From 3d7691c3fa921aa7cb1c2bf404e4abd420dafd41 Mon Sep 17 00:00:00 2001
From: Tracy P Holmes <12778804+tracypholmes@users.noreply.github.com>
Date: Mon, 9 Mar 2020 18:45:12 -0500
Subject: [PATCH] =?UTF-8?q?Added=20new=20data=20source=20`azurerm=5Fservic?=
 =?UTF-8?q?ebus=5Ftopic=5Fauthorization=5Fr=E2=80=A6=20(#6017)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes #5988
---
 ...servicebus_namespace_authorization_rule.go |   3 +
 ...rce_servicebus_topic_authorization_rule.go | 131 ++++++++++++++++++
 .../services/servicebus/registration.go       |   1 +
 ...arm_servicebus_topic_authorization_rule.go |  14 +-
 ...cebus_namespace_authorization_rule_test.go |   2 +-
 ...ervicebus_topic_authorization_rule_test.go |  48 +++++++
 website/azurerm.erb                           |   4 +
 ...bus_topic_authorization_rule.html.markdown |  59 ++++++++
 8 files changed, 254 insertions(+), 8 deletions(-)
 create mode 100644 azurerm/internal/services/servicebus/data_source_servicebus_topic_authorization_rule.go
 create mode 100644 azurerm/internal/services/servicebus/tests/data_source_servicebus_topic_authorization_rule_test.go
 create mode 100644 website/docs/d/servicebus_topic_authorization_rule.html.markdown

diff --git a/azurerm/internal/services/servicebus/data_source_servicebus_namespace_authorization_rule.go b/azurerm/internal/services/servicebus/data_source_servicebus_namespace_authorization_rule.go
index 928f3c65e7f2..2d3cc589867d 100644
--- a/azurerm/internal/services/servicebus/data_source_servicebus_namespace_authorization_rule.go
+++ b/azurerm/internal/services/servicebus/data_source_servicebus_namespace_authorization_rule.go
@@ -78,6 +78,9 @@ func dataSourceArmServiceBusNamespaceAuthorizationRuleRead(d *schema.ResourceDat
 		return fmt.Errorf("Error retrieving ServiceBus Namespace Authorization Rule %q (Resource Group %q, Namespace %q): %s", name, resourceGroup, namespaceName, err)
 	}
 
+	if resp.ID == nil || *resp.ID == "" {
+		return fmt.Errorf("API returned a nil/empty id for ServiceBus Namespace Authorization Rule %q (Resource Group %q): %+v", name, resourceGroup, err)
+	}
 	d.SetId(*resp.ID)
 
