Hi everyone,
I am using Terraform to provision an OpenAI service and its modules along with a Key Vault in Azure. While the OpenAI service setup works as expected, I am facing two challenges:
- Role Assignment for Key Vault
I need to assign the Key Vault Administratorrole to my service so it can access and manage keys. However, I’m unsure how to implement this using Terraform.
- Save Output Variables Dynamically to JSON
After the resources are created, I need to save the following details dynamically in a JSON file:
• openai.api_type
• openai.api_base
• openai.api_version
• openai.api_key
• engine
Here is a snippet of my current Terraform code:
terraform {
backend "local" { path = "terraform-example1.tfstate" }
}
provider "azurerm" {
features {
key_vault {
purge_soft_delete_on_destroy = true
}
}
client_id = var.client_id
client_secret = var.client_secret
tenant_id = var.tenant_id
subscription_id = var.subscription_id
}
resource "azurerm_resource_group" "rg" {
name = var.resource_group_name
location = var.location
}
module "openai" {
source = "Pwd9000-ML/openai-service/azurerm"
version = ">= 1.1.0"
location = var.location
keyvault_resource_group_name = azurerm_resource_group.rg.name
kv_config = var.kv_config
keyvault_firewall_default_action = var.keyvault_firewall_default_action
keyvault_firewall_bypass = var.keyvault_firewall_bypass
keyvault_firewall_allowed_ips = var.keyvault_firewall_allowed_ips
keyvault_firewall_virtual_network_subnet_ids = var.keyvault_firewall_virtual_network_subnet_ids
create_openai_service = var.create_openai_service
openai_resource_group_name = azurerm_resource_group.rg.name
openai_account_name = var.openai_account_name
openai_custom_subdomain_name = var.openai_custom_subdomain_name
openai_sku_name = var.openai_sku_name
openai_local_auth_enabled = var.openai_local_auth_enabled
openai_outbound_network_access_restricted = var.openai_outbound_network_access_restricted
openai_public_network_access_enabled = var.openai_public_network_access_enabled
openai_identity = var.openai_identity
create_model_deployment = var.create_model_deployment
model_deployment = var.model_deployment
}
Questions:
- How can I add a Key Vault Administratorrole assignment for the service using Terraform?
- What is the best way to save output variables dynamically to a JSON file after the resources are created?
Any help or examples would be greatly appreciated!
Thanks in advance!