read model checks

internal/services/paloalto/local_rule_stack_certificate_resource.go

@@ -179,12 +179,14 @@ func (r LocalRuleStackCertificate) Read() sdk.ResourceFunc {
 			state.Name = id.CertificateName
 			state.RuleStackID = certificateobjectlocalrulestack.NewLocalRulestackID(id.SubscriptionId, id.ResourceGroupName, id.LocalRulestackName).ID()
 
-			props := existing.Model.Properties
+			if model := existing.Model; model != nil {
+				props := model.Properties
 
-			state.AuditComment = pointer.From(props.AuditComment)
-			state.CertificateSignerID = pointer.From(props.CertificateSignerResourceId)
-			state.Description = pointer.From(props.Description)
-			state.SelfSigned = boolEnumAsBoolCert(props.CertificateSelfSigned)
+				state.AuditComment = pointer.From(props.AuditComment)
+				state.CertificateSignerID = pointer.From(props.CertificateSignerResourceId)
+				state.Description = pointer.From(props.Description)
+				state.SelfSigned = boolEnumAsBoolCert(props.CertificateSelfSigned)
+			}
 
 			return metadata.Encode(&state)
 		},
@@ -272,15 +274,11 @@ func (r LocalRuleStackCertificate) Update() sdk.ResourceFunc {
 }
 
 func boolAsBooleanEnumCert(input bool) certificateobjectlocalrulestack.BooleanEnum {
-	var result certificateobjectlocalrulestack.BooleanEnum
-
 	if input {
-		result = certificateobjectlocalrulestack.BooleanEnumTRUE
-	} else {
-		result = certificateobjectlocalrulestack.BooleanEnumFALSE
+		return certificateobjectlocalrulestack.BooleanEnumTRUE
 	}
 
-	return result
+	return certificateobjectlocalrulestack.BooleanEnumFALSE
 }
 
 func boolEnumAsBoolCert(input certificateobjectlocalrulestack.BooleanEnum) bool {

internal/services/paloalto/local_rule_stack_data_source.go

@@ -3,6 +3,7 @@ package paloalto
 import (
 	"context"
 	"fmt"
+	"github.com/hashicorp/go-azure-helpers/resourcemanager/location"
 	"time"
 
 	"github.com/hashicorp/go-azure-helpers/lang/pointer"
@@ -51,13 +52,13 @@ func (l LocalRulestackDataSource) Arguments() map[string]*schema.Schema {
 		},
 
 		"resource_group_name": commonschema.ResourceGroupNameForDataSource(),
-
-		"location": commonschema.LocationWithoutForceNew(),
 	}
 }
 
 func (l LocalRulestackDataSource) Attributes() map[string]*schema.Schema {
 	return map[string]*pluginsdk.Schema{
+		"location": commonschema.LocationComputed(),
+
 		"vulnerability_profile": {
 			Type:     pluginsdk.TypeString,
 			Computed: true,
@@ -111,12 +112,12 @@ func (l LocalRulestackDataSource) Read() sdk.ResourceFunc {
 		Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error {
 			client := metadata.Client.PaloAlto.Client.LocalRulestacks
 
-			var model LocalRulestackDataSourceModel
-			if err := metadata.Decode(&model); err != nil {
+			var state LocalRulestackDataSourceModel
+			if err := metadata.Decode(&state); err != nil {
 				return err
 			}
 
-			id := localrulestacks.NewLocalRulestackID(metadata.Client.Account.SubscriptionId, model.ResourceGroupName, model.Name)
+			id := localrulestacks.NewLocalRulestackID(metadata.Client.Account.SubscriptionId, state.ResourceGroupName, state.Name)
 
 			existing, err := client.Get(ctx, id)
 			if err != nil {
@@ -126,23 +127,27 @@ func (l LocalRulestackDataSource) Read() sdk.ResourceFunc {
 				return fmt.Errorf("reading %s: %+v", id, err)
 			}
 
