diff --git a/azurerm/internal/services/cognitive/cognitive_account_resource.go b/azurerm/internal/services/cognitive/cognitive_account_resource.go index 2cdf4530a3a4..c84ce8131a5f 100644 --- a/azurerm/internal/services/cognitive/cognitive_account_resource.go +++ b/azurerm/internal/services/cognitive/cognitive_account_resource.go @@ -108,20 +108,6 @@ func resourceCognitiveAccount() *pluginsdk.Resource { }, false), }, - "aad_client_id": { - Type: pluginsdk.TypeString, - Optional: true, - ForceNew: true, - ValidateFunc: validation.StringIsNotEmpty, - }, - - "aad_tenant_id": { - Type: pluginsdk.TypeString, - Optional: true, - ForceNew: true, - ValidateFunc: validation.StringIsNotEmpty, - }, - "custom_subdomain_name": { Type: pluginsdk.TypeString, Optional: true, @@ -129,12 +115,6 @@ func resourceCognitiveAccount() *pluginsdk.Resource { ValidateFunc: validation.StringIsNotEmpty, }, - "disable_local_auth": { - Type: pluginsdk.TypeBool, - Optional: true, - Default: false, - }, - "fqdns": { Type: pluginsdk.TypeList, Optional: true, @@ -185,10 +165,38 @@ func resourceCognitiveAccount() *pluginsdk.Resource { }, }, - "qna_runtime_endpoint": { + "local_auth_enabled": { + Type: pluginsdk.TypeBool, + Optional: true, + Default: true, + }, + + "metrics_advisor_aad_client_id": { Type: pluginsdk.TypeString, Optional: true, - ValidateFunc: validation.IsURLWithHTTPorHTTPS, + ForceNew: true, + ValidateFunc: validation.IsUUID, + }, + + "metrics_advisor_aad_tenant_id": { + Type: pluginsdk.TypeString, + Optional: true, + ForceNew: true, + ValidateFunc: validation.IsUUID, + }, + + "metrics_advisor_super_user_name": { + Type: pluginsdk.TypeString, + Optional: true, + ForceNew: true, + ValidateFunc: validation.StringIsNotEmpty, + }, + + "metrics_advisor_website_name": { + Type: pluginsdk.TypeString, + Optional: true, + ForceNew: true, + ValidateFunc: validation.StringIsNotEmpty, }, "network_acls": { @@ -227,16 +235,22 @@ func resourceCognitiveAccount() *pluginsdk.Resource { }, }, - "public_network_access_enabled": { + "outbound_network_access_restrited": { Type: pluginsdk.TypeBool, Optional: true, - Default: true, + Default: false, }, - "restrict_outbound_network_access": { + "public_network_access_enabled": { Type: pluginsdk.TypeBool, Optional: true, - Default: false, + Default: true, + }, + + "qna_runtime_endpoint": { + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: validation.IsURLWithHTTPorHTTPS, }, "storage": { @@ -244,7 +258,7 @@ func resourceCognitiveAccount() *pluginsdk.Resource { Optional: true, Elem: &pluginsdk.Resource{ Schema: map[string]*pluginsdk.Schema{ - "resource_id": { + "storage_account_id": { Type: pluginsdk.TypeString, Required: true, ValidateFunc: storageValidate.StorageAccountID, @@ -259,20 +273,6 @@ func resourceCognitiveAccount() *pluginsdk.Resource { }, }, - "super_user": { - Type: pluginsdk.TypeString, - Optional: true, - ForceNew: true, - ValidateFunc: validation.StringIsNotEmpty, - }, - - "website_name": { - Type: pluginsdk.TypeString, - Optional: true, - ForceNew: true, - ValidateFunc: validation.StringIsNotEmpty, - }, - "tags": tags.Schema(), "endpoint": { @@ -359,8 +359,8 @@ func resourceCognitiveAccountCreate(d *pluginsdk.ResourceData, meta interface{}) AllowedFqdnList: utils.ExpandStringSlice(d.Get("fqdns").([]interface{})), PublicNetworkAccess: publicNetworkAccess, UserOwnedStorage: expandCognitiveAccountStorage(d.Get("storage").([]interface{})), - RestrictOutboundNetworkAccess: utils.Bool(d.Get("restrict_outbound_network_access").(bool)), - DisableLocalAuth: utils.Bool(d.Get("disable_local_auth").(bool)), + RestrictOutboundNetworkAccess: utils.Bool(d.Get("outbound_network_access_restrited").(bool)), + DisableLocalAuth: utils.Bool(!d.Get("local_auth_enabled").