From f3a6ce6e4a8631a6dd77975b14acfa30b3da7e90 Mon Sep 17 00:00:00 2001 From: magodo Date: Sat, 20 Feb 2021 10:46:29 +0800 Subject: [PATCH 1/5] new resource: `azurerm_sentinel_data_connector_azure_active_directory` --- .../services/sentinel/registration.go | 7 +- ...l_data_connector_azure_active_directory.go | 168 ++++++++++++++++++ ...a_connector_azure_active_directory_test.go | 140 +++++++++++++++ website/azurerm.erb | 4 + ...ector_azure_active_directory.html.markdown | 66 +++++++ 5 files changed, 382 insertions(+), 3 deletions(-) create mode 100644 azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go create mode 100644 azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go create mode 100644 website/docs/r/sentinel_data_connector_azure_active_directory.html.markdown diff --git a/azurerm/internal/services/sentinel/registration.go b/azurerm/internal/services/sentinel/registration.go index 33a54ae3b1ca..fbc3b1a68641 100644 --- a/azurerm/internal/services/sentinel/registration.go +++ b/azurerm/internal/services/sentinel/registration.go @@ -29,8 +29,9 @@ func (r Registration) SupportedDataSources() map[string]*schema.Resource { // SupportedResources returns the supported Resources supported by this Service func (r Registration) SupportedResources() map[string]*schema.Resource { return map[string]*schema.Resource{ - "azurerm_sentinel_alert_rule_fusion": resourceSentinelAlertRuleFusion(), - "azurerm_sentinel_alert_rule_ms_security_incident": resourceSentinelAlertRuleMsSecurityIncident(), - "azurerm_sentinel_alert_rule_scheduled": resourceSentinelAlertRuleScheduled(), + "azurerm_sentinel_alert_rule_fusion": resourceSentinelAlertRuleFusion(), + "azurerm_sentinel_alert_rule_ms_security_incident": resourceSentinelAlertRuleMsSecurityIncident(), + "azurerm_sentinel_alert_rule_scheduled": resourceSentinelAlertRuleScheduled(), + "azurerm_sentinel_data_connector_azure_active_directory": resourceSentinelDataConnectorAzureActiveDirectory(), } } diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go new file mode 100644 index 000000000000..782fde7389c7 --- /dev/null +++ b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go @@ -0,0 +1,168 @@ +package sentinel + +import ( + "fmt" + "log" + "time" + + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients" + loganalyticsParse "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/loganalytics/parse" + loganalyticsValidate "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/loganalytics/validate" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/sentinel/parse" + azSchema "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tf/schema" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" +) + +func resourceSentinelDataConnectorAzureActiveDirectory() *schema.Resource { + return &schema.Resource{ + Create: resourceSentinelDataConnectorAzureActiveDirectoryCreate, + Read: resourceSentinelDataConnectorAzureActiveDirectoryRead, + Delete: resourceSentinelDataConnectorAzureActiveDirectoryDelete, + + Importer: azSchema.ValidateResourceIDPriorToImportThen(func(id string) error { + _, err := parse.DataConnectorID(id) + return err + }, importSentinelDataConnector(securityinsight.DataConnectorKindAzureActiveDirectory)), + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(30 * time.Minute), + Read: schema.DefaultTimeout(5 * time.Minute), + Delete: schema.DefaultTimeout(30 * time.Minute), + }, + + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringIsNotEmpty, + }, + + "log_analytics_workspace_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: loganalyticsValidate.LogAnalyticsWorkspaceID, + }, + + "tenant_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + ValidateFunc: validation.IsUUID, + }, + }, + } +} + +func resourceSentinelDataConnectorAzureActiveDirectoryCreate(d *schema.ResourceData, meta interface{}) error { + client := meta.(*clients.Client).Sentinel.DataConnectorsClient + ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d) + defer cancel() + + workspaceId, err := loganalyticsParse.LogAnalyticsWorkspaceID(d.Get("log_analytics_workspace_id").(string)) + if err != nil { + return err + } + name := d.Get("name").(string) + id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) + + if d.IsNewResource() { + resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name) + if err != nil { + if !utils.ResponseWasNotFound(resp.Response) { + return fmt.Errorf("checking for existing Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + } + } + + id := dataConnectorID(resp.Value) + if id != nil && *id != "" { + return tf.ImportAsExistsError("azurerm_sentinel_data_connector_azure_active_directory", *id) + } + } + + tenantId := d.Get("tenant_id").(string) + if tenantId == "" { + tenantId = meta.