From f82003649c095e58ade7922c66f234d5185b4f8e Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Sun, 23 Jun 2024 19:17:59 +0300
Subject: [PATCH 1/9] Add Identity block

---
 .../cognitive_service_account.tf                          | 8 ++++++++
 .../cognitive_services_account/variables.tf               | 3 +++
 2 files changed, 11 insertions(+)

diff --git a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
index c61ddf1707..718ab51edc 100644
--- a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
+++ b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
@@ -17,6 +17,14 @@ resource "azurerm_cognitive_account" "service" {
 
   qna_runtime_endpoint = var.settings.kind == "QnAMaker" ? var.settings.qna_runtime_endpoint : try(var.settings.qna_runtime_endpoint, null)
 
+  dynamic "identity" {
+    for_each = lookup(var.settings, "identity", {}) != {} ? [1] : []
+    content {
+      type         = lookup(var.settings.identity, "type", null)
+      identity_ids = can(var.settings.identity.ids) ? var.settings.identity.ids : can(var.settings.identity.key) ? [var.managed_identities[try(var.settings.identity.lz_key, var.client_config.landingzone_key)][var.settings.identity.key].id] : null
+    }
+  }
+  
   dynamic "network_acls" {
     for_each = can(var.settings.network_acls) ? [var.settings.network_acls] : []
     content {
diff --git a/modules/cognitive_services/cognitive_services_account/variables.tf b/modules/cognitive_services/cognitive_services_account/variables.tf
index 6a1d64e03b..83474abe03 100644
--- a/modules/cognitive_services/cognitive_services_account/variables.tf
+++ b/modules/cognitive_services/cognitive_services_account/variables.tf
@@ -16,3 +16,6 @@ variable "resource_group_name" {
 
 variable "settings" {}
 
+variable "managed_identities" {
+  default = {}
+}
\ No newline at end of file

From e342bcf740bea672d31008d6cc2243e3845118d1 Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Sun, 23 Jun 2024 20:30:23 +0300
Subject: [PATCH 2/9] Add Identity block

---
 .../standalone-scenarios-additional.json      |  1 +
 cognitive_service.tf                          |  2 +
 .../configuration.tfvars                      | 70 +++++++++++++++++++
 3 files changed, 73 insertions(+)
 create mode 100644 examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars

diff --git a/.github/workflows/standalone-scenarios-additional.json b/.github/workflows/standalone-scenarios-additional.json
index 5c141c24bd..61d601e344 100644
--- a/.github/workflows/standalone-scenarios-additional.json
+++ b/.github/workflows/standalone-scenarios-additional.json
@@ -1,6 +1,7 @@
 {
   "config_files": [
     "cognitive_services/100-cognitive-services-account",
+    "cognitive_services/101-cognitive-services-account-managed-identity",
     "compute/batch/batch_certificate/100-batch-certificate - path",
     "compute/batch/batch_job/100-batch-job - quotas",
     "compute/batch/batch_pool/100-batch-pool - quotas",
diff --git a/cognitive_service.tf b/cognitive_service.tf
index 04659f9f28..31a7723c83 100644
--- a/cognitive_service.tf
+++ b/cognitive_service.tf
@@ -7,6 +7,8 @@ module "cognitive_services_account" {
   resource_group_name = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].name
   location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].location : local.global_settings.regions[each.value.region]
   settings            = each.value
+
+  managed_identities = local.combined_objects_managed_identities
 }
 
