diff --git a/internal/services/apimanagement/schema.go b/internal/services/apimanagement/schema.go index 63bf1c9d061f..ffbc0962e2a8 100644 --- a/internal/services/apimanagement/schema.go +++ b/internal/services/apimanagement/schema.go @@ -17,7 +17,7 @@ func apiManagementResourceHostnameSchema() map[string]*pluginsdk.Schema { }, "key_vault_id": { - // TODO: should this become `key_vault_key_id` since that's what this is? + // TODO: 4.0 - should this become `key_vault_key_id` since that's what this is? Type: pluginsdk.TypeString, Optional: true, ValidateFunc: keyVaultValidate.NestedItemIdWithOptionalVersion, diff --git a/internal/services/appconfiguration/app_configuration_feature_resource.go b/internal/services/appconfiguration/app_configuration_feature_resource.go index 0e43926592ab..3944a697cacf 100644 --- a/internal/services/appconfiguration/app_configuration_feature_resource.go +++ b/internal/services/appconfiguration/app_configuration_feature_resource.go @@ -166,6 +166,9 @@ func (k FeatureResource) Create() sdk.ResourceFunc { } client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, model.ConfigurationStoreId) + if client == nil { + return fmt.Errorf("app configuration %q was not found", model.ConfigurationStoreId) + } if err != nil { return err } @@ -222,6 +225,10 @@ func (k FeatureResource) Read() sdk.ResourceFunc { } client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, resourceID.ConfigurationStoreId) + if client == nil { + // if the AppConfiguration is gone then all the data inside it is too + return metadata.MarkAsGone(resourceID) + } if err != nil { return err } @@ -290,6 +297,9 @@ func (k FeatureResource) Update() sdk.ResourceFunc { featureKey := fmt.Sprintf("%s/%s", FeatureKeyPrefix, resourceID.Name) client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, resourceID.ConfigurationStoreId) + if client == nil { + return fmt.Errorf("app configuration %q was not found", resourceID.ConfigurationStoreId) + } if err != nil { return err } @@ -327,6 +337,9 @@ func (k FeatureResource) Delete() sdk.ResourceFunc { } client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, resourceID.ConfigurationStoreId) + if client == nil { + return fmt.Errorf("app configuration %q was not found", resourceID.ConfigurationStoreId) + } if err != nil { return err } diff --git a/internal/services/appconfiguration/app_configuration_feature_resource_test.go b/internal/services/appconfiguration/app_configuration_feature_resource_test.go index d4c5699af439..4017f673a192 100644 --- a/internal/services/appconfiguration/app_configuration_feature_resource_test.go +++ b/internal/services/appconfiguration/app_configuration_feature_resource_test.go @@ -137,6 +137,10 @@ func (t AppConfigurationFeatureResource) Exists(ctx context.Context, clients *cl } client, err := clients.AppConfiguration.DataPlaneClient(ctx, resourceID.ConfigurationStoreId) + if client == nil { + // if the AppConfiguration is gone all the data is too + return utils.Bool(false), nil + } if err != nil { return nil, err } diff --git a/internal/services/appconfiguration/app_configuration_key_data_source.go b/internal/services/appconfiguration/app_configuration_key_data_source.go index 1eb3fa6639f9..4c35cd4cf366 100644 --- a/internal/services/appconfiguration/app_configuration_key_data_source.go +++ b/internal/services/appconfiguration/app_configuration_key_data_source.go @@ -100,6 +100,9 @@ func (k KeyDataSource) Read() sdk.ResourceFunc { } client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, model.ConfigurationStoreId) + if client == nil { + return fmt.Errorf("building data plane client: app configuration %q was not found", model.ConfigurationStoreId) + } if err != nil { return err } diff --git a/internal/services/appconfiguration/app_configuration_key_resource.go b/internal/services/appconfiguration/app_configuration_key_resource.go index a272a9e9804c..00a1139888d4 100644 --- a/internal/services/appconfiguration/app_configuration_key_resource.go +++ b/internal/services/appconfiguration/app_configuration_key_resource.go @@ -122,6 +122,9 @@ func (k KeyResource) Create() sdk.ResourceFunc { } client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, model.ConfigurationStoreId) + if client == nil { + return fmt.Errorf("app configuration %q was not found", model.ConfigurationStoreId) + } if err != nil { return err } @@ -202,6 +205,10 @@ func (k KeyResource) Read() sdk.ResourceFunc { } client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, resourceID.ConfigurationStoreId) + if client == nil { + // if the parent AppConfiguration is gone, all the data will be too + return metadata.MarkAsGone(resourceID) + } if err != nil { return err } @@ -267,6 +274,9 @@ func (k KeyResource) Update() sdk.ResourceFunc { } client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, resourceID.ConfigurationStoreId) + if client == nil { + return fmt.Errorf("app configuration %q was not found", resourceID.ConfigurationStoreId) + } if err != nil { return err } @@ -326,6 +336,9 @@ func (k KeyResource) Delete() sdk.ResourceFunc { } client, err := metadata.Client.AppConfiguration.DataPlaneClient(ctx, resourceID.ConfigurationStoreId) + if client == nil { + return fmt.Errorf("app configuration %q was not found", resourceID.ConfigurationStoreId) + } if err != nil { return err } diff --git a/internal/services/appconfiguration/app_configuration_key_resource_test.go b/internal/services/appconfiguration/app_configuration_key_resource_test.go index 413bc07f6275..be444f640144 100644 --- a/internal/services/appconfiguration/app_configuration_key_resource_test.go +++ b/internal/services/appconfiguration/app_configuration_key_resource_test.go @@ -150,6 +150,10 @@ func (t AppConfigurationKeyResource) Exists(ctx context.Context, clients *client } client, err := clients.AppConfiguration.DataPlaneClient(ctx, resourceID.ConfigurationStoreId) + if client == nil { + // if the AppConfiguration is gone all the data will be too + return utils.Bool(false), nil + } if err != nil { return nil, err } diff --git a/internal/services/appconfiguration/client/client.go b/internal/services/appconfiguration/client/client.go index b75b820a0331..1213920e91aa 100644 --- a/internal/services/appconfiguration/client/client.go +++ b/internal/services/appconfiguration/client/client.go @@ -4,6 +4,8 @@ import ( "context" "fmt" + "github.com/hashicorp/go-azure-helpers/lang/response" + "github.com/Azure/go-autorest/autorest" "github.com/hashicorp/terraform-provider-azurerm/internal/common" "github.com/hashicorp/terraform-provider-azurerm/internal/services/appconfiguration/sdk/1.0/appconfiguration" @@ -25,7 +27,10 @@ func (c Client) DataPlaneClient(ctx context.Context, configurationStoreId string // TODO: caching all of this appConfig, err := c.ConfigurationStoresClient.Get(ctx, *appConfigId) if err != nil { - // TODO: if not found etc + if response.WasNotFound(appConfig.HttpResponse) { + return nil, nil + } + return nil, err } diff --git a/internal/services/bot/bot_web_app_resource.go b/internal/services/bot/bot_web_app_resource.go index c50661e7b5a4..b6550f7347be 100644 --- a/internal/services/bot/bot_web_app_resource.go +++ b/internal/services/bot/bot_web_app_resource.go @@ -191,7 +191,7 @@ func resourceBotWebAppCreate(d *pluginsdk.ResourceData, meta interface{}) error return fmt.Errorf("creating Web App Bot %q (Resource Group %q): %+v", resourceId.Name, resourceId.ResourceGroup, err) } - // TODO: in 3.0 we should remove the "Default Site" on the Directline resource at this point if we can + // TODO: in 4.0 we should remove the "Default Site" on the Directline resource at this point if we can d.SetId(resourceId.ID()) return resourceBotWebAppRead(d, meta) diff --git a/internal/services/cdn/cdn_endpoint_resource_test.go b/internal/services/cdn/cdn_endpoint_resource_test.go index c7b2551b8f4c..c43a54791227 100644 --- a/internal/services/cdn/cdn_endpoint_resource_test.go +++ b/internal/services/cdn/cdn_endpoint_resource_test.go @@ -169,7 +169,7 @@ func TestAccCdnEndpoint_fullFields(t *testing.T) { check.That(data.ResourceName).Key("tags.environment").HasValue("Production"), ), }, - // TODO -- add import step. Import step now gives us an error complaining that `is_compression_enabled` is not imported + data.ImportStep(), }) } diff --git a/internal/services/compute/managed_disk_resource_test.go b/internal/services/compute/managed_disk_resource_test.go index e201f5e65ff6..fcbe6a8981d4 100644 --- a/internal/services/compute/managed_disk_resource_test.go +++ b/internal/services/compute/managed_disk_resource_test.go @@ -1257,10 +1257,6 @@ resource "azurerm_managed_disk" "import" { } func (ManagedDiskResource) diskEncryptionSetDependencies(data acceptance.TestData) string { - // whilst this is in Preview it's only supported in: West Central US, Canada Central, North Europe - // TODO: switch back to default location - location := "westus2" - return fmt.Sprintf(` provider "azurerm" { features { @@ -1356,7 +1352,7 @@ resource "azurerm_role_assignment" "disk-encryption-read-keyvault" { role_definition_name = "Reader" principal_id = azurerm_disk_encryption_set.test.identity.0.principal_id } -`, data.RandomInteger, location, data.RandomString, data.RandomInteger) +`, data.RandomInteger, data.Locations.Primary, data.RandomString, data.RandomInteger) } func (r ManagedDiskResource) diskEncryptionSetEncrypted(data acceptance.TestData) string { diff --git a/internal/services/compute/windows_virtual_machine_resource.go b/internal/services/compute/windows_virtual_machine_resource.go index 82bff9358350..b8bfb119ba35 100644 --- a/internal/services/compute/windows_virtual_machine_resource.go +++ b/internal/services/compute/windows_virtual_machine_resource.go @@ -28,8 +28,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/utils" ) -// TODO: confirm locking as appropriate - func resourceWindowsVirtualMachine() *pluginsdk.Resource { return &pluginsdk.Resource{ Create: resourceWindowsVirtualMachineCreate, diff --git a/internal/services/containers/container_registry_task_resource.go b/internal/services/containers/container_registry_task_resource.go index 0d2bb21fead0..982305f529b3 100644 --- a/internal/services/containers/container_registry_task_resource.go +++ b/internal/services/containers/container_registry_task_resource.go @@ -551,7 +551,7 @@ func (r ContainerRegistryTaskResource) Arguments() map[string]*pluginsdk.Schema ValidateFunc: validation.StringIsNotEmpty, }, "identity": { - // TODO - 3.0: should this be `user_assigned_identity_id`? + // TODO - 4.0: this should be `user_assigned_identity_id`? Type: pluginsdk.TypeString, Optional: true, ValidateFunc: validation.StringIsNotEmpty, diff --git a/internal/services/containers/kubernetes_cluster_data_source.go b/internal/services/containers/kubernetes_cluster_data_source.go index e92c3b222fea..9d24b070d42b 100644 --- a/internal/services/containers/kubernetes_cluster_data_source.go +++ b/internal/services/containers/kubernetes_cluster_data_source.go @@ -381,36 +381,7 @@ func dataSourceKubernetesCluster() *pluginsdk.Resource { Computed: true, }, - "identity": func() *schema.Schema { - if !features.ThreePointOhBeta() { - return &schema.Schema{ - Type: pluginsdk.TypeList, - Computed: true, - Elem: &pluginsdk.Resource{ - Schema: map[string]*pluginsdk.Schema{ - "type": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "user_assigned_identity_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "principal_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "tenant_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - }, - }, - } - } - - return commonschema.SystemOrUserAssignedIdentityComputed() - }(), + "identity": commonschema.SystemOrUserAssignedIdentityComputed(), "kubernetes_version": { Type: pluginsdk.TypeString, @@ -928,7 +899,6 @@ func dataSourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{} d.Set("kubernetes_version", props.KubernetesVersion) d.Set("node_resource_group", props.NodeResourceGroup) - // TODO: 2.0 we should introduce a access_profile block to match the new API design, if accessProfile := props.APIServerAccessProfile; accessProfile != nil { apiServerAuthorizedIPRanges := utils.FlattenStringSlice(accessProfile.AuthorizedIPRanges) if err := d.Set("api_server_authorized_ip_ranges", apiServerAuthorizedIPRanges); err != nil { @@ -1778,44 +1748,6 @@ func flattenKubernetesClusterDataSourceKubeConfigAAD(config kubernetes.KubeConfi } func flattenClusterDataSourceIdentity(input *containerservice.ManagedClusterIdentity) (*[]interface{}, error) { - if !features.ThreePointOhBeta() { - // if it's none, omit the block - if input == nil || input.Type == containerservice.ResourceIdentityTypeNone { - return &[]interface{}{}, nil - } - - identity := make(map[string]interface{}) - - identity["principal_id"] = "" - if input.PrincipalID != nil { - identity["principal_id"] = *input.PrincipalID - } - - identity["tenant_id"] = "" - if input.TenantID != nil { - identity["tenant_id"] = *input.TenantID - } - - identity["user_assigned_identity_id"] = "" - if input.UserAssignedIdentities != nil { - keys := []string{} - for key := range input.UserAssignedIdentities { - keys = append(keys, key) - } - if len(keys) > 0 { - parsedId, err := msiparse.UserAssignedIdentityIDInsensitively(keys[0]) - if err != nil { - return nil, err - } - identity["user_assigned_identity_id"] = parsedId.ID() - } - } - - identity["type"] = string(input.Type) - - return &[]interface{}{identity}, nil - } - var transform *identity.SystemOrUserAssignedMap if input != nil { diff --git a/internal/services/containers/kubernetes_cluster_node_pool_data_source.go b/internal/services/containers/kubernetes_cluster_node_pool_data_source.go index 595eeac05dfd..886182a20a4e 100644 --- a/internal/services/containers/kubernetes_cluster_node_pool_data_source.go +++ b/internal/services/containers/kubernetes_cluster_node_pool_data_source.go @@ -159,7 +159,6 @@ func dataSourceKubernetesClusterNodePool() *pluginsdk.Resource { } if !features.ThreePointOhBeta() { - // TODO: document that this is replaced by `zones` in 3.0 s["availability_zones"] = &schema.Schema{ Type: pluginsdk.TypeList, Computed: true, diff --git a/internal/services/containers/kubernetes_cluster_resource.go b/internal/services/containers/kubernetes_cluster_resource.go index 6af2312c138c..d53fd797ad2a 100644 --- a/internal/services/containers/kubernetes_cluster_resource.go +++ b/internal/services/containers/kubernetes_cluster_resource.go @@ -236,43 +236,7 @@ func resourceKubernetesCluster() *pluginsdk.Resource { Optional: true, }, - "identity": func() *schema.Schema { - if !features.ThreePointOhBeta() { - return &schema.Schema{ - Type: pluginsdk.TypeList, - Optional: true, - ExactlyOneOf: []string{"identity", "service_principal"}, - MaxItems: 1, - Elem: &pluginsdk.Resource{ - Schema: map[string]*pluginsdk.Schema{ - "type": { - Type: pluginsdk.TypeString, - Required: true, - ValidateFunc: validation.StringInSlice([]string{ - string(containerservice.ResourceIdentityTypeSystemAssigned), - string(containerservice.ResourceIdentityTypeUserAssigned), - }, false), - }, - "user_assigned_identity_id": { - Type: pluginsdk.TypeString, - ValidateFunc: msivalidate.UserAssignedIdentityID, - Optional: true, - }, - "principal_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "tenant_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - }, - }, - } - } - - return commonschema.SystemOrUserAssignedIdentityOptional() - }(), + "identity": commonschema.SystemOrUserAssignedIdentityOptional(), "kubelet_identity": { Type: pluginsdk.TypeList, @@ -1916,7 +1880,6 @@ func resourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{}) } d.Set("automatic_channel_upgrade", upgradeChannel) - // TODO: 2.0 we should introduce a access_profile block to match the new API design, if accessProfile := props.APIServerAccessProfile; accessProfile != nil { apiServerAuthorizedIPRanges := utils.FlattenStringSlice(accessProfile.AuthorizedIPRanges) if err := d.Set("api_server_authorized_ip_ranges", apiServerAuthorizedIPRanges); err != nil { @@ -2673,31 +2636,6 @@ func expandKubernetesClusterAzureActiveDirectoryRoleBasedAccessControl(input []i } func expandKubernetesClusterManagedClusterIdentity(input []interface{}) (*containerservice.ManagedClusterIdentity, error) { - if !features.ThreePointOhBeta() { - if len(input) == 0 || input[0] == nil { - return &containerservice.ManagedClusterIdentity{ - Type: containerservice.ResourceIdentityTypeNone, - }, nil - } - - values := input[0].