 	keysResp, err := client.ListKeys(ctx, resourceGroup, namespaceName, name)
diff --git a/azurerm/internal/services/servicebus/data_source_servicebus_topic_authorization_rule.go b/azurerm/internal/services/servicebus/data_source_servicebus_topic_authorization_rule.go
new file mode 100644
index 000000000000..59263a26b1c3
--- /dev/null
+++ b/azurerm/internal/services/servicebus/data_source_servicebus_topic_authorization_rule.go
@@ -0,0 +1,131 @@
+package servicebus
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func dataSourceArmServiceBusTopicAuthorizationRule() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceArmServiceBusTopicAuthorizationRuleRead,
+
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(5 * time.Minute),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: azure.ValidateServiceBusAuthorizationRuleName(),
+			},
+
+			"namespace_name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: azure.ValidateServiceBusNamespaceName(),
+			},
+
+			"topic_name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: azure.ValidateServiceBusTopicName(),
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupName(),
+
+			"listen": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+
+			"send": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+
+			"manage": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+
+			"primary_key": {
+				Type:      schema.TypeString,
+				Computed:  true,
+				Sensitive: true,
+			},
+
+			"primary_connection_string": {
+				Type:      schema.TypeString,
+				Computed:  true,
+				Sensitive: true,
+			},
+
+			"secondary_key": {
+				Type:      schema.TypeString,
+				Computed:  true,
+				Sensitive: true,
+			},
+
+			"secondary_connection_string": {
+				Type:      schema.TypeString,
+				Computed:  true,
+				Sensitive: true,
+			},
+		},
+	}
+}
+
+func dataSourceArmServiceBusTopicAuthorizationRuleRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).ServiceBus.TopicsClient
+	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	name := d.Get("name").(string)
+	namespaceName := d.Get("namespace_name").(string)
+	topicName := d.Get("topic_name").(string)
+	resourceGroup := d.Get("resource_group_name").(string)
+
+	resp, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, topicName, name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			return fmt.Errorf("ServiceBus Topic Authorization Rule %q (Resource Group %q / Namespace Name %q) was not found", name, resourceGroup, namespaceName)
+		}
+		return fmt.Errorf("Error making Read request on Azure ServiceBus Topic Authorization Rule %s: %+v", name, err)
+	}
+
+	d.Set("name", name)
+	d.Set("topic_name", topicName)
+	d.Set("namespace_name", namespaceName)
+	d.Set("resource_group_name", resourceGroup)
+
+	if properties := resp.SBAuthorizationRuleProperties; properties != nil {
+		listen, send, manage := azure.FlattenServiceBusAuthorizationRuleRights(properties.Rights)
+		d.Set("listen", listen)
+		d.Set("send", send)
+		d.Set("manage", manage)
+	}
+
+	if resp.ID == nil || *resp.ID == "" {
+		return fmt.Errorf("API returned a nil/empty id for ServiceBus Topic Authorization Rule %q (Resource Group %q): %+v", name, resourceGroup, err)
+	}
+	d.SetId(*resp.ID)
+
+	keysResp, err := client.ListKeys(ctx, resourceGroup, namespaceName, topicName, name)
+	if err != nil {
+		return fmt.Errorf("Error making Read request on Azure ServiceBus Topic Authorization Rule List Keys %s: %+v", name, err)
+	}
+
+	d.Set("primary_key", keysResp.PrimaryKey)
+	d.Set("primary_connection_string", keysResp.PrimaryConnectionString)
+	d.Set("secondary_key", keysResp.SecondaryKey)
+	d.Set("secondary_connection_string", keysResp.SecondaryConnectionString)
+
+	return nil
+}
diff --git a/azurerm/internal/services/servicebus/registration.go b/azurerm/internal/services/servicebus/registration.go
index 0949cf12617c..71d7f529a671 100644
--- a/azurerm/internal/services/servicebus/registration.go
+++ b/azurerm/internal/services/servicebus/registration.go
@@ -24,6 +24,7 @@ func (r Registration) SupportedDataSources() map[string]*schema.Resource {
 	return map[string]*schema.Resource{
 		"azurerm_servicebus_namespace":                    dataSourceArmServiceBusNamespace(),
 		"azurerm_servicebus_namespace_authorization_rule": dataSourceArmServiceBusNamespaceAuthorizationRule(),
+		"azurerm_servicebus_topic_authorization_rule":     dataSourceArmServiceBusTopicAuthorizationRule(),
 	}
 }
 
diff --git a/azurerm/internal/services/servicebus/resource_arm_servicebus_topic_authorization_rule.go b/azurerm/internal/services/servicebus/resource_arm_servicebus_topic_authorization_rule.go
index 564ae867da01..5e5ea7108e17 100644
--- a/azurerm/internal/services/servicebus/resource_arm_servicebus_topic_authorization_rule.go
+++ b/azurerm/internal/services/servicebus/resource_arm_servicebus_topic_authorization_rule.go
@@ -121,12 +121,12 @@ func resourceArmServiceBusTopicAuthorizationRuleRead(d *schema.ResourceData, met
 		return err
 	}
 
-	resGroup := id.ResourceGroup
+	resourceGroup := id.ResourceGroup
 	namespaceName := id.Path["namespaces"]
 	topicName := id.Path["topics"]
 	name := id.Path["authorizationRules"]
 
