Skip to content

Commit

Permalink
log_analytics_cluster_customer_managed_key: support key_rsa_size
Browse files Browse the repository at this point in the history
  • Loading branch information
ziyeqf committed Oct 23, 2023
1 parent 7bf2710 commit 75cba04
Showing 2 changed files with 47 additions and 42 deletions.
Original file line number Diff line number Diff line change
@@ -8,6 +8,7 @@ import (
"log"
"time"

"github.com/hashicorp/go-azure-helpers/lang/pointer"
"github.com/hashicorp/go-azure-helpers/lang/response"
"github.com/hashicorp/go-azure-sdk/resource-manager/operationalinsights/2021-06-01/clusters"
"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
@@ -17,6 +18,7 @@ import (
keyVaultValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/validate"
"github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/migration"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
"github.com/hashicorp/terraform-provider-azurerm/utils"
)
@@ -58,6 +60,12 @@ func resourceLogAnalyticsClusterCustomerManagedKey() *pluginsdk.Resource {
Required: true,
ValidateFunc: keyVaultValidate.NestedItemIdWithOptionalVersion,
},

"key_rsa_size": {
Type: pluginsdk.TypeInt,
Optional: true,
ValidateFunc: validation.IntInSlice([]int{2048, 3072, 4096}),
},
},
}
}
@@ -84,19 +92,12 @@ func resourceLogAnalyticsClusterCustomerManagedKeyCreate(d *pluginsdk.ResourceDa
return fmt.Errorf("retrieving %s: %+v", *id, err)
}

model := resp.Model
if model == nil {
return fmt.Errorf("retiring `azurerm_log_analytics_cluster` %s: `model` is nil", *id)
}

props := model.Properties
if props == nil {
return fmt.Errorf("retiring `azurerm_log_analytics_cluster` %s: `Properties` is nil", *id)
}

if props.KeyVaultProperties != nil {
if keyProps := *props.KeyVaultProperties; keyProps.KeyName != nil && *keyProps.KeyName != "" {
return tf.ImportAsExistsError("azurerm_log_analytics_cluster_customer_managed_key", id.ID())
if model := resp.Model; model != nil {
if props := model.Properties; props != nil && props.KeyVaultProperties != nil {
keyProps := *props.KeyVaultProperties
if keyProps.KeyName != nil && *keyProps.KeyName != "" {
return tf.ImportAsExistsError("azurerm_log_analytics_cluster_customer_managed_key", id.ID())
}
}
}

@@ -105,19 +106,21 @@ func resourceLogAnalyticsClusterCustomerManagedKeyCreate(d *pluginsdk.ResourceDa
return fmt.Errorf("parsing Key Vault Key ID: %+v", err)
}

model.Properties.KeyVaultProperties = &clusters.KeyVaultProperties{
KeyVaultUri: utils.String(keyId.KeyVaultBaseUrl),
KeyName: utils.String(keyId.Name),
KeyVersion: utils.String(keyId.Version),
clusterPatch := clusters.ClusterPatch{
Properties: &clusters.ClusterPatchProperties{
KeyVaultProperties: &clusters.KeyVaultProperties{
KeyVaultUri: pointer.To(keyId.KeyVaultBaseUrl),
KeyName: pointer.To(keyId.Name),
KeyVersion: pointer.To(keyId.Version),
},
},
}

// 'properties.associatedWorkspaces' is a read only property and cannot be set.
// tracked on https://github.com/Azure/azure-rest-api-specs/issues/25968
if model.Properties.AssociatedWorkspaces != nil {
model.Properties.AssociatedWorkspaces = nil
if rsaSize, ok := d.GetOk("key_rsa_size"); ok {
clusterPatch.Properties.KeyVaultProperties.KeyRsaSize = utils.Int64(rsaSize.(int64))
}

if err := client.CreateOrUpdateThenPoll(ctx, *id, *model); err != nil {
if err := client.UpdateThenPoll(ctx, *id, clusterPatch); err != nil {
return fmt.Errorf("updating Customer Managed Key for %s: %+v", *id, err)
}

