From e32e5c5944e67ad5254ff43a08efa320e5e8fe0f Mon Sep 17 00:00:00 2001 From: Alexander Stuart-Kregor Date: Wed, 29 Aug 2018 11:09:57 +0100 Subject: [PATCH] Postgresql vnet rule - remove `ignore_missing_vnet_service_endpoint` attribute. --- ...rce_arm_postgresql_virtual_network_rule.go | 9 +- ...rm_postgresql_virtual_network_rule_test.go | 155 +----------------- ...tgresql_virtual_network_rule.html.markdown | 4 +- 3 files changed, 5 insertions(+), 163 deletions(-) diff --git a/azurerm/resource_arm_postgresql_virtual_network_rule.go b/azurerm/resource_arm_postgresql_virtual_network_rule.go index f91581048192..85e0db8cacb5 100644 --- a/azurerm/resource_arm_postgresql_virtual_network_rule.go +++ b/azurerm/resource_arm_postgresql_virtual_network_rule.go @@ -48,12 +48,6 @@ func resourceArmPostgreSQLVirtualNetworkRule() *schema.Resource { Required: true, ValidateFunc: azure.ValidateResourceID, }, - - "ignore_missing_vnet_service_endpoint": { - Type: schema.TypeBool, - Optional: true, - Default: false, //When not provided, Azure defaults to false - }, }, } } @@ -66,12 +60,11 @@ func resourceArmPostgreSQLVirtualNetworkRuleCreateUpdate(d *schema.ResourceData, serverName := d.Get("server_name").(string) resourceGroup := d.Get("resource_group_name").(string) virtualNetworkSubnetId := d.Get("subnet_id").(string) - ignoreMissingVnetServiceEndpoint := d.Get("ignore_missing_vnet_service_endpoint").(bool) parameters := postgresql.VirtualNetworkRule{ VirtualNetworkRuleProperties: &postgresql.VirtualNetworkRuleProperties{ VirtualNetworkSubnetID: utils.String(virtualNetworkSubnetId), - IgnoreMissingVnetServiceEndpoint: utils.Bool(ignoreMissingVnetServiceEndpoint), + IgnoreMissingVnetServiceEndpoint: utils.Bool(true), }, } diff --git a/azurerm/resource_arm_postgresql_virtual_network_rule_test.go b/azurerm/resource_arm_postgresql_virtual_network_rule_test.go index d2b36db98353..c050eed97d29 100644 --- a/azurerm/resource_arm_postgresql_virtual_network_rule_test.go +++ b/azurerm/resource_arm_postgresql_virtual_network_rule_test.go @@ -14,14 +14,11 @@ import ( /* ---Testing for Success--- - Test a basic PostgreSQL virtual network rule configuration setup and update scenario, and - validate that new property is set correctly. + Test a basic PostgreSQL virtual network rule configuration setup scenario. */ func TestAccAzureRMPostgreSQLVirtualNetworkRule_basic(t *testing.T) { resourceName := "azurerm_postgresql_virtual_network_rule.test" ri := acctest.RandInt() - preConfig := testAccAzureRMPostgreSQLVirtualNetworkRule_basic(ri, testLocation()) - postConfig := testAccAzureRMPostgreSQLVirtualNetworkRule_withUpdates(ri, testLocation()) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -29,17 +26,9 @@ func TestAccAzureRMPostgreSQLVirtualNetworkRule_basic(t *testing.T) { CheckDestroy: testCheckAzureRMPostgreSQLVirtualNetworkRuleDestroy, Steps: []resource.TestStep{ { - Config: preConfig, - Check: resource.ComposeTestCheckFunc( - testCheckAzureRMPostgreSQLVirtualNetworkRuleExists(resourceName), - resource.TestCheckResourceAttr(resourceName, "ignore_missing_vnet_service_endpoint", "false"), - ), - }, - { - Config: postConfig, + Config: testAccAzureRMPostgreSQLVirtualNetworkRule_basic(ri, testLocation()), Check: resource.ComposeTestCheckFunc( testCheckAzureRMPostgreSQLVirtualNetworkRuleExists(resourceName), - resource.TestCheckResourceAttr(resourceName, "ignore_missing_vnet_service_endpoint", "true"), ), }, }, @@ -110,35 +99,10 @@ func TestAccAzureRMPostgreSQLVirtualNetworkRule_disappears(t *testing.T) { }) } -/* - --Testing for Success-- - Test if we are able to create a vnet without the SQL endpoint, but SQL rule - is still applied since the endpoint