From fb47ae1609b66f6e72c626d3861f2778d2c36cf7 Mon Sep 17 00:00:00 2001 From: Yichun Ma Date: Fri, 18 Aug 2023 11:26:28 +0800 Subject: [PATCH] `data` `azurerm_disk_encryption_set` - support `identity` --- .../disk_encryption_set_data_source.go | 12 ++++++++ .../disk_encryption_set_data_source_test.go | 28 +++++++++++++++++++ .../disk_encryption_set_resource_test.go | 3 +- .../docs/d/disk_encryption_set.html.markdown | 14 ++++++++++ 4 files changed, 56 insertions(+), 1 deletion(-) diff --git a/internal/services/compute/disk_encryption_set_data_source.go b/internal/services/compute/disk_encryption_set_data_source.go index 855b160c71b21..8d28e840aaf2f 100644 --- a/internal/services/compute/disk_encryption_set_data_source.go +++ b/internal/services/compute/disk_encryption_set_data_source.go @@ -9,6 +9,7 @@ import ( "github.com/hashicorp/go-azure-helpers/lang/response" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" + "github.com/hashicorp/go-azure-helpers/resourcemanager/identity" "github.com/hashicorp/go-azure-helpers/resourcemanager/location" "github.com/hashicorp/go-azure-helpers/resourcemanager/tags" "github.com/hashicorp/go-azure-sdk/resource-manager/compute/2022-03-02/diskencryptionsets" @@ -43,6 +44,8 @@ func dataSourceDiskEncryptionSet() *pluginsdk.Resource { Computed: true, }, + "identity": commonschema.SystemAssignedUserAssignedIdentityComputed(), + "tags": commonschema.TagsDataSource(), }, } @@ -76,5 +79,14 @@ func dataSourceDiskEncryptionSetRead(d *pluginsdk.ResourceData, meta interface{} d.Set("auto_key_rotation_enabled", props.RotationToLatestKeyVersionEnabled) } + flattenedIdentity, err := identity.FlattenSystemAndUserAssignedMap(model.Identity) + if err != nil { + return fmt.Errorf("flattening `identity`: %+v", err) + } + + if err := d.Set("identity", flattenedIdentity); err != nil { + return fmt.Errorf("setting `identity`: %+v", err) + } + return tags.FlattenAndSet(d, model.Tags) } diff --git a/internal/services/compute/disk_encryption_set_data_source_test.go b/internal/services/compute/disk_encryption_set_data_source_test.go index 587755ce9bc81..f9ab324e8cefe 100644 --- a/internal/services/compute/disk_encryption_set_data_source_test.go +++ b/internal/services/compute/disk_encryption_set_data_source_test.go @@ -44,6 +44,23 @@ func TestAccDataSourceDiskEncryptionSet_update(t *testing.T) { }) } +func TestAccDataSourceDiskEncryptionSet_identity(t *testing.T) { + data := acceptance.BuildTestData(t, "data.azurerm_disk_encryption_set", "test") + r := DiskEncryptionSetDataSource{} + data.DataSourceTest(t, []acceptance.TestStep{ + { + Config: r.identity(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).Key("location").Exists(), + check.That(data.ResourceName).Key("identity.0.type").HasValue("SystemAssigned, UserAssigned"), + check.That(data.ResourceName).Key("identity.0.principal_id").Exists(), + check.That(data.ResourceName).Key("identity.0.tenant_id").Exists(), + check.That(data.ResourceName).Key("identity.0.identity_ids.#").HasValue("1"), + ), + }, + }) +} + func (DiskEncryptionSetDataSource) basic(data acceptance.TestData) string { return fmt.Sprintf(` %s @@ -65,3 +82,14 @@ data "azurerm_disk_encryption_set" "test" { } `, DiskEncryptionSetResource{}.complete(data)) } + +func (DiskEncryptionSetDataSource) identity(data acceptance.TestData) string { + return fmt.Sprintf(` +%s + +data "azurerm_disk_encryption_set" "test" { + name = azurerm_disk_encryption_set.test.name + resource_group_name = azurerm_disk_encryption_set.test.resource_group_name +} +`, DiskEncryptionSetResource{}.systemAssignedUserAssignedIdentity(data)) +} diff --git a/internal/services/compute/disk_encryption_set_resource_test.go b/internal/services/compute/disk_encryption_set_resource_test.go index 274e9acfbebd8..665b121e7d21b 100644 --- a/internal/services/compute/disk_encryption_set_resource_test.go +++ b/internal/services/compute/disk_encryption_set_resource_test.go @@ -297,7 +297,8 @@ resource "azurerm_key_vault_access_policy" "disk-encryption" { tenant_id = azurerm_disk_encryption_set.test.identity.0.tenant_id object_id = azurerm_disk_encryption_set.test.identity.0.principal_id -}`, r.dependencies(data, true)) +} +`, r.dependencies(data, true)) } func (r DiskEncryptionSetResource) basic(data acceptance.TestData) string { diff --git a/website/docs/d/disk_encryption_set.html.markdown b/website/docs/d/disk_encryption_set.html.markdown index 5ade1fa6e1541..dc17b4f73114d 100644 --- a/website/docs/d/disk_encryption_set.html.markdown +++ b/website/docs/d/disk_encryption_set.html.markdown @@ -41,8 +41,22 @@ The following attributes are exported: * `auto_key_rotation_enabled` - Is the Azure Disk Encryption Set Key automatically rotated to latest version? +* `identity` - An `identity` block as defined below. + * `tags` - A mapping of tags assigned to the Disk Encryption Set. +--- + +An `identity` block exports the following: + +* `type` - The type of Managed Service Identity that is configured on this Disk Encryption Set. + +* `identity_ids` - A list of User Assigned Managed Identity IDs assigned to this Disk Encryption Set. + +* `principal_id` - The (Client) ID of the Service Principal. + +* `tenant_id` - The ID of the Tenant the Service Principal is assigned in. + ## Timeouts The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: