From 2cdcd9cdcb567c35a66deb32f53d31d89666927f Mon Sep 17 00:00:00 2001 From: yupwei68 Date: Wed, 26 May 2021 14:23:55 +0800 Subject: [PATCH 1/7] update --- .../storage/storage_account_resource.go | 23 +++++++++++++------ 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/azurerm/internal/services/storage/storage_account_resource.go b/azurerm/internal/services/storage/storage_account_resource.go index 8a41cab84efe..2882b9192109 100644 --- a/azurerm/internal/services/storage/storage_account_resource.go +++ b/azurerm/internal/services/storage/storage_account_resource.go @@ -934,6 +934,12 @@ func resourceStorageAccountCreate(d *pluginsdk.ResourceData, meta interface{}) e blobProperties := expandBlobProperties(val.([]interface{})) + if v := d.Get("blob_properties.0.last_access_time_enabled").(bool); v { + blobProperties.LastAccessTimeTrackingPolicy = &storage.LastAccessTimeTrackingPolicy{ + Enable: utils.Bool(v), + } + } + if _, err = blobClient.SetServiceProperties(ctx, resourceGroupName, storageAccountName, *blobProperties); err != nil { return fmt.Errorf("Error updating Azure Storage Account `blob_properties` %q: %+v", storageAccountName, err) } @@ -1268,6 +1274,16 @@ func resourceStorageAccountUpdate(d *pluginsdk.ResourceData, meta interface{}) e blobClient := meta.(*clients.Client).Storage.BlobServicesClient blobProperties := expandBlobProperties(d.Get("blob_properties").([]interface{})) + if d.HasChange("blob_properties.0.last_access_time_enabled") { + lastAccessTimeTracking := false + if v := d.Get("blob_properties.0.last_access_time_enabled").(bool); v { + lastAccessTimeTracking = true + } + blobProperties.LastAccessTimeTrackingPolicy = &storage.LastAccessTimeTrackingPolicy{ + Enable: utils.Bool(lastAccessTimeTracking), + } + } + if _, err = blobClient.SetServiceProperties(ctx, resourceGroupName, storageAccountName, *blobProperties); err != nil { return fmt.Errorf("Error updating Azure Storage Account `blob_properties` %q: %+v", storageAccountName, err) } @@ -1806,10 +1822,6 @@ func expandBlobProperties(input []interface{}) *storage.BlobServiceProperties { ChangeFeed: &storage.ChangeFeed{ Enabled: utils.Bool(false), }, - LastAccessTimeTrackingPolicy: &storage.LastAccessTimeTrackingPolicy{ - Enable: utils.Bool(false), - }, - DeleteRetentionPolicy: &storage.DeleteRetentionPolicy{ Enabled: utils.Bool(false), }, @@ -1839,9 +1851,6 @@ func expandBlobProperties(input []interface{}) *storage.BlobServiceProperties { props.DefaultServiceVersion = utils.String(version) } - props.LastAccessTimeTrackingPolicy = &storage.LastAccessTimeTrackingPolicy{ - Enable: utils.Bool(v["last_access_time_enabled"].(bool)), - } return &props } From 420097aea475404628519522fb8de050c7189211 Mon Sep 17 00:00:00 2001 From: yupwei68 Date: Tue, 1 Jun 2021 14:42:33 +0800 Subject: [PATCH 2/7] revert --- .../storage/storage_account_resource.go | 23 ++++++------------- 1 file changed, 7 insertions(+), 16 deletions(-) diff --git a/azurerm/internal/services/storage/storage_account_resource.go b/azurerm/internal/services/storage/storage_account_resource.go index d2ef87926891..ba3c153654f6 100644 --- a/azurerm/internal/services/storage/storage_account_resource.go +++ b/azurerm/internal/services/storage/storage_account_resource.go @@ -933,12 +933,6 @@ func resourceStorageAccountCreate(d *pluginsdk.ResourceData, meta interface{}) e blobProperties := expandBlobProperties(val.([]interface{})) - if v := d.Get("blob_properties.0.last_access_time_enabled").(bool); v { - blobProperties.LastAccessTimeTrackingPolicy = &storage.LastAccessTimeTrackingPolicy{ - Enable: utils.Bool(v), - } - } - if _, err = blobClient.SetServiceProperties(ctx, resourceGroupName, storageAccountName, *blobProperties); err != nil { return fmt.Errorf("Error updating Azure Storage Account `blob_properties` %q: %+v", storageAccountName, err) } @@ -1273,16 +1267,6 @@ func resourceStorageAccountUpdate(d *pluginsdk.ResourceData, meta interface{}) e blobClient := meta.(*clients.Client).Storage.BlobServicesClient blobProperties := expandBlobProperties(d.Get("blob_properties").