@@ -62,27 +62,31 @@ resource "azurerm_role_definition" "velero_backup_role" {
6262 not_data_actions =
6363 not_actions =
6464 }
65+ depends_on = azurerm_resource_group . aks ]
6566}
6667
6768# Grand the sn automation service principal as the Contributor to the AKS resource group
6869resource "azurerm_role_assignment" "sn_automation" {
6970 scope = . aks . id
7071 role_definition_name = " Contributor"
7172 principal_id = . sn_automation_principal_id
73+ depends_on = azurerm_resource_group . aks ]
7274}
7375
7476# Grand the sn automation service principal as the Azure Kubernetes Service Cluster Admin Role to the AKS resource group
7577resource "azurerm_role_assignment" "sn_automation_cluster_admin" {
7678 scope = . aks . id
7779 role_definition_name = " Azure Kubernetes Service Cluster Admin Role"
7880 principal_id = . sn_automation_principal_id
81+ depends_on = azurerm_resource_group . aks ]
7982}
8083
8184# Grand the sn support service principal as the Azure Kubernetes Service Cluster User Role to the AKS resource group
8285resource "azurerm_role_assignment" "sn_support" {
8386 scope = . aks . id
8487 role_definition_name = " Azure Kubernetes Service Cluster User Role"
8588 principal_id = . sn_support_principal_id
89+ depends_on = azurerm_resource_group . aks ]
8690}
8791
8892# Grand the sn automation service principal as the Constrain roles by Role Based Access Control Administrator to the AKS resource group
@@ -92,4 +96,5 @@ resource "azurerm_role_assignment" "user_access_administrator" {
9296 principal_id = . sn_automation_principal_id
9397 condition_version = " 2.0"
9498 condition = templatefile (" ${ path . module } /role-assignment-condition.tpl" = azurerm_role_definition.velero_backup_role.role_definition_id })
95- }
99+ depends_on = azurerm_role_definition . velero_backup_role ]
100+ }
0 commit comments