fix: user-assigned identities not being assigned (#38)

Fixes #37
equinor · Sep 27, 2023 · 81466d8 · 81466d8
1 parent 5b91a6f
commit 81466d8
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/main.tf b/main.tf
@@ -2,11 +2,13 @@ locals {
   is_windows   = var.kind == "Windows"
   function_app = local.is_windows ? azurerm_windows_function_app.this[0] : azurerm_linux_function_app.this[0]
 
+  # Auto assign Key Vault reference identity
+  identity_ids = concat(compact([var.key_vault_reference_identity_id]), var.identity_ids)
+
   # If system_assigned_identity_enabled is true, value is "SystemAssigned".
   # If identity_ids is non-empty, value is "UserAssigned".
   # If system_assigned_identity_enabled is true and identity_ids is non-empty, value is "SystemAssigned, UserAssigned".
-  identity_type = join(", ", compact([var.system_assigned_identity_enabled ? "SystemAssigned" : "", length(var.identity_ids) > 0 ? "UserAssigned" : ""]))
-  identity_ids  = compact([var.key_vault_reference_identity_id])
+  identity_type = join(", ", compact([var.system_assigned_identity_enabled ? "SystemAssigned" : "", length(local.identity_ids) > 0 ? "UserAssigned" : ""]))
 }
 
 resource "azurerm_linux_function_app" "this" {
@@ -58,7 +60,7 @@ resource "azurerm_linux_function_app" "this" {
 
     content {
       type         = local.identity_type
-      identity_ids = concat(local.identity_ids, var.identity_ids)
+      identity_ids = local.identity_ids
     }
   }
 
@@ -125,7 +127,7 @@ resource "azurerm_windows_function_app" "this" {
 
     content {
       type         = local.identity_type
-      identity_ids = concat(local.identity_ids, var.identity_ids)
+      identity_ids = local.identity_ids
     }
   }