([]interface{})) - if d.HasChange("blob_properties.0.last_access_time_enabled") { - lastAccessTimeTracking := false - if v := d.Get("blob_properties.0.last_access_time_enabled").(bool); v { - lastAccessTimeTracking = true - } - blobProperties.LastAccessTimeTrackingPolicy = &storage.LastAccessTimeTrackingPolicy{ - Enable: utils.Bool(lastAccessTimeTracking), - } - } - if _, err = blobClient.SetServiceProperties(ctx, resourceGroupName, storageAccountName, *blobProperties); err != nil { return fmt.Errorf("Error updating Azure Storage Account `blob_properties` %q: %+v", storageAccountName, err) } @@ -1821,6 +1805,10 @@ func expandBlobProperties(input []interface{}) *storage.BlobServiceProperties { ChangeFeed: &storage.ChangeFeed{ Enabled: utils.Bool(false), }, + LastAccessTimeTrackingPolicy: &storage.LastAccessTimeTrackingPolicy{ + Enable: utils.Bool(false), + }, + DeleteRetentionPolicy: &storage.DeleteRetentionPolicy{ Enabled: utils.Bool(false), }, @@ -1850,6 +1838,9 @@ func expandBlobProperties(input []interface{}) *storage.BlobServiceProperties { props.DefaultServiceVersion = utils.String(version) } + props.LastAccessTimeTrackingPolicy = &storage.LastAccessTimeTrackingPolicy{ + Enable: utils.Bool(v["last_access_time_enabled"].(bool)), + } return &props } From 62aede41fdee89f252553410f82aa3e1f9709ea0 Mon Sep 17 00:00:00 2001 From: yupwei68 Date: Tue, 22 Jun 2021 11:08:06 +0800 Subject: [PATCH 3/7] update --- .../api_management_named_value_resource.go | 74 +++++- ...pi_management_named_value_resource_test.go | 221 ++++++++++++++++-- 2 files changed, 276 insertions(+), 19 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_named_value_resource.go b/azurerm/internal/services/apimanagement/api_management_named_value_resource.go index 870d199a9d9a..3b9f8091ac61 100644 --- a/azurerm/internal/services/apimanagement/api_management_named_value_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_named_value_resource.go @@ -46,11 +46,34 @@ func resourceApiManagementNamedValue() *pluginsdk.Resource { ValidateFunc: validation.StringIsNotEmpty, }, + "key_vault": { + Type: pluginsdk.TypeList, + Optional: true, + MaxItems: 1, + ConflictsWith: []string{"value"}, + ExactlyOneOf: []string{"value", "key_vault"}, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "secret_id": { + Type: pluginsdk.TypeString, + Required: true, + }, + "identity_client_id": { + Type: pluginsdk.TypeString, + Required: true, + ValidateFunc: validation.IsUUID, + }, + }, + }, + }, + "value": { - Type: pluginsdk.TypeString, - Required: true, - Sensitive: true, - ValidateFunc: validation.StringIsNotEmpty, + Type: pluginsdk.TypeString, + Optional: true, + Sensitive: true, + ValidateFunc: validation.StringIsNotEmpty, + ConflictsWith: []string{"key_vault"}, + ExactlyOneOf: []string{"value", "key_vault"}, }, "secret": { @@ -96,10 +119,14 @@ func resourceApiManagementNamedValueCreateUpdate(d *pluginsdk.ResourceData, meta NamedValueCreateContractProperties: &apimanagement.NamedValueCreateContractProperties{ DisplayName: utils.String(d.Get("display_name").(string)), Secret: utils.Bool(d.Get("secret").(bool)), - Value: utils.String(d.Get("value").(string)), + KeyVault: expandApiManagementNamedValueKeyVault(d.Get("key_vault").([]interface{})), }, } + if v, ok := d.GetOk("value"); ok { + parameters.NamedValueCreateContractProperties.Value = utils.String(v.(string)) + } + if tags, ok := d.GetOk("tags"); ok { parameters.NamedValueCreateContractProperties.Tags = utils.ExpandStringSlice(tags.([]interface{})) } @@ -160,6 +187,9 @@ func resourceApiManagementNamedValueRead(d *pluginsdk.ResourceData, meta interfa if properties.Secret != nil && !*properties.Secret { d.Set("value", properties.Value) } + if err := d.Set("key_vault", flattenApiManagementNamedValueKeyVault(properties.KeyVault)); err != nil { + return fmt.Errorf("setting `key_vault`: %+v", err) + } d.Set("tags", properties.Tags) } @@ -187,3 +217,37 @@ func resourceApiManagementNamedValueDelete(d *pluginsdk.ResourceData, meta inter return nil } + +func expandApiManagementNamedValueKeyVault(inputs []interface{}) *apimanagement.KeyVaultContractCreateProperties { + if len(inputs) == 0 { + return nil + } + input := inputs[0].