chore: add back object_id in azurerm role assignment

lokesh-vadlamudi · lokesh-vadlamudi · commit fcf8a360e857 · 2025-07-29T16:10:46.000-07:00
diff --git a/main.tf b/main.tf
@@ -413,7 +413,7 @@ resource "azurerm_role_assignment" "storage_sidekick" {
 resource "azurerm_role_assignment" "storage_data_loader" {
   count = var.global ? 1 : 0
 
-  principal_id         = azuread_service_principal.data_loader[0].id
+  principal_id         = azuread_service_principal.data_loader[0].object_id
   role_definition_name = "Storage Blob Data Reader"
   scope                = local.storage_account_id
 }
@@ -642,9 +642,4 @@ resource "terraform_data" "job_execution_now" {
 data "lacework_metric_module" "lwmetrics" {
   name    = local.module_name
   version = local.module_version
-}
-
-output "lacework_integration_guid" {
-  value       = lacework_integration_azure_agentless_scanning.lacework_cloud_account[0].intg_guid
-  description = "GUID of the created Lacework integration"
 }
diff --git a/output.tf b/output.tf
@@ -107,4 +107,9 @@ output "excluded_subscriptions" {
 output "scanning_subscription_id" {
   value       = data.azurerm_subscription.current.subscription_id
   description = "The subscription ID where scanning resources are deployed"
+}
+
+output "lacework_integration_guid" {
+  value = length(lacework_integration_azure_agentless_scanning.lacework_cloud_account) > 0 ? lacework_integration_azure_agentless_scanning.lacework_cloud_account[0].intg_guid : null
+  description = "GUID of the created Lacework integration"
 }