-	resp, err := client.GetAuthorizationRule(ctx, resGroup, namespaceName, topicName, name)
+	resp, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, topicName, name)
 	if err != nil {
 		if utils.ResponseWasNotFound(resp.Response) {
 			d.SetId("")
@@ -138,7 +138,7 @@ func resourceArmServiceBusTopicAuthorizationRuleRead(d *schema.ResourceData, met
 	d.Set("name", name)
 	d.Set("topic_name", topicName)
 	d.Set("namespace_name", namespaceName)
-	d.Set("resource_group_name", resGroup)
+	d.Set("resource_group_name", resourceGroup)
 
 	if properties := resp.SBAuthorizationRuleProperties; properties != nil {
 		listen, send, manage := azure.FlattenServiceBusAuthorizationRuleRights(properties.Rights)
@@ -147,7 +147,7 @@ func resourceArmServiceBusTopicAuthorizationRuleRead(d *schema.ResourceData, met
 		d.Set("manage", manage)
 	}
 
-	keysResp, err := client.ListKeys(ctx, resGroup, namespaceName, topicName, name)
+	keysResp, err := client.ListKeys(ctx, resourceGroup, namespaceName, topicName, name)
 	if err != nil {
 		return fmt.Errorf("Error making Read request on Azure ServiceBus Topic Authorization Rule List Keys %s: %+v", name, err)
 	}
@@ -170,13 +170,13 @@ func resourceArmServiceBusTopicAuthorizationRuleDelete(d *schema.ResourceData, m
 		return err
 	}
 
-	resGroup := id.ResourceGroup
+	resourceGroup := id.ResourceGroup
 	namespaceName := id.Path["namespaces"]
 	topicName := id.Path["topics"]
 	name := id.Path["authorizationRules"]
 
-	if _, err = client.DeleteAuthorizationRule(ctx, resGroup, namespaceName, topicName, name); err != nil {
-		return fmt.Errorf("Error issuing Azure ARM delete request of ServiceBus Topic Authorization Rule %q (Resource Group %q): %+v", name, resGroup, err)
+	if _, err = client.DeleteAuthorizationRule(ctx, resourceGroup, namespaceName, topicName, name); err != nil {
+		return fmt.Errorf("Error issuing Azure ARM delete request of ServiceBus Topic Authorization Rule %q (Resource Group %q): %+v", name, resourceGroup, err)
 	}
 
 	return nil
diff --git a/azurerm/internal/services/servicebus/tests/data_source_servicebus_namespace_authorization_rule_test.go b/azurerm/internal/services/servicebus/tests/data_source_servicebus_namespace_authorization_rule_test.go
index 561d07e62f0f..f8b8770e7a07 100644
--- a/azurerm/internal/services/servicebus/tests/data_source_servicebus_namespace_authorization_rule_test.go
+++ b/azurerm/internal/services/servicebus/tests/data_source_servicebus_namespace_authorization_rule_test.go
@@ -19,7 +19,7 @@ func TestAccDataSourceAzureRMServiceBusNamespaceRule_basic(t *testing.T) {
 			{
 				Config: testAccDataSourceAzureRMServiceBusNamespaceAuthorizationRule_basic(data),
 				Check: resource.ComposeTestCheckFunc(
-					testCheckAzureRMServiceBusNamespaceExists(data.ResourceName),
+					testCheckAzureRMServiceBusNamespaceAuthorizationRuleExists(data.ResourceName),
 					resource.TestCheckResourceAttrSet(data.ResourceName, "id"),
 					resource.TestCheckResourceAttrSet(data.ResourceName, "primary_connection_string"),
 					resource.TestCheckResourceAttrSet(data.ResourceName, "primary_key"),
diff --git a/azurerm/internal/services/servicebus/tests/data_source_servicebus_topic_authorization_rule_test.go b/azurerm/internal/services/servicebus/tests/data_source_servicebus_topic_authorization_rule_test.go
new file mode 100644
index 000000000000..4fb5de454a33
--- /dev/null
+++ b/azurerm/internal/services/servicebus/tests/data_source_servicebus_topic_authorization_rule_test.go
@@ -0,0 +1,48 @@
+package tests
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
+)
+
+func TestAccDataSourceAzureRMServiceBusTopicAuthorizationRule_basic(t *testing.T) {
+	data := acceptance.BuildTestData(t, "data.azurerm_servicebus_topic_authorization_rule", "test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMServiceBusTopicAuthorizationRuleDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceAzureRMServiceBusTopicAuthorizationRule_basic(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMServiceBusTopicAuthorizationRuleExists(data.ResourceName),
+					resource.TestCheckResourceAttrSet(data.ResourceName, "id"),
+					resource.TestCheckResourceAttrSet(data.ResourceName, "name"),
+					resource.TestCheckResourceAttrSet(data.ResourceName, "namespace_name"),
+					resource.TestCheckResourceAttrSet(data.ResourceName, "primary_key"),
+					resource.TestCheckResourceAttrSet(data.ResourceName, "secondary_key"),
+					resource.TestCheckResourceAttrSet(data.ResourceName, "primary_connection_string"),
+					resource.TestCheckResourceAttrSet(data.ResourceName, "secondary_connection_string"),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceAzureRMServiceBusTopicAuthorizationRule_basic(data acceptance.TestData) string {
+	template := testAccAzureRMServiceBusTopicAuthorizationRule_base(data, true, true, true)
+	return fmt.Sprintf(`
+%s
+
+data "azurerm_servicebus_topic_authorization_rule" "test" {
+  name                = azurerm_servicebus_topic_authorization_rule.test.name
+  namespace_name      = azurerm_servicebus_topic_authorization_rule.test.namespace_name
+  resource_group_name = azurerm_servicebus_topic_authorization_rule.test.resource_group_name
+  topic_name          = azurerm_servicebus_topic_authorization_rule.test.topic_name
+}
+`, template)
+}
diff --git a/website/azurerm.erb b/website/azurerm.erb
index 9d9b4d5ec912..fe15a0396745 100644
--- a/website/azurerm.erb
+++ b/website/azurerm.erb
@@ -453,6 +453,10 @@
                 <li>
                     <a href="/docs/providers/azurerm/d/servicebus_namespace_authorization_rule.html">azurerm_servicebus_namespace_authorization_rule</a>
                 </li>
+                
+                <li>
+                    <a href="/docs/providers/azurerm/d/servicebus_topic_authorization_rule.html">azurerm_servicebus_topic_authorization_rule</a>
+                </li>
 
