New Resource: azurerm_iot_dps_certificate (#3645)

hashicorp · Jun 17, 2019 · aeb524e · aeb524e
1 parent 72016c7
commit aeb524e
Show file tree

Hide file tree

Showing 10 changed files with 482 additions and 10 deletions.
diff --git a/azurerm/config.go b/azurerm/config.go
@@ -774,9 +774,13 @@ func (c *ArmClient) registerIoTHubClients(endpoint, subscriptionId string, auth
 	iotDpsClient := iotdps.NewIotDpsResourceClientWithBaseURI(endpoint, subscriptionId)
 	c.configureClient(&iotDpsClient.Client, auth)
 
+	iotDpsCertificateClient := iotdps.NewDpsCertificateClientWithBaseURI(endpoint, subscriptionId)
+	c.configureClient(&iotDpsCertificateClient.Client, auth)
+
 	c.iothub = &iothub.Client{
-		ResourceClient:    iotClient,
-		DPSResourceClient: iotDpsClient,
+		ResourceClient:       iotClient,
+		DPSResourceClient:    iotDpsClient,
+		DPSCertificateClient: iotDpsCertificateClient,
 	}
 }
 

diff --git a/azurerm/internal/services/iothub/client.go b/azurerm/internal/services/iothub/client.go
@@ -6,6 +6,7 @@ import (
 )
 
 type Client struct {
-	ResourceClient    devices.IotHubResourceClient
-	DPSResourceClient iothub.IotDpsResourceClient
+	ResourceClient       devices.IotHubResourceClient
+	DPSResourceClient    iothub.IotDpsResourceClient
+	DPSCertificateClient iothub.DpsCertificateClient
 }
diff --git a/azurerm/provider.go b/azurerm/provider.go
@@ -302,6 +302,7 @@ func Provider() terraform.ResourceProvider {
 			"azurerm_hdinsight_storm_cluster":                            resourceArmHDInsightStormCluster(),
 			"azurerm_image":                                              resourceArmImage(),
 			"azurerm_iot_dps":                                            resourceArmIotDPS(),
+			"azurerm_iot_dps_certificate":                                resourceArmIotDPSCertificate(),
 			"azurerm_iothub_consumer_group":                              resourceArmIotHubConsumerGroup(),
 			"azurerm_iothub":                                             resourceArmIotHub(),
 			"azurerm_iothub_shared_access_policy":                        resourceArmIotHubSharedAccessPolicy(),

diff --git a/azurerm/resource_arm_iot_dps.go b/azurerm/resource_arm_iot_dps.go
@@ -39,7 +39,7 @@ func resourceArmIotDPS() *schema.Resource {
 				ValidateFunc: validate.IoTHubName,
 			},
 
-			"resource_group_name": azure.SchemaResourceGroupNameDiffSuppress(),
+			"resource_group_name": azure.SchemaResourceGroupName(), // azure.SchemaResourceGroupNameDiffSuppress(),
 