(map[string]interface{}) - - if containerservice.ResourceIdentityType(values["type"].(string)) == containerservice.ResourceIdentityTypeUserAssigned { - userAssignedIdentities := map[string]*containerservice.ManagedClusterIdentityUserAssignedIdentitiesValue{ - values["user_assigned_identity_id"].(string): {}, - } - - return &containerservice.ManagedClusterIdentity{ - Type: containerservice.ResourceIdentityType(values["type"].(string)), - UserAssignedIdentities: userAssignedIdentities, - }, nil - } - - return &containerservice.ManagedClusterIdentity{ - Type: containerservice.ResourceIdentityType(values["type"].(string)), - }, nil - } - expanded, err := identity.ExpandSystemOrUserAssignedMap(input) if err != nil { return nil, err @@ -2921,44 +2859,6 @@ func flattenKubernetesClusterKubeConfigAAD(config kubernetes.KubeConfigAAD) []in } func flattenClusterIdentity(input *containerservice.ManagedClusterIdentity) (*[]interface{}, error) { - if !features.ThreePointOhBeta() { - // if it's none, omit the block - if input == nil || input.Type == containerservice.ResourceIdentityTypeNone { - return &[]interface{}{}, nil - } - - identity := make(map[string]interface{}) - - identity["principal_id"] = "" - if input.PrincipalID != nil { - identity["principal_id"] = *input.PrincipalID - } - - identity["tenant_id"] = "" - if input.TenantID != nil { - identity["tenant_id"] = *input.TenantID - } - - identity["user_assigned_identity_id"] = "" - if input.UserAssignedIdentities != nil { - keys := []string{} - for key := range input.UserAssignedIdentities { - keys = append(keys, key) - } - if len(keys) > 0 { - parsedId, err := msiparse.UserAssignedIdentityIDInsensitively(keys[0]) - if err != nil { - return nil, err - } - identity["user_assigned_identity_id"] = parsedId.ID() - } - } - - identity["type"] = string(input.Type) - - return &[]interface{}{identity}, nil - } - var transform *identity.SystemOrUserAssignedMap if input != nil { diff --git a/internal/services/containers/migration/kubernetes_cluster_node_pool.go b/internal/services/containers/migration/kubernetes_cluster_node_pool.go index 0d2d95234c7d..b44bf2ba2755 100644 --- a/internal/services/containers/migration/kubernetes_cluster_node_pool.go +++ b/internal/services/containers/migration/kubernetes_cluster_node_pool.go @@ -73,19 +73,16 @@ func (k KubernetesClusterNodePoolV0ToV1) Schema() map[string]*pluginsdk.Schema { }, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_auto_scaling": { Type: pluginsdk.TypeBool, Optional: true, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_host_encryption": { Type: pluginsdk.TypeBool, Optional: true, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_node_public_ip": { Type: pluginsdk.TypeBool, Optional: true, diff --git a/internal/services/datafactory/data_factory_dataset_cosmosdb_sqlapi_resource.go b/internal/services/datafactory/data_factory_dataset_cosmosdb_sqlapi_resource.go index 9facba3e9cfd..9723592805bf 100644 --- a/internal/services/datafactory/data_factory_dataset_cosmosdb_sqlapi_resource.go +++ b/internal/services/datafactory/data_factory_dataset_cosmosdb_sqlapi_resource.go @@ -180,7 +180,6 @@ func resourceDataFactoryDatasetCosmosDbSQLAPICreateUpdate(d *pluginsdk.ResourceD } description := d.Get("description").(string) - // TODO cosmosDbTableset := datafactory.CosmosDbSQLAPICollectionDataset{ CosmosDbSQLAPICollectionDatasetTypeProperties: &cosmosDbDatasetProperties, LinkedServiceName: linkedService, diff --git a/internal/services/datafactory/data_factory_dataset_delimited_text_resource.go b/internal/services/datafactory/data_factory_dataset_delimited_text_resource.go index 2c4acfc73387..6a1da10750a1 100644 --- a/internal/services/datafactory/data_factory_dataset_delimited_text_resource.go +++ b/internal/services/datafactory/data_factory_dataset_delimited_text_resource.go @@ -382,7 +382,6 @@ func resourceDataFactoryDatasetDelimitedTextCreateUpdate(d *pluginsdk.ResourceDa } description := d.Get("description").(string) - // TODO delimited_textTableset := datafactory.DelimitedTextDataset{ DelimitedTextDatasetTypeProperties: &delimited_textDatasetProperties, LinkedServiceName: linkedService, diff --git a/internal/services/datafactory/data_factory_dataset_http_resource.go b/internal/services/datafactory/data_factory_dataset_http_resource.go index 77702af0a3a8..623184f2dc92 100644 --- a/internal/services/datafactory/data_factory_dataset_http_resource.go +++ b/internal/services/datafactory/data_factory_dataset_http_resource.go @@ -196,7 +196,6 @@ func resourceDataFactoryDatasetHTTPCreateUpdate(d *pluginsdk.ResourceData, meta } description := d.Get("description").(string) - // TODO httpTableset := datafactory.HTTPDataset{ HTTPDatasetTypeProperties: &httpDatasetProperties, LinkedServiceName: linkedService, diff --git a/internal/services/datafactory/data_factory_dataset_json_resource.go b/internal/services/datafactory/data_factory_dataset_json_resource.go index 3457f45bc8a6..e9924b204152 100644 --- a/internal/services/datafactory/data_factory_dataset_json_resource.go +++ b/internal/services/datafactory/data_factory_dataset_json_resource.go @@ -262,7 +262,6 @@ func resourceDataFactoryDatasetJSONCreateUpdate(d *pluginsdk.ResourceData, meta } description := d.Get("description").(string) - // TODO jsonTableset := datafactory.JSONDataset{ JSONDatasetTypeProperties: &jsonDatasetProperties, LinkedServiceName: linkedService, diff --git a/internal/services/datafactory/data_factory_dataset_parquet_resource.go b/internal/services/datafactory/data_factory_dataset_parquet_resource.go index 2a37ef8ddc0e..329ffcbf60b2 100644 --- a/internal/services/datafactory/data_factory_dataset_parquet_resource.go +++ b/internal/services/datafactory/data_factory_dataset_parquet_resource.go @@ -277,7 +277,6 @@ func resourceDataFactoryDatasetParquetCreateUpdate(d *pluginsdk.ResourceData, me } description := d.Get("description").(string) - // TODO parquetTableset := datafactory.ParquetDataset{ ParquetDatasetTypeProperties: &parquetDatasetProperties, LinkedServiceName: linkedService, diff --git a/internal/services/eventgrid/eventgrid_topic_resource_test.go b/internal/services/eventgrid/eventgrid_topic_resource_test.go index 18408e16c124..c36ad5862bf2 100644 --- a/internal/services/eventgrid/eventgrid_topic_resource_test.go +++ b/internal/services/eventgrid/eventgrid_topic_resource_test.go @@ -195,9 +195,6 @@ func (EventGridTopicResource) Exists(ctx context.Context, clients *clients.Clien } func (EventGridTopicResource) basic(data acceptance.TestData) string { - // TODO: confirm if this is still the case - // currently only supported in "West Central US" & "West US 2" - location := "westus2" return fmt.Sprintf(` provider "azurerm" { features {} @@ -213,7 +210,7 @@ resource "azurerm_eventgrid_topic" "test" { location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name } -`, data.RandomInteger, location, data.RandomInteger) +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger) } func (EventGridTopicResource) update(data acceptance.TestData) string { @@ -224,7 +221,7 @@ provider "azurerm" { resource "azurerm_resource_group" "test" { name = "acctestRG-%d" - location = "westus2" + location = "%s" } resource "azurerm_eventgrid_topic" "test" { @@ -233,7 +230,7 @@ resource "azurerm_eventgrid_topic" "test" { resource_group_name = azurerm_resource_group.test.name local_auth_enabled = false } -`, data.RandomInteger, data.RandomInteger) +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger) } func (EventGridTopicResource) requiresImport(data acceptance.TestData) string { @@ -254,10 +251,12 @@ func (EventGridTopicResource) mapping(data acceptance.TestData) string { provider "azurerm" { features {} } + resource "azurerm_resource_group" "test" { name = "acctestRG-%d" location = "%s" } + resource "azurerm_eventgrid_topic" "test" { name = "acctesteg-%d" location = azurerm_resource_group.test.location diff --git a/internal/services/firewall/firewall_policy_resource.go b/internal/services/firewall/firewall_policy_resource.go index 85b2bc7ac0ae..b5de4ded44df 100644 --- a/internal/services/firewall/firewall_policy_resource.go +++ b/internal/services/firewall/firewall_policy_resource.go @@ -19,7 +19,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/services/firewall/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/services/firewall/validate" logAnalytiscValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/validate" - msiValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/msi/validate" "github.com/hashicorp/terraform-provider-azurerm/internal/tags" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/suppress" @@ -325,31 +324,6 @@ func expandFirewallPolicyTransportSecurity(input []interface{}) *network.Firewal } func expandFirewallPolicyIdentity(input []interface{}) (*network.ManagedServiceIdentity, error) { - if !features.ThreePointOhBeta() { - if len(input) == 0 { - return nil, nil - } - - v := input[0].(map[string]interface{}) - - var identityIDSet []interface{} - if identityIds, exists := v["user_assigned_identity_ids"]; exists { - identityIDSet = identityIds.(*pluginsdk.Set).List() - } - - userAssignedIdentities := make(map[string]*network.ManagedServiceIdentityUserAssignedIdentitiesValue) - for _, id := range identityIDSet { - userAssignedIdentities[id.(string)] = &network.ManagedServiceIdentityUserAssignedIdentitiesValue{} - } - - return &network.ManagedServiceIdentity{ - Type: network.ResourceIdentityType(v["type"].(string)), - PrincipalID: utils.String(v["principal_id"].(string)), - TenantID: utils.String(v["tenant_id"].(string)), - UserAssignedIdentities: userAssignedIdentities, - }, nil - } - expanded, err := identity.ExpandUserAssignedMap(input) if err != nil { return nil, err @@ -552,37 +526,6 @@ func flattenFirewallPolicyTransportSecurity(input *network.FirewallPolicyTranspo } func flattenFirewallPolicyIdentity(input *network.ManagedServiceIdentity) (*[]interface{}, error) { - if !features.ThreePointOhBeta() { - if input == nil { - return &[]interface{}{}, nil - } - - principalID := "" - if input.PrincipalID != nil { - principalID = *input.PrincipalID - } - - tenantID := "" - if input.TenantID != nil { - tenantID = *input.TenantID - } - - userAssignedIdentities := make([]string, 0) - - for id := range input.UserAssignedIdentities { - userAssignedIdentities = append(userAssignedIdentities, id) - } - - return &[]interface{}{ - map[string]interface{}{ - "type": string(input.Type), - "principal_id": principalID, - "tenant_id": tenantID, - "user_assigned_identity_ids": userAssignedIdentities, - }, - }, nil - } - var transition *identity.UserAssignedMap if input != nil { @@ -854,48 +797,8 @@ func resourceFirewallPolicySchema() map[string]*pluginsdk.Schema { }, }, - "identity": func() *schema.Schema { - // TODO: document that Principal ID and Tenant ID will be going away and user_assigned_identity_ids -> identity_ids - if !features.ThreePointOhBeta() { - return &schema.Schema{ - Type: pluginsdk.TypeList, - Optional: true, - MaxItems: 1, - Elem: &pluginsdk.Resource{ - Schema: map[string]*pluginsdk.Schema{ - "type": { - Type: pluginsdk.TypeString, - Required: true, - ForceNew: true, - ValidateFunc: validation.StringInSlice([]string{ - string(network.ResourceIdentityTypeNone), - string(network.ResourceIdentityTypeUserAssigned), - }, false), - }, - "principal_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "tenant_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "user_assigned_identity_ids": { - Type: pluginsdk.TypeSet, - Optional: true, - MinItems: 1, - Elem: &pluginsdk.Schema{ - Type: pluginsdk.TypeString, - ValidateFunc: msiValidate.UserAssignedIdentityID, - }, - }, - }, - }, - } - } + "identity": commonschema.UserAssignedIdentityOptional(), - return commonschema.UserAssignedIdentityOptional() - }(), "tls_certificate": { Type: pluginsdk.TypeList, Optional: true, diff --git a/internal/services/frontdoor/frontdoor_firewall_policy_resource.go b/internal/services/frontdoor/frontdoor_firewall_policy_resource.go index af667c93b305..f8d7bcf6d365 100644 --- a/internal/services/frontdoor/frontdoor_firewall_policy_resource.go +++ b/internal/services/frontdoor/frontdoor_firewall_policy_resource.go @@ -159,7 +159,6 @@ func resourceFrontDoorFirewallPolicy() *pluginsdk.Resource { MaxItems: 10, Elem: &pluginsdk.Resource{ Schema: map[string]*pluginsdk.Schema{ - // TODO - rename to "variable" for consistency "match_variable": { Type: pluginsdk.TypeString, Required: true, @@ -176,7 +175,6 @@ func resourceFrontDoorFirewallPolicy() *pluginsdk.Resource { }, false), }, - // TODO - rename to "value" for consistency "match_values": { Type: pluginsdk.TypeList, Required: true, diff --git a/internal/services/frontdoor/frontdoor_resource.go b/internal/services/frontdoor/frontdoor_resource.go index deebfbae6529..48a8dfdc722b 100644 --- a/internal/services/frontdoor/frontdoor_resource.go +++ b/internal/services/frontdoor/frontdoor_resource.go @@ -1230,10 +1230,6 @@ func flattenSingleFrontEndEndpoints(input frontdoors.FrontendEndpoint, frontDoor id = parse.NewFrontendEndpointID(frontDoorId.SubscriptionId, frontDoorId.ResourceGroupName, frontDoorId.FrontDoorName, *input.Name).ID() name = *input.Name } - // TODO: I may have to include the customHTTPSConfiguration as returned from the frontendEndpoint due to an issue in - // portal. Still investigating this. - // customHTTPSConfiguration := make([]interface{}, 0) - // customHttpsProvisioningEnabled := false hostName := "" sessionAffinityEnabled := false sessionAffinityTlsSeconds := 0 diff --git a/internal/services/hpccache/validate/storage_target_name.go b/internal/services/hpccache/validate/storage_target_name.go index e5d34e32a6ae..74dfeaab17f6 100644 --- a/internal/services/hpccache/validate/storage_target_name.go +++ b/internal/services/hpccache/validate/storage_target_name.go @@ -11,11 +11,9 @@ func StorageTargetName(i interface{}, k string) (warnings []string, errors []err errors = append(errors, fmt.Errorf("expected type of %q to be string", k)) return } - exp := `^[-0-9a-zA-Z_]{1,31}$` - p := regexp.MustCompile(exp) + p := regexp.MustCompile(`^[-0-9a-zA-Z_]{1,31}$`) if !p.MatchString(v) { - // TODO: