Postgresql vnet rule - remove ignore_missing_vnet_service_endpoint …

…attribute.
hashicorp · Aug 29, 2018 · e32e5c5 · e32e5c5
1 parent f830ec8
commit e32e5c5
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 163 deletions.
diff --git a/azurerm/resource_arm_postgresql_virtual_network_rule.go b/azurerm/resource_arm_postgresql_virtual_network_rule.go
@@ -48,12 +48,6 @@ func resourceArmPostgreSQLVirtualNetworkRule() *schema.Resource {
 				Required:     true,
 				ValidateFunc: azure.ValidateResourceID,
 			},
-
-			"ignore_missing_vnet_service_endpoint": {
-				Type:     schema.TypeBool,
-				Optional: true,
-				Default:  false, //When not provided, Azure defaults to false
-			},
 		},
 	}
 }
@@ -66,12 +60,11 @@ func resourceArmPostgreSQLVirtualNetworkRuleCreateUpdate(d *schema.ResourceData,
 	serverName := d.Get("server_name").(string)
 	resourceGroup := d.Get("resource_group_name").(string)
 	virtualNetworkSubnetId := d.Get("subnet_id").(string)
-	ignoreMissingVnetServiceEndpoint := d.Get("ignore_missing_vnet_service_endpoint").(bool)
 
 	parameters := postgresql.VirtualNetworkRule{
 		VirtualNetworkRuleProperties: &postgresql.VirtualNetworkRuleProperties{
 			VirtualNetworkSubnetID:           utils.String(virtualNetworkSubnetId),
-			IgnoreMissingVnetServiceEndpoint: utils.Bool(ignoreMissingVnetServiceEndpoint),
+			IgnoreMissingVnetServiceEndpoint: utils.Bool(true),
 		},
 	}
 

diff --git a/azurerm/resource_arm_postgresql_virtual_network_rule_test.go b/azurerm/resource_arm_postgresql_virtual_network_rule_test.go
@@ -14,32 +14,21 @@ import (
 
 /*
 	---Testing for Success---
-	Test a basic PostgreSQL virtual network rule configuration setup and update scenario, and
-	validate that new property is set correctly.
+	Test a basic PostgreSQL virtual network rule configuration setup scenario.
 */
 func TestAccAzureRMPostgreSQLVirtualNetworkRule_basic(t *testing.T) {
 	resourceName := "azurerm_postgresql_virtual_network_rule.test"
 	ri := acctest.RandInt()
-	preConfig := testAccAzureRMPostgreSQLVirtualNetworkRule_basic(ri, testLocation())
-	postConfig := testAccAzureRMPostgreSQLVirtualNetworkRule_withUpdates(ri, testLocation())
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
 		Providers:    testAccProviders,
 		CheckDestroy: testCheckAzureRMPostgreSQLVirtualNetworkRuleDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: preConfig,
-				Check: resource.ComposeTestCheckFunc(
-					testCheckAzureRMPostgreSQLVirtualNetworkRuleExists(resourceName),
-					resource.TestCheckResourceAttr(resourceName, "ignore_missing_vnet_service_endpoint", "false"),
-				),
-			},
-			{
-				Config: postConfig,
+				Config: testAccAzureRMPostgreSQLVirtualNetworkRule_basic(ri, testLocation()),
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureRMPostgreSQLVirtualNetworkRuleExists(resourceName),
-					resource.TestCheckResourceAttr(resourceName, "ignore_missing_vnet_service_endpoint", "true"),
 				),
 			},
 		},
@@ -110,35 +99,10 @@ func TestAccAzureRMPostgreSQLVirtualNetworkRule_disappears(t *testing.T) {
 	})
 }
 
