# Terraform: runtime/cloud-iam/azure/reltio.com ## Requirements | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >=1.0.0 | | [azuread](#requirement\_azuread) | =1.4.0 | | [azurerm](#requirement\_azurerm) | =2.49.0 | | [random](#requirement\_random) | =3.1.0 | | [time](#requirement\_time) | =0.7.1 | ## Providers | Name | Version | |------|---------| | [azuread](#provider\_azuread) | =1.4.0 | | [azurerm](#provider\_azurerm) | =2.49.0 | | [random](#provider\_random) | =3.1.0 | | [time](#provider\_time) | =0.7.1 | ## Modules No modules. ## Resources | Name | Type | |------|------| | [azuread_application.prisma_cloud_ad_app](https://registry.terraform.io/providers/hashicorp/azuread/1.4.0/docs/resources/application) | resource | | [azuread_application_password.password](https://registry.terraform.io/providers/hashicorp/azuread/1.4.0/docs/resources/application_password) | resource | | [azuread_service_principal.prisma_cloud_sp](https://registry.terraform.io/providers/hashicorp/azuread/1.4.0/docs/resources/service_principal) | resource | | [azurerm_role_assignment.assign_custom_prisma_role](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_assignment) | resource | | [azurerm_role_assignment.assign_network_contrib](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_assignment) | resource | | [azurerm_role_assignment.assign_reader](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_assignment) | resource | | [azurerm_role_assignment.assign_reader_data_access](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_assignment) | resource | | [azurerm_role_definition.custom_prisma_role](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_definition) | resource | | [random_password.application_password](https://registry.terraform.io/providers/hashicorp/random/3.1.0/docs/resources/password) | resource | | [random_string.unique_id](https://registry.terraform.io/providers/hashicorp/random/3.1.0/docs/resources/string) | resource | | [time_sleep.wait_20_seconds](https://registry.terraform.io/providers/hashicorp/time/0.7.1/docs/resources/sleep) | resource | | [azurerm_management_group.tenant_root_group](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/data-sources/management_group) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [application\_password\_expiration](#input\_application\_password\_expiration) | By default setting the password to last for a year | `string` | `"8760h"` | no | | [cloud\_environment](#input\_cloud\_environment) | ################################# EDIT THE FOLLOWING PARAMETERS cloud\_environment: Cloud environment to be used. Default: public Possible values are public, usgovernment, german, and china tenant\_id : Active directory's ID (Portal) Azure AD -> Properties -> Directory ID | `string` | `"public"` | no | | [custom\_role\_compute\_agentless\_permissions](#input\_custom\_role\_compute\_agentless\_permissions) | n/a | `list(string)` |
[| no | | [custom\_role\_permissions](#input\_custom\_role\_permissions) | The list of permissions added to the custom role | `list(string)` |
"Microsoft.Resources/subscriptions/resourceGroups/write",
"Microsoft.Compute/disks/write",
"Microsoft.Compute/disks/delete",
"Microsoft.Compute/disks/beginGetAccess/action",
"Microsoft.Compute/snapshots/write",
"Microsoft.Compute/snapshots/delete",
"Microsoft.Compute/virtualMachines/write",
"Microsoft.Compute/virtualMachines/delete"
]
[| no | | [tenant\_id](#input\_tenant\_id) | n/a | `string` | `"ec5dd7b3-0e80-414c-ba2a-6495e1f57384"` | no | ## Outputs | Name | Description | |------|-------------| | [a\_\_directory\_tenant\_id](#output\_a\_\_directory\_tenant\_id) | ###################################################### Output Details to fill in the onboarding screen ###################################################### | | [b\_\_application\_client\_id](#output\_b\_\_application\_client\_id) | n/a | | [c\_\_application\_client\_secret](#output\_c\_\_application\_client\_secret) | n/a | | [d\_\_enterprise\_application\_object\_id](#output\_d\_\_enterprise\_application\_object\_id) | n/a | | [e\_consent\_link](#output\_e\_consent\_link) | n/a |
"Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action",
"Microsoft.Network/networkInterfaces/effectiveRouteTable/action",
"Microsoft.Network/networkWatchers/securityGroupView/action",
"Microsoft.Network/networkWatchers/queryFlowLogStatus/action",
"Microsoft.Network/virtualwans/vpnconfiguration/action",
"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action",
"Microsoft.Web/sites/config/list/action",
"Microsoft.Web/sites/publishxml/action",
"Microsoft.Storage/storageAccounts/*",
"Microsoft.Compute/virtualMachines/runCommand/action",
"Microsoft.Web/sites/Write",
"Microsoft.Web/sites/config/Write",
"Microsoft.ContainerRegistry/registries/listCredentials/action",
"Microsoft.DBforMySQL/flexibleServers/configurations/write"
]