-			props := existing.Model.Properties
-
-			model.Description = pointer.From(props.Description)
-			if secServices := props.SecurityServices; secServices != nil {
-				model.FileBlockingProfile = pointer.From(secServices.FileBlockingProfile)
-				model.AntiVirusProfile = pointer.From(secServices.AntiVirusProfile)
-				model.AntiSpywareProfile = pointer.From(secServices.AntiSpywareProfile)
-				model.URLFilteringProfile = pointer.From(secServices.UrlFilteringProfile)
-				model.VulnerabilityProfile = pointer.From(secServices.VulnerabilityProfile)
-				model.DNSSubscription = pointer.From(secServices.DnsSubscription)
-				model.OutboundTrustCertificate = pointer.From(secServices.OutboundTrustCertificate)
-				model.OutboundUnTrustCertificate = pointer.From(secServices.OutboundUnTrustCertificate)
+			if model := existing.Model; model != nil {
+				state.Location = location.Normalize(model.Location)
+				props := model.Properties
+
+				state.Description = pointer.From(props.Description)
+
+				if secServices := props.SecurityServices; secServices != nil {
+					state.FileBlockingProfile = pointer.From(secServices.FileBlockingProfile)
+					state.AntiVirusProfile = pointer.From(secServices.AntiVirusProfile)
+					state.AntiSpywareProfile = pointer.From(secServices.AntiSpywareProfile)
+					state.URLFilteringProfile = pointer.From(secServices.UrlFilteringProfile)
+					state.VulnerabilityProfile = pointer.From(secServices.VulnerabilityProfile)
+					state.DNSSubscription = pointer.From(secServices.DnsSubscription)
+					state.OutboundTrustCertificate = pointer.From(secServices.OutboundTrustCertificate)
+					state.OutboundUnTrustCertificate = pointer.From(secServices.OutboundUnTrustCertificate)
+				}
 			}
 
 			metadata.SetID(id)
 
-			return metadata.Encode(&model)
+			return metadata.Encode(&state)
 		},
 	}
 }

internal/services/paloalto/local_rule_stack_fqdn_list_resource.go

@@ -169,11 +169,13 @@ func (r LocalRulestackFQDNList) Read() sdk.ResourceFunc {
 			state.Name = id.FqdnListName
 			state.RuleStackID = fqdnlistlocalrulestack.NewLocalRulestackID(id.SubscriptionId, id.ResourceGroupName, id.LocalRulestackName).ID()
 
-			props := existing.Model.Properties
+			if model := existing.Model; model != nil {
+				props := model.Properties
 
-			state.FQDNList = props.FqdnList
-			state.AuditComment = pointer.From(props.AuditComment)
-			state.Description = pointer.From(props.Description)
+				state.FQDNList = props.FqdnList
+				state.AuditComment = pointer.From(props.AuditComment)
+				state.Description = pointer.From(props.Description)
+			}
 
 			return metadata.Encode(&state)
 		},

internal/services/paloalto/local_rule_stack_prefix_list_resource.go

@@ -168,12 +168,13 @@ func (r LocalRuleStackPrefixList) Read() sdk.ResourceFunc {
 
 			state.Name = id.PrefixListName
 			state.RuleStackID = prefixlistlocalrulestack.NewLocalRulestackID(id.SubscriptionId, id.ResourceGroupName, id.LocalRulestackName).ID()
+			if model := existing.Model; model != nil {
+				props := model.Properties
 
-			props := existing.Model.Properties
-
-			state.PrefixList = props.PrefixList
-			state.AuditComment = pointer.From(props.AuditComment)
-			state.Description = pointer.From(props.Description)
+				state.PrefixList = props.PrefixList
+				state.AuditComment = pointer.From(props.AuditComment)
+				state.Description = pointer.From(props.Description)
+			}
 
 			return metadata.Encode(&state)
 		},

internal/services/paloalto/local_rule_stack_resource.go

@@ -221,20 +221,22 @@ func (r LocalRuleStack) Read() sdk.ResourceFunc {
 				return fmt.Errorf("reading %s: %+v", *id, err)
 			}
 