validation will be set to false. -*/ -func TestAccAzureRMPostgreSQLVirtualNetworkRule_IgnoreEndpointValid(t *testing.T) { - resourceName := "azurerm_postgresql_virtual_network_rule.test" - ri := acctest.RandInt() - config := testAccAzureRMPostgreSQLVirtualNetworkRule_ignoreEndpointValid(ri, testLocation()) - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testCheckAzureRMPostgreSQLVirtualNetworkRuleDestroy, - Steps: []resource.TestStep{ - { - Config: config, - Check: resource.ComposeTestCheckFunc( - testCheckAzureRMPostgreSQLVirtualNetworkRuleExists(resourceName), - ), - }, - }, - }) -} - /* --Testing for Success-- Test if we are able to create multiple subnets and connect multiple subnets to the - SQL server. + PostgreSQL server. */ func TestAccAzureRMPostgreSQLVirtualNetworkRule_multipleSubnets(t *testing.T) { resourceName1 := "azurerm_postgresql_virtual_network_rule.rule1" @@ -442,61 +406,6 @@ resource "azurerm_postgresql_virtual_network_rule" "test" { resource_group_name = "${azurerm_resource_group.test.name}" server_name = "${azurerm_postgresql_server.test.name}" subnet_id = "${azurerm_subnet.test.id}" - ignore_missing_vnet_service_endpoint = false -} -`, rInt, location, rInt, rInt, rInt, rInt) -} - -/* - (This test configuration is intended to succeed.) - Basic Provisioning Update Configuration (all other properties would recreate the rule) - ignore_missing_vnet_service_endpoint (false ==> true) -*/ -func testAccAzureRMPostgreSQLVirtualNetworkRule_withUpdates(rInt int, location string) string { - return fmt.Sprintf(` -resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" -} -resource "azurerm_virtual_network" "test" { - name = "acctestvnet%d" - address_space = ["10.7.29.0/29"] - location = "${azurerm_resource_group.test.location}" - resource_group_name = "${azurerm_resource_group.test.name}" -} -resource "azurerm_subnet" "test" { - name = "acctestsubnet%d" - resource_group_name = "${azurerm_resource_group.test.name}" - virtual_network_name = "${azurerm_virtual_network.test.name}" - address_prefix = "10.7.29.0/29" - service_endpoints = ["Microsoft.Sql"] -} -resource "azurerm_postgresql_server" "test" { - name = "acctestpostgresqlsvr-%d" - location = "${azurerm_resource_group.test.location}" - resource_group_name = "${azurerm_resource_group.test.name}" - sku { - name = "GP_Gen5_2" - capacity = 2 - tier = "GeneralPurpose" - family = "Gen5" - } - storage_profile { - storage_mb = 51200 - backup_retention_days = 7 - geo_redundant_backup = "Disabled" - } - administrator_login = "acctestun" - administrator_login_password = "H@Sh1CoR3!" - version = "9.5" - ssl_enforcement = "Enabled" -} -resource "azurerm_postgresql_virtual_network_rule" "test" { - name = "acctestpostgresqlvnetrule%d" - resource_group_name = "${azurerm_resource_group.test.name}" - server_name = "${azurerm_postgresql_server.test.name}" - subnet_id = "${azurerm_subnet.test.id}" - ignore_missing_vnet_service_endpoint = true } `, rInt, location, rInt, rInt, rInt, rInt) } @@ -622,61 +531,6 @@ resource "azurerm_postgresql_virtual_network_rule" "test" { `, rInt, location, rInt, rInt, rInt, rInt, rInt) } -/* - (This test configuration is intended to succeed.) - Succeeds because subnet's service_endpoints does not include 'Microsoft.Sql' and the SQL - virtual network rule is set to *not* validate that the service_endpoint includes that value. - The endpoint is purposefully set to Microsoft.Storage. -*/ -func testAccAzureRMPostgreSQLVirtualNetworkRule_ignoreEndpointValid(rInt int, location string) string { - return fmt.Sprintf(` -resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" -} -resource "azurerm_virtual_network" "test" { - name = "acctestvnet%d" - address_space = ["10.7.29.0/29"] - location = "${azurerm_resource_group.test.location}" - resource_group_name = "${azurerm_resource_group.test.name}" -} -resource "azurerm_subnet" "test" { - name = "acctestsubnet%d" - resource_group_name = "${azurerm_resource_group.test.name}" - virtual_network_name = "${azurerm_virtual_network.test.name}" - address_prefix = "10.7.29.0/29" - service_endpoints = ["Microsoft.Storage"] -} -resource "azurerm_postgresql_server" "test" { - name = "acctestpostgresqlsvr-%d" - location = "${azurerm_resource_group.test.location}" - resource_group_name = "${azurerm_resource_group.test.name}" - sku { - name = "GP_Gen5_2" - capacity = 2 - tier = "GeneralPurpose" - family = "Gen5" - } - storage_profile { - storage_mb = 51200 - backup_retention_days = 7 - geo_redundant_backup = "Disabled" - } - administrator_login = "acctestun" - administrator_login_password = "H@Sh1CoR3!" - version = "9.5" - ssl_enforcement = "Enabled" -} -resource "azurerm_postgresql_virtual_network_rule" "test" { - name = "acctestpostgresqlvnetrule%d" - resource_group_name = "${azurerm_resource_group.test.name}" - server_name = "${azurerm_postgresql_server.test.name}" - subnet_id = "${azurerm_subnet.test.id}" - ignore_missing_vnet_service_endpoint = true -} -`, rInt, location, rInt, rInt, rInt, rInt) -} - /* (This test configuration is intended to succeed.) This configuration sets up 3 subnets in 2 different virtual networks, and adds @@ -746,21 +600,18 @@ resource "azurerm_postgresql_virtual_network_rule" "rule1" { resource_group_name = "${azurerm_resource_group.test.name}" server_name = "${azurerm_postgresql_server.test.name}" subnet_id = "${azurerm_subnet.vnet1_subnet1.id}" - ignore_missing_vnet_service_endpoint = false } resource "azurerm_postgresql_virtual_network_rule" "rule2" { name = "acctestpostgresqlvnetrule2%d" resource_group_name = "${azurerm_resource_group.test.name}" server_name = "${azurerm_postgresql_server.test.name}" subnet_id = "${azurerm_subnet.vnet1_subnet2.id}" - ignore_missing_vnet_service_endpoint = false } resource "azurerm_postgresql_virtual_network_rule" "rule3" { name = "acctestpostgresqlvnetrule3%d" resource_group_name = "${azurerm_resource_group.test.name}" server_name = "${azurerm_postgresql_server.test.name}" subnet_id = "${azurerm_subnet.vnet2_subnet1.id}" - ignore_missing_vnet_service_endpoint = false } `, rInt, location, rInt, rInt, rInt, rInt, rInt, rInt, rInt, rInt, rInt) } diff --git a/website/docs/r/postgresql_virtual_network_rule.html.markdown b/website/docs/r/postgresql_virtual_network_rule.html.markdown index 6a01d4ecca6e..8987e46c8011 100644 --- a/website/docs/r/postgresql_virtual_network_rule.html.markdown +++ b/website/docs/r/postgresql_virtual_network_rule.html.markdown @@ -82,9 +82,7 @@ The following arguments are supported: * `subnet_id` - (Required) The ID of the subnet that the PostgreSQL server will be connected to. -* `ignore_missing_vnet_service_endpoint` - (Optional) Create the virtual network rule before the subnet has the virtual network service endpoint enabled. The default value is false. - -~> **NOTE:** If `ignore_missing_vnet_service_endpoint` is false, and the target subnet does not contain the `Microsoft.SQL` endpoint in the `service_endpoints` array, the deployment will fail when it tries to create the PostgreSQL virtual network rule. +~> **NOTE:** The resource is configured with `ignore_missing_vnet_service_endpoint` set to `true`, meaning the deployment will succeed even if the target subnet does not contain the `Microsoft.Sql` endpoint in the `service_endpoints` array. This attribute will be introduced once the API behaviour is consistent. ## Attributes Reference