(bool)), }, Tags: tags.Expand(d.Get("tags").(map[string]interface{})), } @@ -443,8 +443,8 @@ func resourceCognitiveAccountUpdate(d *pluginsdk.ResourceData, meta interface{}) AllowedFqdnList: utils.ExpandStringSlice(d.Get("fqdns").([]interface{})), PublicNetworkAccess: publicNetworkAccess, UserOwnedStorage: expandCognitiveAccountStorage(d.Get("storage").([]interface{})), - RestrictOutboundNetworkAccess: utils.Bool(d.Get("restrict_outbound_network_access").(bool)), - DisableLocalAuth: utils.Bool(d.Get("disable_local_auth").(bool)), + RestrictOutboundNetworkAccess: utils.Bool(d.Get("outbound_network_access_restrited").(bool)), + DisableLocalAuth: utils.Bool(!d.Get("local_auth_enabled").(bool)), }, Tags: tags.Expand(d.Get("tags").(map[string]interface{})), } @@ -518,10 +518,10 @@ func resourceCognitiveAccountRead(d *pluginsdk.ResourceData, meta interface{}) e if props := resp.Properties; props != nil { if apiProps := props.APIProperties; apiProps != nil { d.Set("qna_runtime_endpoint", apiProps.QnaRuntimeEndpoint) - d.Set("aad_client_id", apiProps.AadClientID) - d.Set("aad_tenant_id", apiProps.AadTenantID) - d.Set("super_user", apiProps.SuperUser) - d.Set("website_name", apiProps.WebsiteName) + d.Set("metrics_advisor_aad_client_id", apiProps.AadClientID) + d.Set("metrics_advisor_aad_tenant_id", apiProps.AadTenantID) + d.Set("metrics_advisor_super_user_name", apiProps.SuperUser) + d.Set("metrics_advisor_website_name", apiProps.WebsiteName) } d.Set("endpoint", props.Endpoint) d.Set("custom_subdomain_name", props.CustomSubDomainName) @@ -534,10 +534,10 @@ func resourceCognitiveAccountRead(d *pluginsdk.ResourceData, meta interface{}) e return fmt.Errorf("setting `storages` for Cognitive Account %q: %+v", id, err) } if props.RestrictOutboundNetworkAccess != nil { - d.Set("restrict_outbound_network_access", *props.RestrictOutboundNetworkAccess) + d.Set("outbound_network_access_restrited", *props.RestrictOutboundNetworkAccess) } if props.DisableLocalAuth != nil { - d.Set("disable_local_auth", *props.DisableLocalAuth) + d.Set("local_auth_enabled", !*props.DisableLocalAuth) } } @@ -667,7 +667,7 @@ func expandCognitiveAccountStorage(input []interface{}) *[]cognitiveservices.Use for _, v := range input { value := v.(map[string]interface{}) results = append(results, cognitiveservices.UserOwnedStorage{ - ResourceID: utils.String(value["resource_id"].(string)), + ResourceID: utils.String(value["storage_account_id"].(string)), IdentityClientID: utils.String(value["identity_client_id"].(string)), }) } @@ -721,32 +721,32 @@ func expandCognitiveAccountAPIProperties(d *pluginsdk.ResourceData) (*cognitives return nil, fmt.Errorf("the QnAMaker runtime endpoint `qna_runtime_endpoint` is required when kind is set to `QnAMaker`") } } - if v, ok := d.GetOk("aad_client_id"); ok { + if v, ok := d.GetOk("metrics_advisor_aad_client_id"); ok { if kind == "MetricsAdvisor" { props.AadClientID = utils.String(v.(string)) } else { - return nil, fmt.Errorf("aad_client_id can only used set when kind is set to `MetricsAdvisor`") + return nil, fmt.Errorf("metrics_advisor_aad_client_id can only used set when kind is set to `MetricsAdvisor`") } } - if v, ok := d.GetOk("aad_tenant_id"); ok { + if v, ok := d.GetOk("metrics_advisor_aad_tenant_id"); ok { if kind == "MetricsAdvisor" { props.AadTenantID = utils.String(v.(string)) } else { - return nil, fmt.Errorf("aad_tenant_id can only used set when kind is set to `MetricsAdvisor`") + return nil, fmt.Errorf("metrics_advisor_aad_tenant_id can only used set when kind is set to `MetricsAdvisor`") } } - if v, ok := d.GetOk("super_user"); ok { + if v, ok := d.GetOk("metrics_advisor_super_user_name"); ok { if kind == "MetricsAdvisor" { props.SuperUser = utils.String(v.