Skip to content

Commit

Permalink
Merge pull request #5710 from terraform-providers/storage-2.0
Browse files Browse the repository at this point in the history
Preparing the the storage package for 2.0
  • Loading branch information
tombuildsstuff authored Feb 17, 2020
2 parents 56051b8 + 3e69296 commit 33bc0f5
Show file tree
Hide file tree
Showing 23 changed files with 65 additions and 349 deletions.
74 changes: 2 additions & 72 deletions azurerm/internal/services/storage/resource_arm_storage_account.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,6 @@ import (
"strings"
"time"

"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/iothub"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/network"

"github.com/Azure/azure-sdk-for-go/services/preview/security/mgmt/v1.0/security"
"github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2019-04-01/storage"
azautorest "github.com/Azure/go-autorest/autorest"
"github.com/hashicorp/go-azure-helpers/response"
Expand All @@ -24,6 +20,8 @@ import (
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/features"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/locks"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/iothub"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/network"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tags"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
Expand Down Expand Up @@ -80,15 +78,6 @@ func resourceArmStorageAccount() *schema.Resource {
Default: string(storage.Storage),
},

"account_type": {
Type: schema.TypeString,
Optional: true,
Computed: true,
Deprecated: "This field has been split into `account_tier` and `account_replication_type`",
ValidateFunc: ValidateArmStorageAccountType,
DiffSuppressFunc: suppress.CaseDifference,
},

"account_tier": {
Type: schema.TypeString,
Required: true,
Expand Down Expand Up @@ -178,14 +167,6 @@ func resourceArmStorageAccount() *schema.Resource {
ForceNew: true,
},

// TODO remove this in 2.0 for the dedicated resource
"enable_advanced_threat_protection": {
Type: schema.TypeBool,
Optional: true,
Computed: true,
Deprecated: "This property has been deprecated in favour of the new 'azurerm_advanced_threat_protection' resource and will be removed in version 2.0 of the provider",
},

"network_rules": {
Type: schema.TypeList,
Optional: true,
Expand Down Expand Up @@ -612,7 +593,6 @@ func validateAzureRMStorageAccountTags(v interface{}, _ string) (warnings []stri

func resourceArmStorageAccountCreate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*clients.Client).Storage.AccountsClient
advancedThreatProtectionClient := meta.(*clients.Client).SecurityCenter.AdvancedThreatProtectionClient
ctx, cancel := timeouts.ForCreate(meta.(*clients.Client).StopContext, d)
defer cancel()

Expand Down Expand Up @@ -732,22 +712,6 @@ func resourceArmStorageAccountCreate(d *schema.ResourceData, meta interface{}) e
log.Printf("[INFO] storage account %q ID: %q", storageAccountName, *account.ID)
d.SetId(*account.ID)

// TODO: deprecate & split this out into it's own resource in 2.0
// as this is not available in all regions, and presumably off by default
// lets only try to set this value when true
// TODO in 2.0 switch to guarding this with d.GetOkExists() ?
if v := d.Get("enable_advanced_threat_protection").(bool); v {
advancedThreatProtectionSetting := security.AdvancedThreatProtectionSetting{
AdvancedThreatProtectionProperties: &security.AdvancedThreatProtectionProperties{
IsEnabled: utils.Bool(v),
},
}

if _, err = advancedThreatProtectionClient.Create(ctx, d.Id(), advancedThreatProtectionSetting); err != nil {
return fmt.Errorf("Error updating Azure Storage Account enable_advanced_threat_protection %q: %+v", storageAccountName, err)
}
}

if val, ok := d.GetOk("blob_properties"); ok {
// FileStorage does not support blob settings
if accountKind != string(storage.FileStorage) {
Expand Down Expand Up @@ -810,7 +774,6 @@ func resourceArmStorageAccountCreate(d *schema.ResourceData, meta interface{}) e
// available requires a call to Update per parameter...
func resourceArmStorageAccountUpdate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*clients.Client).Storage.AccountsClient
advancedThreatProtectionClient := meta.(*clients.Client).SecurityCenter.AdvancedThreatProtectionClient
ctx, cancel := timeouts.ForUpdate(meta.(*clients.Client).StopContext, d)
defer cancel()