(*clients.Client).Account.TenantId + } + + param := securityinsight.AADDataConnector{ + Name: &name, + AADDataConnectorProperties: &securityinsight.AADDataConnectorProperties{ + TenantID: &tenantId, + DataTypes: &securityinsight.AlertsDataTypeOfDataConnector{ + Alerts: &securityinsight.AlertsDataTypeOfDataConnectorAlerts{ + State: securityinsight.Enabled, + }, + }, + }, + Kind: securityinsight.KindAzureActiveDirectory, + } + + _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name, param) + if err != nil { + return fmt.Errorf("creating Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + } + + d.SetId(id.ID()) + + return resourceSentinelDataConnectorAzureActiveDirectoryRead(d, meta) +} + +func resourceSentinelDataConnectorAzureActiveDirectoryRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*clients.Client).Sentinel.DataConnectorsClient + ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d) + defer cancel() + + id, err := parse.DataConnectorID(d.Id()) + if err != nil { + return err + } + workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) + + resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + log.Printf("[DEBUG] Sentinel Data Connector Azure Active Directory %q was not found - removing from state!", id) + d.SetId("") + return nil + } + + return fmt.Errorf("retrieving Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + } + + if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAzureActiveDirectory); err != nil { + return fmt.Errorf("asserting Sentinel Data Connector Azure Active Directory of %q: %+v", id, err) + } + dc := resp.Value.(securityinsight.AADDataConnector) + + d.Set("name", id.Name) + d.Set("log_analytics_workspace_id", workspaceId.ID()) + d.Set("tenant_id", dc.TenantID) + + return nil +} + +func resourceSentinelDataConnectorAzureActiveDirectoryDelete(d *schema.ResourceData, meta interface{}) error { + client := meta.(*clients.Client).Sentinel.DataConnectorsClient + ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d) + defer cancel() + + id, err := parse.DataConnectorID(d.Id()) + if err != nil { + return err + } + + _, err = client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + if err != nil { + return fmt.Errorf("deleting Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + } + + return nil +} diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go new file mode 100644 index 000000000000..16dd87944b6e --- /dev/null +++ b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go @@ -0,0 +1,140 @@ +package sentinel_test + +import ( + "context" + "fmt" + "testing" + + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/sentinel/parse" + + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance/check" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" +) + +type SentinelDataConnectorAzureActiveDirectoryResource struct{} + +func TestAccAzureRMSentinelDataConnectorAzureActiveDirectory_basic(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_sentinel_data_connector_azure_active_directory", "test") + r := SentinelDataConnectorAzureActiveDirectoryResource{} + + data.ResourceTest(t, r, []resource.TestStep{ + { + Config: r.basic(data), + Check: resource.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + +func TestAccAzureRMSentinelDataConnectorAzureActiveDirectory_complete(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_sentinel_data_connector_azure_active_directory", "test") + r := SentinelDataConnectorAzureActiveDirectoryResource{} + + data.ResourceTest(t, r, []resource.TestStep{ + { + Config: r.complete(data), + Check: resource.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + +func TestAccAzureRMSentinelDataConnectorAzureActiveDirectory_requiresImport(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_sentinel_data_connector_azure_active_directory", "test") + r := SentinelDataConnectorAzureActiveDirectoryResource{} + + data.ResourceTest(t, r, []resource.TestStep{ + { + Config: r.basic(data), + Check: resource.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.RequiresImportErrorStep(r.requiresImport), + }) +} + +func (r SentinelDataConnectorAzureActiveDirectoryResource) Exists(ctx context.Context, clients *clients.Client, state *terraform.InstanceState) (*bool, error) { + client := clients.Sentinel.DataConnectorsClient + + id, err := parse.DataConnectorID(state.ID) + if err != nil { + return nil, err + } + + if resp, err := client.Get(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.WorkspaceName, id.Name); err != nil { + if utils.ResponseWasNotFound(resp.Response) { + return utils.Bool(false), nil + } + return nil, fmt.Errorf("retrieving Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + } + + return utils.Bool(true), nil +} + +func (r SentinelDataConnectorAzureActiveDirectoryResource) basic(data acceptance.TestData) string { + template := r.template(data) + return