 output "cognitive_services_account" {
diff --git a/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars b/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars
new file mode 100644
index 0000000000..56b1b6a43a
--- /dev/null
+++ b/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars
@@ -0,0 +1,70 @@
+global_settings = {
+  default_region = "region1"
+  regions = {
+    region1 = "westus"
+  }
+  random_length = 5
+}
+
+resource_groups = {
+  test-rg = {
+    name = "rg-cognitive-test"
+  }
+}
+
+managed_identities = {
+  cognitive_msi = {
+    name               = "cognitive-msi"
+    resource_group_key = "test-rg"
+  }
+}
+
+cognitive_services_account = {
+  test_account-1 = {
+    resource_group = {
+      # accepts either id or key to get resource group id
+      # id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1"
+      # lz_key = "examples"
+      key = "test-rg"
+    }
+    name     = "cs-test-1"
+    kind     = "OpenAI"
+    sku_name = "S0"
+
+    identity = {
+      type = "SystemAssigned, UserAssigned" // Can be "SystemAssigned, UserAssigned" or "SystemAssigned" or "UserAssigned"
+      key  = "cognitive_msi" // A must with "SystemAssigned, UserAssigned" and "UserAssigned"
+    }
+
+    tags = {
+      env = "test"
+    }
+    # custom_subdomain_name = "cs-test-1"
+    # network_acls = {
+    #   default_action = "Allow"
+    #   ip_rules       = ["10.10.10.0/16"]
+    # }
+  }
+  test_account-2 = {
+    resource_group = {
+      # accepts either id or key to get resource group id
+      # id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1"
+      # lz_key = "examples"
+      key = "test-rg"
+    }
+    name     = "cs-test-2"
+    kind     = "QnAMaker"
+    sku_name = "F0"
+
+    identity = {
+      type = "SystemAssigned"
+    }
+
+    tags = {
+      env = "test"
+    }
+    qna_runtime_endpoint = "https://cs-alz-caf-test-2.azurewebsites.net"
+
+  }
+}
+

From 83aa47989cc1f55b6441385b40c64279393458da Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Mon, 24 Jun 2024 19:27:35 +0300
Subject: [PATCH 3/9] FMT + Outputs

---
 .../cognitive_service_account.tf                     | 12 ++++++------
 .../cognitive_services_account/output.tf             |  9 +++++++++
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
index 718ab51edc..42bac1d48b 100644
--- a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
+++ b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
@@ -9,11 +9,11 @@ resource "azurecaf_name" "service" {
 }
 
 resource "azurerm_cognitive_account" "service" {
-  name                = azurecaf_name.service.result
-  location            = var.location
-  resource_group_name = var.resource_group_name
-  kind                = var.settings.kind
-  sku_name            = var.settings.sku_name
+  name                          = azurecaf_name.service.result
+  location                      = var.location
+  resource_group_name           = var.resource_group_name
+  kind                          = var.settings.kind
+  sku_name                      = var.settings.sku_name
 
   qna_runtime_endpoint = var.settings.kind == "QnAMaker" ? var.settings.qna_runtime_endpoint : try(var.settings.qna_runtime_endpoint, null)
 
@@ -24,7 +24,7 @@ resource "azurerm_cognitive_account" "service" {
       identity_ids = can(var.settings.identity.ids) ? var.settings.identity.ids : can(var.settings.identity.key) ? [var.managed_identities[try(var.settings.identity.lz_key, var.client_config.landingzone_key)][var.settings.identity.key].id] : null
     }
   }
-  
+
   dynamic "network_acls" {
     for_each = can(var.settings.network_acls) ? [var.settings.network_acls] : []
     content {
diff --git a/modules/cognitive_services/cognitive_services_account/output.tf b/modules/cognitive_services/cognitive_services_account/output.tf
index fd2a6239a4..7413f41f9d 100644
--- a/modules/cognitive_services/cognitive_services_account/output.tf
+++ b/modules/cognitive_services/cognitive_services_account/output.tf
@@ -6,4 +6,13 @@ output "id" {
 output "endpoint" {
   description = "The endpoint used to connect to the Cognitive Service Account."
   value       = azurerm_cognitive_account.service.endpoint
+}
+
+output "rbac_id" {
+  description = "The Principal ID of the Cognetive Services for Role Mapping"
+  value       = try(azurerm_cognitive_account.service.identity[0].principal_id, null)
+}
+
+output "identity" {
+  value = try(azurerm_cognitive_account.identity, null)
 }
\ No newline at end of file

From bf46be19433d078c098447c1ee1584e0d92fb7e4 Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Mon, 24 Jun 2024 19:32:22 +0300
Subject: [PATCH 4/9] Add Public Network access

---
 .../configuration.tfvars                               |  1 +
 .../cognitive_service_account.tf                       | 10 ++++------
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars b/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars
index 56b1b6a43a..79f8ab921a 100644
--- a/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars
+++ b/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars
@@ -30,6 +30,7 @@ cognitive_services_account = {
     name     = "cs-test-1"
     kind     = "OpenAI"
     sku_name = "S0"
+    public_network_access_enabled = true
 