-			props := existing.Model.Properties
-
 			state.Name = id.LocalRulestackName
 			state.ResourceGroupName = id.ResourceGroupName
-			state.Description = pointer.From(props.Description)
-			state.Location = location.Normalize(existing.Model.Location)
-
-			if secServices := props.SecurityServices; secServices != nil {
-				state.VulnerabilityProfile = pointer.From(secServices.VulnerabilityProfile)
-				state.AntiSpywareProfile = pointer.From(secServices.AntiSpywareProfile)
-				state.AntiVirusProfile = pointer.From(secServices.AntiVirusProfile)
-				state.FileBlockingProfile = pointer.From(secServices.FileBlockingProfile)
-				state.URLFilteringProfile = pointer.From(secServices.UrlFilteringProfile)
-				state.DNSSubscription = pointer.From(secServices.DnsSubscription)
+			if model := existing.Model; model != nil {
+				props := model.Properties
+
+				state.Description = pointer.From(props.Description)
+				state.Location = location.Normalize(existing.Model.Location)
+
+				if secServices := props.SecurityServices; secServices != nil {
+					state.VulnerabilityProfile = pointer.From(secServices.VulnerabilityProfile)
+					state.AntiSpywareProfile = pointer.From(secServices.AntiSpywareProfile)
+					state.AntiVirusProfile = pointer.From(secServices.AntiVirusProfile)
+					state.FileBlockingProfile = pointer.From(secServices.FileBlockingProfile)
+					state.URLFilteringProfile = pointer.From(secServices.UrlFilteringProfile)
+					state.DNSSubscription = pointer.From(secServices.DnsSubscription)
+				}
 			}
 
 			return metadata.Encode(&state)

internal/services/paloalto/local_rule_stack_rule_resource.go

@@ -48,9 +48,6 @@ type LocalRuleModel struct {
 	RuleEnabled             bool                   `tfschema:"enabled"`
 	Source                  []schema.Source        `tfschema:"source"`
 	Tags                    map[string]interface{} `tfschema:"tags"`
-
-	// Computed
-	Etag string `tfschema:"etag"` // TODO - Expose this here?
 }
 
 func (r LocalRuleStackRule) IDValidationFunc() pluginsdk.SchemaValidateFunc {
@@ -179,12 +176,7 @@ func (r LocalRuleStackRule) Arguments() map[string]*pluginsdk.Schema {
 }
 
 func (r LocalRuleStackRule) Attributes() map[string]*pluginsdk.Schema {
-	return map[string]*pluginsdk.Schema{
-		"etag": {
-			Type:     pluginsdk.TypeString,
-			Computed: true,
-		},
-	}
+	return map[string]*pluginsdk.Schema{}
 }
 