make this error message less user hostile - errors = append(errors, fmt.Errorf(`cache target name doesn't comply with regexp: "%s"`, exp)) + errors = append(errors, fmt.Errorf("%q can contain alphanumeric characters, dashes and underscores and has to be between 1 and 31 characters", k)) } return warnings, errors diff --git a/internal/services/iothub/iothub_dps_resource.go b/internal/services/iothub/iothub_dps_resource.go index e2caff8b01c9..b566d89e9181 100644 --- a/internal/services/iothub/iothub_dps_resource.go +++ b/internal/services/iothub/iothub_dps_resource.go @@ -110,16 +110,10 @@ func resourceIotHubDPS() *pluginsdk.Resource { Optional: true, Default: features.ThreePointOhBeta(), }, - // TODO update docs with new default for 3.0 "allocation_weight": { - Type: pluginsdk.TypeInt, - Optional: true, - Default: func() interface{} { - if features.ThreePointOhBeta() { - return 1 - } - return 0 - }(), + Type: pluginsdk.TypeInt, + Optional: true, + Default: 1, ValidateFunc: validation.IntBetween(0, 1000), }, "hostname": { diff --git a/internal/services/iothub/iothub_resource.go b/internal/services/iothub/iothub_resource.go index f851e19a6b89..e231e9dfb5a1 100644 --- a/internal/services/iothub/iothub_resource.go +++ b/internal/services/iothub/iothub_resource.go @@ -714,8 +714,7 @@ func resourceIotHubCreateUpdate(d *pluginsdk.ResourceData, meta interface{}) err if _, ok := d.GetOk("fallback_route"); ok { routingProperties.FallbackRoute = expandIoTHubFallbackRoute(d) - } else if features.ThreePointOhBeta() { - // TODO update docs for 3.0 + } else { routingProperties.FallbackRoute = &devices.FallbackRouteProperties{ Source: utils.String(string(devices.RoutingSourceDeviceMessages)), Condition: utils.String("true"), diff --git a/internal/services/keyvault/key_vault_certificate_resource.go b/internal/services/keyvault/key_vault_certificate_resource.go index ee5adafe86f1..c0f47f6c1feb 100644 --- a/internal/services/keyvault/key_vault_certificate_resource.go +++ b/internal/services/keyvault/key_vault_certificate_resource.go @@ -30,7 +30,7 @@ import ( func resourceKeyVaultCertificate() *pluginsdk.Resource { return &pluginsdk.Resource{ - // TODO: support Updating once we have more information about what can be updated + // TODO: support Updating additional properties once we have more information about what can be updated Create: resourceKeyVaultCertificateCreate, Read: resourceKeyVaultCertificateRead, Delete: resourceKeyVaultCertificateDelete, diff --git a/internal/services/keyvault/migration/key_vault.go b/internal/services/keyvault/migration/key_vault.go index dbfc9b10f771..5bad96d4357c 100644 --- a/internal/services/keyvault/migration/key_vault.go +++ b/internal/services/keyvault/migration/key_vault.go @@ -325,7 +325,6 @@ func (KeyVaultV1ToV2) Schema() map[string]*pluginsdk.Schema { Optional: true, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_rbac_authorization": { Type: pluginsdk.TypeBool, Optional: true, diff --git a/internal/services/kusto/kusto_eventhub_data_connection_resource.go b/internal/services/kusto/kusto_eventhub_data_connection_resource.go index b8e7bace80e1..9a536fe00a40 100644 --- a/internal/services/kusto/kusto_eventhub_data_connection_resource.go +++ b/internal/services/kusto/kusto_eventhub_data_connection_resource.go @@ -33,7 +33,6 @@ func resourceKustoEventHubDataConnection() *pluginsdk.Resource { }, importDataConnection(kusto.KindBasicDataConnectionKindEventHub)), Timeouts: &pluginsdk.ResourceTimeout{ - // TODO: confirm these Create: pluginsdk.DefaultTimeout(60 * time.Minute), Read: pluginsdk.DefaultTimeout(5 * time.Minute), Update: pluginsdk.DefaultTimeout(60 * time.Minute), diff --git a/internal/services/legacy/virtual_machine_resource.go b/internal/services/legacy/virtual_machine_resource.go index 0f79cbed3b50..0d213fc02b49 100644 --- a/internal/services/legacy/virtual_machine_resource.go +++ b/internal/services/legacy/virtual_machine_resource.go @@ -34,7 +34,6 @@ import ( "golang.org/x/net/context" ) -// TODO move into internal/tf/suppress/base64.go func userDataDiffSuppressFunc(_, old, new string, _ *pluginsdk.ResourceData) bool { return userDataStateFunc(old) == new } @@ -476,7 +475,6 @@ func resourceVirtualMachine() *pluginsdk.Resource { Optional: true, Default: false, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_automatic_upgrades": { Type: pluginsdk.TypeBool, Optional: true, @@ -515,7 +513,6 @@ func resourceVirtualMachine() *pluginsdk.Resource { Optional: true, Elem: &pluginsdk.Resource{ Schema: map[string]*pluginsdk.Schema{ - // TODO: should we make `pass` and `component` Optional + Defaulted? "pass": { Type: pluginsdk.TypeString, Required: true, diff --git a/internal/services/legacy/virtual_machine_scale_set_resource.go b/internal/services/legacy/virtual_machine_scale_set_resource.go index e312c4a4a45c..864ac844e2bf 100644 --- a/internal/services/legacy/virtual_machine_scale_set_resource.go +++ b/internal/services/legacy/virtual_machine_scale_set_resource.go @@ -315,7 +315,6 @@ func resourceVirtualMachineScaleSet() *pluginsdk.Resource { Type: pluginsdk.TypeBool, Optional: true, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_automatic_upgrades": { Type: pluginsdk.TypeBool, Optional: true, @@ -1041,7 +1040,6 @@ func resourceVirtualMachineScaleSetRead(d *pluginsdk.ResourceData, meta interfac if diagnosticsProfile := profile.DiagnosticsProfile; diagnosticsProfile != nil { if bootDiagnostics := diagnosticsProfile.BootDiagnostics; bootDiagnostics != nil { flattenedDiagnostics := flattenAzureRmVirtualMachineScaleSetBootDiagnostics(bootDiagnostics) - // TODO: rename this field to `diagnostics_profile` if err := d.Set("boot_diagnostics", flattenedDiagnostics); err != nil { return fmt.Errorf("[DEBUG] setting `boot_diagnostics`: %#v", err) } diff --git a/internal/services/loganalytics/log_analytics_cluster_customer_managed_key_resource.go b/internal/services/loganalytics/log_analytics_cluster_customer_managed_key_resource.go index c48c6849db46..51b4b324dc3f 100644 --- a/internal/services/loganalytics/log_analytics_cluster_customer_managed_key_resource.go +++ b/internal/services/loganalytics/log_analytics_cluster_customer_managed_key_resource.go @@ -3,9 +3,10 @@ package loganalytics import ( "fmt" "log" - "strings" "time" + "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/migration" + "github.com/Azure/azure-sdk-for-go/services/operationalinsights/mgmt/2020-08-01/operationalinsights" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -32,13 +33,16 @@ func resourceLogAnalyticsClusterCustomerManagedKey() *pluginsdk.Resource { Delete: pluginsdk.DefaultTimeout(30 * time.Minute), }, - // TODO: 3.0 - state migration to remove `/CMK` from the ID? - Importer: pluginsdk.ImporterValidatingResourceId(func(id string) error { _, err := parse.LogAnalyticsClusterID(id) return err }), + StateUpgraders: pluginsdk.StateUpgrades(map[int]pluginsdk.StateUpgrade{ + 0: migration.ClusterCustomerManagedKeyV0ToV1{}, + }), + SchemaVersion: 1, + Schema: map[string]*pluginsdk.Schema{ "log_analytics_cluster_id": { Type: pluginsdk.TypeString, @@ -58,46 +62,74 @@ func resourceLogAnalyticsClusterCustomerManagedKey() *pluginsdk.Resource { func resourceLogAnalyticsClusterCustomerManagedKeyCreate(d *pluginsdk.ResourceData, meta interface{}) error { client := meta.(*clients.Client).LogAnalytics.ClusterClient - ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d) + ctx, cancel := timeouts.ForCreate(meta.(*clients.Client).StopContext, d) defer cancel() clusterIdRaw := d.Get("log_analytics_cluster_id").(string) - clusterId, err := parse.LogAnalyticsClusterID(clusterIdRaw) + id, err := parse.LogAnalyticsClusterID(clusterIdRaw) if err != nil { return err } - resp, err := client.Get(ctx, clusterId.ResourceGroup, clusterId.ClusterName) + resp, err := client.Get(ctx, id.ResourceGroup, id.ClusterName) if err != nil { if utils.ResponseWasNotFound(resp.Response) { - return fmt.Errorf("Log Analytics Cluster %q (resource group %q) was not found", clusterId.ClusterName, clusterId.ResourceGroup) + return fmt.Errorf("%s was not found", *id) } - return fmt.Errorf("failed to get details of Log Analytics Cluster %q (resource group %q): %+v", clusterId.ClusterName, clusterId.ResourceGroup, err) + + return fmt.Errorf("retrieving %s: %+v", *id, err) } - if resp.ClusterProperties != nil && resp.ClusterProperties.KeyVaultProperties != nil { + if props := resp.ClusterProperties; props != nil && props.KeyVaultProperties != nil { keyProps := *resp.ClusterProperties.KeyVaultProperties if keyProps.KeyName != nil && *keyProps.KeyName != "" { - return tf.ImportAsExistsError("azurerm_log_analytics_cluster_customer_managed_key", fmt.Sprintf("%s/CMK", clusterIdRaw)) + return tf.ImportAsExistsError("azurerm_log_analytics_cluster_customer_managed_key", id.ID()) } } - d.SetId(fmt.Sprintf("%s/CMK", clusterIdRaw)) - return resourceLogAnalyticsClusterCustomerManagedKeyUpdate(d, meta) + keyId, err := keyVaultParse.ParseOptionallyVersionedNestedItemID(d.Get("key_vault_key_id").(string)) + if err != nil { + return fmt.Errorf("parsing Key Vault Key ID: %+v", err) + } + + clusterPatch := operationalinsights.ClusterPatch{ + ClusterPatchProperties: &operationalinsights.ClusterPatchProperties{ + KeyVaultProperties: &operationalinsights.KeyVaultProperties{ + KeyVaultURI: utils.String(keyId.KeyVaultBaseUrl), + KeyName: utils.String(keyId.Name), + KeyVersion: utils.String(keyId.Version), + }, + }, + } + + if _, err := client.Update(ctx, id.ResourceGroup, id.ClusterName, clusterPatch); err != nil { + return fmt.Errorf("updating Customer Managed Key for %s: %+v", *id, err) + } + + updateWait, err := logAnalyticsClusterWaitForState(ctx, meta, id.ResourceGroup, id.ClusterName) + if err != nil { + return err + } + if _, err := updateWait.WaitForStateContext(ctx); err != nil { + return fmt.Errorf("waiting for %s to finish adding Customer Managed Key: %+v", *id, err) + } + + d.SetId(id.ID()) + return resourceLogAnalyticsClusterCustomerManagedKeyRead(d, meta) } func resourceLogAnalyticsClusterCustomerManagedKeyUpdate(d *pluginsdk.ResourceData, meta interface{}) error { client := meta.(*clients.Client).LogAnalytics.ClusterClient - ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d) + ctx, cancel := timeouts.ForUpdate(meta.(*clients.Client).StopContext, d) defer cancel() - keyId, err := keyVaultParse.ParseOptionallyVersionedNestedItemID(d.Get("key_vault_key_id").(string)) + id, err := parse.LogAnalyticsClusterID(d.Id()) if err != nil { - return fmt.Errorf("could not parse Key Vault Key ID: %+v", err) + return err } - clusterId, err := parse.LogAnalyticsClusterID(d.Get("log_analytics_cluster_id").(string)) + keyId, err := keyVaultParse.ParseOptionallyVersionedNestedItemID(d.Get("key_vault_key_id").(string)) if err != nil { - return err + return fmt.Errorf("parsing Key Vault Key ID: %+v", err) } clusterPatch := operationalinsights.ClusterPatch{ @@ -110,16 +142,16 @@ func resourceLogAnalyticsClusterCustomerManagedKeyUpdate(d *pluginsdk.ResourceDa }, } - if _, err := client.Update(ctx, clusterId.ResourceGroup, clusterId.ClusterName, clusterPatch); err != nil { - return fmt.Errorf("updating Log Analytics Cluster %q (Resource Group %q): %+v", clusterId.ClusterName, clusterId.ResourceGroup, err) + if _, err := client.Update(ctx, id.ResourceGroup, id.ClusterName, clusterPatch); err != nil { + return fmt.Errorf("updating Customer Managed Key for %s: %+v", *id, err) } - updateWait, err := logAnalyticsClusterWaitForState(ctx, meta, clusterId.ResourceGroup, clusterId.ClusterName) + updateWait, err := logAnalyticsClusterWaitForState(ctx, meta, id.ResourceGroup, id.ClusterName) if err != nil { return err } if _, err := updateWait.WaitForStateContext(ctx); err != nil { - return fmt.Errorf("waiting for Log Analytics Cluster to finish updating %q (Resource Group %q): %v", clusterId.ClusterName, clusterId.ResourceGroup, err) + return fmt.Errorf("waiting for update of Customer Managed Key for %s: %+v", *id, err) } return resourceLogAnalyticsClusterCustomerManagedKeyRead(d, meta) @@ -130,25 +162,22 @@ func resourceLogAnalyticsClusterCustomerManagedKeyRead(d *pluginsdk.ResourceData ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d) defer cancel() - idRaw := strings.TrimRight(d.Id(), "/CMK") - - id, err := parse.LogAnalyticsClusterID(idRaw) + id, err := parse.LogAnalyticsClusterID(d.Id()) if err != nil { return err } - d.Set("log_analytics_cluster_id", idRaw) - resp, err := client.Get(ctx, id.ResourceGroup, id.ClusterName) if err != nil { if utils.ResponseWasNotFound(resp.Response) { - log.Printf("[INFO] Log Analytics %q does not exist - removing from state", d.Id()) + log.Printf("[INFO] %s does not exist - removing from state", *id) d.SetId("") return nil } - return fmt.Errorf("retrieving Log Analytics Cluster %q (Resource Group %q): %+v", id.ClusterName, id.ResourceGroup, err) + return fmt.Errorf("retrieving %s: %+v", *id, err) } + keyVaultKeyId := "" if props := resp.ClusterProperties; props != nil { if kvProps := props.KeyVaultProperties; kvProps != nil { var keyVaultUri, keyName, keyVersion string @@ -165,14 +194,22 @@ func resourceLogAnalyticsClusterCustomerManagedKeyRead(d *pluginsdk.ResourceData if kvProps.KeyVersion != nil { keyVersion = *kvProps.KeyVersion } - keyVaultKeyId, err := keyVaultParse.NewNestedItemID(keyVaultUri, "keys", keyName, keyVersion) + keyId, err := keyVaultParse.NewNestedItemID(keyVaultUri, "keys", keyName, keyVersion) if err != nil { return err } - d.Set("key_vault_key_id", keyVaultKeyId.ID()) + keyVaultKeyId = keyId.ID() } } + if keyVaultKeyId == "" { + log.Printf("[DEBUG] %s has no Customer Managed Key - removing from state", *id) + return nil + } + + d.Set("log_analytics_cluster_id", d.Id()) + d.Set("key_vault_key_id", keyVaultKeyId) + return nil } @@ -181,7 +218,7 @@ func resourceLogAnalyticsClusterCustomerManagedKeyDelete(d *pluginsdk.ResourceDa ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d) defer cancel() - clusterId, err := parse.LogAnalyticsClusterID(d.Get("log_analytics_cluster_id").