(string)) } else { - return nil, fmt.Errorf("super_user can only used set when kind is set to `MetricsAdvisor`") + return nil, fmt.Errorf("metrics_advisor_super_user_name can only used set when kind is set to `MetricsAdvisor`") } } - if v, ok := d.GetOk("website_name"); ok { + if v, ok := d.GetOk("metrics_advisor_website_name"); ok { if kind == "MetricsAdvisor" { props.WebsiteName = utils.String(v.(string)) } else { - return nil, fmt.Errorf("website_name can only used set when kind is set to `MetricsAdvisor`") + return nil, fmt.Errorf("metrics_advisor_website_name can only used set when kind is set to `MetricsAdvisor`") } } return &props, nil @@ -801,7 +801,7 @@ func flattenCognitiveAccountStorage(input *[]cognitiveservices.UserOwnedStorage) for _, v := range *input { value := make(map[string]interface{}) if v.ResourceID != nil { - value["resource_id"] = *v.ResourceID + value["storage_account_id"] = *v.ResourceID } if v.IdentityClientID != nil { value["identity_client_id"] = *v.IdentityClientID diff --git a/azurerm/internal/services/cognitive/cognitive_account_resource_test.go b/azurerm/internal/services/cognitive/cognitive_account_resource_test.go index 05b5c309f1a3..a2d43b49793e 100644 --- a/azurerm/internal/services/cognitive/cognitive_account_resource_test.go +++ b/azurerm/internal/services/cognitive/cognitive_account_resource_test.go @@ -475,7 +475,7 @@ resource "azurerm_cognitive_account" "test" { } storage { - resource_id = azurerm_storage_account.test.id + storage_account_id = azurerm_storage_account.test.id identity_client_id = azurerm_user_assigned_identity.test.client_id } } @@ -515,10 +515,10 @@ resource "azurerm_cognitive_account" "test" { kind = "Face" sku_name = "S0" - fqdns = ["foo.com", "bar.com"] - public_network_access_enabled = false - restrict_outbound_network_access = true - disable_local_auth = true + fqdns = ["foo.com", "bar.com"] + public_network_access_enabled = false + outbound_network_access_restrited = true + local_auth_enabled = false tags = { Acceptance = "Test" @@ -601,16 +601,16 @@ resource "azurerm_resource_group" "test" { location = "%s" } resource "azurerm_cognitive_account" "test" { - name = "acctestcogacc-%d" - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name - kind = "MetricsAdvisor" - sku_name = "S0" - custom_subdomain_name = "acctestcogacc-%d" - aad_client_id = "310d7b2e-d1d1-4b87-9807-5b885b290c00" - aad_tenant_id = "72f988bf-86f1-41af-91ab-2d7cd011db47" - super_user = "mock_user1" - website_name = "mock_name2" + name = "acctestcogacc-%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + kind = "MetricsAdvisor" + sku_name = "S0" + custom_subdomain_name = "acctestcogacc-%d" + metrics_advisor_aad_client_id = "310d7b2e-d1d1-4b87-9807-5b885b290c00" + metrics_advisor_aad_tenant_id = "72f988bf-86f1-41af-91ab-2d7cd011db47" + metrics_advisor_super_user_name = "mock_user1" + metrics_advisor_website_name = "mock_name2" } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger) } diff --git a/website/docs/r/cognitive_account.html.markdown b/website/docs/r/cognitive_account.html.markdown index fcfbf2eae4e5..bde8d073e114 100644 --- a/website/docs/r/cognitive_account.html.markdown +++ b/website/docs/r/cognitive_account.html.markdown @@ -48,33 +48,33 @@ The following arguments are supported: * `sku_name` - (Required) Specifies the SKU Name for this Cognitive Service Account. Possible values are `F0`, `F1`, `S`, `S0`, `S1`, `S2`, `S3`, `S4`, `S5`, `S6`, `P0`, `P1`, and `P2`. -* `aad_client_id` - (Optional) The Azure AD Client ID (Application ID). This attribute is only set when kind is `MetricsAdvisor`. Changing this forces a new resource to be created. +* `custom_subdomain_name` - (Optional) The