     identity = {
       type = "SystemAssigned, UserAssigned" // Can be "SystemAssigned, UserAssigned" or "SystemAssigned" or "UserAssigned"
diff --git a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
index 42bac1d48b..1350dd4c48 100644
--- a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
+++ b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
@@ -14,8 +14,10 @@ resource "azurerm_cognitive_account" "service" {
   resource_group_name           = var.resource_group_name
   kind                          = var.settings.kind
   sku_name                      = var.settings.sku_name
-
-  qna_runtime_endpoint = var.settings.kind == "QnAMaker" ? var.settings.qna_runtime_endpoint : try(var.settings.qna_runtime_endpoint, null)
+  public_network_access_enabled = try(var.settings.public_network_access_enabled, true)
+  custom_subdomain_name         = try(var.settings.custom_subdomain_name, null)
+  tags                          = try(var.settings.tags, {})
+  qna_runtime_endpoint          = var.settings.kind == "QnAMaker" ? var.settings.qna_runtime_endpoint : try(var.settings.qna_runtime_endpoint, null)
 
   dynamic "identity" {
     for_each = lookup(var.settings, "identity", {}) != {} ? [1] : []
@@ -50,8 +52,4 @@ resource "azurerm_cognitive_account" "service" {
       }
     }
   }
-
-  custom_subdomain_name = try(var.settings.custom_subdomain_name, null)
-
-  tags = try(var.settings.tags, {})
 }
\ No newline at end of file

From 564c81741afddb684a4ee9a3f4c31ac0adf4ebe3 Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Mon, 24 Jun 2024 19:32:58 +0300
Subject: [PATCH 5/9] Fix Identity Output

---
 modules/cognitive_services/cognitive_services_account/output.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/cognitive_services/cognitive_services_account/output.tf b/modules/cognitive_services/cognitive_services_account/output.tf
index 7413f41f9d..4e37bd9072 100644
--- a/modules/cognitive_services/cognitive_services_account/output.tf
+++ b/modules/cognitive_services/cognitive_services_account/output.tf
@@ -14,5 +14,5 @@ output "rbac_id" {
 }
 
 output "identity" {
-  value = try(azurerm_cognitive_account.identity, null)
+  value = try(azurerm_cognitive_account.service.identity, null)
 }
\ No newline at end of file

From 8af5155130574465c84e43311944ac2c325344d0 Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Thu, 27 Jun 2024 19:41:03 +0300
Subject: [PATCH 6/9] Add tags

---
 cognitive_service.tf                                      | 1 +
 .../cognitive_service_account.tf                          | 2 +-
 .../cognitive_services/cognitive_services_account/main.tf | 8 ++++++++
 .../cognitive_services_account/variables.tf               | 5 +++++
 4 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/cognitive_service.tf b/cognitive_service.tf
index 31a7723c83..4b74be15f6 100644
--- a/cognitive_service.tf
+++ b/cognitive_service.tf
@@ -4,6 +4,7 @@ module "cognitive_services_account" {
 
   client_config       = local.client_config
   global_settings     = local.global_settings
+  base_tags           = local.global_settings.inherit_tags
   resource_group_name = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].name
   location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].location : local.global_settings.regions[each.value.region]
   settings            = each.value
diff --git a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
index 1350dd4c48..2f3a24ff40 100644
--- a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
+++ b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
@@ -16,7 +16,7 @@ resource "azurerm_cognitive_account" "service" {
   sku_name                      = var.settings.sku_name
   public_network_access_enabled = try(var.settings.public_network_access_enabled, true)
   custom_subdomain_name         = try(var.settings.custom_subdomain_name, null)
-  tags                          = try(var.settings.tags, {})
+  tags                          = merge(local.tags, try(var.settings.tags, null))
   qna_runtime_endpoint          = var.settings.kind == "QnAMaker" ? var.settings.qna_runtime_endpoint : try(var.settings.qna_runtime_endpoint, null)
 
   dynamic "identity" {
diff --git a/modules/cognitive_services/cognitive_services_account/main.tf b/modules/cognitive_services/cognitive_services_account/main.tf
index b34ed51903..b58d11de39 100644
--- a/modules/cognitive_services/cognitive_services_account/main.tf
+++ b/modules/cognitive_services/cognitive_services_account/main.tf
@@ -4,4 +4,12 @@ terraform {
       source = "aztfmod/azurecaf"
     }
   }
+}
+
+locals {
+  tags = var.base_tags ? merge(
+    var.global_settings.tags,
+    try(var.resource_group.tags, null),
+    try(var.settings.tags, null)
+  ) : try(var.settings.tags, null)
 }
\ No newline at end of file
diff --git a/modules/cognitive_services/cognitive_services_account/variables.tf b/modules/cognitive_services/cognitive_services_account/variables.tf
index 83474abe03..1426be8c7b 100644
--- a/modules/cognitive_services/cognitive_services_account/variables.tf
+++ b/modules/cognitive_services/cognitive_services_account/variables.tf
@@ -18,4 +18,9 @@ variable "settings" {}
 
 variable "managed_identities" {
   default = {}
+}
+
+variable "base_tags" {
+  description = "Base tags for the resource to be inherited from the resource group."
+  type        = bool
 }
\ No newline at end of file

