Files
dev-intel-v2/foxtrot-docs-v3/reference/terraform/runtime-cloud-iam-azure-reltio.com.md
Jarvis Prime 0265ec7a60 feat: confluence benchmark, pattern extractor, agent KB, UX spec
- extract-patterns.js: mines layered arch, ArgoCD appsets, cloud regions,
  CIDR allocations, naming conventions, sync waves, tech stack from code
- agent-kb.js: token-efficient JSON rendering of same doc tree
- eval-confluence-ref-questions.json: 32 reference-only benchmark questions
- wiggum-v2.sh: Ralph Wiggum loop targeting confluence baseline (77.8%)
- docs/human-ux-spec.md: BMad UX designer spec for human doc structure
- Eval results: V2 at 28.7% vs confluence 77.8% baseline
- Hub/spoke ownership now correctly extracted (95% on that question)
- Naming conventions, regions, CIDRs surfaced in system-architecture.md
2026-03-10 14:20:35 +00:00

62 lines
6.0 KiB
Markdown

# Terraform: runtime/cloud-iam/azure/reltio.com
## Requirements
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >=1.0.0 |
| <a name="requirement_azuread"></a> [azuread](#requirement\_azuread) | =1.4.0 |
| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | =2.49.0 |
| <a name="requirement_random"></a> [random](#requirement\_random) | =3.1.0 |
| <a name="requirement_time"></a> [time](#requirement\_time) | =0.7.1 |
## Providers
| Name | Version |
|------|---------|
| <a name="provider_azuread"></a> [azuread](#provider\_azuread) | =1.4.0 |
| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | =2.49.0 |
| <a name="provider_random"></a> [random](#provider\_random) | =3.1.0 |
| <a name="provider_time"></a> [time](#provider\_time) | =0.7.1 |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [azuread_application.prisma_cloud_ad_app](https://registry.terraform.io/providers/hashicorp/azuread/1.4.0/docs/resources/application) | resource |
| [azuread_application_password.password](https://registry.terraform.io/providers/hashicorp/azuread/1.4.0/docs/resources/application_password) | resource |
| [azuread_service_principal.prisma_cloud_sp](https://registry.terraform.io/providers/hashicorp/azuread/1.4.0/docs/resources/service_principal) | resource |
| [azurerm_role_assignment.assign_custom_prisma_role](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_assignment) | resource |
| [azurerm_role_assignment.assign_network_contrib](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_assignment) | resource |
| [azurerm_role_assignment.assign_reader](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_assignment) | resource |
| [azurerm_role_assignment.assign_reader_data_access](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_assignment) | resource |
| [azurerm_role_definition.custom_prisma_role](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/resources/role_definition) | resource |
| [random_password.application_password](https://registry.terraform.io/providers/hashicorp/random/3.1.0/docs/resources/password) | resource |
| [random_string.unique_id](https://registry.terraform.io/providers/hashicorp/random/3.1.0/docs/resources/string) | resource |
| [time_sleep.wait_20_seconds](https://registry.terraform.io/providers/hashicorp/time/0.7.1/docs/resources/sleep) | resource |
| [azurerm_management_group.tenant_root_group](https://registry.terraform.io/providers/hashicorp/azurerm/2.49.0/docs/data-sources/management_group) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_application_password_expiration"></a> [application\_password\_expiration](#input\_application\_password\_expiration) | By default setting the password to last for a year | `string` | `"8760h"` | no |
| <a name="input_cloud_environment"></a> [cloud\_environment](#input\_cloud\_environment) | ################################# EDIT THE FOLLOWING PARAMETERS cloud\_environment: Cloud environment to be used. Default: public Possible values are public, usgovernment, german, and china tenant\_id : Active directory's ID (Portal) Azure AD -> Properties -> Directory ID | `string` | `"public"` | no |
| <a name="input_custom_role_compute_agentless_permissions"></a> [custom\_role\_compute\_agentless\_permissions](#input\_custom\_role\_compute\_agentless\_permissions) | n/a | `list(string)` | <pre>[<br/> "Microsoft.Resources/subscriptions/resourceGroups/write",<br/> "Microsoft.Compute/disks/write",<br/> "Microsoft.Compute/disks/delete",<br/> "Microsoft.Compute/disks/beginGetAccess/action",<br/> "Microsoft.Compute/snapshots/write",<br/> "Microsoft.Compute/snapshots/delete",<br/> "Microsoft.Compute/virtualMachines/write",<br/> "Microsoft.Compute/virtualMachines/delete"<br/>]</pre> | no |
| <a name="input_custom_role_permissions"></a> [custom\_role\_permissions](#input\_custom\_role\_permissions) | The list of permissions added to the custom role | `list(string)` | <pre>[<br/> "Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action",<br/> "Microsoft.Network/networkInterfaces/effectiveRouteTable/action",<br/> "Microsoft.Network/networkWatchers/securityGroupView/action",<br/> "Microsoft.Network/networkWatchers/queryFlowLogStatus/action",<br/> "Microsoft.Network/virtualwans/vpnconfiguration/action",<br/> "Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action",<br/> "Microsoft.Web/sites/config/list/action",<br/> "Microsoft.Web/sites/publishxml/action",<br/> "Microsoft.Storage/storageAccounts/*",<br/> "Microsoft.Compute/virtualMachines/runCommand/action",<br/> "Microsoft.Web/sites/Write",<br/> "Microsoft.Web/sites/config/Write",<br/> "Microsoft.ContainerRegistry/registries/listCredentials/action",<br/> "Microsoft.DBforMySQL/flexibleServers/configurations/write"<br/>]</pre> | no |
| <a name="input_tenant_id"></a> [tenant\_id](#input\_tenant\_id) | n/a | `string` | `"ec5dd7b3-0e80-414c-ba2a-6495e1f57384"` | no |
## Outputs
| Name | Description |
|------|-------------|
| <a name="output_a__directory_tenant_id"></a> [a\_\_directory\_tenant\_id](#output\_a\_\_directory\_tenant\_id) | ###################################################### Output Details to fill in the onboarding screen ###################################################### |
| <a name="output_b__application_client_id"></a> [b\_\_application\_client\_id](#output\_b\_\_application\_client\_id) | n/a |
| <a name="output_c__application_client_secret"></a> [c\_\_application\_client\_secret](#output\_c\_\_application\_client\_secret) | n/a |
| <a name="output_d__enterprise_application_object_id"></a> [d\_\_enterprise\_application\_object\_id](#output\_d\_\_enterprise\_application\_object\_id) | n/a |
| <a name="output_e_consent_link"></a> [e\_consent\_link](#output\_e\_consent\_link) | n/a |