Expand Down Expand Up @@ -969,20 +932,6 @@ func resourceArmStorageAccountUpdate(d *schema.ResourceData, meta interface{}) e
d.SetPartial("network_rules")
}

if d.HasChange("enable_advanced_threat_protection") {
opts := security.AdvancedThreatProtectionSetting{
AdvancedThreatProtectionProperties: &security.AdvancedThreatProtectionProperties{
IsEnabled: utils.Bool(d.Get("enable_advanced_threat_protection").(bool)),
},
}

if _, err := advancedThreatProtectionClient.Create(ctx, d.Id(), opts); err != nil {
return fmt.Errorf("Error updating Azure Storage Account enable_advanced_threat_protection %q: %+v", storageAccountName, err)
}

d.SetPartial("enable_advanced_threat_protection")
}

if d.HasChange("blob_properties") {
// FileStorage does not support blob settings
if accountKind != string(storage.FileStorage) {
Expand Down Expand Up @@ -1048,7 +997,6 @@ func resourceArmStorageAccountUpdate(d *schema.ResourceData, meta interface{}) e

func resourceArmStorageAccountRead(d *schema.ResourceData, meta interface{}) error {
client := meta.(*clients.Client).Storage.AccountsClient
advancedThreatProtectionClient := meta.(*clients.Client).SecurityCenter.AdvancedThreatProtectionClient
endpointSuffix := meta.(*clients.Client).Account.Environment.StorageEndpointSuffix
ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
defer cancel()
Expand Down Expand Up @@ -1102,7 +1050,6 @@ func resourceArmStorageAccountRead(d *schema.ResourceData, meta interface{}) err
d.Set("account_kind", resp.Kind)

if sku := resp.Sku; sku != nil {
d.Set("account_type", sku.Name)
d.Set("account_tier", sku.Tier)
d.Set("account_replication_type", strings.Split(fmt.Sprintf("%v", sku.Name), "_")[1])
}
Expand Down Expand Up @@ -1189,23 +1136,6 @@ func resourceArmStorageAccountRead(d *schema.ResourceData, meta interface{}) err
return err
}

// TODO in 2.0 switch to guarding this with d.GetOkExists()
atp, err := advancedThreatProtectionClient.Get(ctx, d.Id())
if err != nil {
msg := err.Error()
if !strings.Contains(msg, "The resource namespace 'Microsoft.Security' is invalid.") {
if !strings.Contains(msg, "No registered resource provider found for location '") {
if !strings.Contains(msg, "' and API version '2017-08-01-preview' for type ") {
return fmt.Errorf("Error reading the advanced threat protection settings of AzureRM Storage Account %q: %+v", name, err)
}
}
}
} else {
if atpp := atp.AdvancedThreatProtectionProperties; atpp != nil {
d.Set("enable_advanced_threat_protection", atpp.IsEnabled)
}
}

storageClient := meta.(*clients.Client).Storage
account, err := storageClient.FindAccount(ctx, name)
if err != nil {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -115,11 +115,15 @@ func resourceArmStorageAccountNetworkRulesCreateUpdate(d *schema.ResourceData, m
return fmt.Errorf("Storage Account %q (Resource Group %q) was not found", storageAccountName, resourceGroup)
}

return fmt.Errorf("Error loading Storage Account %q (Resource Group %q): %+v", storageAccountName, resourceGroup, err)
return fmt.Errorf("Error retrieving Storage Account %q (Resource Group %q): %+v", storageAccountName, resourceGroup, err)
}