 func (r LocalRuleStackRule) ModelObject() interface{} {
@@ -319,33 +311,34 @@ func (r LocalRuleStackRule) Read() sdk.ResourceFunc {
 				return fmt.Errorf("parsing Rule Priortiy for %s: %+v", *id, err)
 			}
 			state.Priority = p
-
-			props := existing.Model.Properties
-			state.Name = props.RuleName
-			state.Action = string(pointer.From(props.ActionType))
-			state.Applications = pointer.From(props.Applications)
-			state.AuditComment = pointer.From(props.AuditComment)
-			state.Category = schema.FlattenCategory(props.Category)
-			state.DecryptionRuleType = string(pointer.From(props.DecryptionRuleType))
-			state.Description = pointer.From(props.Description)
-			state.Destination = schema.FlattenDestination(props.Destination)
-			state.LoggingEnabled = stateEnumAsBool(props.EnableLogging)
-			if certName := pointer.From(props.InboundInspectionCertificate); certName != "" {
-				state.InspectionCertificateID = certificates.NewLocalRulestackCertificateID(id.SubscriptionId, id.ResourceGroupName, id.LocalRulestackName, certName).ID()
-			} else {
-				state.InspectionCertificateID = certName
-			}
-			state.NegateDestination = boolEnumAsBoolRule(props.NegateDestination)
-			state.NegateSource = boolEnumAsBoolRule(props.NegateSource)
-			if v := pointer.From(props.Protocol); !strings.EqualFold(v, protocolApplicationDefault) {
-				state.Protocol = pointer.From(props.Protocol)
-			} else {
-				state.Protocol = protocolApplicationDefault
-			}
-			state.ProtocolPorts = pointer.From(props.ProtocolPortList)
-			state.RuleEnabled = stateEnumAsBool(props.RuleState)
-			state.Source = schema.FlattenSource(props.Source)
-			state.Tags = flattenTagsFromRule(props.Tags)
+			if model := existing.Model; model != nil {
+				props := model.Properties
+				state.Name = props.RuleName
+				state.Action = string(pointer.From(props.ActionType))
+				state.Applications = pointer.From(props.Applications)
+				state.AuditComment = pointer.From(props.AuditComment)
+				state.Category = schema.FlattenCategory(props.Category)
+				state.DecryptionRuleType = string(pointer.From(props.DecryptionRuleType))
+				state.Description = pointer.From(props.Description)
+				state.Destination = schema.FlattenDestination(props.Destination)
+				state.LoggingEnabled = stateEnumAsBool(props.EnableLogging)
+				if certName := pointer.From(props.InboundInspectionCertificate); certName != "" {
+					state.InspectionCertificateID = certificates.NewLocalRulestackCertificateID(id.SubscriptionId, id.ResourceGroupName, id.LocalRulestackName, certName).ID()
+				} else {
+					state.InspectionCertificateID = certName
+				}
+				state.NegateDestination = boolEnumAsBoolRule(props.NegateDestination)
+				state.NegateSource = boolEnumAsBoolRule(props.NegateSource)
+				if v := pointer.From(props.Protocol); !strings.EqualFold(v, protocolApplicationDefault) {
+					state.Protocol = pointer.From(props.Protocol)
+				} else {
+					state.Protocol = protocolApplicationDefault
+				}
+				state.ProtocolPorts = pointer.From(props.ProtocolPortList)
+				state.RuleEnabled = stateEnumAsBool(props.RuleState)
+				state.Source = schema.FlattenSource(props.Source)
+				state.Tags = flattenTagsFromRule(props.Tags)
+			}
 
 			return metadata.Encode(&state)
 		},
@@ -483,6 +476,7 @@ func (r LocalRuleStackRule) Update() sdk.ResourceFunc {
 			if err = rulestackClient.CommitThenPoll(ctx, rulestackId); err != nil {
 				return fmt.Errorf("committing Local Rulestack config for %s: %+v", id, err)
 			}
+
 			return nil
 		},
 	}

internal/services/paloalto/local_rulestack_outbound_trust_certificate_association_resource.go

@@ -126,11 +126,12 @@ func (l LocalRulestackOutboundTrustCertificateAssociationResource) Read() sdk.Re
 				}
 				return fmt.Errorf("reading %s for Outbound Trust Association: %+v", rulestackId, err)
 			}
+			if model := existing.Model; model != nil {
+				props := model.Properties
+				secServices := pointer.From(props.SecurityServices)
 
-			props := existing.Model.Properties
-			secServices := pointer.From(props.SecurityServices)
-
-			state.CertificateID = certificates.NewLocalRulestackCertificateID(certificateId.SubscriptionId, certificateId.ResourceGroupName, certificateId.LocalRulestackName, pointer.From(secServices.OutboundTrustCertificate)).ID()
+				state.CertificateID = certificates.NewLocalRulestackCertificateID(certificateId.SubscriptionId, certificateId.ResourceGroupName, certificateId.LocalRulestackName, pointer.From(secServices.OutboundTrustCertificate)).ID()
+			}
 
 			return metadata.Encode(&state)
 		},

internal/services/paloalto/local_rulestack_outbound_untrust_certificate_association_resource.go

@@ -126,11 +126,12 @@ func (l LocalRulestackOutboundUnTrustCertificateAssociationResource) Read() sdk.
 				}
 				return fmt.Errorf("reading %s for Outbound UnTrust Association: %+v", rulestackId, err)
 			}
+			if model := existing.Model; model != nil {
+				props := model.Properties
+				secServices := pointer.From(props.SecurityServices)
 