fmt.Sprintf(` +%s + +resource "azurerm_sentinel_data_connector_azure_active_directory" "test" { + name = "accTestDC-%d" + log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id +} +`, template, data.RandomInteger) +} + +func (r SentinelDataConnectorAzureActiveDirectoryResource) complete(data acceptance.TestData) string { + template := r.template(data) + return fmt.Sprintf(` +%s + +data "azurerm_client_config" "test" {} + +resource "azurerm_sentinel_data_connector_azure_active_directory" "test" { + name = "accTestDC-%d" + log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id + tenant_id = data.azurerm_client_config.test.tenant_id +} +`, template, data.RandomInteger) +} + +func (r SentinelDataConnectorAzureActiveDirectoryResource) requiresImport(data acceptance.TestData) string { + template := r.basic(data) + return fmt.Sprintf(` +%s + +resource "azurerm_sentinel_data_connector_azure_active_directory" "import" { + name = azurerm_sentinel_data_connector_azure_active_directory.test.name + log_analytics_workspace_id = azurerm_sentinel_data_connector_azure_active_directory.test.log_analytics_workspace_id +} +`, template) +} + +func (r SentinelDataConnectorAzureActiveDirectoryResource) template(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-sentinel-%d" + location = "%s" +} + +resource "azurerm_log_analytics_workspace" "test" { + name = "acctestLAW-%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + sku = "PerGB2018" +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger) +} diff --git a/website/azurerm.erb b/website/azurerm.erb index ef53cb8dafc0..e89ec9cd1559 100644 --- a/website/azurerm.erb +++ b/website/azurerm.erb @@ -2850,6 +2850,10 @@
  • azurerm_sentinel_alert_rule_scheduled
  • + +
  • + azurerm_sentinel_data_connector_azure_active_directory +
  • diff --git a/website/docs/r/sentinel_data_connector_azure_active_directory.html.markdown b/website/docs/r/sentinel_data_connector_azure_active_directory.html.markdown new file mode 100644 index 000000000000..d6824dac4d3e --- /dev/null +++ b/website/docs/r/sentinel_data_connector_azure_active_directory.html.markdown @@ -0,0 +1,66 @@ +--- +subcategory: "Sentinel" +layout: "azurerm" +page_title: "Azure Resource Manager: azurerm_sentinel_data_connector_azure_active_directory" +description: |- + Manages a Azure Active Directory Data Connector. +--- + +# azurerm_sentinel_data_connector_azure_active_directory + +Manages a Azure Active Directory Data Connector. + +## Example Usage + +```hcl +resource "azurerm_resource_group" "example" { + name = "example-rg" + location = "west europe" +} + +resource "azurerm_log_analytics_workspace" "example" { + name = "example-workspace" + location = azurerm_resource_group.example.location + resource_group_name = azurerm_resource_group.example.name + sku = "PerGB2018" +} + +resource "azurerm_sentinel_data_connector_azure_active_directory" "example" { + name = "example" + log_analytics_workspace_id = azurerm_log_analytics_workspace.example.id +} +``` + +## Arguments Reference + +The following arguments are supported: + +- `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace that this Azure Active Directory Data Connector resides in. Changing this forces a new Azure Active Directory Data Connector to be created. + +* `name` - (Required) The name which should be used for this Azure Active Directory Data Connector. Changing this forces a new Azure Active Directory Data Connector to be created. + +--- + +- `tenant_id` - (Optional) The ID of the tenant that this Azure Active Directory Data Connector connects to. Changing this forces a new Azure Active Directory Data Connector to be created. + +## Attributes Reference + +In addition to the Arguments listed above - the following Attributes are exported: + +- `id` - The ID of the Azure Active Directory Data Connector. + +## Timeouts + +The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions: + +- `create` - (Defaults to 30 minutes) Used when creating the Azure Active Directory Data Connector. +- `read` - (Defaults to 5 minutes) Used when retrieving the Azure Active Directory Data Connector. +- `delete` - (Defaults to 30 minutes) Used when deleting the Azure Active Directory Data Connector. + +## Import + +Azure Active Directory Data Connectors can be imported using the `resource id`, e.g. + +```shell +terraform import azurerm_sentinel_data_connector_azure_active_directory.