data azurerm_disk_encryption_set - support identity

internal/services/compute/disk_encryption_set_data_source.go

@@ -9,6 +9,7 @@ import (
 
 	"github.com/hashicorp/go-azure-helpers/lang/response"
 	"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
+	"github.com/hashicorp/go-azure-helpers/resourcemanager/identity"
 	"github.com/hashicorp/go-azure-helpers/resourcemanager/location"
 	"github.com/hashicorp/go-azure-helpers/resourcemanager/tags"
 	"github.com/hashicorp/go-azure-sdk/resource-manager/compute/2022-03-02/diskencryptionsets"
@@ -43,6 +44,8 @@ func dataSourceDiskEncryptionSet() *pluginsdk.Resource {
 				Computed: true,
 			},
 
+			"identity": commonschema.SystemAssignedUserAssignedIdentityComputed(),
+
 			"tags": commonschema.TagsDataSource(),
 		},
 	}
@@ -76,5 +79,14 @@ func dataSourceDiskEncryptionSetRead(d *pluginsdk.ResourceData, meta interface{}
 		d.Set("auto_key_rotation_enabled", props.RotationToLatestKeyVersionEnabled)
 	}
 
+	flattenedIdentity, err := identity.FlattenSystemAndUserAssignedMap(model.Identity)
+	if err != nil {
+		return fmt.Errorf("flattening `identity`: %+v", err)
+	}
+
+	if err := d.Set("identity", flattenedIdentity); err != nil {
+		return fmt.Errorf("setting `identity`: %+v", err)
+	}
+
 	return tags.FlattenAndSet(d, model.Tags)
 }

internal/services/compute/disk_encryption_set_data_source_test.go

@@ -44,6 +44,23 @@ func TestAccDataSourceDiskEncryptionSet_update(t *testing.T) {
 	})
 }
 
+func TestAccDataSourceDiskEncryptionSet_identity(t *testing.T) {
+	data := acceptance.BuildTestData(t, "data.azurerm_disk_encryption_set", "test")
+	r := DiskEncryptionSetDataSource{}
+	data.DataSourceTest(t, []acceptance.TestStep{
+		{
+			Config: r.identity(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).Key("location").Exists(),
+				check.That(data.ResourceName).Key("identity.0.type").HasValue("SystemAssigned, UserAssigned"),
+				check.That(data.ResourceName).Key("identity.0.principal_id").Exists(),
+				check.That(data.ResourceName).Key("identity.0.tenant_id").Exists(),
+				check.That(data.ResourceName).Key("identity.0.identity_ids.#").HasValue("1"),
+			),
+		},
+	})
+}
+
 func (DiskEncryptionSetDataSource) basic(data acceptance.TestData) string {
 	return fmt.Sprintf(`
 %s
@@ -65,3 +82,14 @@ data "azurerm_disk_encryption_set" "test" {
 }
 `, DiskEncryptionSetResource{}.complete(data))
 }
+
+func (DiskEncryptionSetDataSource) identity(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+data "azurerm_disk_encryption_set" "test" {
+  name                = azurerm_disk_encryption_set.test.name
+  resource_group_name = azurerm_disk_encryption_set.test.resource_group_name
+}
+`, DiskEncryptionSetResource{}.systemAssignedUserAssignedIdentity(data))
+}

internal/services/compute/disk_encryption_set_resource_test.go

@@ -297,7 +297,8 @@ resource "azurerm_key_vault_access_policy" "disk-encryption" {
 
   tenant_id = azurerm_disk_encryption_set.test.identity.0.tenant_id
   object_id = azurerm_disk_encryption_set.test.identity.0.principal_id
-}`, r.dependencies(data, true))
+}
+`, r.dependencies(data, true))
 }
 
 func (r DiskEncryptionSetResource) basic(data acceptance.TestData) string {

website/docs/d/disk_encryption_set.html.markdown

@@ -41,8 +41,22 @@ The following attributes are exported:
 
 * `auto_key_rotation_enabled` - Is the Azure Disk Encryption Set Key automatically rotated to latest version?
 
+* `identity` - An `identity` block as defined below.
+
 * `tags` - A mapping of tags assigned to the Disk Encryption Set.
 
+---
+
+An `identity` block exports the following:
+
+* `type` - The type of Managed Service Identity that is configured on this Disk Encryption Set.
+
+* `identity_ids` - A list of User Assigned Managed Identity IDs assigned to this Disk Encryption Set.
+
+* `principal_id` - The (Client) ID of the Service Principal.
+
+* `tenant_id` - The ID of the Tenant the Service Principal is assigned in.
+
 ## Timeouts
 
 The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: