Skip to content

Commit

Permalink
azurerm_mssql_server: Set azuread_administrator inline on creation (
Browse files Browse the repository at this point in the history
#13753)

Fixes #13677
  • Loading branch information
aristosvo authored Oct 20, 2021
1 parent 5386bfd commit 06c7801
Show file tree
Hide file tree
Showing 2 changed files with 55 additions and 22 deletions.
62 changes: 40 additions & 22 deletions internal/services/mssql/mssql_server_resource.go
Original file line number Diff line number Diff line change
Expand Up @@ -266,6 +266,10 @@ func resourceMsSqlServerCreateUpdate(d *pluginsdk.ResourceData, meta interface{}
props.ServerProperties.MinimalTLSVersion = utils.String(v.(string))
}

if azureADAdministrator, ok := d.GetOk("azuread_administrator"); d.IsNewResource() && ok {
props.ServerProperties.Administrators = expandMsSqlServerAdministrators(azureADAdministrator.([]interface{}))
}

future, err := client.CreateOrUpdate(ctx, id.ResourceGroup, id.Name, props)
if err != nil {
return fmt.Errorf("issuing create/update request for %s: %+v", id.String(), err)
Expand All @@ -281,16 +285,7 @@ func resourceMsSqlServerCreateUpdate(d *pluginsdk.ResourceData, meta interface{}

d.SetId(id.ID())

if d.HasChange("azuread_administrator") {
adminDelFuture, err := adminClient.Delete(ctx, id.ResourceGroup, id.Name)
if err != nil {
return fmt.Errorf("deleting AAD admin %s: %+v", id.String(), err)
}

if err = adminDelFuture.WaitForCompletionRef(ctx, adminClient.Client); err != nil {
return fmt.Errorf("waiting for deletion of AAD admin %s: %+v", id.String(), err)
}

if d.HasChange("azuread_administrator") && !d.IsNewResource() {
if adminParams := expandMsSqlServerAdministrator(d.Get("azuread_administrator").([]interface{})); adminParams != nil {
adminFuture, err := adminClient.CreateOrUpdate(ctx, id.ResourceGroup, id.Name, *adminParams)
if err != nil {
Expand All @@ -300,6 +295,15 @@ func resourceMsSqlServerCreateUpdate(d *pluginsdk.ResourceData, meta interface{}
if err = adminFuture.WaitForCompletionRef(ctx, adminClient.Client); err != nil {
return fmt.Errorf("waiting for creation of AAD admin %s: %+v", id.String(), err)
}
} else {
adminDelFuture, err := adminClient.Delete(ctx, id.ResourceGroup, id.Name)
if err != nil {
return fmt.Errorf("deleting AAD admin %s: %+v", id.String(), err)
}

if err = adminDelFuture.WaitForCompletionRef(ctx, adminClient.Client); err != nil {
return fmt.Errorf("waiting for deletion of AAD admin %s: %+v", id.String(), err)
}
}
}

Expand Down Expand Up @@ -332,7 +336,6 @@ func resourceMsSqlServerRead(d *pluginsdk.ResourceData, meta interface{}) error
client := meta.(*clients.Client).MSSQL.ServersClient
auditingClient := meta.(*clients.Client).MSSQL.ServerExtendedBlobAuditingPoliciesClient
connectionClient := meta.(*clients.Client).MSSQL.ServerConnectionPoliciesClient
adminClient := meta.(*clients.Client).MSSQL.ServerAzureADAdministratorsClient
restorableDroppedDatabasesClient := meta.(*clients.Client).MSSQL.RestorableDroppedDatabasesClient
ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
defer cancel()
Expand Down Expand Up @@ -382,17 +385,10 @@ func resourceMsSqlServerRead(d *pluginsdk.ResourceData, meta interface{}) error
primaryUserAssignedIdentityID = parsedPrimaryUserAssignedIdentityID.ID()
}
d.Set("primary_user_assigned_identity_id", primaryUserAssignedIdentityID)
}

adminResp, err := adminClient.Get(ctx, id.ResourceGroup, id.Name)
if err != nil {
if !utils.ResponseWasNotFound(adminResp.Response) {
return fmt.Errorf("reading AAD admin %s: %v", id.Name, err)
}
} else {
if err := d.Set("azuread_administrator", flatternMsSqlServerAdministrator(adminResp)); err != nil {
return fmt.Errorf("setting `azuread_administrator`: %+v", err)
if props.Administrators != nil {
d.Set("azuread_administrator", flatternMsSqlServerAdministrators(*props.Administrators))
}

}

connection, err := connectionClient.Get(ctx, id.ResourceGroup, id.Name)
Expand Down Expand Up @@ -518,7 +514,29 @@ func expandMsSqlServerAdministrator(input []interface{}) *sql.ServerAzureADAdmin
return &adminParams
}

func flatternMsSqlServerAdministrator(admin sql.ServerAzureADAdministrator) []interface{} {
func expandMsSqlServerAdministrators(input []interface{}) *sql.ServerExternalAdministrator {
if len(input) == 0 || input[0] == nil {
return nil
}

admin := input[0].(map[string]interface{})
sid, _ := uuid.FromString(admin["object_id"].(string))

adminParams := sql.ServerExternalAdministrator{
AdministratorType: sql.AdministratorTypeActiveDirectory,
Login: utils.String(admin["login_username"].(string)),
Sid: &sid,
}

if v, ok := admin["tenant_id"]; ok && v != "" {
tid, _ := uuid.FromString(v.(string))
adminParams.TenantID = &tid
}

return &adminParams
}

func flatternMsSqlServerAdministrators(admin sql.ServerExternalAdministrator) []interface{} {
var login, sid, tid string
if admin.Login != nil {
login = *admin.Login
Expand Down
15 changes: 15 additions & 0 deletions internal/services/mssql/mssql_server_resource_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,21 @@ func TestAccMsSqlServer_azureadAdmin(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_mssql_server", "test")
r := MsSqlServerResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
{
Config: r.aadAdmin(data),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
),
},
data.ImportStep("administrator_login_password"),
})
}

func TestAccMsSqlServer_azureadAdminUpdate(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_mssql_server", "test")
r := MsSqlServerResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
{
Config: r.basic(data),
Expand Down

0 comments on commit 06c7801

Please sign in to comment.