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/dataConnectors/dc1 +``` From b2a847a48cb1ce82507f531b35f872e6baba6a09 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Feb 2021 10:12:52 +0800 Subject: [PATCH 2/5] resolve some comments from other DC reviews --- .../internal/services/sentinel/sentinel.go | 2 +- .../services/sentinel/sentinel_alert_rule.go | 2 +- .../sentinel_alert_rule_data_source.go | 2 +- .../sentinel_alert_rule_fusion_resource.go | 10 ++++---- ...lert_rule_ms_security_incident_resource.go | 10 ++++---- .../sentinel_alert_rule_scheduled_resource.go | 10 ++++---- ...entinel_alert_rule_template_data_source.go | 4 +-- .../sentinel/sentinel_data_connector.go | 2 +- ...l_data_connector_azure_active_directory.go | 25 ++++++++----------- ...a_connector_azure_active_directory_test.go | 6 +++-- ...ector_azure_active_directory.html.markdown | 12 ++++----- 11 files changed, 42 insertions(+), 43 deletions(-) diff --git a/azurerm/internal/services/sentinel/sentinel.go b/azurerm/internal/services/sentinel/sentinel.go index 4632a5226017..944cb25dbecf 100644 --- a/azurerm/internal/services/sentinel/sentinel.go +++ b/azurerm/internal/services/sentinel/sentinel.go @@ -1,3 +1,3 @@ package sentinel -const operationalInsightsResourceProvider = "Microsoft.OperationalInsights" +const OperationalInsightsResourceProvider = "Microsoft.OperationalInsights" diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule.go b/azurerm/internal/services/sentinel/sentinel_alert_rule.go index 011d3a2f32d6..0e8da8b6ebb0 100644 --- a/azurerm/internal/services/sentinel/sentinel_alert_rule.go +++ b/azurerm/internal/services/sentinel/sentinel_alert_rule.go @@ -37,7 +37,7 @@ func importSentinelAlertRule(expectKind securityinsight.AlertRuleKind) func(d *s ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d) defer cancel() - resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) if err != nil { return nil, fmt.Errorf("retrieving Sentinel Alert Rule %q: %+v", id, err) } diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_data_source.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_data_source.go index f9ec71ff1f05..e5a704f8b912 100644 --- a/azurerm/internal/services/sentinel/sentinel_alert_rule_data_source.go +++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_data_source.go @@ -51,7 +51,7 @@ func dataSourceSentinelAlertRuleRead(d *schema.ResourceData, meta interface{}) e } id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) - resp, err := client.Get(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("Sentinel Alert Rule %q was not found", id) diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go index c7a065e5946e..a85f961264da 100644 --- a/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go +++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go @@ -82,7 +82,7 @@ func resourceSentinelAlertRuleFusionCreateUpdate(d *schema.ResourceData, meta in id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing Sentinel Alert Rule Fusion %q: %+v", id, err) @@ -105,7 +105,7 @@ func resourceSentinelAlertRuleFusionCreateUpdate(d *schema.ResourceData, meta in // Service avoid concurrent update of this resource via checking the "etag" to guarantee it is the same value as last Read. if !d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving Sentinel Alert Rule Fusion %q: %+v", id, err) } @@ -116,7 +116,7 @@ func resourceSentinelAlertRuleFusionCreateUpdate(d *schema.ResourceData, meta in params.Etag = resp.Value.(securityinsight.FusionAlertRule).Etag } - if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name, params); err != nil { + if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name, params); err != nil { return fmt.Errorf("creating Sentinel Alert Rule Fusion %q: %+v", id, err) } @@ -135,7 +135,7 @@ func resourceSentinelAlertRuleFusionRead(d *schema.ResourceData, meta interface{ return err } - resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] Sentinel Alert Rule Fusion %q was not found - removing from state!", id) @@ -174,7 +174,7 @@ func resourceSentinelAlertRuleFusionDelete(d *schema.ResourceData, meta interfac return err } - if _, err := client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting Sentinel Alert Rule Fusion %q: %+v", id, err) } diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource.go index 37a4927a8b78..a298e5c84d89 100644 --- a/azurerm/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource.go +++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource.go @@ -155,7 +155,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentCreateUpdate(d *schema.ResourceD id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing Sentinel Alert Rule Ms Security Incident %q: %+v", id, err) @@ -195,7 +195,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentCreateUpdate(d *schema.ResourceD // Service avoid concurrent update of this resource via checking the "etag" to guarantee it is the same value as last Read. if !d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving Sentinel Alert Rule Ms Security Incident %q: %+v", id, err) } @@ -206,7 +206,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentCreateUpdate(d *schema.ResourceD param.Etag = resp.Value.