From 6a0f3fb356665c36ff31b7629550b86e07841652 Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Thu, 27 Jun 2024 19:43:05 +0300
Subject: [PATCH 7/9] Revert "Add tags"

This reverts commit 8af5155130574465c84e43311944ac2c325344d0.
---
 cognitive_service.tf                                      | 1 -
 .../cognitive_service_account.tf                          | 2 +-
 .../cognitive_services/cognitive_services_account/main.tf | 8 --------
 .../cognitive_services_account/variables.tf               | 5 -----
 4 files changed, 1 insertion(+), 15 deletions(-)

diff --git a/cognitive_service.tf b/cognitive_service.tf
index 4b74be15f6..31a7723c83 100644
--- a/cognitive_service.tf
+++ b/cognitive_service.tf
@@ -4,7 +4,6 @@ module "cognitive_services_account" {
 
   client_config       = local.client_config
   global_settings     = local.global_settings
-  base_tags           = local.global_settings.inherit_tags
   resource_group_name = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].name
   location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].location : local.global_settings.regions[each.value.region]
   settings            = each.value
diff --git a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
index 2f3a24ff40..1350dd4c48 100644
--- a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
+++ b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
@@ -16,7 +16,7 @@ resource "azurerm_cognitive_account" "service" {
   sku_name                      = var.settings.sku_name
   public_network_access_enabled = try(var.settings.public_network_access_enabled, true)
   custom_subdomain_name         = try(var.settings.custom_subdomain_name, null)
-  tags                          = merge(local.tags, try(var.settings.tags, null))
+  tags                          = try(var.settings.tags, {})
   qna_runtime_endpoint          = var.settings.kind == "QnAMaker" ? var.settings.qna_runtime_endpoint : try(var.settings.qna_runtime_endpoint, null)
 
   dynamic "identity" {
diff --git a/modules/cognitive_services/cognitive_services_account/main.tf b/modules/cognitive_services/cognitive_services_account/main.tf
index b58d11de39..b34ed51903 100644
--- a/modules/cognitive_services/cognitive_services_account/main.tf
+++ b/modules/cognitive_services/cognitive_services_account/main.tf
@@ -4,12 +4,4 @@ terraform {
       source = "aztfmod/azurecaf"
     }
   }
-}
-
-locals {
-  tags = var.base_tags ? merge(
-    var.global_settings.tags,
-    try(var.resource_group.tags, null),
-    try(var.settings.tags, null)
-  ) : try(var.settings.tags, null)
 }
\ No newline at end of file
diff --git a/modules/cognitive_services/cognitive_services_account/variables.tf b/modules/cognitive_services/cognitive_services_account/variables.tf
index 1426be8c7b..83474abe03 100644
--- a/modules/cognitive_services/cognitive_services_account/variables.tf
+++ b/modules/cognitive_services/cognitive_services_account/variables.tf
@@ -18,9 +18,4 @@ variable "settings" {}
 
 variable "managed_identities" {
   default = {}
-}
-
-variable "base_tags" {
-  description = "Base tags for the resource to be inherited from the resource group."
-  type        = bool
 }
\ No newline at end of file

From 7fab93b27573175c329c1b5a42a841751b098513 Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Thu, 27 Jun 2024 19:44:24 +0300
Subject: [PATCH 8/9] Revert "Revert "Add tags""

This reverts commit 6a0f3fb356665c36ff31b7629550b86e07841652.

