Hi General,

I have been working on creating ADLS and multiple directories under each container. below is my code. now i have got request to add ace section in the resource block and each container and folder should be applied with permissions and eg: raw container have diff AD group and container have diff AD group could you please help me how i can define that and each folder also have diff group’s

data “azuread_group” “example” {

for_each = toset([“group1”, “group2”, “group3”])

display_name = each.key

security_enabled = false

}

resource “azurerm_storage_data_lake_gen2_filesystem” “container” {
for_each = toset([“raw”, “curated”, “ds-workspace”])
name = each.key
storage_account_id = module.sa_data_lake.storage_account.id
}

ADLS Directories

resource “azurerm_storage_data_lake_gen2_path” “raw” {
for_each = toset([“ltc/unity/ceding company/2021-07/premium-claim”])
path = each.key
filesystem_name = azurerm_storage_data_lake_gen2_filesystem.container[“raw”].name
storage_account_id = module.sa_data_lake.storage_account.id
resource = “directory”
}

resource “azurerm_storage_data_lake_gen2_path” “curated” {
for_each = toset([“sensitive”, “common”, “ltc/unity/ceding_company/2021-07/premium-claim”])
path = each.key
filesystem_name = azurerm_storage_data_lake_gen2_filesystem.container[“curated”].name
storage_account_id = module.sa_data_lake.storage_account.id
resource = “directory”
}

resource “azurerm_storage_data_lake_gen2_path” “ds_workspace” {
for_each = toset([“project-nalh/base dataset”, “project-nalh/nalh/transformed/ver1 -v1/train”, “project-nalh/nalh/transformed/ver2 -v2/train”, “project-nalh/nalh/transformed/inferencing/202107/input”, “project-nalh/nalh/transformed/inferencing/202107/output”])
path = each.key
filesystem_name = azurerm_storage_data_lake_gen2_filesystem.container[“ds-workspace”].name
storage_account_id = module.sa_data_lake.storage_account.id
resource = “directory”
}