@@ -146,11 +149,6 @@ func resourceLogAnalyticsClusterCustomerManagedKeyUpdate(d *pluginsdk.ResourceDa
locks.ByID(id.ID())
defer locks.UnlockByID(id.ID())

keyId, err := keyVaultParse.ParseOptionallyVersionedNestedItemID(d.Get("key_vault_key_id").(string))
if err != nil {
return fmt.Errorf("parsing Key Vault Key ID: %+v", err)
}

resp, err := client.Get(ctx, *id)
if err != nil {
if response.WasNotFound(resp.HttpResponse) {
@@ -160,28 +158,28 @@ func resourceLogAnalyticsClusterCustomerManagedKeyUpdate(d *pluginsdk.ResourceDa
return fmt.Errorf("retrieving %s: %+v", *id, err)
}

model := resp.Model
if model == nil {
return fmt.Errorf("retiring `azurerm_log_analytics_cluster` %s: `model` is nil", *id)
clusterPatch := clusters.ClusterPatch{
Properties: &clusters.ClusterPatchProperties{
KeyVaultProperties: &clusters.KeyVaultProperties{},
},
}

if props := model.Properties; props == nil {
return fmt.Errorf("retiring `azurerm_log_analytics_cluster` %s: `Properties` is nil", *id)
}
if d.HasChange("key_vault_key_id") {
keyId, err := keyVaultParse.ParseOptionallyVersionedNestedItemID(d.Get("key_vault_key_id").(string))
if err != nil {
return fmt.Errorf("parsing Key Vault Key ID: %+v", err)
}

model.Properties.KeyVaultProperties = &clusters.KeyVaultProperties{
KeyVaultUri: utils.String(keyId.KeyVaultBaseUrl),
KeyName: utils.String(keyId.Name),
KeyVersion: utils.String(keyId.Version),
clusterPatch.Properties.KeyVaultProperties.KeyVaultUri = pointer.To(keyId.KeyVaultBaseUrl)
clusterPatch.Properties.KeyVaultProperties.KeyName = pointer.To(keyId.Name)
clusterPatch.Properties.KeyVaultProperties.KeyVersion = pointer.To(keyId.Version)
}

// 'properties.associatedWorkspaces' is a read only property and cannot be set.
// tracked on https://github.com/Azure/azure-rest-api-specs/issues/25968
if model.Properties.AssociatedWorkspaces != nil {
model.Properties.AssociatedWorkspaces = nil
if d.HasChange("key_rsa_size") {
clusterPatch.Properties.KeyVaultProperties.KeyRsaSize = pointer.To(d.Get("key_rsa_size").(int64))
}

if err := client.CreateOrUpdateThenPoll(ctx, *id, *model); err != nil {
if err := client.UpdateThenPoll(ctx, *id, clusterPatch); err != nil {
return fmt.Errorf("updating Customer Managed Key for %s: %+v", *id, err)
}

@@ -231,6 +229,11 @@ func resourceLogAnalyticsClusterCustomerManagedKeyRead(d *pluginsdk.ResourceData
return err
}
keyVaultKeyId = keyId.ID()

if kvProps.KeyRsaSize != nil {
d.Set("key_rsa_size", *kvProps.KeyRsaSize)
}

}
}
}
Original file line number Diff line number Diff line change
@@ -105,6 +105,8 @@ The following arguments are supported:

* `log_analytics_cluster_id` - (Required) The ID of the Log Analytics Cluster. Changing this forces a new Log Analytics Cluster Customer Managed Key to be created.

* `key_rsa_size` - (Optional) The minimum required size of selected key. Possible values are `2048`, `3072` and `4096`.

## Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

0 comments on commit 75cba04

Please sign in to comment.