-/*
-	--Testing for Success--
-	Test if we are able to create a vnet without the SQL endpoint, but SQL rule
-	is still applied since the endpoint validation will be set to false.
-*/
-func TestAccAzureRMPostgreSQLVirtualNetworkRule_IgnoreEndpointValid(t *testing.T) {
-	resourceName := "azurerm_postgresql_virtual_network_rule.test"
-	ri := acctest.RandInt()
-	config := testAccAzureRMPostgreSQLVirtualNetworkRule_ignoreEndpointValid(ri, testLocation())
-
-	resource.Test(t, resource.TestCase{
-		PreCheck:     func() { testAccPreCheck(t) },
-		Providers:    testAccProviders,
-		CheckDestroy: testCheckAzureRMPostgreSQLVirtualNetworkRuleDestroy,
-		Steps: []resource.TestStep{
-			{
-				Config: config,
-				Check: resource.ComposeTestCheckFunc(
-					testCheckAzureRMPostgreSQLVirtualNetworkRuleExists(resourceName),
-				),
-			},
-		},
-	})
-}
-
 /*
 	--Testing for Success--
 	Test if we are able to create multiple subnets and connect multiple subnets to the
-	SQL server.
+	PostgreSQL server.
 */
 func TestAccAzureRMPostgreSQLVirtualNetworkRule_multipleSubnets(t *testing.T) {
 	resourceName1 := "azurerm_postgresql_virtual_network_rule.rule1"
@@ -442,61 +406,6 @@ resource "azurerm_postgresql_virtual_network_rule" "test" {
   resource_group_name = "${azurerm_resource_group.test.name}"
   server_name = "${azurerm_postgresql_server.test.name}"
   subnet_id = "${azurerm_subnet.test.id}"
-  ignore_missing_vnet_service_endpoint = false
-}
-`, rInt, location, rInt, rInt, rInt, rInt)
-}
-
-/*
-	(This test configuration is intended to succeed.)
-	Basic Provisioning Update Configuration (all other properties would recreate the rule)
-	ignore_missing_vnet_service_endpoint (false ==> true)
-*/
-func testAccAzureRMPostgreSQLVirtualNetworkRule_withUpdates(rInt int, location string) string {
-	return fmt.Sprintf(`
-resource "azurerm_resource_group" "test" {
-  name = "acctestRG-%d"
-  location = "%s"
-}
-resource "azurerm_virtual_network" "test" {
-  name                = "acctestvnet%d"
-  address_space       = ["10.7.29.0/29"]
-  location            = "${azurerm_resource_group.test.location}"
-  resource_group_name = "${azurerm_resource_group.test.name}"
-}
-resource "azurerm_subnet" "test" {
-  name = "acctestsubnet%d"
-  resource_group_name = "${azurerm_resource_group.test.name}"
-  virtual_network_name = "${azurerm_virtual_network.test.name}"
-  address_prefix = "10.7.29.0/29"
-  service_endpoints = ["Microsoft.Sql"]
-}
-resource "azurerm_postgresql_server" "test" {
-  name                = "acctestpostgresqlsvr-%d"
-  location            = "${azurerm_resource_group.test.location}"
-  resource_group_name = "${azurerm_resource_group.test.name}"
-  sku {
-    name     = "GP_Gen5_2"
-    capacity = 2
-    tier     = "GeneralPurpose"
-    family   = "Gen5"
-  }
-  storage_profile {
-    storage_mb            = 51200
-    backup_retention_days = 7
-    geo_redundant_backup  = "Disabled"
-  }
-  administrator_login          = "acctestun"
-  administrator_login_password = "H@Sh1CoR3!"
-  version                      = "9.5"
-  ssl_enforcement              = "Enabled"
-}
-resource "azurerm_postgresql_virtual_network_rule" "test" {
-  name = "acctestpostgresqlvnetrule%d"
-  resource_group_name = "${azurerm_resource_group.test.name}"
-  server_name = "${azurerm_postgresql_server.test.name}"
-  subnet_id = "${azurerm_subnet.test.id}"
-  ignore_missing_vnet_service_endpoint = true
 }
 `, rInt, location, rInt, rInt, rInt, rInt)
 }
@@ -622,61 +531,6 @@ resource "azurerm_postgresql_virtual_network_rule" "test" {
 `, rInt, location, rInt, rInt, rInt, rInt, rInt)
 }
 