(map[string]interface{}) + + return &apimanagement.KeyVaultContractCreateProperties{ + SecretIdentifier: utils.String(input["secret_id"].(string)), + IdentityClientID: utils.String(input["identity_client_id"].(string)), + } +} + +func flattenApiManagementNamedValueKeyVault(input *apimanagement.KeyVaultContractProperties) []interface{} { + if input == nil { + return []interface{}{} + } + + var secretId, clientId string + if input.SecretIdentifier != nil { + secretId = *input.SecretIdentifier + } + + if input.IdentityClientID != nil { + clientId = *input.IdentityClientID + } + + return []interface{}{ + map[string]interface{}{ + "secret_id": secretId, + "identity_client_id": clientId, + }, + } +} diff --git a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go index afe161490a8c..051b73f04e54 100644 --- a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go +++ b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go @@ -31,6 +31,50 @@ func TestAccApiManagementNamedValue_basic(t *testing.T) { }) } +func TestAccApiManagementNamedValue_keyVault(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_api_management_named_value", "test") + r := ApiManagementNamedValueResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.keyVault(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + +func TestAccApiManagementNamedValue_keyVaultUpdate(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_api_management_named_value", "test") + r := ApiManagementNamedValueResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.keyVault(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + { + Config: r.keyVaultUpdate(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + { + Config: r.keyVaultUpdateToValue(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + func TestAccApiManagementNamedValue_update(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_api_management_named_value", "test") r := ApiManagementNamedValueResource{} @@ -70,7 +114,7 @@ func (ApiManagementNamedValueResource) Exists(ctx context.Context, clients *clie return utils.Bool(resp.ID != nil), nil } -func (ApiManagementNamedValueResource) basic(data acceptance.TestData) string { +func (ApiManagementNamedValueResource) template(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { features {} @@ -88,9 +132,15 @@ resource "azurerm_api_management" "test" { publisher_name = "pub1" publisher_email = "pub1@email.com" - sku_name = "Developer_1" + sku_name = "Consumption_0" +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger) } +func (r ApiManagementNamedValueResource) basic(data acceptance.TestData) string { + return fmt.Sprintf(` +%s + resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%d" resource_group_name = azurerm_api_management.test.resource_group_name @@ -99,38 +149,181 @@ resource "azurerm_api_management_named_value" "test" { value = "Test Value" tags = ["tag1", "tag2"] } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger) +`, r.template(data), data.RandomInteger, data.RandomInteger) } -func (ApiManagementNamedValueResource) update(data acceptance.TestData) string { +func (r ApiManagementNamedValueResource) update(data acceptance.TestData) string { + return fmt.Sprintf(` +%s + +resource "azurerm_api_management_named_value" "test" { + name = "acctestAMProperty-%d" + resource_group_name = azurerm_api_management.test.resource_group_name + api_management_name = azurerm_api_management.test.name + display_name = "TestProperty2%d" + value = "Test Value2" + secret = true + tags = ["tag3", "tag4"] +} +`, r.template(data), data.RandomInteger, data.RandomInteger) +} + +func (r ApiManagementNamedValueResource) keyVaultTemplate(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { - features {} + features { + key_vault { + purge_soft_delete_on_destroy = false + } + } } resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" + name = "acctestRG-Apim-%[1]d" + location = "%[2]s" +} + +resource "azurerm_user_assigned_identity" "test" { + name = "acctestUAI-%[1]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name } resource "azurerm_api_management" "test" { - name = "acctestAM-%d" + name = "acctestAM-%[1]d" location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name