New resources: azurerm_redis_cache_policy and `azurerm_redis_cache_…

…policy_assignment` (#25477) * WIP: redis cache policy assignment * terrafmt * Take name from supposedly the right place * Add redis_cache_access_policy_resource, fix tests * fmt, terrafmt * Add docs * terrafmt again * Fix tests * Update redis_cache_access_policy.html.markdown Co-authored-by: catriona-m <[email protected]> * Update redis_cache_access_policy.html.markdown Co-authored-by: catriona-m <[email protected]> * Update redis_cache_access_policy.html.markdown Co-authored-by: catriona-m <[email protected]> * Update redis_cache_access_policy_assignment.html.markdown Co-authored-by: catriona-m <[email protected]> * Update redis_cache_access_policy_assignment.html.markdown Co-authored-by: catriona-m <[email protected]> * Update redis_cache_access_policy_assignment.html.markdown Co-authored-by: catriona-m <[email protected]> * Update internal/services/redis/redis_cache_access_policy_assignment_resource.go Co-authored-by: catriona-m <[email protected]> * Address comments * Address comments * Fix some more docs errors * Remove update from policy assignment * Add check for requiresImport * Remove update from cache_access_policy too * Up redis_cache timeouts for create/delete/update to 180min * Update internal/services/redis/redis_cache_access_policy_assignment_resource.go Co-authored-by: catriona-m <[email protected]> * Update internal/services/redis/redis_cache_access_policy_assignment_resource.go Co-authored-by: catriona-m <[email protected]> --------- Co-authored-by: catriona-m <[email protected]>
hashicorp · Apr 4, 2024 · 1ce7f3c · 1ce7f3c
1 parent 2990001
commit 1ce7f3c
Show file tree

Hide file tree

Showing 10 changed files with 751 additions and 7 deletions.
diff --git a/internal/provider/services.go b/internal/provider/services.go
@@ -198,6 +198,7 @@ func SupportedTypedServices() []sdk.TypedServiceRegistration {
 		policy.Registration{},
 		privatednsresolver.Registration{},
 		recoveryservices.Registration{},
+		redis.Registration{},
 		redhatopenshift.Registration{},
 		resource.Registration{},
 		sentinel.Registration{},

diff --git a/internal/services/redis/redis_cache_access_policy_assignment_resource.go b/internal/services/redis/redis_cache_access_policy_assignment_resource.go
@@ -0,0 +1,184 @@
+package redis
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/hashicorp/go-azure-helpers/lang/response"
+	"github.com/hashicorp/go-azure-sdk/resource-manager/redis/2023-08-01/redis"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
+)
+
+type RedisCacheAccessPolicyAssignmentResource struct {
+}
+
+var _ sdk.Resource = RedisCacheAccessPolicyAssignmentResource{}
+
+type RedisCacheAccessPolicyAssignmentResourceModel struct {
+	Name             string `tfschema:"name"`
+	RedisCacheID     string `tfschema:"redis_cache_id"`
+	AccessPolicyName string `tfschema:"access_policy_name"`
+	ObjectID         string `tfschema:"object_id"`
+	ObjectIDAlias    string `tfschema:"object_id_alias"`
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) Arguments() map[string]*pluginsdk.Schema {
+	return map[string]*pluginsdk.Schema{
+		"name": {
+			Type:         pluginsdk.TypeString,
+			Required:     true,
+			ForceNew:     true,
+			ValidateFunc: validation.StringIsNotEmpty,
+		},
+		"redis_cache_id": {
+			Type:         pluginsdk.TypeString,
+			Required:     true,
+			ForceNew:     true,
+			ValidateFunc: redis.ValidateRediID,
+		},
+		"access_policy_name": {
+			Type:     pluginsdk.TypeString,
+			Required: true,
+			ForceNew: true,
+		},
+		"object_id": {
+			Type:     pluginsdk.TypeString,
+			Required: true,
+			ForceNew: true,
+		},
+		"object_id_alias": {
+			Type:     pluginsdk.TypeString,
+			Required: true,
+			ForceNew: true,
+			ValidateFunc: validation.StringInSlice(