	modified:   cognitive_service.tf
	modified:   modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
	modified:   modules/cognitive_services/cognitive_services_account/main.tf
	modified:   modules/cognitive_services/cognitive_services_account/variables.tf
---
 cognitive_service.tf                                      | 1 +
 .../cognitive_service_account.tf                          | 2 +-
 .../cognitive_services/cognitive_services_account/main.tf | 8 ++++++++
 .../cognitive_services_account/variables.tf               | 5 +++++
 4 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/cognitive_service.tf b/cognitive_service.tf
index 31a7723c83..4b74be15f6 100644
--- a/cognitive_service.tf
+++ b/cognitive_service.tf
@@ -4,6 +4,7 @@ module "cognitive_services_account" {
 
   client_config       = local.client_config
   global_settings     = local.global_settings
+  base_tags           = local.global_settings.inherit_tags
   resource_group_name = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].name
   location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].location : local.global_settings.regions[each.value.region]
   settings            = each.value
diff --git a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
index 1350dd4c48..2f3a24ff40 100644
--- a/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
+++ b/modules/cognitive_services/cognitive_services_account/cognitive_service_account.tf
@@ -16,7 +16,7 @@ resource "azurerm_cognitive_account" "service" {
   sku_name                      = var.settings.sku_name
   public_network_access_enabled = try(var.settings.public_network_access_enabled, true)
   custom_subdomain_name         = try(var.settings.custom_subdomain_name, null)
-  tags                          = try(var.settings.tags, {})
+  tags                          = merge(local.tags, try(var.settings.tags, null))
   qna_runtime_endpoint          = var.settings.kind == "QnAMaker" ? var.settings.qna_runtime_endpoint : try(var.settings.qna_runtime_endpoint, null)
 
   dynamic "identity" {
diff --git a/modules/cognitive_services/cognitive_services_account/main.tf b/modules/cognitive_services/cognitive_services_account/main.tf
index b34ed51903..b58d11de39 100644
--- a/modules/cognitive_services/cognitive_services_account/main.tf
+++ b/modules/cognitive_services/cognitive_services_account/main.tf
@@ -4,4 +4,12 @@ terraform {
       source = "aztfmod/azurecaf"
     }
   }
+}
+
+locals {
+  tags = var.base_tags ? merge(
+    var.global_settings.tags,
+    try(var.resource_group.tags, null),
+    try(var.settings.tags, null)
+  ) : try(var.settings.tags, null)
 }
\ No newline at end of file
diff --git a/modules/cognitive_services/cognitive_services_account/variables.tf b/modules/cognitive_services/cognitive_services_account/variables.tf
index 83474abe03..1426be8c7b 100644
--- a/modules/cognitive_services/cognitive_services_account/variables.tf
+++ b/modules/cognitive_services/cognitive_services_account/variables.tf
@@ -18,4 +18,9 @@ variable "settings" {}
 
 variable "managed_identities" {
   default = {}
+}
+
+variable "base_tags" {
+  description = "Base tags for the resource to be inherited from the resource group."
+  type        = bool
 }
\ No newline at end of file

From 0c37b6370a440c79c09572f63b2ee91f3dfd4fd0 Mon Sep 17 00:00:00 2001
From: "joseph@direct-ex.co.il" <joseph@direct-ex.co.il>
Date: Thu, 27 Jun 2024 19:48:33 +0300
Subject: [PATCH 9/9] Add Resource Group ref

---
 cognitive_service.tf                                        | 1 +
 .../cognitive_services_account/variables.tf                 | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/cognitive_service.tf b/cognitive_service.tf
index 4b74be15f6..1eebac5c8c 100644
--- a/cognitive_service.tf
+++ b/cognitive_service.tf
@@ -5,6 +5,7 @@ module "cognitive_services_account" {
   client_config       = local.client_config
   global_settings     = local.global_settings
   base_tags           = local.global_settings.inherit_tags
+  resource_group      = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group_key, each.value.resource_group.key)]
   resource_group_name = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].name
   location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].location : local.global_settings.regions[each.value.region]
   settings            = each.value
diff --git a/modules/cognitive_services/cognitive_services_account/variables.tf b/modules/cognitive_services/cognitive_services_account/variables.tf
index 1426be8c7b..5c70771326 100644
--- a/modules/cognitive_services/cognitive_services_account/variables.tf
+++ b/modules/cognitive_services/cognitive_services_account/variables.tf
@@ -9,8 +9,12 @@ variable "location" {
   type        = string
 }
 
+variable "resource_group" {
+  description = "Resource group object to deploy the resource"
+}
+
 variable "resource_group_name" {
-  description = "Name of the existing resource group to deploy the virtual machine"
+  description = "Name of the existing resource group to deploy the resource"
   type        = string
 }