Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_data_lake_store - support for encryption/firewall properties #1623

Merged
merged 6 commits into from
Jul 24, 2018

Conversation

katbyte
Copy link
Collaborator

@katbyte katbyte commented Jul 21, 2018

This adds the ability to disable encryption and use user assigned encryption keys from a key vault.

Still a work in progress as the UserAssigned test fails:

[16:49:00] kt@snowbook:~/hashi/..3../terraform-providers/terraform-provider-azurerm$ make fmt; make debugacc TEST=./azurerm TESTARGS=-test.run=TestAccAzureRMDataLakeStore_encryptionUserManaged
gofmt -w $(find . -name '*.go' |grep -v vendor)
==> Checking that code complies with gofmt requirements...
TF_ACC=1 dlv test ./azurerm --headless --listen=:2345 --api-version=2 -- -test.v -test.run=TestAccAzureRMDataLakeStore_encryptionUserManaged
API server listening at: [::]:2345
=== RUN   TestAccAzureRMDataLakeStore_encryptionUserManaged
--- FAIL: TestAccAzureRMDataLakeStore_encryptionUserManaged (293.98s)
	testing.go:513: Step 0 error: Error applying: 1 error(s) occurred:

		* azurerm_data_lake_store.test: 1 error(s) occurred:

		* azurerm_data_lake_store.test: Error creating Data Lake Store "acctest166760881284881" (Resource Group "acctestRG-166760881284881363"): Code="BadRequest" Message="Invalid parameters: Payload.EncryptionConfig.MsiSecretUri Trace: bec4b852-110b-469d-be90-48535cb2e6cd Time: 2018-07-20T16:52:57.7328115-07:00"
FAIL

Fixes #1603

Tests pass:
```
$ acctests azurerm TestAccAzureRMDataLakeStore_

=== RUN   TestAccAzureRMDataLakeStore_basic
--- PASS: TestAccAzureRMDataLakeStore_basic (147.99s)
=== RUN   TestAccAzureRMDataLakeStore_tier
--- PASS: TestAccAzureRMDataLakeStore_tier (140.91s)
=== RUN   TestAccAzureRMDataLakeStore_encryptionDisabled
--- PASS: TestAccAzureRMDataLakeStore_encryptionDisabled (126.77s)
=== RUN   TestAccAzureRMDataLakeStore_firewallUpdate
--- PASS: TestAccAzureRMDataLakeStore_firewallUpdate (253.79s)
=== RUN   TestAccAzureRMDataLakeStore_withTags
--- PASS: TestAccAzureRMDataLakeStore_withTags (161.95s)
PASS
ok  	github.com/terraform-providers/terraform-provider-azurerm/azurerm	831.835s
```
Tests pass:

```
$ acctests azurerm TestAccDataSourceAzureRMDataLakeStore_

=== RUN   TestAccDataSourceAzureRMDataLakeStore_basic
--- PASS: TestAccDataSourceAzureRMDataLakeStore_basic (150.71s)
=== RUN   TestAccDataSourceAzureRMDataLakeStore_tier
--- PASS: TestAccDataSourceAzureRMDataLakeStore_tier (143.18s)
PASS
ok  	github.com/terraform-providers/terraform-provider-azurerm/azurerm	294.220s
```
@tombuildsstuff tombuildsstuff changed the title azurerm_data_lake_store - Add encryption properties azurerm_data_lake_store - support for encryption/firewall properties Jul 23, 2018
Copy link
Member

@mbfrahry mbfrahry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! With a minor note about an optional attribute

@@ -37,6 +44,16 @@ The following arguments are supported:

* `tier` - (Optional) The monthly commitment tier for Data Lake Store. Accepted values are `Consumption`, `Commitment_1TB`, `Commitment_10TB`, `Commitment_100TB`, `Commitment_500TB`, `Commitment_1PB` or `Commitment_5PB`.

* `encryption_state` - (Optional) Is Encryption enabled on this Data Lake Store Account? Possible values are `Enabled` or `Disabled`. Defaults to `Enabled`.

* `encryption_type` - (Optional) The Encryption Type used for this Data Lake Store Account. Defaults to `SystemManaged` which is the only supported value at this time.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It depends on if Encryption's enabled or disabled, will push an update

@@ -65,15 +110,26 @@ func resourceArmDateLakeStoreCreate(d *schema.ResourceData, meta interface{}) er
location := azureRMNormalizeLocation(d.Get("location").(string))
resourceGroup := d.Get("resource_group_name").(string)
tier := d.Get("tier").(string)

encryptionState := account.EncryptionState(d.Get("encryption_state").(string))
encryptionType := account.EncryptionConfigType(d.Get("encryption_type").(string))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we do a d.GetOk with this value being Optional?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope, since otherwise there's no way to clear it (required when encryption is disabled)

@tombuildsstuff
Copy link
Contributor

Data Source Tests pass:

$ acctests azurerm TestAccDataSourceAzureRMDataLakeStore_

=== RUN   TestAccDataSourceAzureRMDataLakeStore_basic
--- PASS: TestAccDataSourceAzureRMDataLakeStore_basic (150.71s)
=== RUN   TestAccDataSourceAzureRMDataLakeStore_tier
--- PASS: TestAccDataSourceAzureRMDataLakeStore_tier (143.18s)
PASS
ok  	github.com/terraform-providers/terraform-provider-azurerm/azurerm	294.220s

Resource Tests pass:

$ acctests azurerm TestAccAzureRMDataLakeStore_

=== RUN   TestAccAzureRMDataLakeStore_basic
--- PASS: TestAccAzureRMDataLakeStore_basic (147.99s)
=== RUN   TestAccAzureRMDataLakeStore_tier
--- PASS: TestAccAzureRMDataLakeStore_tier (140.91s)
=== RUN   TestAccAzureRMDataLakeStore_encryptionDisabled
--- PASS: TestAccAzureRMDataLakeStore_encryptionDisabled (126.77s)
=== RUN   TestAccAzureRMDataLakeStore_firewallUpdate
--- PASS: TestAccAzureRMDataLakeStore_firewallUpdate (253.79s)
=== RUN   TestAccAzureRMDataLakeStore_withTags
--- PASS: TestAccAzureRMDataLakeStore_withTags (161.95s)
PASS
ok  	github.com/terraform-providers/terraform-provider-azurerm/azurerm	831.835s

@tombuildsstuff tombuildsstuff merged commit e8c6992 into master Jul 24, 2018
@tombuildsstuff tombuildsstuff deleted the f-datalake-store-encryption branch July 24, 2018 10:25
tombuildsstuff added a commit that referenced this pull request Jul 24, 2018
@ghost
Copy link

ghost commented Mar 30, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 30, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

azurerm_data_lake_store add "Enable Firewall" option
3 participants