+				[]string{
+					"ServicePrincipal",
+					"UserMSI",
+				}, false),
+		},
+	}
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) Attributes() map[string]*pluginsdk.Schema {
+	return map[string]*pluginsdk.Schema{}
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) ModelObject() interface{} {
+	return &RedisCacheAccessPolicyAssignmentResourceModel{}
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) ResourceType() string {
+	return "azurerm_redis_cache_access_policy_assignment"
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) IDValidationFunc() pluginsdk.SchemaValidateFunc {
+	return redis.ValidateAccessPolicyAssignmentID
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) Create() sdk.ResourceFunc {
+	return sdk.ResourceFunc{
+		Timeout: 5 * time.Minute,
+		Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error {
+			var model RedisCacheAccessPolicyAssignmentResourceModel
+			if err := metadata.Decode(&model); err != nil {
+				return fmt.Errorf("decoding %+v", err)
+			}
+			client := metadata.Client.Redis.Redis
+			subscriptionId := metadata.Client.Account.SubscriptionId
+
+			redisId, err := redis.ParseRediID(model.RedisCacheID)
+			if err != nil {
+				return err
+			}
+			id := redis.NewAccessPolicyAssignmentID(subscriptionId, redisId.ResourceGroupName, redisId.RedisName, model.Name)
+
+			existing, err := client.AccessPolicyAssignmentGet(ctx, id)
+			if err != nil && !response.WasNotFound(existing.HttpResponse) {
+				return fmt.Errorf("checking for existing %s: %+v", id, err)
+			}
+
+			if !response.WasNotFound(existing.HttpResponse) {
+				return metadata.ResourceRequiresImport(r.ResourceType(), id)
+			}
+
+			createInput := redis.RedisCacheAccessPolicyAssignment{
+				Name: &model.Name,
+				Properties: &redis.RedisCacheAccessPolicyAssignmentProperties{
+					AccessPolicyName: model.AccessPolicyName,
+					ObjectId:         model.ObjectID,
+					ObjectIdAlias:    model.ObjectIDAlias,
+				},
+			}
+			if err := client.AccessPolicyAssignmentCreateUpdateThenPoll(ctx, id, createInput); err != nil {
+				return fmt.Errorf("failed to create Redis Cache Access Policy Assignment %s in Redis Cache %s in resource group %s: %s", model.Name, redisId.RedisName, redisId.ResourceGroupName, err)
+			}
+
+			metadata.SetID(id)
+			return nil
+		},
+	}
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) Read() sdk.ResourceFunc {
+	return sdk.ResourceFunc{
+		Timeout: 5 * time.Minute,
+		Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error {
+			id, err := redis.ParseAccessPolicyAssignmentID(metadata.ResourceData.Id())
+			if err != nil {
+				return err
+			}
+
+			client := metadata.Client.Redis.Redis
+
+			resp, err := client.AccessPolicyAssignmentGet(ctx, *id)
+			if err != nil {
+				if response.WasNotFound(resp.HttpResponse) {
+					return metadata.MarkAsGone(id)
+				}
+				return fmt.Errorf("retrieving Redis Cache Access Policy Assignment %s: %+v", *id, err)
+			}
+
+			state := RedisCacheAccessPolicyAssignmentResourceModel{}
+
+			if model := resp.Model; model != nil {
+				if model.Name != nil {
+					state.Name = *model.Name
+				}
+				state.RedisCacheID = redis.NewRediID(id.SubscriptionId, id.ResourceGroupName, id.RedisName).ID()
+				if model.Properties != nil {
+					state.AccessPolicyName = model.Properties.AccessPolicyName
+					state.ObjectID = model.Properties.ObjectId
+					state.ObjectIDAlias = model.Properties.ObjectIdAlias
+				}
+			}
+
+			return metadata.Encode(&state)
+		},
+	}
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) Delete() sdk.ResourceFunc {
+	return sdk.ResourceFunc{
+		Timeout: 5 * time.Minute,
+		Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error {
+			var model RedisCacheAccessPolicyAssignmentResourceModel
+			if err := metadata.Decode(&model); err != nil {