-			props := existing.Model.Properties
-			secServices := pointer.From(props.SecurityServices)
-
-			state.CertificateID = certificates.NewLocalRulestackCertificateID(certificateId.SubscriptionId, certificateId.ResourceGroupName, certificateId.LocalRulestackName, pointer.From(secServices.OutboundUnTrustCertificate)).ID()
+				state.CertificateID = certificates.NewLocalRulestackCertificateID(certificateId.SubscriptionId, certificateId.ResourceGroupName, certificateId.LocalRulestackName, pointer.From(secServices.OutboundUnTrustCertificate)).ID()
+			}
 
 			return metadata.Encode(&state)
 		},

internal/services/paloalto/network_virtual_appliance_resource.go

@@ -142,9 +142,11 @@ func (r NetworkVirtualApplianceResource) Read() sdk.ResourceFunc {
 			}
 
 			state.Name = id.NetworkVirtualApplianceName
-			if props := existing.Model.Properties; props != nil {
-				if props.VirtualHub != nil {
-					state.VirtualHubID = pointer.From(props.VirtualHub.Id)
+			if model := existing.Model; model != nil {
+				if props := model.Properties; props != nil {
+					if props.VirtualHub != nil {
+						state.VirtualHubID = pointer.From(props.VirtualHub.Id)
+					}
 				}
 			}
 

internal/services/paloalto/next_generation_firewall_vhub_local_rulestack_resource.go

@@ -29,9 +29,6 @@ type NextGenerationFirewallVHubLocalRuleStackModel struct {
 	DNSSettings    []schema.DNSSettings        `tfschema:"dns_settings"`
 	FrontEnd       []schema.DestinationNAT     `tfschema:"destination_nat"`
 	Tags           map[string]interface{}      `tfschema:"tags"`
-
-	// Computed
-	PanEtag string `tfschema:"pan_etag"`
 }
 
 var _ sdk.ResourceWithUpdate = NextGenerationFirewallVHubLocalRuleStackResource{}
@@ -77,12 +74,7 @@ func (r NextGenerationFirewallVHubLocalRuleStackResource) Arguments() map[string
 }
 
 func (r NextGenerationFirewallVHubLocalRuleStackResource) Attributes() map[string]*pluginsdk.Schema {
-	return map[string]*pluginsdk.Schema{
-		"pan_etag": {
-			Type:     pluginsdk.TypeString,
-			Computed: true,
-		},
-	}
+	return map[string]*pluginsdk.Schema{}
 }
 
 func (r NextGenerationFirewallVHubLocalRuleStackResource) Create() sdk.ResourceFunc {
@@ -180,24 +172,24 @@ func (r NextGenerationFirewallVHubLocalRuleStackResource) Read() sdk.ResourceFun
 			state.Name = id.FirewallName
 			state.ResourceGroupName = id.ResourceGroupName
 
-			props := existing.Model.Properties
-
-			state.DNSSettings = schema.FlattenDNSSettings(props.DnsSettings)
+			if model := existing.Model; model != nil {
+				props := model.Properties
 
-			netProfile, err := schema.FlattenNetworkProfileVHub(props.NetworkProfile)
-			if err != nil {
-				return fmt.Errorf("parsing Network Profile for %s: %+v", *id, err)
-			}
+				state.DNSSettings = schema.FlattenDNSSettings(props.DnsSettings)
 
-			state.NetworkProfile = []schema.NetworkProfileVHub{*netProfile}
+				netProfile, err := schema.FlattenNetworkProfileVHub(props.NetworkProfile)
+				if err != nil {
+					return fmt.Errorf("parsing Network Profile for %s: %+v", *id, err)
+				}
 
-			state.FrontEnd = schema.FlattenDestinationNAT(props.FrontEndSettings)
+				state.NetworkProfile = []schema.NetworkProfileVHub{*netProfile}
 
-			state.RuleStackId = pointer.From(props.AssociatedRulestack.ResourceId)
+				state.FrontEnd = schema.FlattenDestinationNAT(props.FrontEndSettings)
 
-			state.PanEtag = pointer.From(props.PanEtag)
+				state.RuleStackId = pointer.From(props.AssociatedRulestack.ResourceId)
 
-			state.Tags = tags.Flatten(existing.Model.Tags)
+				state.Tags = tags.Flatten(model.Tags)
+			}
 
 			return metadata.Encode(&state)
 		},