-/*
-	(This test configuration is intended to succeed.)
-	Succeeds because subnet's service_endpoints does not include 'Microsoft.Sql' and the SQL
-    virtual network rule is set to *not* validate that the service_endpoint includes that value.
-    The endpoint is purposefully set to Microsoft.Storage.
-*/
-func testAccAzureRMPostgreSQLVirtualNetworkRule_ignoreEndpointValid(rInt int, location string) string {
-	return fmt.Sprintf(`
-resource "azurerm_resource_group" "test" {
-  name = "acctestRG-%d"
-  location = "%s"
-}
-resource "azurerm_virtual_network" "test" {
-  name                = "acctestvnet%d"
-  address_space       = ["10.7.29.0/29"]
-  location            = "${azurerm_resource_group.test.location}"
-  resource_group_name = "${azurerm_resource_group.test.name}"
-}
-resource "azurerm_subnet" "test" {
-  name = "acctestsubnet%d"
-  resource_group_name = "${azurerm_resource_group.test.name}"
-  virtual_network_name = "${azurerm_virtual_network.test.name}"
-  address_prefix = "10.7.29.0/29"
-  service_endpoints = ["Microsoft.Storage"]
-}
-resource "azurerm_postgresql_server" "test" {
-  name                = "acctestpostgresqlsvr-%d"
-  location            = "${azurerm_resource_group.test.location}"
-  resource_group_name = "${azurerm_resource_group.test.name}"
-  sku {
-    name     = "GP_Gen5_2"
-    capacity = 2
-    tier     = "GeneralPurpose"
-    family   = "Gen5"
-  }
-  storage_profile {
-    storage_mb            = 51200
-    backup_retention_days = 7
-    geo_redundant_backup  = "Disabled"
-  }
-  administrator_login          = "acctestun"
-  administrator_login_password = "H@Sh1CoR3!"
-  version                      = "9.5"
-  ssl_enforcement              = "Enabled"
-}
-resource "azurerm_postgresql_virtual_network_rule" "test" {
-  name = "acctestpostgresqlvnetrule%d"
-  resource_group_name = "${azurerm_resource_group.test.name}"
-  server_name = "${azurerm_postgresql_server.test.name}"
-  subnet_id = "${azurerm_subnet.test.id}"
-  ignore_missing_vnet_service_endpoint = true
-}
-`, rInt, location, rInt, rInt, rInt, rInt)
-}
-
 /*
 	(This test configuration is intended to succeed.)
 	This configuration sets up 3 subnets in 2 different virtual networks, and adds
@@ -746,21 +600,18 @@ resource "azurerm_postgresql_virtual_network_rule" "rule1" {
   resource_group_name = "${azurerm_resource_group.test.name}"
   server_name = "${azurerm_postgresql_server.test.name}"
   subnet_id = "${azurerm_subnet.vnet1_subnet1.id}"
-  ignore_missing_vnet_service_endpoint = false
 }
 resource "azurerm_postgresql_virtual_network_rule" "rule2" {
   name = "acctestpostgresqlvnetrule2%d"
   resource_group_name = "${azurerm_resource_group.test.name}"
   server_name = "${azurerm_postgresql_server.test.name}"
   subnet_id = "${azurerm_subnet.vnet1_subnet2.id}"
-  ignore_missing_vnet_service_endpoint = false
 }
 resource "azurerm_postgresql_virtual_network_rule" "rule3" {
   name = "acctestpostgresqlvnetrule3%d"
   resource_group_name = "${azurerm_resource_group.test.name}"
   server_name = "${azurerm_postgresql_server.test.name}"
   subnet_id = "${azurerm_subnet.vnet2_subnet1.id}"
-  ignore_missing_vnet_service_endpoint = false
 }
 `, rInt, location, rInt, rInt, rInt, rInt, rInt, rInt, rInt, rInt, rInt)
 }
diff --git a/website/docs/r/postgresql_virtual_network_rule.html.markdown b/website/docs/r/postgresql_virtual_network_rule.html.markdown
@@ -82,9 +82,7 @@ The following arguments are supported:
 
 * `subnet_id` - (Required) The ID of the subnet that the PostgreSQL server will be connected to.
 
-* `ignore_missing_vnet_service_endpoint` - (Optional) Create the virtual network rule before the subnet has the virtual network service endpoint enabled. The default value is false.
-
-~> **NOTE:** If `ignore_missing_vnet_service_endpoint` is false, and the target subnet does not contain the `Microsoft.SQL` endpoint in the `service_endpoints` array, the deployment will fail when it tries to create the PostgreSQL virtual network rule.
+~> **NOTE:** The resource is configured with `ignore_missing_vnet_service_endpoint` set to `true`, meaning the deployment will succeed even if the target subnet does not contain the `Microsoft.Sql` endpoint in the `service_endpoints` array. This attribute will be introduced once the API behaviour is consistent.
 
 ## Attributes Reference