if features.ShouldResourcesBeImported() {
if checkForNonDefaultStorageAccountNetworkRule(storageAccount.NetworkRuleSet) {
if features.ShouldResourcesBeImported() && d.IsNewResource() {
if storageAccount.AccountProperties == nil {
return fmt.Errorf("Error retrieving Storage Account %q (Resource Group %q): `properties` was nil", storageAccountName, resourceGroup)
}

if checkForNonDefaultStorageAccountNetworkRule(storageAccount.AccountProperties.NetworkRuleSet) {
return tf.ImportAsExistsError("azurerm_storage_account_network_rule", *storageAccount.ID)
}
}
Expand Down Expand Up @@ -247,8 +251,8 @@ func checkForNonDefaultStorageAccountNetworkRule(rule *storage.NetworkRuleSet) b
return false
}

if rule.IPRules != nil || len(*rule.IPRules) != 0 ||
rule.VirtualNetworkRules != nil || len(*rule.VirtualNetworkRules) == 0 ||
if (rule.IPRules != nil && len(*rule.IPRules) != 0) ||
(rule.VirtualNetworkRules != nil && len(*rule.VirtualNetworkRules) != 0) ||
rule.Bypass != "AzureServices" || rule.DefaultAction != "Allow" {
return true
}
Expand Down
24 changes: 4 additions & 20 deletions azurerm/internal/services/storage/resource_arm_storage_blob.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,6 @@ import (

"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/suppress"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
Expand Down Expand Up @@ -61,15 +59,14 @@ func resourceArmStorageBlob() *schema.Resource {
},

"type": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
DiffSuppressFunc: suppress.CaseDifference, // TODO: remove in 2.0
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validation.StringInSlice([]string{
"Append",
"Block",
"Page",
}, true),
}, false),
},

"size": {
Expand Down Expand Up @@ -133,18 +130,6 @@ func resourceArmStorageBlob() *schema.Resource {
},

"metadata": MetaDataComputedSchema(),

// Deprecated fields
"attempts": {
Type: schema.TypeInt,
Optional: true,
Default: 1,
ForceNew: true,
Deprecated: "Retries are now handled by the Azure SDK as such this field is no longer necessary and will be removed in v2.0 of the Azure Provider",
ValidateFunc: validation.IntAtLeast(1),
},

"resource_group_name": azure.SchemaResourceGroupNameDeprecated(),
},
}
}
Expand Down Expand Up @@ -314,7 +299,6 @@ func resourceArmStorageBlobRead(d *schema.ResourceData, meta interface{}) error
d.Set("name", id.BlobName)
d.Set("storage_container_name", id.ContainerName)
d.Set("storage_account_name", id.AccountName)
d.Set("resource_group_name", account.ResourceGroup)

d.Set("access_tier", string(props.AccessTier))
d.Set("content_type", props.ContentType)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import (

"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
Expand Down Expand Up @@ -75,17 +74,6 @@ func resourceArmStorageContainer() *schema.Resource {
Type: schema.TypeBool,
Computed: true,
},

"resource_group_name": azure.SchemaResourceGroupNameDeprecated(),

"properties": {
Type: schema.TypeMap,
Computed: true,
Deprecated: "This field will be removed in version 2.0 of the Azure Provider",
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
},
}
}
Expand Down Expand Up @@ -229,18 +217,13 @@ func resourceArmStorageContainerRead(d *schema.ResourceData, meta interface{}) e

d.Set("name", id.ContainerName)
d.Set("storage_account_name", id.AccountName)
d.Set("resource_group_name", account.ResourceGroup)

d.Set("container_access_type", flattenStorageContainerAccessLevel(props.AccessLevel))

if err := d.Set("metadata", FlattenMetaData(props.MetaData)); err != nil {
return fmt.Errorf("Error setting `metadata`: %+v", err)
}

if err := d.Set("properties", flattenStorageContainerProperties(props)); err != nil {
return fmt.Errorf("Error setting `properties`: %+v", err)
}

d.Set("has_immutability_policy", props.HasImmutabilityPolicy)
d.Set("has_legal_hold", props.HasLegalHold)

Expand Down Expand Up @@ -277,21 +260,6 @@ func resourceArmStorageContainerDelete(d *schema.ResourceData, meta interface{})
return nil
}

func flattenStorageContainerProperties(input containers.ContainerProperties) map[string]interface{} {
output := map[string]interface{}{
"last_modified": input.Header.Get("Last-Modified"),
"lease_duration": "",
"lease_state": string(input.LeaseState),
"lease_status": string(input.LeaseStatus),
}

if input.LeaseDuration != nil {
output["lease_duration"] = string(*input.LeaseDuration)
}

return output
}

func expandStorageContainerAccessLevel(input string) containers.AccessLevel {
// for historical reasons, "private" above is an empty string in the API
// so the enum doesn't 1:1 match. You could argue the SDK should handle this
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import (
"time"

"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/features"
Expand Down Expand Up @@ -50,8 +49,6 @@ func resourceArmStorageQueue() *schema.Resource {
ValidateFunc: ValidateArmStorageAccountName,
},

"resource_group_name": azure.SchemaResourceGroupNameDeprecated(),

"metadata": MetaDataSchema(),
},
}
Expand Down Expand Up @@ -204,7 +201,6 @@ func resourceArmStorageQueueRead(d *schema.ResourceData, meta interface{}) error

d.Set("name", id.QueueName)
d.Set("storage_account_name", id.AccountName)
d.Set("resource_group_name", account.ResourceGroup)

if err := d.Set("metadata", FlattenMetaData(metaData.MetaData)); err != nil {
return fmt.Errorf("Error setting `metadata`: %s", err)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import (

"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/features"
Expand Down Expand Up @@ -55,8 +54,6 @@ func resourceArmStorageShare() *schema.Resource {
ValidateFunc: ValidateArmStorageShareName,
},

"resource_group_name": azure.SchemaResourceGroupNameDeprecated(),

"storage_account_name": {
Type: schema.TypeString,
Required: true,
Expand Down Expand Up @@ -230,9 +227,6 @@ func resourceArmStorageShareRead(d *schema.ResourceData, meta interface{}) error
return fmt.Errorf("Error flattening `acl`: %+v", err)
}

// Deprecated: remove in 2.0
d.Set("resource_group_name", account.ResourceGroup)

return nil
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ import (

"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/features"
Expand Down Expand Up @@ -63,9 +62,6 @@ func resourceArmStorageTable() *schema.Resource {
ValidateFunc: ValidateArmStorageAccountName,
},

// TODO: deprecate this in the docs
"resource_group_name": azure.SchemaResourceGroupNameDeprecated(),

"acl": {
Type: schema.TypeSet,
Optional: true,
Expand Down Expand Up @@ -199,7 +195,6 @@ func resourceArmStorageTableRead(d *schema.ResourceData, meta interface{}) error

d.Set("name", id.TableName)
d.Set("storage_account_name", id.AccountName)
d.Set("resource_group_name", account.ResourceGroup)

if err := d.Set("acl", flattenStorageTableACLs(acls)); err != nil {
return fmt.Errorf("Error flattening `acl`: %+v", err)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ resource "azurerm_storage_account" "storage" {
resource "azurerm_storage_container" "container" {
name = "sas-test"
resource_group_name = "${azurerm_resource_group.rg.name}"
storage_account_name = "${azurerm_storage_account.storage.name}"
container_access_type = "private"
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@ resource "azurerm_storage_account" "test" {
resource "azurerm_storage_container" "test" {
name = "containerdstest-%s"
resource_group_name = "${azurerm_resource_group.test.name}"
storage_account_name = "${azurerm_storage_account.test.name}"
container_access_type = "private"
metadata = {
Expand Down
Loading

0 comments on commit 33bc0f5

Please sign in to comment.