                 <li>
                     <a href="/docs/providers/azurerm/d/shared_image.html">azurerm_shared_image</a>
diff --git a/website/docs/d/servicebus_topic_authorization_rule.html.markdown b/website/docs/d/servicebus_topic_authorization_rule.html.markdown
new file mode 100644
index 000000000000..6e26eb5f8265
--- /dev/null
+++ b/website/docs/d/servicebus_topic_authorization_rule.html.markdown
@@ -0,0 +1,59 @@
+---
+subcategory: "Messaging"
+layout: "azurerm"
+page_title: "Azure Resource Manager: azurerm_servicebus_topic_authorization_rule"
+description: |-
+  Gets information about a ServiceBus Topic authorization Rule within a ServiceBus Topic.
+---
+
+# Data Source: azurerm_servicebus_topic_authorization_rule
+
+Use this data source to access information about a ServiceBus Topic Authorization Rule within a ServiceBus Topic.
+
+## Example Usage
+
+```hcl
+data "azurerm_servicebus_topic_authorization_rule" "example" {
+  name                = "example-tfex_name"
+  resource_group_name = "example-resources"
+  namespace_name      = "example-namespace"
+  topic_name          = "example-servicebus_topic"
+}
+
+output "servicebus_authorization_rule_id" {
+  value = "${data.azurem_servicebus_topic_authorization_rule.example.id}"
+
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - The name of the ServiceBus Topic Authorization Rule resource.
+
+* `resource_group_name` - The name of the resource group in which the ServiceBus Namespace exists.
+
+* `namespace_name` - The name of the ServiceBus Namespace.
+
+* `topic_name` - The name of the ServiceBus Topic.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `id` - The ServiceBus Topic ID.
+
+* `primary_key` - The Primary Key for the ServiceBus Topic authorization Rule.
+
+* `primary_connection_string` - The Primary Connection String for the ServiceBus Topic authorization Rule.
+
+* `secondary_key` - The Secondary Key for the ServiceBus Topic authorization Rule.
+
+* `secondary_connection_string` - The Secondary Connection String for the ServiceBus Topic authorization Rule.
+
+## Timeouts
+
+The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
+
+* `read` - (Defaults to 5 minutes) Used when retrieving the ServiceBus Topic Authorization Rule.