(string)) + id, err := parse.LogAnalyticsClusterID(d.Id()) if err != nil { return err } @@ -196,16 +233,16 @@ func resourceLogAnalyticsClusterCustomerManagedKeyDelete(d *pluginsdk.ResourceDa }, } - if _, err = client.Update(ctx, clusterId.ResourceGroup, clusterId.ClusterName, clusterPatch); err != nil { - return fmt.Errorf("removing Log Analytics Cluster Customer Managed Key from cluster %q (resource group %q)", clusterId.ClusterName, clusterId.ResourceGroup) + if _, err = client.Update(ctx, id.ResourceGroup, id.ClusterName, clusterPatch); err != nil { + return fmt.Errorf("removing Customer Managed Key from %s: %+v", *id, err) } - deleteWait, err := logAnalyticsClusterWaitForState(ctx, meta, clusterId.ResourceGroup, clusterId.ClusterName) + deleteWait, err := logAnalyticsClusterWaitForState(ctx, meta, id.ResourceGroup, id.ClusterName) if err != nil { return err } if _, err := deleteWait.WaitForStateContext(ctx); err != nil { - return fmt.Errorf("waiting for Log Analytics Cluster to finish updating %q (Resource Group %q): %v", clusterId.ClusterName, clusterId.ResourceGroup, err) + return fmt.Errorf("waiting for removal of Customer Managed Key from %s: %+v", *id, err) } return nil diff --git a/internal/services/loganalytics/log_analytics_cluster_customer_managed_key_resource_test.go b/internal/services/loganalytics/log_analytics_cluster_customer_managed_key_resource_test.go index 0886bd9093ca..0b705ba2ca31 100644 --- a/internal/services/loganalytics/log_analytics_cluster_customer_managed_key_resource_test.go +++ b/internal/services/loganalytics/log_analytics_cluster_customer_managed_key_resource_test.go @@ -48,10 +48,17 @@ func (t LogAnalyticsClusterCustomerManagedKeyResource) Exists(ctx context.Contex resp, err := clients.LogAnalytics.ClusterClient.Get(ctx, id.ResourceGroup, id.ClusterName) if err != nil { - return nil, fmt.Errorf("readingLog Analytics Cluster Customer Managed Key (%s): %+v", id.String(), err) + return nil, fmt.Errorf("reading %s: %+v", *id, err) } - return utils.Bool(resp.ID != nil), nil + enabled := false + if props := resp.ClusterProperties; props != nil { + if kv := props.KeyVaultProperties; kv != nil { + enabled = kv.KeyVaultURI != nil && kv.KeyVersion != nil && kv.KeyName != nil + } + } + + return utils.Bool(enabled), nil } func (LogAnalyticsClusterCustomerManagedKeyResource) template(data acceptance.TestData) string { diff --git a/internal/services/loganalytics/migration/cluster_cmk_v0_to_v1.go b/internal/services/loganalytics/migration/cluster_cmk_v0_to_v1.go new file mode 100644 index 000000000000..71b631687a9d --- /dev/null +++ b/internal/services/loganalytics/migration/cluster_cmk_v0_to_v1.go @@ -0,0 +1,40 @@ +package migration + +import ( + "context" + "log" + + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" +) + +type ClusterCustomerManagedKeyV0ToV1 struct{} + +func (c ClusterCustomerManagedKeyV0ToV1) Schema() map[string]*pluginsdk.Schema { + return map[string]*pluginsdk.Schema{ + "log_analytics_cluster_id": { + Type: pluginsdk.TypeString, + Required: true, + ForceNew: true, + }, + + "key_vault_key_id": { + Type: pluginsdk.TypeString, + Required: true, + }, + } +} + +func (c ClusterCustomerManagedKeyV0ToV1) UpgradeFunc() pluginsdk.StateUpgraderFunc { + return func(ctx context.Context, rawState map[string]interface{}, meta interface{}) (map[string]interface{}, error) { + oldId := rawState["id"].(string) + clusterId := rawState["log_analytics_cluster_id"].(string) + + // @tombuildsstuff: we could re-parse the `id` and trim off `/CMK`, however since the ID is `{ClusterID}/CMK` + // we can instead save the hassle and just use the Cluster ID directly + log.Printf("[DEBUG] Updating the ID from %q to %q..", oldId, clusterId) + rawState["id"] = clusterId + log.Printf("[DEBUG] Updated the ID from %q to %q.", oldId, clusterId) + + return rawState, nil + } +} diff --git a/internal/services/machinelearning/identity.go b/internal/services/machinelearning/identity.go index b38712535407..0279eb49ae2e 100644 --- a/internal/services/machinelearning/identity.go +++ b/internal/services/machinelearning/identity.go @@ -1,76 +1,12 @@ package machinelearning import ( - "strings" - "github.com/Azure/azure-sdk-for-go/services/machinelearningservices/mgmt/2021-07-01/machinelearningservices" - "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" "github.com/hashicorp/go-azure-helpers/resourcemanager/identity" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - "github.com/hashicorp/terraform-provider-azurerm/internal/features" - "github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation" "github.com/hashicorp/terraform-provider-azurerm/utils" ) -func identityLegacySchema() *schema.Schema { - return &schema.Schema{ - Type: schema.TypeList, - Optional: true, - ForceNew: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "type": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - ValidateFunc: validation.StringInSlice([]string{ - string(identity.TypeUserAssigned), - string(identity.TypeSystemAssigned), - string(identity.TypeSystemAssignedUserAssigned), - "SystemAssigned,UserAssigned", // defined in the Swagger but should be normalized as above - }, false), - DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool { - // handle `SystemAssigned, UserAssigned` with and without the spaces being the same - oldWithoutSpaces := strings.ReplaceAll(old, " ", "") - newWithoutSpaces := strings.ReplaceAll(new, " ", "") - return oldWithoutSpaces == newWithoutSpaces - }, - }, - "identity_ids": { - Type: schema.TypeSet, - Optional: true, - ForceNew: true, - Elem: &schema.Schema{ - Type: schema.TypeString, - ValidateFunc: commonids.ValidateUserAssignedIdentityID, - }, - }, - "principal_id": { - Type: schema.TypeString, - Computed: true, - }, - "tenant_id": { - Type: schema.TypeString, - Computed: true, - }, - }, - }, - } -} - func expandIdentity(input []interface{}) (*machinelearningservices.Identity, error) { - if !features.ThreePointOhBeta() { - // work around the Swagger defining `SystemAssigned,UserAssigned` rather than `SystemAssigned, UserAssigned` - if len(input) > 0 { - raw := input[0].(map[string]interface{}) - if identityType := raw["type"].(string); strings.EqualFold("SystemAssigned,UserAssigned", identityType) { - raw["type"] = "SystemAssigned, UserAssigned" - } - input[0] = raw - } - } - expanded, err := identity.ExpandSystemAndUserAssignedMap(input) if err != nil { return nil, err diff --git a/internal/services/machinelearning/machine_learning_compute_cluster_resource.go b/internal/services/machinelearning/machine_learning_compute_cluster_resource.go index 307acb0ca627..9fa201e95066 100644 --- a/internal/services/machinelearning/machine_learning_compute_cluster_resource.go +++ b/internal/services/machinelearning/machine_learning_compute_cluster_resource.go @@ -6,11 +6,9 @@ import ( "github.com/Azure/azure-sdk-for-go/services/machinelearningservices/mgmt/2021-07-01/machinelearningservices" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/features" "github.com/hashicorp/terraform-provider-azurerm/internal/services/machinelearning/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tags" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" @@ -64,14 +62,7 @@ func resourceComputeCluster() *pluginsdk.Resource { ValidateFunc: validation.StringInSlice([]string{string(machinelearningservices.VMPriorityDedicated), string(machinelearningservices.VMPriorityLowPriority)}, false), }, - "identity": func() *schema.Schema { - // TODO: 3.0 - document this in the upgrade guide - if features.ThreePointOhBeta() { - return commonschema.SystemAssignedUserAssignedIdentityOptionalForceNew() - } - - return identityLegacySchema() - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptionalForceNew(), "scale_settings": { Type: pluginsdk.TypeList, diff --git a/internal/services/machinelearning/machine_learning_compute_instance_resource.go b/internal/services/machinelearning/machine_learning_compute_instance_resource.go index fda943cd8531..9fbc3a63fc69 100644 --- a/internal/services/machinelearning/machine_learning_compute_instance_resource.go +++ b/internal/services/machinelearning/machine_learning_compute_instance_resource.go @@ -10,12 +10,10 @@ import ( "github.com/Azure/azure-sdk-for-go/services/machinelearningservices/mgmt/2021-07-01/machinelearningservices" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" "github.com/hashicorp/go-azure-helpers/resourcemanager/location" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/features" "github.com/hashicorp/terraform-provider-azurerm/internal/services/machinelearning/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/services/machinelearning/validate" networkValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/network/validate" @@ -106,14 +104,7 @@ func resourceComputeInstance() *pluginsdk.Resource { ForceNew: true, }, - "identity": func() *schema.Schema { - // TODO: 3.0 - document this in the upgrade guide - if features.ThreePointOhBeta() { - return commonschema.SystemAssignedUserAssignedIdentityOptionalForceNew() - } - - return identityLegacySchema() - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptionalForceNew(), "local_auth_enabled": { Type: pluginsdk.TypeBool, diff --git a/internal/services/machinelearning/machine_learning_inference_cluster_resource.go b/internal/services/machinelearning/machine_learning_inference_cluster_resource.go index 433ac617a5c3..4305f3689044 100644 --- a/internal/services/machinelearning/machine_learning_inference_cluster_resource.go +++ b/internal/services/machinelearning/machine_learning_inference_cluster_resource.go @@ -7,11 +7,9 @@ import ( "github.com/Azure/azure-sdk-for-go/services/machinelearningservices/mgmt/2021-07-01/machinelearningservices" "github.com/Azure/azure-sdk-for-go/services/preview/containerservice/mgmt/2022-01-02-preview/containerservice" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/features" "github.com/hashicorp/terraform-provider-azurerm/internal/services/machinelearning/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/services/machinelearning/validate" "github.com/hashicorp/terraform-provider-azurerm/internal/tags" @@ -82,14 +80,7 @@ func resourceAksInferenceCluster() *pluginsdk.Resource { ForceNew: true, }, - "identity": func() *schema.Schema { - // TODO: 3.0 - document this in the upgrade guide - if features.ThreePointOhBeta() { - return commonschema.SystemAssignedUserAssignedIdentityOptionalForceNew() - } - - return identityLegacySchema() - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptionalForceNew(), "ssl": { Type: pluginsdk.TypeList, diff --git a/internal/services/machinelearning/machine_learning_synapse_spark_resource.go b/internal/services/machinelearning/machine_learning_synapse_spark_resource.go index 8f1088b34007..58b7dbb7ccb9 100644 --- a/internal/services/machinelearning/machine_learning_synapse_spark_resource.go +++ b/internal/services/machinelearning/machine_learning_synapse_spark_resource.go @@ -9,11 +9,9 @@ import ( "github.com/Azure/azure-sdk-for-go/services/machinelearningservices/mgmt/2021-07-01/machinelearningservices" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" "github.com/hashicorp/go-azure-helpers/resourcemanager/location" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/features" "github.com/hashicorp/terraform-provider-azurerm/internal/services/machinelearning/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/services/machinelearning/validate" synapseValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/synapse/validate" @@ -73,14 +71,7 @@ func resourceSynapseSpark() *pluginsdk.Resource { ForceNew: true, }, - "identity": func() *schema.Schema { - // TODO: 3.0 - document this in the upgrade guide - if features.ThreePointOhBeta() { - return commonschema.SystemAssignedUserAssignedIdentityOptionalForceNew() - } - - return identityLegacySchema() - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptionalForceNew(), "local_auth_enabled": { Type: pluginsdk.TypeBool, diff --git a/internal/services/mssql/mssql_server_data_source.go b/internal/services/mssql/mssql_server_data_source.go index 60650d0e93e1..feae21ecc264 100644 --- a/internal/services/mssql/mssql_server_data_source.go +++ b/internal/services/mssql/mssql_server_data_source.go @@ -6,9 +6,7 @@ import ( "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" "github.com/hashicorp/go-azure-helpers/resourcemanager/location" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/features" "github.com/hashicorp/terraform-provider-azurerm/internal/services/mssql/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tags" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" @@ -49,40 +47,7 @@ func dataSourceMsSqlServer() *pluginsdk.Resource { Computed: true, }, - "identity": func() *schema.Schema { - // TODO: Document the breaking change (user_assigned_identity_ids -> identity_ids) coming in 3.0 - if !features.ThreePointOhBeta() { - return &schema.Schema{ - Type: pluginsdk.TypeList, - Computed: true, - Elem: &pluginsdk.Resource{ - Schema: map[string]*pluginsdk.Schema{ - "type": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "user_assigned_identity_ids": { - Type: pluginsdk.TypeList, - Computed: true, - Elem: &pluginsdk.Schema{ - Type: pluginsdk.TypeString, - }, - }, - "principal_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "tenant_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - }, - }, - } - } - - return commonschema.SystemOrUserAssignedIdentityComputed() - }(), + "identity": commonschema.SystemOrUserAssignedIdentityComputed(), "restorable_dropped_database_ids": { Type: pluginsdk.TypeList, diff --git a/internal/services/mssql/mssql_server_resource.go b/internal/services/mssql/mssql_server_resource.go index 16d4164a09a6..e28b168fd2ed 100644 --- a/internal/services/mssql/mssql_server_resource.go +++ b/internal/services/mssql/mssql_server_resource.go @@ -13,12 +13,10 @@ import ( "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" "github.com/hashicorp/go-azure-helpers/resourcemanager/identity" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" "github.com/hashicorp/terraform-provider-azurerm/internal/features" - msiparse "github.com/hashicorp/terraform-provider-azurerm/internal/services/msi/parse" msivalidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/msi/validate" "github.com/hashicorp/terraform-provider-azurerm/internal/services/mssql/helper" "github.com/hashicorp/terraform-provider-azurerm/internal/services/mssql/parse" @@ -134,52 +132,7 @@ func resourceMsSqlServer() *pluginsdk.Resource { }, false), }, - "foo": commonschema.SystemOrUserAssignedIdentityOptional(), - - "identity": func() *schema.Schema { - // TODO: document this change is coming in 3.0 (user_assigned_identity_ids -> identity_ids) - if !features.ThreePointOhBeta() { - return &schema.Schema{ - Type: pluginsdk.TypeList, - Optional: true, - MaxItems: 1, - Elem: &pluginsdk.Resource{ - Schema: map[string]*pluginsdk.Schema{ - "type": { - Type: pluginsdk.TypeString, - Required: true, - ValidateFunc: validation.StringInSlice([]string{ - string(sql.IdentityTypeSystemAssigned), - string(sql.IdentityTypeUserAssigned), - }, false), - }, - "user_assigned_identity_ids": { - Type: pluginsdk.TypeSet, - Optional: true, - MinItems: 1, - Elem: &pluginsdk.Schema{ - Type: pluginsdk.TypeString, - ValidateFunc: msivalidate.UserAssignedIdentityID, - }, - RequiredWith: []string{ - "primary_user_assigned_identity_id", - }, - }, - "principal_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - "tenant_id": { - Type: pluginsdk.TypeString, - Computed: true, - }, - }, - }, - } - } - - return commonschema.SystemOrUserAssignedIdentityOptional() - }(), + "identity": commonschema.SystemOrUserAssignedIdentityOptional(), "primary_user_assigned_identity_id": { Type: pluginsdk.TypeString, @@ -187,13 +140,7 @@ func resourceMsSqlServer() *pluginsdk.Resource { Computed: true, ValidateFunc: msivalidate.UserAssignedIdentityID, RequiredWith: []string{ - func() string { - if !features.ThreePointOhBeta() { - return "identity.0.user_assigned_identity_ids" - } - - return "identity.0.identity_ids" - }(), + "identity.0.identity_ids", }, }, @@ -624,30 +571,6 @@ func resourceMsSqlServerDelete(d *pluginsdk.ResourceData, meta interface{}) erro } func expandSqlServerIdentity(input []interface{}) (*sql.ResourceIdentity, error) { - if !features.ThreePointOhBeta() { - if len(input) == 0 { - return &sql.ResourceIdentity{}, nil - } - identity := input[0].(map[string]interface{}) - identityType := sql.IdentityType(identity["type"].(string)) - - userAssignedIdentityIds := make(map[string]*sql.UserIdentity) - for _, id := range identity["user_assigned_identity_ids"].