diff --git a/examples/kyma-on-btp-new-sa/main.tf b/examples/kyma-on-btp-new-sa/main.tf index e027c01..3b03ce8 100644 --- a/examples/kyma-on-btp-new-sa/main.tf +++ b/examples/kyma-on-btp-new-sa/main.tf @@ -37,6 +37,7 @@ module "kyma" { BTP_BOT_PASSWORD = var.BTP_BOT_PASSWORD BTP_NEW_SUBACCOUNT_REGION = var.BTP_NEW_SUBACCOUNT_REGION BTP_KYMA_MODULES = var.BTP_KYMA_MODULES + BTP_NEW_SUBACCOUNT_ADMINS = var.BTP_NEW_SUBACCOUNT_ADMINS } output "subaccount_id" { diff --git a/examples/kyma-on-btp-new-sa/variables.tf b/examples/kyma-on-btp-new-sa/variables.tf index 5f4c001..2780f98 100644 --- a/examples/kyma-on-btp-new-sa/variables.tf +++ b/examples/kyma-on-btp-new-sa/variables.tf @@ -83,3 +83,8 @@ variable "BTP_KYMA_MODULES" { ] description = "The list of kyma modules to install" } + +variable "BTP_NEW_SUBACCOUNT_ADMINS" { + type = list(string) + default = [ ] +} diff --git a/main.tf b/main.tf index 465b0a7..aa41298 100644 --- a/main.tf +++ b/main.tf @@ -233,3 +233,20 @@ resource "btp_subaccount" "subaccount" { subdomain = var.BTP_NEW_SUBACCOUNT_NAME } +locals { + subaccount_admins = var.BTP_NEW_SUBACCOUNT_NAME != null && var.BTP_USE_SUBACCOUNT_ID == null ? var.BTP_NEW_SUBACCOUNT_ADMINS : [] +} + +resource "btp_subaccount_role_collection_assignment" "subaccount_admins" { + for_each = toset(local.subaccount_admins) + subaccount_id = btp_subaccount.subaccount.0.id + role_collection_name = "Subaccount Administrator" + user_name = each.value +} + +resource "btp_subaccount_role_collection_assignment" "subaccount_viewers" { + for_each = toset(local.subaccount_admins) + subaccount_id = btp_subaccount.subaccount.0.id + role_collection_name = "Subaccount Viewer" + user_name = each.key +} diff --git a/variables.tf b/variables.tf index 53c8248..f9bf60f 100644 --- a/variables.tf +++ b/variables.tf @@ -26,6 +26,12 @@ variable "BTP_NEW_SUBACCOUNT_REGION" { default = "eu20" } +variable "BTP_NEW_SUBACCOUNT_ADMINS" { + type = list(string) + description = "Usernames of the new subaccount admins" + default = [ ] +} + variable "BTP_CUSTOM_IAS_TENANT" { type = string description = "Custom IAS tenant"