I am trying to use below terraform code to create synapse workspace
module "synapse_workspace" {
source = "./modules/synapse-workspace"
rg_name = module.resource_group.name
location = module.resource_group.location
prefix = var.prefix
postfix = random_string.postfix.result
vnet_id = module.virtual_network.id
subnet_id = azurerm_subnet.default_subnet.id
adls_id = module.storage_account.adls_id
storage_account_id = module.storage_account.id
storage_account_name = module.storage_account.name
key_vault_id = module.key_vault.id
key_vault_name = module.key_vault.name
synadmin_username = var.synadmin_username
synadmin_password = var.synadmin_password
aad_login = {
name = var.aad_login.name
object_id = var.aad_login.object_id
tenant_id = var.aad_login.tenant_id
}
}
and in terraform.tfvars file I have defined this AD login like below:
aad_login = {
name = "azureuser@contoso.com"
object_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
My synapse module looks like below:
# Azure Synapse Workspace
data "azurerm_client_config" "current" {}
data "http" "ip" {
url = "https://ifconfig.me"
}
resource "azurerm_synapse_workspace" "syn_ws" {
name = "syn-${var.prefix}-${var.postfix}"
resource_group_name = var.rg_name
location = var.location
storage_data_lake_gen2_filesystem_id = var.adls_id
sql_administrator_login = var.synadmin_username
sql_administrator_login_password = var.synadmin_password
managed_virtual_network_enabled = true
managed_resource_group_name = "${var.rg_name}-syn-managed"
aad_admin {
login = var.aad_login.name
object_id = var.aad_login.object_id
tenant_id = var.aad_login.tenant_id
}
}
The above is working aad_login is user of Azure Active Directory
What I am trying to do: I want my service principal to create this workspace instead of AD user
I verified this documentation Terraform Registry but not able to find how to use service principle authentication to create workspace
Any idea please ?