admin RBACs

brown9804 · brown9804 · commit 02f7e5661258 · 2026-02-02T15:43:12.000-06:00
diff --git a/src/a2a/status_automation.ps1 b/src/a2a/status_automation.ps1
@@ -11,7 +11,7 @@ if () {
 
 # Check automation endpoint
 try {
-   = Invoke-RestMethod -Uri "https://zava-8e5461ee-app.azurewebsites.net/a2a/automation/status" -TimeoutSec 5
+   = Invoke-RestMethod -Uri "https://zava-6a7d57fb-app.azurewebsites.net/a2a/automation/status" -TimeoutSec 5
   Write-Host "Automation Status: "
 } catch {
   Write-Host "Automation endpoint not accessible"
diff --git a/terraform-infrastructure/main.tf b/terraform-infrastructure/main.tf
@@ -283,6 +283,17 @@ resource "azurerm_search_service" "search" {
   identity { type = "SystemAssigned" }
 }
 
+# Grant the current Terraform principal access to Search *data-plane* operations
+# (view/create indexes, query documents). Without this, the Azure Portal may not
+# show indexes even if they exist.
+resource "azurerm_role_assignment" "search_index_data_contributor_user" {
+  scope                = azurerm_search_service.search.id
+  role_definition_name = "Search Index Data Contributor"
+  principal_id         = local.principal_id
+
+  depends_on = [azurerm_search_service.search]
+}
+
 resource "azurerm_log_analytics_workspace" "law" {
   name                = local.log_analytics_name
   location            = var.location