 			"location": azure.SchemaLocation(),
 

diff --git a/azurerm/resource_arm_iot_dps_cerificate.go b/azurerm/resource_arm_iot_dps_cerificate.go
@@ -0,0 +1,154 @@
+package azurerm
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/terraform/helper/schema"
+
+	"github.com/Azure/azure-sdk-for-go/services/provisioningservices/mgmt/2018-01-22/iothub"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmIotDPSCertificate() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmIotDPSCertificateCreateOrUpdate,
+		Read:   resourceArmIotDPSCertificateRead,
+		Update: resourceArmIotDPSCertificateCreateOrUpdate,
+		Delete: resourceArmIotDPSCertificateDelete,
+
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.IoTHubName,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupName(),
+
+			"iot_dps_name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.IoTHubName,
+			},
+
+			"certificate_content": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validate.NoEmptyStrings,
+				Sensitive:    true,
+			},
+		},
+	}
+}
+
+func resourceArmIotDPSCertificateCreateOrUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).iothub.DPSCertificateClient
+	ctx := meta.(*ArmClient).StopContext
+
+	name := d.Get("name").(string)
+	resourceGroup := d.Get("resource_group_name").(string)
+	iotDPSName := d.Get("iot_dps_name").(string)
+
+	if requireResourcesToBeImported && d.IsNewResource() {
+		existing, err := client.Get(ctx, name, resourceGroup, iotDPSName, "")
+		if err != nil {
+			if !utils.ResponseWasNotFound(existing.Response) {
+				return fmt.Errorf("Error checking for presence of existing IoT Device Provisioning Service Certificate %q (Device Provisioning Service %q / Resource Group %q): %+v", name, iotDPSName, resourceGroup, err)
+			}
+		}
+
+		if existing.ID != nil && *existing.ID != "" {
+			return tf.ImportAsExistsError("azurerm_iot_dps_certificate", *existing.ID)
+		}
+	}
+
+	certificate := iothub.CertificateBodyDescription{
+		Certificate: utils.String(d.Get("certificate_content").(string)),
+	}
+
+	if _, err := client.CreateOrUpdate(ctx, resourceGroup, iotDPSName, name, certificate, ""); err != nil {
+		return fmt.Errorf("Error creating/updating IoT Device Provisioning Service Certificate %q (Device Provisioning Service %q / Resource Group %q): %+v", name, iotDPSName, resourceGroup, err)
+	}
+
+	resp, err := client.Get(ctx, name, resourceGroup, iotDPSName, "")
+	if err != nil {
+		return fmt.Errorf("Error retrieving IoT Device Provisioning Service Certificate %q (Device Provisioning Service %q / Resource Group %q): %+v", name, iotDPSName, resourceGroup, err)
+	}
+
+	if resp.ID == nil {
+		return fmt.Errorf("Cannot read IoT Device Provisioning Service Certificate %q (Device Provisioning Service %q / Resource Group %q): %+v", name, iotDPSName, resourceGroup, err)
+	}
+
+	d.SetId(*resp.ID)
+
+	return resourceArmIotDPSCertificateRead(d, meta)
+}
+
+func resourceArmIotDPSCertificateRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).iothub.DPSCertificateClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := parseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	iotDPSName := id.Path["provisioningServices"]
+	name := id.Path["certificates"]
+
+	resp, err := client.Get(ctx, name, resourceGroup, iotDPSName, "")
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			d.SetId("")
+			return nil
+		}
+		return fmt.Errorf("Error retrieving IoT Device Provisioning Service Certificate %q (Device Provisioning Service %q / Resource Group %q): %+v", name, iotDPSName, resourceGroup, err)
+	}
+
+	d.Set("name", resp.Name)
+	d.Set("resource_group_name", resourceGroup)
+	d.Set("iot_dps_name", iotDPSName)
+	// We are unable to set `certificate_content` since it is not returned from the API
+
+	return nil
+}
+
+func resourceArmIotDPSCertificateDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).iothub.DPSCertificateClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := parseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	iotDPSName := id.Path["provisioningServices"]
+	name := id.Path["certificates"]
+
+	resp, err := client.Get(ctx, name, resourceGroup, iotDPSName, "")
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			return nil
+		}
+		return fmt.Errorf("Error retrieving IoT Device Provisioning Service Certificate %q (Device Provisioning Service %q / Resource Group %q): %+v", name, iotDPSName, resourceGroup, err)
+	}
+
+	if resp.Etag == nil {
+		return fmt.Errorf("Error deleting IoT Device Provisioning Service Certificate %q (Device Provisioning Service %q / Resource Group %q) because Etag is nil", name, iotDPSName, resourceGroup)
+	}
+
+	// TODO address this delete call if https://github.com/Azure/azure-rest-api-specs/pull/6311 get's merged
+	if _, err := client.Delete(ctx, resourceGroup, *resp.Etag, iotDPSName, name, "", nil, nil, iothub.ServerAuthentication, nil, nil, nil, ""); err != nil {
+		return fmt.Errorf("Error deleting IoT Device Provisioning Service Certificate %q (Device Provisioning Service %q / Resource Group %q): %+v", name, iotDPSName, resourceGroup, err)
+	}
+	return nil
+}