From 6b44ed591ca313848eb7d3614eccc9cee1643f50 Mon Sep 17 00:00:00 2001
From: Marc Gomez <marcgomez@microsoft.com>
Date: Thu, 26 Jan 2023 19:54:03 +0100
Subject: [PATCH] `azurerm_stream_analytics_output_servicebus_topic`: shared
 access policy name and key parameters made optional to support MSI
 authentication (#19708)

Co-authored-by: Alexander Guth <alexander.guth@pwc.com>
---
 ...lytics_output_servicebus_topic_resource.go | 29 +++++++++++--------
 ...s_output_servicebus_topic_resource_test.go | 26 +++++++++++++++--
 ...tics_output_servicebus_topic.html.markdown |  6 ++--
 3 files changed, 44 insertions(+), 17 deletions(-)

diff --git a/internal/services/streamanalytics/stream_analytics_output_servicebus_topic_resource.go b/internal/services/streamanalytics/stream_analytics_output_servicebus_topic_resource.go
index f58ed707e3c1..eaacd9fca158 100644
--- a/internal/services/streamanalytics/stream_analytics_output_servicebus_topic_resource.go
+++ b/internal/services/streamanalytics/stream_analytics_output_servicebus_topic_resource.go
@@ -72,14 +72,14 @@ func resourceStreamAnalyticsOutputServiceBusTopic() *pluginsdk.Resource {
 
 			"shared_access_policy_key": {
 				Type:         pluginsdk.TypeString,
-				Required:     true,
+				Optional:     true,
 				Sensitive:    true,
 				ValidateFunc: validation.StringIsNotEmpty,
 			},
 
 			"shared_access_policy_name": {
 				Type:         pluginsdk.TypeString,
-				Required:     true,
+				Optional:     true,
 				ValidateFunc: validation.StringIsNotEmpty,
 			},
 
@@ -145,20 +145,25 @@ func resourceStreamAnalyticsOutputServiceBusTopicCreateUpdate(d *pluginsdk.Resou
 	}
 
 	systemPropertyColumns := d.Get("system_property_columns").(map[string]interface{})
+	dataSourceProperties := &outputs.ServiceBusTopicOutputDataSourceProperties{
+		TopicName:             utils.String(d.Get("topic_name").(string)),
+		ServiceBusNamespace:   utils.String(d.Get("servicebus_namespace").(string)),
+		PropertyColumns:       utils.ExpandStringSlice(d.Get("property_columns").([]interface{})),
+		SystemPropertyColumns: expandSystemPropertyColumns(systemPropertyColumns),
+		AuthenticationMode:    utils.ToPtr(outputs.AuthenticationMode(d.Get("authentication_mode").(string))),
+	}
+
+	// Add shared access policy key/name only if required by authentication mode
+	if *dataSourceProperties.AuthenticationMode == outputs.AuthenticationModeConnectionString {
+		dataSourceProperties.SharedAccessPolicyKey = utils.String(d.Get("shared_access_policy_key").(string))
+		dataSourceProperties.SharedAccessPolicyName = utils.String(d.Get("shared_access_policy_name").(string))
+	}
+
 	props := outputs.Output{
 		Name: utils.String(id.OutputName),
 		Properties: &outputs.OutputProperties{
 			Datasource: &outputs.ServiceBusTopicOutputDataSource{
-				Properties: &outputs.ServiceBusTopicOutputDataSourceProperties{
-					TopicName:              utils.String(d.Get("topic_name").(string)),
-					ServiceBusNamespace:    utils.String(d.Get("servicebus_namespace").(string)),
-					SharedAccessPolicyKey:  utils.String(d.Get("shared_access_policy_key").(string)),
-					SharedAccessPolicyName: utils.String(d.Get("shared_access_policy_name").(string)),
-					PropertyColumns:        utils.ExpandStringSlice(d.Get("property_columns").([]interface{})),
-					SystemPropertyColumns:  expandSystemPropertyColumns(systemPropertyColumns),
-					//SystemPropertyColumns:  utils.ExpandMapStringPtrString(d.Get("system_property_columns").(map[string]interface{})),
-					AuthenticationMode: utils.ToPtr(outputs.AuthenticationMode(d.Get("authentication_mode").(string))),
-				},
+				Properties: dataSourceProperties,
 			},
 			Serialization: serialization,
 		},
diff --git a/internal/services/streamanalytics/stream_analytics_output_servicebus_topic_resource_test.go b/internal/services/streamanalytics/stream_analytics_output_servicebus_topic_resource_test.go
index 43c3d5c0d745..6541acc9fdee 100644
--- a/internal/services/streamanalytics/stream_analytics_output_servicebus_topic_resource_test.go
+++ b/internal/services/streamanalytics/stream_analytics_output_servicebus_topic_resource_test.go
@@ -114,13 +114,13 @@ func TestAccStreamAnalyticsOutputServiceBusTopic_requiresImport(t *testing.T) {
 	})
 }
 