+				return fmt.Errorf("decoding %+v", err)
+			}
+			client := metadata.Client.Redis.Redis
+			id, err := redis.ParseAccessPolicyAssignmentID(metadata.ResourceData.Id())
+			if err != nil {
+				return err
+			}
+
+			if _, err := client.AccessPolicyAssignmentDelete(ctx, *id); err != nil {
+				return fmt.Errorf("deleting Redis Cache Access Policy Assignment %s in Redis Cache %s in resource group %s: %s", id.AccessPolicyAssignmentName, id.RedisName, id.ResourceGroupName, err)
+			}
+
+			return nil
+		},
+	}
+}
diff --git a/internal/services/redis/redis_cache_access_policy_assignment_resource_test.go b/internal/services/redis/redis_cache_access_policy_assignment_resource_test.go
@@ -0,0 +1,114 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package redis_test
+
+import (
+	"context"
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/go-azure-sdk/resource-manager/redis/2023-08-01/redis"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
+	"github.com/hashicorp/terraform-provider-azurerm/utils"
+)
+
+type RedisCacheAccessPolicyAssignmentResource struct{}
+
+func TestAccRedisCacheAccessPolicyAssignment_basic(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_redis_cache_access_policy_assignment", "test")
+	r := RedisCacheAccessPolicyAssignmentResource{}
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.basic(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
+func TestAccRedisCacheAccessPolicyAssignment_requiresImport(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_redis_cache_access_policy_assignment", "test")
+	r := RedisCacheAccessPolicyAssignmentResource{}
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.basic(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.RequiresImportErrorStep(r.requiresImport),
+	})
+}
+
+func (t RedisCacheAccessPolicyAssignmentResource) Exists(ctx context.Context, clients *clients.Client, state *pluginsdk.InstanceState) (*bool, error) {
+	id, err := redis.ParseAccessPolicyAssignmentID(state.ID)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := clients.Redis.Redis.AccessPolicyAssignmentGet(ctx, *id)
+	if err != nil {
+		return nil, fmt.Errorf("reading %s: %+v", *id, err)
+	}
+
+	return utils.Bool(resp.Model != nil), nil
+}
+
+func (RedisCacheAccessPolicyAssignmentResource) basic(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+data "azurerm_client_config" "test" {
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-%d"
+  location = "%s"
+}
+
+resource "azurerm_redis_cache" "test" {
+  name                = "acctestRedis-%d"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+  capacity            = 1
+  family              = "C"
+  sku_name            = "Basic"
+  enable_non_ssl_port = true
+  minimum_tls_version = "1.2"
+
+  redis_configuration {
+  }
+}
+
+resource "azurerm_redis_cache_access_policy_assignment" "test" {
+  name               = "acctestRedisAccessPolicyAssignmentTest"
+  redis_cache_id     = azurerm_redis_cache.test.id
+  access_policy_name = "Data Contributor"
+  object_id          = data.azurerm_client_config.test.object_id
+  object_id_alias    = "ServicePrincipal"
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
+}
+
+func (r RedisCacheAccessPolicyAssignmentResource) requiresImport(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+resource "azurerm_redis_cache_access_policy_assignment" "import" {
+  name               = azurerm_redis_cache_access_policy_assignment.test.name
+  redis_cache_id     = azurerm_redis_cache_access_policy_assignment.test.redis_cache_id
+  access_policy_name = azurerm_redis_cache_access_policy_assignment.test.access_policy_name
+  object_id          = azurerm_redis_cache_access_policy_assignment.test.object_id
+  object_id_alias    = azurerm_redis_cache_access_policy_assignment.test.object_id_alias
+}
+`, r.basic(data))
+}