(*pluginsdk.Set).List() { - userAssignedIdentityIds[id.(string)] = &sql.UserIdentity{} - } - - managedServiceIdentity := sql.ResourceIdentity{ - Type: identityType, - } - - if identityType == sql.IdentityTypeUserAssigned { - managedServiceIdentity.UserAssignedIdentities = userAssignedIdentityIds - } - - return &managedServiceIdentity, nil - - } - expanded, err := identity.ExpandSystemOrUserAssignedMap(input) if err != nil { return nil, err @@ -669,34 +592,6 @@ func expandSqlServerIdentity(input []interface{}) (*sql.ResourceIdentity, error) } func flattenSqlServerIdentity(input *sql.ResourceIdentity) (*[]interface{}, error) { - if !features.ThreePointOhBeta() { - if input == nil { - return &[]interface{}{}, nil - } - result := make(map[string]interface{}) - result["type"] = input.Type - if input.PrincipalID != nil { - result["principal_id"] = input.PrincipalID.String() - } - if input.TenantID != nil { - result["tenant_id"] = input.TenantID.String() - } - - identityIds := make([]string, 0) - if input.UserAssignedIdentities != nil { - for key := range input.UserAssignedIdentities { - parsedId, err := msiparse.UserAssignedIdentityIDInsensitively(key) - if err != nil { - return nil, err - } - identityIds = append(identityIds, parsedId.ID()) - } - } - result["user_assigned_identity_ids"] = identityIds - - return &[]interface{}{result}, nil - } - var transform *identity.SystemOrUserAssignedMap if input != nil { diff --git a/internal/services/mssql/mssql_server_security_alert_policy_resource.go b/internal/services/mssql/mssql_server_security_alert_policy_resource.go index e5bb2d4aab48..fc86f1cba2f4 100644 --- a/internal/services/mssql/mssql_server_security_alert_policy_resource.go +++ b/internal/services/mssql/mssql_server_security_alert_policy_resource.go @@ -18,7 +18,7 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/utils" ) -// TODO 3.0 - this may want to be put into the mssql_server resource now that it exists. +// TODO 4.0 - consider/investigate inlining this within the mssql_server resource now that it exists. func resourceMsSqlServerSecurityAlertPolicy() *pluginsdk.Resource { return &pluginsdk.Resource{ diff --git a/internal/services/mysql/mysql_server_resource.go b/internal/services/mysql/mysql_server_resource.go index 719e4f095439..a6b58997ffeb 100644 --- a/internal/services/mysql/mysql_server_resource.go +++ b/internal/services/mysql/mysql_server_resource.go @@ -390,7 +390,6 @@ func resourceMySqlServer() *pluginsdk.Resource { Type: pluginsdk.TypeString, Required: true, ValidateFunc: validation.StringInSlice([]string{ - string(mysql.FiveFullStopSix), // todo remove in 3.0? We can't create it but maybe we can still manage it string(mysql.FiveFullStopSeven), string(mysql.EightFullStopZero), }, !features.ThreePointOhBeta()), diff --git a/internal/services/policy/parse/virtual_machine_configuration_policy_assignment.go b/internal/services/policy/parse/virtual_machine_configuration_policy_assignment.go deleted file mode 100644 index 0c7cb9fe6af7..000000000000 --- a/internal/services/policy/parse/virtual_machine_configuration_policy_assignment.go +++ /dev/null @@ -1,131 +0,0 @@ -package parse - -// NOTE: this file is generated via 'go:generate' - manual changes will be overwritten - -import ( - "fmt" - "strings" - - "github.com/hashicorp/go-azure-helpers/resourcemanager/resourceids" -) - -type VirtualMachineConfigurationPolicyAssignmentId struct { - SubscriptionId string - ResourceGroup string - VirtualMachineName string - GuestConfigurationAssignmentName string -} - -func NewVirtualMachineConfigurationPolicyAssignmentID(subscriptionId, resourceGroup, virtualMachineName, guestConfigurationAssignmentName string) VirtualMachineConfigurationPolicyAssignmentId { - return VirtualMachineConfigurationPolicyAssignmentId{ - SubscriptionId: subscriptionId, - ResourceGroup: resourceGroup, - VirtualMachineName: virtualMachineName, - GuestConfigurationAssignmentName: guestConfigurationAssignmentName, - } -} - -func (id VirtualMachineConfigurationPolicyAssignmentId) String() string { - segments := []string{ - fmt.Sprintf("Guest Configuration Assignment Name %q", id.GuestConfigurationAssignmentName), - fmt.Sprintf("Virtual Machine Name %q", id.VirtualMachineName), - fmt.Sprintf("Resource Group %q", id.ResourceGroup), - } - segmentsStr := strings.Join(segments, " / ") - return fmt.Sprintf("%s: (%s)", "Virtual Machine Configuration Policy Assignment", segmentsStr) -} - -func (id VirtualMachineConfigurationPolicyAssignmentId) ID() string { - fmtString := "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Compute/virtualMachines/%s/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/%s" - return fmt.Sprintf(fmtString, id.SubscriptionId, id.ResourceGroup, id.VirtualMachineName, id.GuestConfigurationAssignmentName) -} - -// VirtualMachineConfigurationPolicyAssignmentID parses a VirtualMachineConfigurationPolicyAssignment ID into an VirtualMachineConfigurationPolicyAssignmentId struct -func VirtualMachineConfigurationPolicyAssignmentID(input string) (*VirtualMachineConfigurationPolicyAssignmentId, error) { - id, err := resourceids.ParseAzureResourceID(input) - if err != nil { - return nil, err - } - - resourceId := VirtualMachineConfigurationPolicyAssignmentId{ - SubscriptionId: id.SubscriptionID, - ResourceGroup: id.ResourceGroup, - } - - if resourceId.SubscriptionId == "" { - return nil, fmt.Errorf("ID was missing the 'subscriptions' element") - } - - if resourceId.ResourceGroup == "" { - return nil, fmt.Errorf("ID was missing the 'resourceGroups' element") - } - - if resourceId.VirtualMachineName, err = id.PopSegment("virtualMachines"); err != nil { - return nil, err - } - if resourceId.GuestConfigurationAssignmentName, err = id.PopSegment("guestConfigurationAssignments"); err != nil { - return nil, err - } - - if err := id.ValidateNoEmptySegments(input); err != nil { - return nil, err - } - - return &resourceId, nil -} - -// VirtualMachineConfigurationPolicyAssignmentIDInsensitively parses an VirtualMachineConfigurationPolicyAssignment ID into an VirtualMachineConfigurationPolicyAssignmentId struct, insensitively -// This should only be used to parse an ID for rewriting, the VirtualMachineConfigurationPolicyAssignmentID -// method should be used instead for validation etc. -// -// Whilst this may seem strange, this enables Terraform have consistent casing -// which works around issues in Core, whilst handling broken API responses. -func VirtualMachineConfigurationPolicyAssignmentIDInsensitively(input string) (*VirtualMachineConfigurationPolicyAssignmentId, error) { - id, err := resourceids.ParseAzureResourceID(input) - if err != nil { - return nil, err - } - - resourceId := VirtualMachineConfigurationPolicyAssignmentId{ - SubscriptionId: id.SubscriptionID, - ResourceGroup: id.ResourceGroup, - } - - if resourceId.SubscriptionId == "" { - return nil, fmt.Errorf("ID was missing the 'subscriptions' element") - } - - if resourceId.ResourceGroup == "" { - return nil, fmt.Errorf("ID was missing the 'resourceGroups' element") - } - - // find the correct casing for the 'virtualMachines' segment - virtualMachinesKey := "virtualMachines" - for key := range id.Path { - if strings.EqualFold(key, virtualMachinesKey) { - virtualMachinesKey = key - break - } - } - if resourceId.VirtualMachineName, err = id.PopSegment(virtualMachinesKey); err != nil { - return nil, err - } - - // find the correct casing for the 'guestConfigurationAssignments' segment - guestConfigurationAssignmentsKey := "guestConfigurationAssignments" - for key := range id.Path { - if strings.EqualFold(key, guestConfigurationAssignmentsKey) { - guestConfigurationAssignmentsKey = key - break - } - } - if resourceId.GuestConfigurationAssignmentName, err = id.PopSegment(guestConfigurationAssignmentsKey); err != nil { - return nil, err - } - - if err := id.ValidateNoEmptySegments(input); err != nil { - return nil, err - } - - return &resourceId, nil -} diff --git a/internal/services/policy/parse/virtual_machine_configuration_policy_assignment_test.go b/internal/services/policy/parse/virtual_machine_configuration_policy_assignment_test.go deleted file mode 100644 index 46a3b8dae77a..000000000000 --- a/internal/services/policy/parse/virtual_machine_configuration_policy_assignment_test.go +++ /dev/null @@ -1,264 +0,0 @@ -package parse - -// NOTE: this file is generated via 'go:generate' - manual changes will be overwritten - -import ( - "testing" - - "github.com/hashicorp/go-azure-helpers/resourcemanager/resourceids" -) - -var _ resourceids.Id = VirtualMachineConfigurationPolicyAssignmentId{} - -func TestVirtualMachineConfigurationPolicyAssignmentIDFormatter(t *testing.T) { - actual := NewVirtualMachineConfigurationPolicyAssignmentID("12345678-1234-9876-4563-123456789012", "resGroup1", "vm1", "assignment1").ID() - expected := "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/assignment1" - if actual != expected { - t.Fatalf("Expected %q but got %q", expected, actual) - } -} - -func TestVirtualMachineConfigurationPolicyAssignmentID(t *testing.T) { - testData := []struct { - Input string - Error bool - Expected *VirtualMachineConfigurationPolicyAssignmentId - }{ - - { - // empty - Input: "", - Error: true, - }, - - { - // missing SubscriptionId - Input: "/", - Error: true, - }, - - { - // missing value for SubscriptionId - Input: "/subscriptions/", - Error: true, - }, - - { - // missing ResourceGroup - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/", - Error: true, - }, - - { - // missing value for ResourceGroup - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/", - Error: true, - }, - - { - // missing VirtualMachineName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/", - Error: true, - }, - - { - // missing value for VirtualMachineName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/", - Error: true, - }, - - { - // missing GuestConfigurationAssignmentName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/", - Error: true, - }, - - { - // missing value for GuestConfigurationAssignmentName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/", - Error: true, - }, - - { - // valid - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/assignment1", - Expected: &VirtualMachineConfigurationPolicyAssignmentId{ - SubscriptionId: "12345678-1234-9876-4563-123456789012", - ResourceGroup: "resGroup1", - VirtualMachineName: "vm1", - GuestConfigurationAssignmentName: "assignment1", - }, - }, - - { - // upper-cased - Input: "/SUBSCRIPTIONS/12345678-1234-9876-4563-123456789012/RESOURCEGROUPS/RESGROUP1/PROVIDERS/MICROSOFT.COMPUTE/VIRTUALMACHINES/VM1/PROVIDERS/MICROSOFT.GUESTCONFIGURATION/GUESTCONFIGURATIONASSIGNMENTS/ASSIGNMENT1", - Error: true, - }, - } - - for _, v := range testData { - t.Logf("[DEBUG] Testing %q", v.Input) - - actual, err := VirtualMachineConfigurationPolicyAssignmentID(v.Input) - if err != nil { - if v.Error { - continue - } - - t.Fatalf("Expect a value but got an error: %s", err) - } - if v.Error { - t.Fatal("Expect an error but didn't get one") - } - - if actual.SubscriptionId != v.Expected.SubscriptionId { - t.Fatalf("Expected %q but got %q for SubscriptionId", v.Expected.SubscriptionId, actual.SubscriptionId) - } - if actual.ResourceGroup != v.Expected.ResourceGroup { - t.Fatalf("Expected %q but got %q for ResourceGroup", v.Expected.ResourceGroup, actual.ResourceGroup) - } - if actual.VirtualMachineName != v.Expected.VirtualMachineName { - t.Fatalf("Expected %q but got %q for VirtualMachineName", v.Expected.VirtualMachineName, actual.VirtualMachineName) - } - if actual.GuestConfigurationAssignmentName != v.Expected.GuestConfigurationAssignmentName { - t.Fatalf("Expected %q but got %q for GuestConfigurationAssignmentName", v.Expected.GuestConfigurationAssignmentName, actual.GuestConfigurationAssignmentName) - } - } -} - -func TestVirtualMachineConfigurationPolicyAssignmentIDInsensitively(t *testing.T) { - testData := []struct { - Input string - Error bool - Expected *VirtualMachineConfigurationPolicyAssignmentId - }{ - - { - // empty - Input: "", - Error: true, - }, - - { - // missing SubscriptionId - Input: "/", - Error: true, - }, - - { - // missing value for SubscriptionId - Input: "/subscriptions/", - Error: true, - }, - - { - // missing ResourceGroup - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/", - Error: true, - }, - - { - // missing value for ResourceGroup - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/", - Error: true, - }, - - { - // missing VirtualMachineName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/", - Error: true, - }, - - { - // missing value for VirtualMachineName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/", - Error: true, - }, - - { - // missing GuestConfigurationAssignmentName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/", - Error: true, - }, - - { - // missing value for GuestConfigurationAssignmentName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/", - Error: true, - }, - - { - // valid - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/assignment1", - Expected: &VirtualMachineConfigurationPolicyAssignmentId{ - SubscriptionId: "12345678-1234-9876-4563-123456789012", - ResourceGroup: "resGroup1", - VirtualMachineName: "vm1", - GuestConfigurationAssignmentName: "assignment1", - }, - }, - - { - // lower-cased segment names - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualmachines/vm1/providers/Microsoft.GuestConfiguration/guestconfigurationassignments/assignment1", - Expected: &VirtualMachineConfigurationPolicyAssignmentId{ - SubscriptionId: "12345678-1234-9876-4563-123456789012", - ResourceGroup: "resGroup1", - VirtualMachineName: "vm1", - GuestConfigurationAssignmentName: "assignment1", - }, - }, - - { - // upper-cased segment names - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/VIRTUALMACHINES/vm1/providers/Microsoft.GuestConfiguration/GUESTCONFIGURATIONASSIGNMENTS/assignment1", - Expected: &VirtualMachineConfigurationPolicyAssignmentId{ - SubscriptionId: "12345678-1234-9876-4563-123456789012", - ResourceGroup: "resGroup1", - VirtualMachineName: "vm1", - GuestConfigurationAssignmentName: "assignment1", - }, - }, - - { - // mixed-cased segment names - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/ViRtUaLmAcHiNeS/vm1/providers/Microsoft.GuestConfiguration/GuEsTcOnFiGuRaTiOnAsSiGnMeNtS/assignment1", - Expected: &VirtualMachineConfigurationPolicyAssignmentId{ - SubscriptionId: "12345678-1234-9876-4563-123456789012", - ResourceGroup: "resGroup1", - VirtualMachineName: "vm1", - GuestConfigurationAssignmentName: "assignment1", - }, - }, - } - - for _, v := range testData { - t.Logf("[DEBUG] Testing %q", v.Input) - - actual, err := VirtualMachineConfigurationPolicyAssignmentIDInsensitively(v.Input) - if err != nil { - if v.Error { - continue - } - - t.Fatalf("Expect a value but got an error: %s", err) - } - if v.Error { - t.Fatal("Expect an error but didn't get one") - } - - if actual.SubscriptionId != v.Expected.SubscriptionId { - t.Fatalf("Expected %q but got %q for SubscriptionId", v.Expected.SubscriptionId, actual.SubscriptionId) - } - if actual.ResourceGroup != v.Expected.ResourceGroup { - t.Fatalf("Expected %q but got %q for ResourceGroup", v.Expected.ResourceGroup, actual.ResourceGroup) - } - if