(securityinsight.MicrosoftSecurityIncidentCreationAlertRule).Etag } - if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name, param); err != nil { + if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name, param); err != nil { return fmt.Errorf("creating Sentinel Alert Rule Ms Security Incident %q: %+v", id, err) } @@ -225,7 +225,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentRead(d *schema.ResourceData, met return err } - resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] Sentinel Alert Rule Ms Security Incident %q was not found - removing from state!", id) @@ -279,7 +279,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentDelete(d *schema.ResourceData, m return err } - if _, err := client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting Sentinel Alert Rule Ms Security Incident %q: %+v", id, err) } diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_scheduled_resource.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_scheduled_resource.go index cd9157d0ccba..57a5c6baa35a 100644 --- a/azurerm/internal/services/sentinel/sentinel_alert_rule_scheduled_resource.go +++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_scheduled_resource.go @@ -262,7 +262,7 @@ func resourceSentinelAlertRuleScheduledCreateUpdate(d *schema.ResourceData, meta id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing Sentinel Alert Rule Scheduled %q: %+v", id, err) @@ -326,7 +326,7 @@ func resourceSentinelAlertRuleScheduledCreateUpdate(d *schema.ResourceData, meta // Service avoid concurrent update of this resource via checking the "etag" to guarantee it is the same value as last Read. if !d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving Sentinel Alert Rule Scheduled %q: %+v", id, err) } @@ -337,7 +337,7 @@ func resourceSentinelAlertRuleScheduledCreateUpdate(d *schema.ResourceData, meta param.Etag = resp.Value.(securityinsight.ScheduledAlertRule).Etag } - if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name, param); err != nil { + if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name, param); err != nil { return fmt.Errorf("creating Sentinel Alert Rule Scheduled %q: %+v", id, err) } @@ -356,7 +356,7 @@ func resourceSentinelAlertRuleScheduledRead(d *schema.ResourceData, meta interfa return err } - resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] Sentinel Alert Rule Scheduled %q was not found - removing from state!", id) @@ -421,7 +421,7 @@ func resourceSentinelAlertRuleScheduledDelete(d *schema.ResourceData, meta inter return err } - if _, err := client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting Sentinel Alert Rule Scheduled %q: %+v", id, err) } diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_template_data_source.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_template_data_source.go index f6db127c3515..231da1638941 100644 --- a/azurerm/internal/services/sentinel/sentinel_alert_rule_template_data_source.go +++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_template_data_source.go @@ -156,7 +156,7 @@ func dataSourceSentinelAlertRuleTemplateRead(d *schema.ResourceData, meta interf } func getAlertRuleTemplateByName(ctx context.Context, client *securityinsight.AlertRuleTemplatesClient, workspaceID *loganalyticsParse.LogAnalyticsWorkspaceId, name string) (res securityinsight.BasicAlertRuleTemplate, err error) { - template, err := client.Get(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + template, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) if err != nil { return nil, err } @@ -164,7 +164,7 @@ func getAlertRuleTemplateByName(ctx context.Context, client *securityinsight.Ale } func getAlertRuleTemplateByDisplayName(ctx context.Context, client *securityinsight.AlertRuleTemplatesClient, workspaceID *loganalyticsParse.LogAnalyticsWorkspaceId, name string) (res securityinsight.BasicAlertRuleTemplate, err error) { - templates, err := client.ListComplete(ctx, workspaceID.ResourceGroup, operationalInsightsResourceProvider, workspaceID.WorkspaceName) + templates, err := client.ListComplete(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName) if err != nil { return nil, err } diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector.go b/azurerm/internal/services/sentinel/sentinel_data_connector.go index 66e35d235cb5..053799fbd981 100644 --- a/azurerm/internal/services/sentinel/sentinel_data_connector.go +++ b/azurerm/internal/services/sentinel/sentinel_data_connector.go @@ -25,7 +25,7 @@ func importSentinelDataConnector(expectKind securityinsight.DataConnectorKind) f ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d) defer cancel() - resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) if err != nil { return nil, fmt.Errorf("retrieving Sentinel Alert Rule %q: %+v", id, err) } diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go index 782fde7389c7..1cb457b95862 100644 --- a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go +++ b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go @@ -74,17 +74,14 @@ func resourceSentinelDataConnectorAzureActiveDirectoryCreate(d *schema.ResourceD id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { - return fmt.Errorf("checking for existing Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + return fmt.Errorf("checking for existing %s: %+v", id, err) } } - id := dataConnectorID(resp.Value) - if id != nil && *id != "" { - return tf.ImportAsExistsError("azurerm_sentinel_data_connector_azure_active_directory", *id) - } + return tf.ImportAsExistsError("azurerm_sentinel_data_connector_azure_active_directory", id.ID()) } tenantId := d.Get("tenant_id").(string) @@ -105,9 +102,9 @@ func resourceSentinelDataConnectorAzureActiveDirectoryCreate(d *schema.ResourceD Kind: securityinsight.KindAzureActiveDirectory, } - _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name, param) + _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param) if err != nil { - return fmt.Errorf("creating Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + return fmt.Errorf("creating %s: %+v", id, err) } d.SetId(id.ID()) @@ -126,19 +123,19 @@ func resourceSentinelDataConnectorAzureActiveDirectoryRead(d *schema.ResourceDat } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { - log.Printf("[DEBUG] Sentinel Data Connector Azure Active Directory %q was not found - removing from state!", id) + log.Printf("[DEBUG] %s was not found - removing from state!", id) d.SetId("") return nil } - return fmt.Errorf("retrieving Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + return fmt.Errorf("retrieving %s: %+v", id, err) } if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAzureActiveDirectory); err != nil { - return fmt.Errorf("asserting Sentinel Data Connector Azure Active Directory of %q: %+v", id, err) + return fmt.Errorf("asserting %s: %+v", id, err) } dc := resp.Value.(securityinsight.AADDataConnector) @@ -159,9 +156,9 @@ func resourceSentinelDataConnectorAzureActiveDirectoryDelete(d *schema.ResourceD return err } - _, err = client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name) + _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) if err != nil { - return fmt.Errorf("deleting Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + return fmt.Errorf("deleting %s: %+v", id, err) } return nil diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go index 16dd87944b6e..31e0e55aa0d5 100644 --- a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go +++ b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go @@ -5,6 +5,8 @@ import ( "fmt" "testing" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/sentinel" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" @@ -70,11 +72,11 @@ func (r SentinelDataConnectorAzureActiveDirectoryResource) Exists(ctx context.Co return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } - return nil, fmt.Errorf("retrieving Sentinel Data Connector Azure Active Directory %q: %+v", id, err) + return nil, fmt.Errorf("retrieving %s: %+v", id, err) } return utils.Bool(true), nil diff --git a/website/docs/r/sentinel_data_connector_azure_active_directory.html.markdown b/website/docs/r/sentinel_data_connector_azure_active_directory.html.markdown index d6824dac4d3e..e60c16f24b18 100644 --- a/website/docs/r/sentinel_data_connector_azure_active_directory.html.markdown +++ b/website/docs/r/sentinel_data_connector_azure_active_directory.html.markdown @@ -35,27 +35,27 @@ resource "azurerm_sentinel_data_connector_azure_active_directory" "example" { The following arguments are supported: -- `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace that this Azure Active Directory Data Connector resides in. Changing this forces a new Azure Active Directory Data Connector to be created. +* `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace that this Azure Active Directory Data Connector resides in. Changing this forces a new Azure Active Directory Data Connector to be created. * `name` - (Required) The name which should be used for this Azure Active Directory Data Connector. Changing this forces a new Azure Active Directory Data Connector to be created. --- -- `tenant_id` - (Optional) The ID of the tenant that this Azure Active Directory Data Connector connects to. Changing this forces a new Azure Active Directory Data Connector to be created. +* `tenant_id` - (Optional) The ID of the tenant that this Azure Active Directory Data Connector connects to. Changing this forces a new Azure Active Directory Data Connector to be created. ## Attributes Reference In addition to the Arguments listed above - the