chore: change replicator to access

chore: adding default value for scp deployment

Author: florianow

README.md

@@ -97,7 +97,7 @@ After applying the configuration, you can retrieve the following outputs using `
 | <a name="input_replicator_enabled"></a> [replicator\_enabled](#input\_replicator\_enabled) | n/a | `bool` | `true` | no |
 | <a name="input_scope"></a> [scope](#input\_scope) | The scope of the service principal. The scope is usually the id of the aks subscription | `string` | n/a | yes |
 | <a name="input_service_principal_name"></a> [service\_principal\_name](#input\_service\_principal\_name) | Display name of the replicator service principal. | `string` | n/a | yes |
-| <a name="input_workload_identity_federation"></a> [workload\_identity\_federation](#input\_workload\_identity\_federation) | Enable workload identity federation instead of using a password by providing these additional settings. Usually you should receive the required settings when attempting to configure a platform with workload identity federation in meshStack. | `object({ issuer = string, replicator_subject = string })` | `null` | no |
+| <a name="input_workload_identity_federation"></a> [workload\_identity\_federation](#input\_workload\_identity\_federation) | Enable workload identity federation instead of using a password by providing these additional settings. Usually you should receive the required settings when attempting to configure a platform with workload identity federation in meshStack. | `object({ issuer = string, access_subject = string })` | `null` | no |
 
 ## Outputs
 

main.tf

@@ -12,8 +12,8 @@ module "replicator_service_principal" {
   service_principal_name = var.service_principal_name
   create_password        = var.create_password
   workload_identity_federation = var.workload_identity_federation == null ? null : {
-    issuer             = var.workload_identity_federation.issuer,
-    replicator_subject = var.workload_identity_federation.replicator_subject
+    issuer         = var.workload_identity_federation.issuer,
+    access_subject = var.workload_identity_federation.access_subject
   }
   application_owners = var.application_owners
 }

modules/meshcloud-replicator-service-principal/README.md

@@ -34,7 +34,7 @@ No modules.
 | <a name="input_create_password"></a> [create\_password](#input\_create\_password) | Create a password for the enterprise application. | `bool` | n/a | yes |
 | <a name="input_scope"></a> [scope](#input\_scope) | The scope of the service principal. The scope is usually the id of the aks subscription | `string` | n/a | yes |
 | <a name="input_service_principal_name"></a> [service\_principal\_name](#input\_service\_principal\_name) | Display name of the replicator service principal. | `string` | `null` | no |
-| <a name="input_workload_identity_federation"></a> [workload\_identity\_federation](#input\_workload\_identity\_federation) | Enable workload identity federation instead of using a password by providing these additional settings. Usually you should receive the required settings when attempting to configure a platform with workload identity federation in meshStack. | `object({ issuer = string, replicator_subject = string })` | `null` | no |
+| <a name="input_workload_identity_federation"></a> [workload\_identity\_federation](#input\_workload\_identity\_federation) | Enable workload identity federation instead of using a password by providing these additional settings. Usually you should receive the required settings when attempting to configure a platform with workload identity federation in meshStack. | `object({ issuer = string, access_subject = string })` | `null` | no |
 
 ## Outputs
 

modules/meshcloud-replicator-service-principal/auth.tf

@@ -36,5 +36,5 @@ resource "azuread_application_federated_identity_credential" "meshcloud_replicat
   display_name   = var.service_principal_name
   audiences      = ["api://AzureADTokenExchange"]
   issuer         = var.workload_identity_federation.issuer
-  subject        = var.workload_identity_federation.replicator_subject
+  subject        = var.workload_identity_federation.access_subject
 }

modules/meshcloud-replicator-service-principal/variables.tf

@@ -12,7 +12,7 @@ variable "create_password" {
 variable "workload_identity_federation" {
   default     = null
   description = "Enable workload identity federation instead of using a password by providing these additional settings. Usually you should receive the required settings when attempting to configure a platform with workload identity federation in meshStack."
-  type        = object({ issuer = string, replicator_subject = string })
+  type        = object({ issuer = string, access_subject = string })
 }
 
 variable "application_owners" {

variables.tf

@@ -54,7 +54,7 @@ variable "create_password" {
 variable "workload_identity_federation" {
   default     = null
   description = "Enable workload identity federation instead of using a password by providing these additional settings. Usually you should receive the required settings when attempting to configure a platform with workload identity federation in meshStack."
-  type        = object({ issuer = string, replicator_subject = string })
+  type        = object({ issuer = string, access_subject = string })
 }
 
 variable "application_owners" {