publisher_name = "pub1" publisher_email = "pub1@email.com" - sku_name = "Developer_1" + sku_name = "Consumption_0" + + identity { + type = "UserAssigned" + identity_ids = [ + azurerm_user_assigned_identity.test.id, + ] + } +} + +data "azurerm_client_config" "current" {} + +resource "azurerm_key_vault" "test" { + name = "acctestKV-%[3]s" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + tenant_id = data.azurerm_client_config.current.tenant_id + sku_name = "standard" +} + +resource "azurerm_key_vault_access_policy" "test" { + key_vault_id = azurerm_key_vault.test.id + tenant_id = data.azurerm_client_config.current.tenant_id + object_id = data.azurerm_client_config.current.object_id + certificate_permissions = [ + "Create", + "Delete", + "Deleteissuers", + "Get", + "Getissuers", + "Import", + "List", + "Listissuers", + "Managecontacts", + "Manageissuers", + "Setissuers", + "Update", + "Purge", + ] + secret_permissions = [ + "Delete", + "Get", + "List", + "Purge", + ] +} + +resource "azurerm_key_vault_access_policy" "test2" { + key_vault_id = azurerm_key_vault.test.id + tenant_id = azurerm_user_assigned_identity.test.tenant_id + object_id = azurerm_user_assigned_identity.test.principal_id + secret_permissions = [ + "Get", + "List", + ] +} + +resource "azurerm_key_vault_secret" "test" { + name = "secret-%[3]s" + value = "rick-and-morty" + key_vault_id = azurerm_key_vault.test.id +} + +resource "azurerm_key_vault_secret" "test2" { + name = "secret2-%[3]s" + value = "rick-and-morty2" + key_vault_id = azurerm_key_vault.test.id +} + +`, data.RandomInteger, data.Locations.Primary, data.RandomString) +} + +func (r ApiManagementNamedValueResource) keyVault(data acceptance.TestData) string { + return fmt.Sprintf(` +%[1]s + +resource "azurerm_api_management_named_value" "test" { + name = "acctestAMProperty-%[2]d" + resource_group_name = azurerm_api_management.test.resource_group_name + api_management_name = azurerm_api_management.test.name + display_name = "TestKeyVault%[2]d" + secret = true + key_vault { + secret_id = azurerm_key_vault_secret.test.id + identity_client_id = azurerm_user_assigned_identity.test.client_id + } + + tags = ["tag1", "tag2"] + + depends_on = [azurerm_key_vault_access_policy.test,azurerm_key_vault_access_policy.test2] +} +`, r.keyVaultTemplate(data), data.RandomInteger) } +func (r ApiManagementNamedValueResource) keyVaultUpdate(data acceptance.TestData) string { + return fmt.Sprintf(` +%[1]s + resource "azurerm_api_management_named_value" "test" { - name = "acctestAMProperty-%d" + name = "acctestAMProperty-%[2]d" resource_group_name = azurerm_api_management.test.resource_group_name api_management_name = azurerm_api_management.test.name - display_name = "TestProperty2%d" - value = "Test Value2" + display_name = "TestKeyVault%[2]d" + secret = false + key_vault { + secret_id = azurerm_key_vault_secret.test2.id + identity_client_id = azurerm_user_assigned_identity.test.client_id + } + tags = ["tag3", "tag4"] + + depends_on = [azurerm_key_vault_access_policy.test2] +} +`, r.keyVaultTemplate(data), data.RandomInteger) +} + +func (r ApiManagementNamedValueResource) keyVaultUpdateToValue(data acceptance.TestData) string { + return fmt.Sprintf(` +%[1]s + + +resource "azurerm_api_management_named_value" "test" { + name = "acctestAMProperty-%[2]d" + resource_group_name = azurerm_api_management.test.resource_group_name + api_management_name = azurerm_api_management.test.name + display_name = "TestKeyVault%[2]d" secret = true - tags = ["tag3", "tag4"] + value = "Key Vault to Value" + tags = ["tag5", "tag6"] } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger) +`, r.keyVaultTemplate(data), data.RandomInteger) } From 44df58658682674ef0cae40b846bed89774f7b66 Mon Sep 17 00:00:00 2001 From: yupwei68 Date: Tue, 22 Jun 2021 14:16:53 +0800 Subject: [PATCH 4/7] update --- .../api_management_named_value_resource_test.go | 12 +++++++++--- .../docs/r/api_management_named_value.html.markdown | 12 +++++++++++- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go index 051b73f04e54..f1a3940302ce 100644 --- a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go +++ b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go @@ -236,10 +236,12 @@ resource "azurerm_key_vault_access_policy" "test" { "Purge", ] secret_permissions = [ - "Delete", "Get", + "Delete", "List", "Purge", + "Recover", + "Set", ] } @@ -257,12 +259,16 @@ resource "azurerm_key_vault_secret" "test" { name = "secret-%[3]s" value = "rick-and-morty" key_vault_id = azurerm_key_vault.test.id + + depends_on = [azurerm_key_vault_access_policy.test] } resource "azurerm_key_vault_secret" "test2" { name = "secret2-%[3]s" value = "rick-and-morty2" key_vault_id = azurerm_key_vault.test.id + + depends_on = [azurerm_key_vault_access_policy.test] } `, data.RandomInteger, data.Locations.Primary, data.RandomString) @@ -299,7 +305,7 @@ resource "azurerm_api_management_named_value" "test" { resource_group_name = azurerm_api_management.test.resource_group_name api_management_name = azurerm_api_management.test.name display_name = "TestKeyVault%[2]d" - secret = false + secret = true key_vault { secret_id = azurerm_key_vault_secret.test2.id identity_client_id = azurerm_user_assigned_identity.test.client_id @@ -321,7 +327,7 @@ resource "azurerm_api_management_named_value" "test" { resource_group_name = azurerm_api_management.test.resource_group_name api_management_name = azurerm_api_management.test.name display_name = "TestKeyVault%[2]d" - secret = true + secret = false value = "Key Vault to Value" tags = ["tag5", "tag6"] } diff --git a/website/docs/r/api_management_named_value.html.markdown b/website/docs/r/api_management_named_value.html.markdown index 8fecd5feaf51..e90639a220ca 100644 --- a/website/docs/r/api_management_named_value.html.markdown +++ b/website/docs/r/api_management_named_value.html.markdown @@ -51,7 +51,9 @@ The following arguments are supported: * `display_name` - (Required) The display name of this API Management Named Value. -* `value` - (Required) The value of this API Management Named Value. +* `value` - (Optional) The value of this API Management Named Value. + +* `key_vault` - (Optional) A `key_vault` block as defined below. * `secret` - (Optional) Specifies whether the API Management Named Value is secret. Valid values are `true` or `false`. The default value is `false`. @@ -59,6 +61,14 @@ The following arguments are supported: * `tags` - (Optional) A list of tags to be applied to the API Management Named Value. +--- + +A `key_vault` block supports the following: + +* `secret_id` - (Required) The resource id of the Key Vault Secret. + +* `identity_client_id` - (Required) The client id of the SystemAssigned Identity or UserAssigned Identity of the Api Management Service, which will be used to access the key vault secret. + ## Attributes Reference In addition to all arguments above, the following attributes are exported: From 2bb54f7c3246234a342975f5d7240f4a9df3c0bc Mon Sep 17 00:00:00 2001 From: yupwei68 Date: Tue, 22 Jun 2021 14:35:59 +0800 Subject: [PATCH 5/7] update --- .../api_management_named_value_resource.go | 6 ++++-- .../api_management_named_value_resource_test.go | 14 +++++++------- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_named_value_resource.go b/azurerm/internal/services/apimanagement/api_management_named_value_resource.go index 3b9f8091ac61..ca3e7b1128f2 100644 --- a/azurerm/internal/services/apimanagement/api_management_named_value_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_named_value_resource.go @@ -11,6 +11,7 @@ import ( "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/apimanagement/parse" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/apimanagement/schemaz" + keyVaultValidate "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/keyvault/validate" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tf/pluginsdk" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tf/validation" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts" @@ -55,8 +56,9 @@ func resourceApiManagementNamedValue() *pluginsdk.Resource { Elem: &pluginsdk.Resource{ Schema: map[string]*pluginsdk.Schema{ "secret_id": { - Type: pluginsdk.TypeString, - Required: true, + Type: pluginsdk.TypeString, + Required: true, + ValidateFunc: keyVaultValidate.NestedItemId, }, "identity_client_id": { Type: pluginsdk.TypeString, diff --git a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go index f1a3940302ce..0c57a8e00ec8 100644 --- a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go +++ b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go @@ -143,7 +143,7 @@ func (r ApiManagementNamedValueResource) basic(data acceptance.TestData) string resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%d" - resource_group_name = azurerm_api_management.test.resource_group_name + resource_group_name = azurerm_resource_group.test.name api_management_name = azurerm_api_management.test.name display_name = "TestProperty%d" value = "Test Value" @@ -158,7 +158,7 @@ func (r ApiManagementNamedValueResource) update(data acceptance.TestData) string resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%d" - resource_group_name = azurerm_api_management.test.resource_group_name + resource_group_name = azurerm_resource_group.test.name api_management_name = azurerm_api_management.test.name display_name = "TestProperty2%d" value = "Test Value2" @@ -173,7 +173,7 @@ func (r ApiManagementNamedValueResource) keyVaultTemplate(data acceptance.TestDa provider "azurerm" { features { key_vault { - purge_soft_delete_on_destroy = false + purge_soft_delete_on_destroy = true } } } @@ -280,7 +280,7 @@ func (r ApiManagementNamedValueResource) keyVault(data acceptance.TestData) stri resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%[2]d" - resource_group_name = azurerm_api_management.test.resource_group_name + resource_group_name = azurerm_resource_group.test.name api_management_name = azurerm_api_management.test.name display_name = "TestKeyVault%[2]d" secret = true @@ -291,7 +291,7 @@ resource "azurerm_api_management_named_value" "test" { tags = ["tag1", "tag2"] - depends_on = [azurerm_key_vault_access_policy.test,azurerm_key_vault_access_policy.test2] + depends_on = [azurerm_key_vault_access_policy.test2] } `, r.keyVaultTemplate(data), data.RandomInteger) } @@ -302,7 +302,7 @@ func (r ApiManagementNamedValueResource) keyVaultUpdate(data acceptance.TestData resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%[2]d" - resource_group_name = azurerm_api_management.test.resource_group_name + resource_group_name = azurerm_resource_group.test.name api_management_name = azurerm_api_management.test.name display_name = "TestKeyVault%[2]d" secret = true @@ -324,7 +324,7 @@ func (r ApiManagementNamedValueResource) keyVaultUpdateToValue(data acceptance.T resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%[2]d" - resource_group_name = azurerm_api_management.test.resource_group_name + resource_group_name = azurerm_resource_group.test.name api_management_name = azurerm_api_management.test.name display_name = "TestKeyVault%[2]d" secret = false From 927ec933addf916ce779d8d268034bd561cd1aaf Mon Sep 17 00:00:00 2001 From: yupwei68 Date: Tue, 22 Jun 2021 16:57:19 +0800 Subject: [PATCH 6/7] update --- .../api_management_named_value_resource_test.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go index 0c57a8e00ec8..6e3093cfcad2 100644 --- a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go +++ b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go @@ -276,7 +276,7 @@ resource "azurerm_key_vault_secret" "test2" { func (r ApiManagementNamedValueResource) keyVault(data acceptance.TestData) string { return fmt.Sprintf(` -%[1]s +%[1]s resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%[2]d" @@ -298,7 +298,7 @@ resource "azurerm_api_management_named_value" "test" { func (r ApiManagementNamedValueResource) keyVaultUpdate(data acceptance.TestData) string { return fmt.Sprintf(` -%[1]s +%[1]s resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%[2]d" @@ -319,8 +319,7 @@ resource "azurerm_api_management_named_value" "test" { func (r ApiManagementNamedValueResource) keyVaultUpdateToValue(data acceptance.TestData) string { return fmt.Sprintf(` -%[1]s - +%[1]s resource "azurerm_api_management_named_value" "test" { name = "acctestAMProperty-%[2]d" From f249d8c6fc31986f1f2b59fa6127f3f97c5032aa Mon Sep 17 00:00:00 2001 From: yupwei68 Date: Mon, 12 Jul 2021 09:52:50 +0800 Subject: [PATCH 7/7] update --- .../api_management_named_value_resource.go | 12 ++++++------ .../api_management_named_value_resource_test.go | 4 ++-- .../docs/r/api_management_named_value.html.markdown | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_named_value_resource.go b/azurerm/internal/services/apimanagement/api_management_named_value_resource.go index 1e26f4f6523b..2667474a40a4 100644 --- a/azurerm/internal/services/apimanagement/api_management_named_value_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_named_value_resource.go @@ -47,11 +47,11 @@ func resourceApiManagementNamedValue() *pluginsdk.Resource { ValidateFunc: validation.StringIsNotEmpty, }, - "key_vault": { + "value_from_key_vault": { Type: pluginsdk.TypeList, Optional: true, MaxItems: 1, - ExactlyOneOf: []string{"value", "key_vault"}, + ExactlyOneOf: []string{"value", "value_from_key_vault"}, Elem: &pluginsdk.Resource{ Schema: map[string]*pluginsdk.Schema{ "secret_id": { @@ -73,7 +73,7 @@ func resourceApiManagementNamedValue() *pluginsdk.Resource { Optional: true, Sensitive: true, ValidateFunc: validation.StringIsNotEmpty, - ExactlyOneOf: []string{"value", "key_vault"}, + ExactlyOneOf: []string{"value", "value_from_key_vault"}, }, "secret": { @@ -119,7 +119,7 @@ func resourceApiManagementNamedValueCreateUpdate(d *pluginsdk.ResourceData, meta NamedValueCreateContractProperties: &apimanagement.NamedValueCreateContractProperties{ DisplayName: utils.String(d.Get("display_name").(string)), Secret: utils.Bool(d.Get("secret").(bool)), - KeyVault: expandApiManagementNamedValueKeyVault(d.Get("key_vault").([]interface{})), + KeyVault: expandApiManagementNamedValueKeyVault(d.Get("value_from_key_vault").([]interface{})), }, } @@ -187,8 +187,8 @@ func resourceApiManagementNamedValueRead(d *pluginsdk.ResourceData, meta interfa if properties.Secret != nil && !*properties.Secret { d.Set("value", properties.Value) } - if err := d.Set("key_vault", flattenApiManagementNamedValueKeyVault(properties.KeyVault)); err != nil { - return fmt.Errorf("setting `key_vault`: %+v", err) + if err := d.Set("value_from_key_vault", flattenApiManagementNamedValueKeyVault(properties.KeyVault)); err != nil { + return fmt.Errorf("setting `value_from_key_vault`: %+v", err) } d.Set("tags", properties.Tags) } diff --git a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go index 95c130d3d5ae..481c1d721c28 100644 --- a/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go +++ b/azurerm/internal/services/apimanagement/api_management_named_value_resource_test.go @@ -284,7 +284,7 @@ resource "azurerm_api_management_named_value" "test" { api_management_name = azurerm_api_management.test.name display_name = "TestKeyVault%[2]d" secret = true - key_vault { + value_from_key_vault { secret_id = azurerm_key_vault_secret.test.id identity_client_id = azurerm_user_assigned_identity.test.client_id } @@ -306,7 +306,7 @@ resource "azurerm_api_management_named_value" "test" { api_management_name = azurerm_api_management.test.name display_name = "TestKeyVault%[2]d" secret = true - key_vault { + value_from_key_vault { secret_id = azurerm_key_vault_secret.test2.id identity_client_id = azurerm_user_assigned_identity.test.client_id } diff --git a/website/docs/r/api_management_named_value.html.markdown b/website/docs/r/api_management_named_value.html.markdown index 99600c32f86f..21178de2825a 100644 --- a/website/docs/r/api_management_named_value.html.markdown +++ b/website/docs/r/api_management_named_value.html.markdown @@ -53,7 +53,7 @@ The following arguments are supported: * `value` - (Optional) The value of this API Management Named Value. -* `key_vault` - (Optional) A `key_vault` block as defined below. +* `value_from_key_vault` - (Optional) A `value_from_key_vault` block as defined below. * `secret` - (Optional) Specifies whether the API Management Named Value is secret. Valid values are `true` or `false`. The default value is `false`. @@ -63,7 +63,7 @@ The following arguments are supported: --- -A `key_vault` block supports the following: +A `value_from_key_vault` block supports the following: * `secret_id` - (Required) The resource ID of the Key Vault Secret.