following Attributes are exported: -- `id` - The ID of the Azure Active Directory Data Connector. +* `id` - The ID of the Azure Active Directory Data Connector. ## Timeouts The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions: -- `create` - (Defaults to 30 minutes) Used when creating the Azure Active Directory Data Connector. -- `read` - (Defaults to 5 minutes) Used when retrieving the Azure Active Directory Data Connector. -- `delete` - (Defaults to 30 minutes) Used when deleting the Azure Active Directory Data Connector. +* `create` - (Defaults to 30 minutes) Used when creating the Azure Active Directory Data Connector. +* `read` - (Defaults to 5 minutes) Used when retrieving the Azure Active Directory Data Connector. +* `delete` - (Defaults to 30 minutes) Used when deleting the Azure Active Directory Data Connector. ## Import From ce6ddb91d73199f9e39d1b3f4b9b9e36396207d5 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 24 Feb 2021 10:22:27 +0800 Subject: [PATCH 3/5] use type assertion rather than artificial asert function --- .../internal/services/sentinel/sentinel_data_connector.go | 4 ---- .../sentinel_data_connector_azure_active_directory.go | 6 +++--- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector.go b/azurerm/internal/services/sentinel/sentinel_data_connector.go index 053799fbd981..12dda210711f 100644 --- a/azurerm/internal/services/sentinel/sentinel_data_connector.go +++ b/azurerm/internal/services/sentinel/sentinel_data_connector.go @@ -10,10 +10,6 @@ import ( "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts" ) -// TODO: remove once one of the PR's has been merged -var _ = importSentinelDataConnector(securityinsight.DataConnectorKindAmazonWebServicesCloudTrail) -var _ = assertDataConnectorKind(securityinsight.AADDataConnector{}, securityinsight.DataConnectorKindAmazonWebServicesCloudTrail) - func importSentinelDataConnector(expectKind securityinsight.DataConnectorKind) func(d *schema.ResourceData, meta interface{}) (data []*schema.ResourceData, err error) { return func(d *schema.ResourceData, meta interface{}) (data []*schema.ResourceData, err error) { id, err := parse.DataConnectorID(d.Id()) diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go index 1cb457b95862..e503180ef205 100644 --- a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go +++ b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go @@ -134,10 +134,10 @@ func resourceSentinelDataConnectorAzureActiveDirectoryRead(d *schema.ResourceDat return fmt.Errorf("retrieving %s: %+v", id, err) } - if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAzureActiveDirectory); err != nil { - return fmt.Errorf("asserting %s: %+v", id, err) + dc, ok := resp.Value.(securityinsight.AADDataConnector) + if !ok { + return fmt.Errorf("%s was not an Azure Active Directory Data Connector", id) } - dc := resp.Value.(securityinsight.AADDataConnector) d.Set("name", id.Name) d.Set("log_analytics_workspace_id", workspaceId.ID()) From d064b3668f70d2aed9ceb37690deff5238e5598e Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 26 Feb 2021 10:50:58 +0800 Subject: [PATCH 4/5] fix new resource check bug --- .../sentinel_data_connector_azure_active_directory.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go index e503180ef205..7e48fb0c54d2 100644 --- a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go +++ b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go @@ -81,7 +81,9 @@ func resourceSentinelDataConnectorAzureActiveDirectoryCreate(d *schema.ResourceD } } - return tf.ImportAsExistsError("azurerm_sentinel_data_connector_azure_active_directory", id.ID()) + if !utils.ResponseWasNotFound(resp.Response) { + return tf.ImportAsExistsError("azurerm_sentinel_data_connector_azure_active_directory", id.ID()) + } } tenantId := d.Get("tenant_id").(string) From 113920b6d505c1ae7e42344214a38ceb17bdb713 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 1 Mar 2021 10:05:03 +0800 Subject: [PATCH 5/5] merge lines and use type assertion --- .../sentinel_data_connector_azure_active_directory.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go index 7e48fb0c54d2..33bb0f99fb88 100644 --- a/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go +++ b/azurerm/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go @@ -104,8 +104,7 @@ func resourceSentinelDataConnectorAzureActiveDirectoryCreate(d *schema.ResourceD Kind: securityinsight.KindAzureActiveDirectory, } - _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param) - if err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -158,8 +157,7 @@ func resourceSentinelDataConnectorAzureActiveDirectoryDelete(d *schema.ResourceD return err } - _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) - if err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) }