1
+  display_name = var.managed_identity_security_group
 }
 
 resource "azuread_group_member" "k8smember" {
-  count            = var.add_identity_to_group == "" ? 0 : 1
+  count            = var.managed_identity_security_group == "" ? 0 : 1
   group_object_id  = data.azuread_group.ownersgroup[0].object_id
   member_object_id = azurerm_kubernetes_cluster.k8s.identity[0].principal_id
 }
diff --git a/vars.tf b/vars.tf
@@ -167,7 +167,7 @@ variable "api_server_ip_ranges" {
   description = "The IP ranges to allow for incoming traffic to the server nodes. To disable the limitation, set an empty list as value."
 }
 
-variable "add_identity_to_group" {
+variable "managed_identity_security_group" {
   type        = string
   default     = ""
   description = <<-EOF

Original file line number	Diff line number	Diff line change
`@@ -1,12 +1,12 @@`
`1`	`1`	`# Assign the k8s managed identity to a security group`
`2`	`2`
`3`	`3`	`data "azuread_group" "ownersgroup" {`
`4`		`- count = var.add_identity_to_group == "" ? 0 : 1`
`5`		`- display_name = var.add_identity_to_group`
	`4`	`+ count = var.managed_identity_security_group == "" ? 0 : 1`
	`5`	`+ display_name = var.managed_identity_security_group`
`6`	`6`	`}`
`7`	`7`
`8`	`8`	`resource "azuread_group_member" "k8smember" {`
`9`		`- count = var.add_identity_to_group == "" ? 0 : 1`
	`9`	`+ count = var.managed_identity_security_group == "" ? 0 : 1`
`10`	`10`	`group_object_id = data.azuread_group.ownersgroup[0].object_id`
`11`	`11`	`member_object_id = azurerm_kubernetes_cluster.k8s.identity[0].principal_id`
`12`	`12`	`}`
Original file line number	Diff line number	Diff line change
`@@ -167,7 +167,7 @@ variable "api_server_ip_ranges" {`
`167`	`167`	`description = "The IP ranges to allow for incoming traffic to the server nodes. To disable the limitation, set an empty list as value."`
`168`	`168`	`}`
`169`	`169`
`170`		`-variable "add_identity_to_group" {`
	`170`	`+variable "managed_identity_security_group" {`
`171`	`171`	`type = string`
`172`	`172`	`default = ""`
`173`	`173`	`description = <<-EOF`