subdomain name used for token-based authentication. Changing this forces a new resource to be created. -* `aad_tenant_id` - (Optional) The Azure AD Tenant ID. This attribute is only set when kind is `MetricsAdvisor`. Changing this forces a new resource to be created. - -* `qna_runtime_endpoint` - (Optional) A URL to link a QnAMaker cognitive account to a QnA runtime. +* `fqdns` - (Optional) List of FQDNs allowed for the Cognitive Account. --> **NOTE:** This URL is mandatory if the `kind` is set to `QnAMaker`. +* `identity` - (Optional) An `identity` block is documented below. -* `network_acls` - (Optional) A `network_acls` block as defined below. +* `local_auth_enabled` - (Optional) Whether local authentication methods is enabled for the Cognitive Account. Defaults to `true`. -* `custom_subdomain_name` - (Optional) The subdomain name used for token-based authentication. Changing this forces a new resource to be created. +* `metrics_advisor_aad_client_id` - (Optional) The Azure AD Client ID (Application ID). This attribute is only set when kind is `MetricsAdvisor`. Changing this forces a new resource to be created. -* `disable_local_auth` - (Optional) Whether local authentication methods is disabled for the Cognitive Account. Defaults to `false`. +* `metrics_advisor_aad_tenant_id` - (Optional) The Azure AD Tenant ID. This attribute is only set when kind is `MetricsAdvisor`. Changing this forces a new resource to be created. -* `fqdns` - (Optional) List of FQDNs allowed for the Cognitive Account. - -* `identity` - (Optional) An `identity` block is documented below. +* `metrics_advisor_super_user_name` - (Optional) The super user of Metrics Advisor. This attribute is only set when kind is `MetricsAdvisor`. Changing this forces a new resource to be created. -* `public_network_access_enabled` - (Optional) Whether public network access is allowed for the Cognitive Account. Defaults to `true`. +* `metrics_advisor_website_name` - (Optional) The website name of Metrics Advisor. This attribute is only set when kind is `MetricsAdvisor`. Changing this forces a new resource to be created. -* `restrict_outbound_network_access` - (Optional) Whether outbound network access is restricted for the Cognitive Account. Defaults to `false`. +-> **NOTE:** This URL is mandatory if the `kind` is set to `QnAMaker`. -* `storage` - (Optional) An `identity` block is documented below. +* `network_acls` - (Optional) A `network_acls` block as defined below. -* `super_user` - (Optional) The super user of Metrics Advisor. This attribute is only set when kind is `MetricsAdvisor`. Changing this forces a new resource to be created. +* `outbound_network_access_restrited` - (Optional) Whether outbound network access is restricted for the Cognitive Account. Defaults to `false`. -* `website_name` - (Optional) The website name of Metrics Advisor. This attribute is only set when kind is `MetricsAdvisor`. Changing this forces a new resource to be created. +* `public_network_access_enabled` - (Optional) Whether public network access is allowed for the Cognitive Account. Defaults to `true`. + +* `qna_runtime_endpoint` - (Optional) A URL to link a QnAMaker cognitive account to a QnA runtime. + +* `storage` - (Optional) An `identity` block is documented below. * `tags` - (Optional) A mapping of tags to assign to the resource. @@ -102,7 +102,7 @@ A `identity` block supports the following: A `storage` block supports the following: -* `resource_id` - (Required) Full resource id of a Microsoft.Storage resource. +* `storage_account_id` - (Required) Full resource id of a Microsoft.Storage resource. * `identity_client_id` - (Optional) The client ID of the managed identity associated with the storage resource.