actual.VirtualMachineName != v.Expected.VirtualMachineName { - t.Fatalf("Expected %q but got %q for VirtualMachineName", v.Expected.VirtualMachineName, actual.VirtualMachineName) - } - if actual.GuestConfigurationAssignmentName != v.Expected.GuestConfigurationAssignmentName { - t.Fatalf("Expected %q but got %q for GuestConfigurationAssignmentName", v.Expected.GuestConfigurationAssignmentName, actual.GuestConfigurationAssignmentName) - } - } -} diff --git a/internal/services/policy/policy_set_definition_resource.go b/internal/services/policy/policy_set_definition_resource.go index f62dcd09783a..d1f29a064d72 100644 --- a/internal/services/policy/policy_set_definition_resource.go +++ b/internal/services/policy/policy_set_definition_resource.go @@ -107,7 +107,7 @@ func resourcePolicySetDefinitionSchema() map[string]*pluginsdk.Schema { }, //lintignore: S013 - "policy_definition_reference": { // TODO -- rename this back to `policy_definition` after the deprecation + "policy_definition_reference": { Type: pluginsdk.TypeList, Required: features.ThreePointOhBeta(), Optional: !features.ThreePointOhBeta(), diff --git a/internal/services/policy/resourceids.go b/internal/services/policy/resourceids.go index 5b1e71def4a1..127cc84c2d8a 100644 --- a/internal/services/policy/resourceids.go +++ b/internal/services/policy/resourceids.go @@ -5,5 +5,3 @@ package policy //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=VirtualMachineConfigurationAssignment -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/assignment1 -rewrite=true //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=ResourceGroupPolicyRemediation -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.PolicyInsights/remediations/remediation1 //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=SubscriptionPolicyRemediation -id=/subscriptions/12345678-1234-9876-4563-123456789012/providers/Microsoft.PolicyInsights/remediations/remediation1 -// TODO: Remove in 3.0 -//go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=VirtualMachineConfigurationPolicyAssignment -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/assignment1 -rewrite=true diff --git a/internal/services/policy/validate/virtual_machine_configuration_policy_assignment_id.go b/internal/services/policy/validate/virtual_machine_configuration_policy_assignment_id.go deleted file mode 100644 index 0aece4ae2c44..000000000000 --- a/internal/services/policy/validate/virtual_machine_configuration_policy_assignment_id.go +++ /dev/null @@ -1,23 +0,0 @@ -package validate - -// NOTE: this file is generated via 'go:generate' - manual changes will be overwritten - -import ( - "fmt" - - "github.com/hashicorp/terraform-provider-azurerm/internal/services/policy/parse" -) - -func VirtualMachineConfigurationPolicyAssignmentID(input interface{}, key string) (warnings []string, errors []error) { - v, ok := input.(string) - if !ok { - errors = append(errors, fmt.Errorf("expected %q to be a string", key)) - return - } - - if _, err := parse.VirtualMachineConfigurationPolicyAssignmentID(v); err != nil { - errors = append(errors, err) - } - - return -} diff --git a/internal/services/policy/validate/virtual_machine_configuration_policy_assignment_id_test.go b/internal/services/policy/validate/virtual_machine_configuration_policy_assignment_id_test.go deleted file mode 100644 index 4fb3b70f8a52..000000000000 --- a/internal/services/policy/validate/virtual_machine_configuration_policy_assignment_id_test.go +++ /dev/null @@ -1,88 +0,0 @@ -package validate - -// NOTE: this file is generated via 'go:generate' - manual changes will be overwritten - -import "testing" - -func TestVirtualMachineConfigurationPolicyAssignmentID(t *testing.T) { - cases := []struct { - Input string - Valid bool - }{ - - { - // empty - Input: "", - Valid: false, - }, - - { - // missing SubscriptionId - Input: "/", - Valid: false, - }, - - { - // missing value for SubscriptionId - Input: "/subscriptions/", - Valid: false, - }, - - { - // missing ResourceGroup - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/", - Valid: false, - }, - - { - // missing value for ResourceGroup - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/", - Valid: false, - }, - - { - // missing VirtualMachineName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/", - Valid: false, - }, - - { - // missing value for VirtualMachineName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/", - Valid: false, - }, - - { - // missing GuestConfigurationAssignmentName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/", - Valid: false, - }, - - { - // missing value for GuestConfigurationAssignmentName - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/", - Valid: false, - }, - - { - // valid - Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/assignment1", - Valid: true, - }, - - { - // upper-cased - Input: "/SUBSCRIPTIONS/12345678-1234-9876-4563-123456789012/RESOURCEGROUPS/RESGROUP1/PROVIDERS/MICROSOFT.COMPUTE/VIRTUALMACHINES/VM1/PROVIDERS/MICROSOFT.GUESTCONFIGURATION/GUESTCONFIGURATIONASSIGNMENTS/ASSIGNMENT1", - Valid: false, - }, - } - for _, tc := range cases { - t.Logf("[DEBUG] Testing Value %s", tc.Input) - _, errors := VirtualMachineConfigurationPolicyAssignmentID(tc.Input, "test") - valid := len(errors) == 0 - - if tc.Valid != valid { - t.Fatalf("Expected %t but got %t", tc.Valid, valid) - } - } -} diff --git a/internal/services/portal/portal_dashboard_resource.go b/internal/services/portal/portal_dashboard_resource.go index 03dde8291b25..ffe920c7fcc4 100644 --- a/internal/services/portal/portal_dashboard_resource.go +++ b/internal/services/portal/portal_dashboard_resource.go @@ -6,6 +6,9 @@ import ( "log" "time" + "github.com/hashicorp/go-azure-helpers/resourcemanager/location" + "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" + "github.com/Azure/azure-sdk-for-go/services/preview/portal/mgmt/2019-01-01-preview/portal" "github.com/hashicorp/go-azure-helpers/lang/response" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" @@ -41,6 +44,7 @@ func resourceDashboard() *pluginsdk.Resource { "name": { Type: pluginsdk.TypeString, Required: true, + ForceNew: true, ValidateFunc: validate.DashboardName, }, "resource_group_name": azure.SchemaResourceGroupName(), @@ -62,31 +66,38 @@ func resourceDashboardCreateUpdate(d *pluginsdk.ResourceData, meta interface{}) ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d) defer cancel() - t := d.Get("tags").(map[string]interface{}) - name := d.Get("name").(string) - resourceGroup := d.Get("resource_group_name").(string) - location := azure.NormalizeLocation(d.Get("location").(string)) - dashboardProps := d.Get("dashboard_properties").(string) + id := parse.NewDashboardID(subscriptionId, d.Get("resource_group_name").(string), d.Get("name").(string)) + if d.IsNewResource() { + existing, err := client.Get(ctx, id.ResourceGroup, id.Name) + if err != nil { + if !utils.ResponseWasNotFound(existing.Response) { + return fmt.Errorf("checking for the presence of an existing %s: %+v", id, err) + } + } - // TODO: requires import support + if !utils.ResponseWasNotFound(existing.Response) { + return tf.ImportAsExistsError("azurerm_portal_dashboard", id.ID()) + } + } dashboard := portal.Dashboard{ - Location: &location, - Tags: tags.Expand(t), + Location: utils.String(location.Normalize(d.Get("location").(string))), + Tags: tags.Expand(d.Get("tags").(map[string]interface{})), } var dashboardProperties portal.DashboardProperties - if err := json.Unmarshal([]byte(dashboardProps), &dashboardProperties); err != nil { + dashboardPropsRaw := d.Get("dashboard_properties").(string) + if err := json.Unmarshal([]byte(dashboardPropsRaw), &dashboardProperties); err != nil { return fmt.Errorf("parsing JSON: %+v", err) } dashboard.DashboardProperties = &dashboardProperties - if _, err := client.CreateOrUpdate(ctx, resourceGroup, name, dashboard); err != nil { - return fmt.Errorf("creating/updating Dashboard %q (Resource Group %q): %+v", name, resourceGroup, err) + if _, err := client.CreateOrUpdate(ctx, id.ResourceGroup, id.Name, dashboard); err != nil { + return fmt.Errorf("creating/updating %s %+v", id, err) } - d.SetId(parse.NewDashboardID(subscriptionId, resourceGroup, name).ID()) + d.SetId(id.ID()) return resourceDashboardRead(d, meta) } diff --git a/internal/services/portal/registration.go b/internal/services/portal/registration.go index b9d9df383a2b..8765351296fc 100644 --- a/internal/services/portal/registration.go +++ b/internal/services/portal/registration.go @@ -1,7 +1,6 @@ package portal import ( - "github.com/hashicorp/terraform-provider-azurerm/internal/features" "github.com/hashicorp/terraform-provider-azurerm/internal/sdk" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" ) @@ -35,12 +34,8 @@ func (r Registration) SupportedDataSources() map[string]*pluginsdk.Resource { // SupportedResources returns the supported Resources supported by this Service func (r Registration) SupportedResources() map[string]*pluginsdk.Resource { - dashboardName := "azurerm_portal_dashboard" - if !features.ThreePointOhBeta() { - dashboardName = "azurerm_dashboard" - } return map[string]*pluginsdk.Resource{ - dashboardName: resourceDashboard(), + "azurerm_portal_dashboard": resourceDashboard(), "azurerm_portal_tenant_configuration": resourcePortalTenantConfiguration(), } } diff --git a/internal/services/postgres/postgresql_virtual_network_rule_resource.go b/internal/services/postgres/postgresql_virtual_network_rule_resource.go index d22d1fc58d25..56db2624ee7e 100644 --- a/internal/services/postgres/postgresql_virtual_network_rule_resource.go +++ b/internal/services/postgres/postgresql_virtual_network_rule_resource.go @@ -41,7 +41,7 @@ func resourcePostgreSQLVirtualNetworkRule() *pluginsdk.Resource { Type: pluginsdk.TypeString, Required: true, ForceNew: true, - // TODO: this should be using a local validator + // TODO: this should be using a validation func within the Postgres package ValidateFunc: networkValidate.VirtualNetworkRuleName, }, diff --git a/internal/services/purview/purview_account_resource.go b/internal/services/purview/purview_account_resource.go index 02f399d94895..03e3c4b5d748 100644 --- a/internal/services/purview/purview_account_resource.go +++ b/internal/services/purview/purview_account_resource.go @@ -10,7 +10,6 @@ import ( "github.com/hashicorp/go-azure-helpers/resourcemanager/identity" "github.com/hashicorp/go-azure-helpers/resourcemanager/location" "github.com/hashicorp/go-azure-helpers/resourcemanager/resourcegroups" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -275,14 +274,7 @@ func resourcePurviewSchema() map[string]*pluginsdk.Schema { ValidateFunc: resourcegroups.ValidateName, }, - "identity": func() *schema.Schema { - // TODO: document that this will become required in 3.0 - if features.ThreePointOhBeta() { - return commonschema.SystemAssignedIdentityRequired() - } - - return commonschema.SystemAssignedIdentityComputed() - }(), + "identity": commonschema.SystemAssignedIdentityRequired(), "managed_resources": { Type: pluginsdk.TypeList, diff --git a/internal/services/recoveryservices/registration.go b/internal/services/recoveryservices/registration.go index 9da8cc3d1ba1..1554272cf34c 100644 --- a/internal/services/recoveryservices/registration.go +++ b/internal/services/recoveryservices/registration.go @@ -37,9 +37,9 @@ func (r Registration) SupportedDataSources() map[string]*pluginsdk.Resource { } } -// todo - this package should probably be split into backup, recovery, and site recovery? // SupportedResources returns the supported Resources supported by this Service func (r Registration) SupportedResources() map[string]*pluginsdk.Resource { + // todo - this package should probably be split into backup, recovery, and site recovery? return map[string]*pluginsdk.Resource{ "azurerm_backup_container_storage_account": resourceBackupProtectionContainerStorageAccount(), "azurerm_backup_policy_file_share": resourceBackupProtectionPolicyFileShare(), diff --git a/internal/services/redis/redis_cache_resource.go b/internal/services/redis/redis_cache_resource.go index 19fb07311fe5..2546f5428264 100644 --- a/internal/services/redis/redis_cache_resource.go +++ b/internal/services/redis/redis_cache_resource.go @@ -299,7 +299,8 @@ func resourceRedisCache() *pluginsdk.Resource { Default: true, }, - // todo 3.0 rename this to replicas_per_main? or something else to confirm to inclusive language guidelines + // todo: investigate the difference between `replicas_per_master` and `replicas_per_primary` - are these + // the same field that's been renamed ala Redis? https://github.com/Azure/azure-rest-api-specs/pull/13005 "replicas_per_master": { Type: pluginsdk.TypeInt, Optional: true, diff --git a/internal/services/redis/resourceids.go b/internal/services/redis/resourceids.go index 8a5d09de6662..2fb6f944f42d 100644 --- a/internal/services/redis/resourceids.go +++ b/internal/services/redis/resourceids.go @@ -1,7 +1,5 @@ package redis -// TODO: fix the generator bug making this `Redi` rather than `Redis` - //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=Cache -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Cache/Redis/redis1 //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=FirewallRule -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Cache/Redis/redis1/firewallRules/firewallRule1 //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=LinkedServer -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Cache/Redis/redis1/linkedServers/linkedServer1 diff --git a/internal/services/redis/validate/max_memory_policy.go b/internal/services/redis/validate/max_memory_policy.go index 91bb9ccd40b1..24ad7059a770 100644 --- a/internal/services/redis/validate/max_memory_policy.go +++ b/internal/services/redis/validate/max_memory_policy.go @@ -1,27 +1,18 @@ package validate import ( - "fmt" - "strings" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation" ) -func MaxMemoryPolicy(v interface{}, _ string) (warnings []string, errors []error) { - // TODO: in time this can be replaced with a generic function, moving for now - value := strings.ToLower(v.