From dd1a3b03ff4e1f9c2b8069fc2ad8f7dbbeff0057 Mon Sep 17 00:00:00 2001
From: Michele Zanotti <m.zanotti@nebuly.ai>
Date: Mon, 2 Dec 2024 10:57:52 +0000
Subject: [PATCH] feat: allow override azuread app name

---
 README.md    |  1 +
 main.tf      |  2 +-
 variables.tf | 18 +++++++++++++-----
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index ad1b394..c13687d 100644
--- a/README.md
+++ b/README.md
@@ -157,6 +157,7 @@ You can find examples of code that uses this Terraform module in the [examples](
 | <a name="input_azure_openai_deployment_gpt4o"></a> [azure\_openai\_deployment\_gpt4o](#input\_azure\_openai\_deployment\_gpt4o) | ------ Azure OpenAI ------ # | <pre>object({<br/>    name : optional(string, "gpt-4o")<br/>    version : optional(string, "2024-08-06")<br/>    rate_limit : optional(number, 80)<br/>    enabled : optional(bool, true)<br/>  })</pre> | `{}` | no |
 | <a name="input_azure_openai_deployment_gpt4o_mini"></a> [azure\_openai\_deployment\_gpt4o\_mini](#input\_azure\_openai\_deployment\_gpt4o\_mini) | n/a | <pre>object({<br/>    name : optional(string, "gpt-4o-mini")<br/>    version : optional(string, "2024-07-18")<br/>    rate_limit : optional(number, 80)<br/>    enabled : optional(bool, true)<br/>  })</pre> | `{}` | no |
 | <a name="input_azure_openai_location"></a> [azure\_openai\_location](#input\_azure\_openai\_location) | The Azure region where to deploy the Azure OpenAI models. <br/>  Note that the models required by Nebuly are supported only in few specific regions. For more information, you can refer to Azure documentation:<br/>  https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models#standard-deployment-model-availability | `string` | `"EastUS"` | no |
+| <a name="input_azuread_identity_override_name"></a> [azuread\_identity\_override\_name](#input\_azuread\_identity\_override\_name) | Override the name of the Service Account representing the platform identity. If not provided, the name is generated based on the resource\_prefix. | `string` | `null` | no |
 | <a name="input_k8s_image_pull_secret_name"></a> [k8s\_image\_pull\_secret\_name](#input\_k8s\_image\_pull\_secret\_name) | The name of the Kubernetes Image Pull Secret to use. <br/>  This value will be used to auto-generate the values.yaml file for installing the Nebuly Platform Helm chart. | `string` | `"nebuly-docker-pull"` | no |
 | <a name="input_key_vault_public_network_access_enabled"></a> [key\_vault\_public\_network\_access\_enabled](#input\_key\_vault\_public\_network\_access\_enabled) | Can the Key Vault be accessed from the Internet, according to the firewall rules?<br/>  Default to true to to allow the Terraform module to be executed even outside the private virtual network. <br/>  When set to true, firewall rules are applied, and all connections are denied by default. | `bool` | `true` | no |
 | <a name="input_key_vault_purge_protection_enabled"></a> [key\_vault\_purge\_protection\_enabled](#input\_key\_vault\_purge\_protection\_enabled) | Is purge protection enabled for the Key Vault? | `bool` | `false` | no |
diff --git a/main.tf b/main.tf
index 8279ff7..2faaf4b 100644
--- a/main.tf
+++ b/main.tf
@@ -284,7 +284,7 @@ resource "azurerm_role_assignment" "key_vault_secret_officer__current" {
 
 # ------ Identity ------ #
 resource "azuread_application" "main" {
-  display_name     = format("%s.nebuly.platform", var.resource_prefix)
+  display_name     = var.azuread_identity_override_name == null ? format("%s.nebuly.platform", var.resource_prefix) : var.azuread_identity_override_name
   owners           = [data.azurerm_client_config.current.object_id]
   sign_in_audience = "AzureADMyOrg" # default
   identifier_uris  = []
diff --git a/variables.tf b/variables.tf
index ec7d9dd..0782438 100644
--- a/variables.tf
+++ b/variables.tf
@@ -61,11 +61,6 @@ variable "postgres_server_sku" {
   }
   description = "The SKU of the PostgreSQL Server, including the Tier and the Name. Examples: B_Standard_B1ms, GP_Standard_D2s_v3, MO_Standard_E4s_v3"
 }
-variable "postgres_override_name" {
-  type        = string
-  default     = null
-  description = "Override the name of the PostgreSQL Server. If not provided, the name is generated based on the resource_prefix."
-}
 variable "postgres_server_admin_username" {
   type        = string
   default     = "nebulyadmin"
@@ -213,6 +208,19 @@ variable "storage_account_override_name" {
 }
 
 
+# ------ Override Names ------ #
+variable "postgres_override_name" {
+  type        = string
+  default     = null
+  description = "Override the name of the PostgreSQL Server. If not provided, the name is generated based on the resource_prefix."
+}
+variable "azuread_identity_override_name" {
+  type        = string
+  default     = null
+  description = "Override the name of the Service Account representing the platform identity. If not provided, the name is generated based on the resource_prefix."
+}
+
+
 # ------ Networking ------ #
 variable "whitelisted_ips" {
   description = <<EOT