-func TestAccStreamAnalyticsOutputServiceBusTopic_authenticationMode(t *testing.T) {
+func TestAccStreamAnalyticsOutputServiceBusTopic_authenticationModeMsi(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_stream_analytics_output_servicebus_topic", "test")
 	r := StreamAnalyticsOutputServiceBusTopicResource{}
 
 	data.ResourceTest(t, r, []acceptance.TestStep{
 		{
-			Config: r.json(data),
+			Config: r.authenticationModeMsi(data),
 			Check: acceptance.ComposeTestCheckFunc(
 				check.That(data.ResourceName).ExistsInAzure(r),
 			),
@@ -248,6 +248,28 @@ resource "azurerm_stream_analytics_output_servicebus_topic" "test" {
 `, template, data.RandomInteger)
 }
 
+func (r StreamAnalyticsOutputServiceBusTopicResource) authenticationModeMsi(data acceptance.TestData) string {
+	template := r.template(data)
+	return fmt.Sprintf(`
+%s
+
+resource "azurerm_stream_analytics_output_servicebus_topic" "test" {
+  name                      = "acctestinput-%d"
+  stream_analytics_job_name = azurerm_stream_analytics_job.test.name
+  resource_group_name       = azurerm_stream_analytics_job.test.resource_group_name
+  topic_name                = azurerm_servicebus_topic.test.name
+  servicebus_namespace      = azurerm_servicebus_namespace.test.name
+  authentication_mode 		= "Msi"
+
+  serialization {
+    type     = "Json"
+    encoding = "UTF8"
+    format   = "LineSeparated"
+  }
+}
+`, template, data.RandomInteger)
+}
+
 func (r StreamAnalyticsOutputServiceBusTopicResource) propertyColumns(data acceptance.TestData) string {
 	template := r.template(data)
 	return fmt.Sprintf(`
diff --git a/website/docs/r/stream_analytics_output_servicebus_topic.html.markdown b/website/docs/r/stream_analytics_output_servicebus_topic.html.markdown
index 932cba6498b5..41b2bd0f979e 100644
--- a/website/docs/r/stream_analytics_output_servicebus_topic.html.markdown
+++ b/website/docs/r/stream_analytics_output_servicebus_topic.html.markdown
@@ -37,7 +37,7 @@ resource "azurerm_servicebus_topic" "example" {
 }
 
 resource "azurerm_stream_analytics_output_servicebus_topic" "example" {
-  name                      = "blob-storage-output"
+  name                      = "service-bus-topic-output"
   stream_analytics_job_name = data.azurerm_stream_analytics_job.example.name
   resource_group_name       = data.azurerm_stream_analytics_job.example.resource_group_name
   topic_name                = azurerm_servicebus_topic.example.name
@@ -67,9 +67,9 @@ The following arguments are supported:
 
 * `servicebus_namespace` - (Required) The namespace that is associated with the desired Event Hub, Service Bus Topic, Service Bus Topic, etc.
 
-* `shared_access_policy_key` - (Required) The shared access policy key for the specified shared access policy.
+* `shared_access_policy_key` - (Optional) The shared access policy key for the specified shared access policy. Required if `authentication_mode` is `ConnectionString`.
 
-* `shared_access_policy_name` - (Required) The shared access policy name for the Event Hub, Service Bus Queue, Service Bus Topic, etc.
+* `shared_access_policy_name` - (Optional) The shared access policy name for the Event Hub, Service Bus Queue, Service Bus Topic, etc. Required if `authentication_mode` is `ConnectionString`.
 
 * `serialization` - (Required) A `serialization` block as defined below.