diff --git a/internal/services/streamanalytics/stream_analytics_output_servicebus_queue_resource.go b/internal/services/streamanalytics/stream_analytics_output_servicebus_queue_resource.go index 0bd0206c7083a..1a7e89ebfbd9d 100644 --- a/internal/services/streamanalytics/stream_analytics_output_servicebus_queue_resource.go +++ b/internal/services/streamanalytics/stream_analytics_output_servicebus_queue_resource.go @@ -72,14 +72,14 @@ func resourceStreamAnalyticsOutputServiceBusQueue() *pluginsdk.Resource { "shared_access_policy_key": { Type: pluginsdk.TypeString, - Required: true, + Optional: true, Sensitive: true, ValidateFunc: validation.StringIsNotEmpty, }, "shared_access_policy_name": { Type: pluginsdk.TypeString, - Required: true, + Optional: true, ValidateFunc: validation.StringIsNotEmpty, }, @@ -148,19 +148,26 @@ func resourceStreamAnalyticsOutputServiceBusQueueCreateUpdate(d *pluginsdk.Resou } systemPropertyColumns := d.Get("system_property_columns") + + dataSourceProperties := &outputs.ServiceBusQueueOutputDataSourceProperties{ + QueueName: utils.String(queueName), + ServiceBusNamespace: utils.String(serviceBusNamespace), + PropertyColumns: utils.ExpandStringSlice(d.Get("property_columns").([]interface{})), + SystemPropertyColumns: &systemPropertyColumns, + AuthenticationMode: utils.ToPtr(outputs.AuthenticationMode(d.Get("authentication_mode").(string))), + } + + // Add shared access policy key/name only if required by authentication mode + if *dataSourceProperties.AuthenticationMode == outputs.AuthenticationModeConnectionString { + dataSourceProperties.SharedAccessPolicyName = utils.String(sharedAccessPolicyName) + dataSourceProperties.SharedAccessPolicyKey = utils.String(sharedAccessPolicyKey) + } + props := outputs.Output{ Name: utils.String(id.OutputName), Properties: &outputs.OutputProperties{ Datasource: &outputs.ServiceBusQueueOutputDataSource{ - Properties: &outputs.ServiceBusQueueOutputDataSourceProperties{ - QueueName: utils.String(queueName), - ServiceBusNamespace: utils.String(serviceBusNamespace), - SharedAccessPolicyKey: utils.String(sharedAccessPolicyKey), - SharedAccessPolicyName: utils.String(sharedAccessPolicyName), - PropertyColumns: utils.ExpandStringSlice(d.Get("property_columns").([]interface{})), - SystemPropertyColumns: &systemPropertyColumns, - AuthenticationMode: utils.ToPtr(outputs.AuthenticationMode(d.Get("authentication_mode").(string))), - }, + Properties: dataSourceProperties, }, Serialization: serialization, }, diff --git a/internal/services/streamanalytics/stream_analytics_output_servicebus_queue_resource_test.go b/internal/services/streamanalytics/stream_analytics_output_servicebus_queue_resource_test.go index f2072e4de7db9..1276c6035f67c 100644 --- a/internal/services/streamanalytics/stream_analytics_output_servicebus_queue_resource_test.go +++ b/internal/services/streamanalytics/stream_analytics_output_servicebus_queue_resource_test.go @@ -61,14 +61,14 @@ func TestAccStreamAnalyticsOutputServiceBusQueue_json(t *testing.T) { }) } -func TestAccStreamAnalyticsOutputServiceBusQueue_authenticationMode(t *testing.T) { +func TestAccStreamAnalyticsOutputServiceBusQueue_authenticationModeMsi(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_stream_analytics_output_servicebus_queue", "test") r := StreamAnalyticsOutputServiceBusQueueResource{} identity := "identity { type = \"SystemAssigned\" }" data.ResourceTest(t, r, []acceptance.TestStep{ { - Config: r.authenticationMode(data, identity), + Config: r.authenticationModeMsi(data, identity), Check: acceptance.ComposeTestCheckFunc( check.That(data.ResourceName).ExistsInAzure(r), ), @@ -434,7 +434,7 @@ resource "azurerm_stream_analytics_output_servicebus_queue" "import" { `, template) } -func (r StreamAnalyticsOutputServiceBusQueueResource) authenticationMode(data acceptance.TestData, identity string) string { +func (r StreamAnalyticsOutputServiceBusQueueResource) authenticationModeMsi(data acceptance.TestData, identity string) string { template := r.template(data, identity) return fmt.Sprintf(` %s @@ -445,8 +445,7 @@ resource "azurerm_stream_analytics_output_servicebus_queue" "test" { resource_group_name = azurerm_stream_analytics_job.test.resource_group_name queue_name = azurerm_servicebus_queue.test.name servicebus_namespace = azurerm_servicebus_namespace.test.name - shared_access_policy_key = azurerm_servicebus_namespace.test.default_primary_key - shared_access_policy_name = "RootManageSharedAccessKey" + authentication_mode = "Msi" serialization { type = "Json" diff --git a/website/docs/r/stream_analytics_output_servicebus_queue.html.markdown b/website/docs/r/stream_analytics_output_servicebus_queue.html.markdown index edd5ff4cf8e4e..f533e7b33b569 100644 --- a/website/docs/r/stream_analytics_output_servicebus_queue.html.markdown +++ b/website/docs/r/stream_analytics_output_servicebus_queue.html.markdown @@ -66,9 +66,9 @@ The following arguments are supported: * `servicebus_namespace` - (Required) The namespace that is associated with the desired Event Hub, Service Bus Queue, Service Bus Topic, etc. -* `shared_access_policy_key` - (Required) The shared access policy key for the specified shared access policy. +* `shared_access_policy_key` - (Optional) The shared access policy key for the specified shared access policy. Required if `authentication_mode` is `ConnectionString`. -* `shared_access_policy_name` - (Required) The shared access policy name for the Event Hub, Service Bus Queue, Service Bus Topic, etc. +* `shared_access_policy_name` - (Optional) The shared access policy name for the Event Hub, Service Bus Queue, Service Bus Topic, etc. Required if `authentication_mode` is `ConnectionString`. * `serialization` - (Required) A `serialization` block as defined below.