(string)) - families := map[string]bool{ - "noeviction": true, - "allkeys-lru": true, - "volatile-lru": true, - "allkeys-random": true, - "volatile-random": true, - "volatile-ttl": true, - "allkeys-lfu": true, - "volatile-lfu": true, - } - - if !families[value] { - errors = append(errors, fmt.Errorf("Redis Max Memory Policy can only be 'noeviction' / 'allkeys-lru' / 'volatile-lru' / 'allkeys-random' / 'volatile-random' / 'volatile-ttl' / 'allkeys-lfu' / 'volatile-lfu'")) - } - - return warnings, errors +func MaxMemoryPolicy(v interface{}, k string) (warnings []string, errors []error) { + return validation.StringInSlice([]string{ + "allkeys-lfu", + "allkeys-lru", + "allkeys-random", + "noeviction", + "volatile-lru", + "volatile-lfu", + "volatile-random", + "volatile-ttl", + }, false)(v, k) } diff --git a/internal/services/sql/sql_server_resource.go b/internal/services/sql/sql_server_resource.go index 392ec85f703d..9298263fbe74 100644 --- a/internal/services/sql/sql_server_resource.go +++ b/internal/services/sql/sql_server_resource.go @@ -155,7 +155,7 @@ func resourceSqlServer() *pluginsdk.Resource { ValidateFunc: validation.StringInSlice([]string{ string(sql.SecurityAlertPolicyStateDisabled), string(sql.SecurityAlertPolicyStateEnabled), - string(sql.SecurityAlertPolicyStateNew), // Only kept for backward compatibility - TODO 3.0 should we change this to enabled and a boolean? + string(sql.SecurityAlertPolicyStateNew), // Only kept for backward compatibility - TODO investigate if we can remove this in 4.0 }, !features.ThreePointOhBeta()), }, diff --git a/internal/services/storage/migration/account.go b/internal/services/storage/migration/account.go index 4a6d0c10956d..9f15169d3fd4 100644 --- a/internal/services/storage/migration/account.go +++ b/internal/services/storage/migration/account.go @@ -114,19 +114,16 @@ func accountSchemaForV0AndV1() map[string]*pluginsdk.Schema { }, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_blob_encryption": { Type: pluginsdk.TypeBool, Optional: true, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_file_encryption": { Type: pluginsdk.TypeBool, Optional: true, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_https_traffic_only": { Type: pluginsdk.TypeBool, Optional: true, @@ -325,7 +322,6 @@ func accountSchemaForV2() map[string]*pluginsdk.Schema { }, }, - // TODO 4.0: change this from enable_* to *_enabled "enable_https_traffic_only": { Type: pluginsdk.TypeBool, Optional: true, diff --git a/internal/services/storage/storage_account_resource.go b/internal/services/storage/storage_account_resource.go index 03016b7d784c..67fc0ce8e37c 100644 --- a/internal/services/storage/storage_account_resource.go +++ b/internal/services/storage/storage_account_resource.go @@ -12,11 +12,9 @@ import ( azautorest "github.com/Azure/go-autorest/autorest" autorestAzure "github.com/Azure/go-autorest/autorest/azure" "github.com/hashicorp/go-azure-helpers/lang/response" - "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" "github.com/hashicorp/go-azure-helpers/resourcemanager/identity" "github.com/hashicorp/go-getter/helper/url" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -385,54 +383,7 @@ func resourceStorageAccount() *pluginsdk.Resource { }, }, - "identity": func() *schema.Schema { - // TODO: 3.0 - document this in the upgrade guide - if features.ThreePointOhBeta() { - return commonschema.SystemAssignedUserAssignedIdentityOptional() - } - - return &schema.Schema{ - Type: schema.TypeList, - Optional: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "type": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.StringInSlice([]string{ - string(identity.TypeUserAssigned), - string(identity.TypeSystemAssigned), - string(identity.TypeSystemAssignedUserAssigned), - "SystemAssigned,UserAssigned", // defined in the Swagger but should be normalized as above - }, false), - DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool { - // handle `SystemAssigned, UserAssigned` with and without the spaces being the same - oldWithoutSpaces := strings.ReplaceAll(old, " ", "") - newWithoutSpaces := strings.ReplaceAll(new, " ", "") - return oldWithoutSpaces == newWithoutSpaces - }, - }, - "identity_ids": { - Type: schema.TypeSet, - Optional: true, - Elem: &schema.Schema{ - Type: schema.TypeString, - ValidateFunc: commonids.ValidateUserAssignedIdentityID, - }, - }, - "principal_id": { - Type: schema.TypeString, - Computed: true, - }, - "tenant_id": { - Type: schema.TypeString, - Computed: true, - }, - }, - }, - } - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptional(), "blob_properties": { Type: pluginsdk.TypeList, @@ -3114,17 +3065,6 @@ func flattenStorageAccountBypass(input storage.Bypass) []interface{} { } func expandAzureRmStorageAccountIdentity(input []interface{}) (*storage.Identity, error) { - if !features.ThreePointOhBeta() { - // work around the Swagger defining `SystemAssigned,UserAssigned` rather than `SystemAssigned, UserAssigned` - if len(input) > 0 { - raw := input[0].(map[string]interface{}) - if identityType := raw["type"].(string); strings.EqualFold("SystemAssigned,UserAssigned", identityType) { - raw["type"] = "SystemAssigned, UserAssigned" - } - input[0] = raw - } - } - expanded, err := identity.ExpandSystemAndUserAssignedMap(input) if err != nil { return nil, err diff --git a/internal/services/storage/storage_data_lake_gen2_filesystem_resource.go b/internal/services/storage/storage_data_lake_gen2_filesystem_resource.go index a1710ca30a82..ad0209e88a60 100644 --- a/internal/services/storage/storage_data_lake_gen2_filesystem_resource.go +++ b/internal/services/storage/storage_data_lake_gen2_filesystem_resource.go @@ -324,7 +324,6 @@ func resourceStorageDataLakeGen2FileSystemRead(d *pluginsdk.ResourceData, meta i return fmt.Errorf("checking for existence of Storage Account %q for File System %q (Resource Group %q): %+v", storageID.Name, id.DirectoryName, storageID.ResourceGroup, err) } - // TODO: what about when this has been removed? resp, err := client.GetProperties(ctx, id.AccountName, id.DirectoryName) if err != nil { if utils.ResponseWasNotFound(resp.Response) { diff --git a/internal/services/synapse/synapse_workspace_resource.go b/internal/services/synapse/synapse_workspace_resource.go index dd5227cb077c..0c156e02de5c 100644 --- a/internal/services/synapse/synapse_workspace_resource.go +++ b/internal/services/synapse/synapse_workspace_resource.go @@ -13,7 +13,6 @@ import ( "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" "github.com/hashicorp/go-azure-helpers/resourcemanager/identity" "github.com/hashicorp/go-azure-helpers/resourcemanager/location" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -178,14 +177,7 @@ func resourceSynapseWorkspace() *pluginsdk.Resource { }, }, - "identity": func() *schema.Schema { - // TODO: update the docs and tests to account for this - if features.ThreePointOh() { - return commonschema.SystemAssignedIdentityRequired() - } - - return commonschema.SystemAssignedIdentityComputed() - }(), + "identity": commonschema.SystemAssignedIdentityRequired(), "managed_resource_group_name": commonschema.ResourceGroupNameOptionalComputed(), diff --git a/internal/services/web/app_service.go b/internal/services/web/app_service.go index d0fe7ccfbc07..55095a7e2b7b 100644 --- a/internal/services/web/app_service.go +++ b/internal/services/web/app_service.go @@ -9,7 +9,6 @@ import ( "github.com/Azure/azure-sdk-for-go/services/web/mgmt/2021-02-01/web" "github.com/hashicorp/terraform-provider-azurerm/internal/features" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/msi/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/services/msi/validate" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/suppress" @@ -1614,29 +1613,6 @@ func expandAppServiceLogs(input interface{}) web.SiteLogsConfigProperties { } func expandAppServiceIdentity(input []interface{}) (*web.ManagedServiceIdentity, error) { - if !features.ThreePointOhBeta() { - if len(input) == 0 { - return nil, nil - } - identity := input[0].(map[string]interface{}) - identityType := web.ManagedServiceIdentityType(identity["type"].(string)) - - identityIds := make(map[string]*web.UserAssignedIdentity) - for _, id := range identity["identity_ids"].([]interface{}) { - identityIds[id.(string)] = &web.UserAssignedIdentity{} - } - - managedServiceIdentity := web.ManagedServiceIdentity{ - Type: identityType, - } - - if managedServiceIdentity.Type == web.ManagedServiceIdentityTypeUserAssigned || managedServiceIdentity.Type == web.ManagedServiceIdentityTypeSystemAssignedUserAssigned { - managedServiceIdentity.UserAssignedIdentities = identityIds - } - - return &managedServiceIdentity, nil - } - expanded, err := identity.ExpandSystemAndUserAssignedMap(input) if err != nil { return nil, err @@ -1657,42 +1633,6 @@ func expandAppServiceIdentity(input []interface{}) (*web.ManagedServiceIdentity, } func flattenAppServiceIdentity(input *web.ManagedServiceIdentity) (*[]interface{}, error) { - if !features.ThreePointOhBeta() { - if input == nil { - return &[]interface{}{}, nil - } - - principalId := "" - if input.PrincipalID != nil { - principalId = *input.PrincipalID - } - - tenantId := "" - if input.TenantID != nil { - tenantId = *input.TenantID - } - - identityIds := make([]string, 0) - if input.UserAssignedIdentities != nil { - for key := range input.UserAssignedIdentities { - parsedId, err := parse.UserAssignedIdentityIDInsensitively(key) - if err != nil { - return nil, err - } - identityIds = append(identityIds, parsedId.ID()) - } - } - - return &[]interface{}{ - map[string]interface{}{ - "identity_ids": identityIds, - "principal_id": principalId, - "tenant_id": tenantId, - "type": string(input.Type), - }, - }, nil - } - var transform *identity.SystemAndUserAssignedMap if input != nil { diff --git a/internal/services/web/app_service_resource.go b/internal/services/web/app_service_resource.go index 7f67ca343fc3..2496ee493a25 100644 --- a/internal/services/web/app_service_resource.go +++ b/internal/services/web/app_service_resource.go @@ -8,7 +8,6 @@ import ( "github.com/Azure/azure-sdk-for-go/services/web/mgmt/2021-02-01/web" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -143,13 +142,7 @@ func resourceAppService() *pluginsdk.Resource { Default: true, }, - "identity": func() *schema.Schema { - if !features.ThreePointOhBeta() { - return schemaAppServiceIdentity() - } - - return commonschema.SystemAssignedUserAssignedIdentityOptional() - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptional(), "https_only": { Type: pluginsdk.TypeBool, diff --git a/internal/services/web/app_service_slot_resource.go b/internal/services/web/app_service_slot_resource.go index e49f11edecff..ffbcc1f9d968 100644 --- a/internal/services/web/app_service_slot_resource.go +++ b/internal/services/web/app_service_slot_resource.go @@ -7,7 +7,6 @@ import ( "github.com/Azure/azure-sdk-for-go/services/web/mgmt/2021-02-01/web" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -52,13 +51,7 @@ func resourceAppServiceSlot() *pluginsdk.Resource { ValidateFunc: webValidate.AppServiceName, }, - "identity": func() *schema.Schema { - if !features.ThreePointOhBeta() { - return schemaAppServiceIdentity() - } - - return commonschema.SystemAssignedUserAssignedIdentityOptional() - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptional(), "resource_group_name": azure.SchemaResourceGroupName(), diff --git a/internal/services/web/function_app_resource.go b/internal/services/web/function_app_resource.go index 879aafaf72bf..4a67650c486f 100644 --- a/internal/services/web/function_app_resource.go +++ b/internal/services/web/function_app_resource.go @@ -9,7 +9,6 @@ import ( "github.com/Azure/azure-sdk-for-go/services/web/mgmt/2021-02-01/web" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -154,13 +153,7 @@ func resourceFunctionApp() *pluginsdk.Resource { Default: false, }, - "identity": func() *schema.Schema { - if !features.ThreePointOhBeta() { - return schemaAppServiceIdentity() - } - - return commonschema.SystemAssignedUserAssignedIdentityOptional() - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptional(), "os_type": { Type: pluginsdk.TypeString, diff --git a/internal/services/web/function_app_slot_resource.go b/internal/services/web/function_app_slot_resource.go index eebac1885a61..2fdc929122e7 100644 --- a/internal/services/web/function_app_slot_resource.go +++ b/internal/services/web/function_app_slot_resource.go @@ -10,7 +10,6 @@ import ( "github.com/Azure/azure-sdk-for-go/services/web/mgmt/2021-02-01/web" "github.com/google/uuid" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -58,13 +57,7 @@ func resourceFunctionAppSlot() *pluginsdk.Resource { "location": azure.SchemaLocation(), - "identity": func() *schema.Schema { - if !features.ThreePointOhBeta() { - return schemaAppServiceIdentity() - } - - return commonschema.SystemAssignedUserAssignedIdentityOptional() - }(), + "identity": commonschema.SystemAssignedUserAssignedIdentityOptional(), "function_app_name": { Type: pluginsdk.TypeString, diff --git a/website/docs/d/kubernetes_cluster.html.markdown b/website/docs/d/kubernetes_cluster.html.markdown index fee0b922128d..368d8ef28f8d 100644 --- a/website/docs/d/kubernetes_cluster.html.markdown +++ b/website/docs/d/kubernetes_cluster.html.markdown @@ -305,11 +305,11 @@ The `identity` block exports the following: * `type` - The type of identity used for the managed cluster. -* `principal_id` - The principal id of the system assigned identity which is used by primary components. +* `principal_id` - The principal id of the system assigned identity assigned to this Kubernetes Cluster. -* `tenant_id` - The tenant id of the system assigned identity which is used by primary components. +* `tenant_id` - The tenant id of the system assigned identity assigned to this Kubernetes Cluster. -* `user_assigned_identity_id` - The ID of the User Assigned Identity which is used by primary components. This value will be empty when using system assigned identity. +* `identity_ids` - A list of User Assigned Identity IDs assigned to this Kubernetes Cluster. --- diff --git a/website/docs/guides/3.0-upgrade-guide.html.markdown b/website/docs/guides/3.0-upgrade-guide.html.markdown index f9ccafd84d7e..fe47da8ef4dd 100644 --- a/website/docs/guides/3.0-upgrade-guide.html.markdown +++ b/website/docs/guides/3.0-upgrade-guide.html.markdown @@ -258,6 +258,8 @@ The deprecated block `addon_profile` will be removed in favour of the `azure_pol The field `availability_zones` will be removed in favour of `zones` to be consistent across the Provider. +The field `user_assigned_identity_ids` within the `identity` block will be renamed to `identity_ids` to be consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + The deprecated block `role_based_access_control` will be removed in favour of the `role_based_access_control_enabled` property and the `azure_active_directory_role_based_access_control` block. ### Data Source: `azurerm_kubernetes_cluster_node_pool` @@ -276,6 +278,10 @@ The deprecated field `portal_url` will be removed since it no longer exists in t The deprecated field `group_id` will be removed in favour of the `name` property. +### Data Source: `azurerm_mssql_server` + +The field `user_assigned_identity_ids` within the `identity` block will be renamed to `identity_ids` to be consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + ### Data Source: `azurerm_netapp_volume` The deprecated field `data_protection_replication.replication_schedule` will be removed as it no longer exists in the Azure API. The property `data_protection_replication.replication_frequency` can be used instead. @@ -322,6 +328,8 @@ The deprecated field `security.enabled_triple_des_ciphers` will be removed in fa The `azurerm_app_service` resource has been superseded by the `azurerm_linux_web_app` and `azurerm_windows_web_app` resources. Whilst this resource will continue to be available in the 2.x and 3.x releases it is feature-frozen for compatibility purposes, will no longer receive any updates and will be removed in a future major release of the Azure Provider. +The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + The field `site_config.remote_debugging_version` will no longer accept the values `VS2012`, `VS2013` and `VS2015`. ### Resource: `azurerm_app_service_active_slot` @@ -348,6 +356,8 @@ The `azurerm_app_service_hybrid_connection` resource has been superseded by the The `azurerm_app_service_slot` resource has been superseded by the `azurerm_linux_web_app_slot` and `azurerm_windows_web_app_slot` resources. Whilst this resource will continue to be available in the 2.x and 3.x releases it is feature-frozen for compatibility purposes, will no longer receive any updates and will be removed in a future major release of the Azure Provider. +The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + The field `site_config.remote_debugging_version` will no longer accept the values `VS2012`, `VS2013` and `VS2015`. ### Resource: `azurerm_app_service_source_control_token` @@ -404,6 +414,10 @@ The deprecated field `data_factory_name` will be removed in favour of the `data_ The field `resource_group_name` will be removed since it can be inferred from the `data_factory_id` property. +### Resource: `azurerm_dashboard` + +This resource has been renamed to `azurerm_portal_dashboard`. + ### Resource: `azurerm_data_factory_dataset_binary` The deprecated field `data_factory_name` will be removed in favour of the `data_factory_id` property. @@ -608,7 +622,6 @@ The deprecated field `data_factory_name` will be removed in favour of the `data_ The field `resource_group_name` will be removed since it can be inferred from the `data_factory_id` property. - ### Resource: `azurerm_data_factory` The field `customer_managed_key_identity_id` must be supplied if `customer_managed_key_id` is set. @@ -701,6 +714,8 @@ The default value for the field `negate_condition` will change from `true` to `f The `azurerm_function_app` resource has been superseded by the `azurerm_linux_function_app` and `azurerm_windows_function_app` resources. Whilst this resource will continue to be available in the 2.x and 3.x releases it is feature-frozen for compatibility purposes, will no longer receive any updates and will be removed in a future major release of the Azure Provider. +The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + The deprecated field `client_affinity_enabled` will be removed since it is no longer configurable. The deprecated field `storage_connection_string` will be removed in favour of the `storage_account_name` and `storage_account_access_key` properties. @@ -713,6 +728,8 @@ The deprecated field `master_key` will be removed in favour of the `primary_key` The `azurerm_function_app_slot` resource has been superseded by the `azurerm_linux_function_app_slot` and `azurerm_windows_function_app_slot` resources. Whilst this resource will continue to be available in the 2.x and 3.x releases it is feature-frozen for compatibility purposes, will no longer receive any updates and will be removed in a future major release of the Azure Provider. +The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + The deprecated field `client_affinity_enabled` will be removed since it is no longer configurable. ### Resource: `azurerm_hdinsight_hadoop_cluster` @@ -787,7 +804,7 @@ The deprecated field `access_rule.root_squash_enabled` will be removed in favour ### Resource: `azurerm_iothub_dps` -The default value for the field `linked_hub.allocation_weight` will change from `0` to `1`. +The default value for the field `allocation_weight` within the `linked_hub` block will change from `0` to `1`. ### Resource: `azurerm_iothub_endpoint_eventhub` @@ -863,6 +880,8 @@ The deprecated field `private_link_enabled` will be removed in favour of the `pr The deprecated block `role_based_access_control` will be removed in favour of the property `role_based_access_control_enabled` and the block `azure_active_directory_role_based_access_control`. +The field `user_assigned_identity_ids` within the `identity` block will be renamed to `identity_ids` to be consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + ### Resource: `azurerm_kubernetes_cluster_node_pool` The field `availability_zones` will be removed in favour of `zones` to be consistent across the Provider. @@ -927,18 +946,26 @@ The field `sku_name` no longer accepts the value `Enterprise` ([more information The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). +The `type` field within the `identity` block now requires that the value `SystemAssigned,UserAssigned` is `SystemAssigned, UserAssigned` to be consistent with other identity blocks. + ### Resource `azurerm_machine_learning_compute_instance` The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). +The `type` field within the `identity` block now requires that the value `SystemAssigned,UserAssigned` is `SystemAssigned, UserAssigned` to be consistent with other identity blocks. + ### Resource `azurerm_machine_learning_inference_cluster` The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). +The `type` field within the `identity` block now requires that the value `SystemAssigned,UserAssigned` is `SystemAssigned, UserAssigned` to be consistent with other identity blocks. + ### Resource `azurerm_machine_learning_synapse_spark` The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). +The `type` field within the `identity` block now requires that the value `SystemAssigned,UserAssigned` is `SystemAssigned, UserAssigned` to be consistent with other identity blocks. + ### Resource `azurerm_machine_learning_workspace` The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). @@ -975,6 +1002,8 @@ The deprecated block `extended_auditing_policy` will be removed and replaced by The default value of the field `minimum_tls_version` will be set to `1.2`. +The field `user_assigned_identity_ids` within the `identity` block will be renamed to `identity_ids` to be consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + ### Resource: `azurerm_mysql_server` The field `auto_grow_enabled` will default to `true`. @@ -1084,6 +1113,18 @@ The fields `availability_zone` and `zones` will be consolidated into `zones`. The deprecated field `sku_name` will be removed since this property can no longer be specified on create/update. +The `identity` block is now required to be consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). You will need to add: + +```hcl +resource "azurerm_purview_account" "example" { + # ... + + identity { + type = "SystemAssigned" + } +} +``` + ### Resource: `azurerm_redis_cache` The default value for the field `minimum_tls_version` will change from `1.0` to `1.2`. @@ -1212,6 +1253,10 @@ The default value for the field `min_tls_version` will change from `TLS1_0` to ` The field `allow_blob_public_access` will be removed in favour of the `allow_nested_items_to_be_public` property. +The `identity` block will be made consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). + +The `type` field within the `identity` block now requires that the value `SystemAssigned,UserAssigned` is `SystemAssigned, UserAssigned` to be consistent with other identity blocks. + ### Resource: `azurerm_storage_account_network_rules` The deprecated field `storage_account_name` will be removed in favour of the `storage_account_id` property. @@ -1246,6 +1291,20 @@ The field `spark_version` will no longer accept the value `3.0`. ### Resource: `azurerm_synapse_workspace_key` +The `identity` block is now required to be consistent across the Provider - [see the dedicated issue on how Identity is changing in 3.0 for more information](https://github.com/hashicorp/terraform-provider-azurerm/issues/15187). You will need to add: + +```hcl +resource "azurerm_synapse_workspace" "example" { + # ... + + identity { + type = "SystemAssigned" + } +} +``` + +### Resource: `azurerm_synapse_workspace_key` + The deprecated field `cusomter_managed_key_name` will be removed in favour of the `customer_managed_key_name` property. ### Resource: `azurerm_traffic_manager_endpoint` diff --git a/website/docs/r/firewall_policy.html.markdown b/website/docs/r/firewall_policy.html.markdown index 85dc7096e7c5..b0273631621d 100644 --- a/website/docs/r/firewall_policy.html.markdown +++ b/website/docs/r/firewall_policy.html.markdown @@ -13,10 +13,15 @@ Manages a Firewall Policy. ## Example Usage ```hcl +resource "azurerm_resource_group" "example" { + name = "example-resources" + location = "West Europe" +} + resource "azurerm_firewall_policy" "example" { - name = "example" - resource_group_name = "example" - location = "West Europe" + name = "example-policy" + resource_group_name = azurerm_resource_group.example.name + location = azurerm_resource_group.example.location } ``` @@ -66,9 +71,9 @@ A `dns` block supports the following: A `identity` block supports the following: -* `type` - (Required) Type of the identity. At the moment only "UserAssigned" is supported. Changing this forces a new Firewall Policy to be created. +* `type` - (Required) The Type of Identity which should be assigned to this Firewall Policy. At this time the only supported value is `UserAssigned`. Changing this forces a new Firewall Policy to be created. -* `user_assigned_identity_ids` - (Optional) Specifies a list of user assigned managed identities. +* `identity_ids` - (Optional) Specifies a list of Managed Identity IDs which should be assigned to this Firewall Policy. --- @@ -94,7 +99,7 @@ A `intrusion_detection` block supports the following: --- -A `log_analytisc_workspace` block supports the following: +A `log_analytics_workspace` block supports the following: * `id` - (Required) The ID of the Log Analytics Workspace that the Firewalls associated with this Firewall Policy will send their logs to when their locations match the `firewall_location`. diff --git a/website/docs/r/kubernetes_cluster.html.markdown b/website/docs/r/kubernetes_cluster.html.markdown index bf7d05b533c6..7c1d023df8f3 100644 --- a/website/docs/r/kubernetes_cluster.html.markdown +++ b/website/docs/r/kubernetes_cluster.html.markdown @@ -381,9 +381,9 @@ If `enable_auto_scaling` is set to `false`, then the following fields can also b An `identity` block supports the following: -* `type` - The type of identity used for the managed cluster. Possible values are `SystemAssigned` and `UserAssigned`. If `UserAssigned` is set, a `user_assigned_identity_id` must be set as well. +* `type` - The type of identity used for the managed cluster. Possible values are `SystemAssigned` and `UserAssigned`. -* `user_assigned_identity_id` - (Optional) The ID of a user assigned identity. +* `identity_ids` - (Optional) A list of User Assigned Identity IDs which should be assigned to this Kubernetes Cluster. At this time only a single value is supported. This must be specified when `type` is set to `UserAssigned`. --- diff --git a/website/docs/r/log_analytics_cluster_customer_managed_key.html.markdown b/website/docs/r/log_analytics_cluster_customer_managed_key.html.markdown index e6efd6e41d1c..65bf58152e1f 100644 --- a/website/docs/r/log_analytics_cluster_customer_managed_key.html.markdown +++ b/website/docs/r/log_analytics_cluster_customer_managed_key.html.markdown @@ -121,5 +121,5 @@ The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/d Log Analytics Cluster Customer Managed Keys can be imported using the `resource id`, e.g. ```shell -terraform import azurerm_log_analytics_cluster_customer_managed_key.example /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/group1/providers/Microsoft.OperationalInsights/clusters/cluster1/CMK +terraform import azurerm_log_analytics_cluster_customer_managed_key.example /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/group1/providers/Microsoft.OperationalInsights/clusters/cluster1 ``` diff --git a/website/docs/r/dashboard.html.markdown b/website/docs/r/portal_dashboard.html.markdown similarity index 94% rename from website/docs/r/dashboard.html.markdown rename to website/docs/r/portal_dashboard.html.markdown index 5bfef3effdd3..6b5e957d84b2 100644 --- a/website/docs/r/dashboard.html.markdown +++ b/website/docs/r/portal_dashboard.html.markdown @@ -1,7 +1,7 @@ --- subcategory: "Portal" layout: "azurerm" -page_title: "Azure Resource Manager: azurerm_dashboard" +page_title: "Azure Resource Manager: azurerm_portal_dashboard" description: |- Manages a shared dashboard in the Azure Portal. --- @@ -30,7 +30,7 @@ resource "azurerm_resource_group" "my-group" { location = "West Europe" } -resource "azurerm_dashboard" "my-board" { +resource "azurerm_portal_dashboard" "my-board" { name = "my-cool-dashboard" resource_group_name = azurerm_resource_group.my-group.name location = azurerm_resource_group.my-group.location @@ -241,10 +241,11 @@ resource "azurerm_dashboard" "my-board" { The following arguments are supported: -* `name` - (Required) Specifies the name of the Shared Dashboard. This should be be 64 chars max, only alphanumeric and hyphens (no spaces). For a more friendly display name, add the `hidden-title` tag. +* `name` - (Required) Specifies the name of the Shared Dashboard. Changing this forces a new resource to be created. + +-> **Note**: You can specify a tag with the key `hidden-title` to set a more user-friendly title for this Dashboard. -* `resource_group_name` - (Required) The name of the resource group in which to - create the dashboard. +* `resource_group_name` - (Required) The name of the resource group in which to create the dashboard. Changing this forces a new resource to be created. * `location` - (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. @@ -272,7 +273,7 @@ The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/d Dashboards can be imported using the `resource id`, e.g. ```shell -terraform import azurerm_dashboard.my-board /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Portal/dashboards/00000000-0000-0000-0000-000000000000 +terraform import azurerm_portal_dashboard.my-board /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Portal/dashboards/00000000-0000-0000-0000-000000000000 ``` Note the URI in the above sample can be found using the Resource Explorer tool in the Azure Portal. diff --git a/website/docs/r/purview_account.html.markdown b/website/docs/r/purview_account.html.markdown index 4f668b912e49..950f232685de 100644 --- a/website/docs/r/purview_account.html.markdown +++ b/website/docs/r/purview_account.html.markdown @@ -22,6 +22,10 @@ resource "azurerm_purview_account" "example" { name = "example" resource_group_name = azurerm_resource_group.example.name location = azurerm_resource_group.example.location + + identity { + type = "SystemAssigned" + } } ``` @@ -31,6 +35,8 @@ The following arguments are supported: * `location` - (Required) The Azure Region where the Purview Account should exist. Changing this forces a new Purview Account to be created. +* `identity` - (Required) An `identity` block as defined below. Changing this forces a new Purview Account to be created. + * `name` - (Required) The name which should be used for this Purview Account. Changing this forces a new Purview Account to be created. * `resource_group_name` - (Required) The name of the Resource Group where the Purview Account should exist. Changing this forces a new Purview Account to be created. @@ -45,6 +51,12 @@ The following arguments are supported: * `tags` - (Optional) A mapping of tags which should be assigned to the Purview Account. +--- + +The `identity` block supports the following: + +* `type` - (Required) The Type of Managed Identity to assign to this Purview Account. At this time the only possible value is `SystemAssigned`. Changing this forces a new resource to be created. + ## Attributes Reference In addition to the Arguments listed above - the following Attributes are exported: @@ -73,8 +85,6 @@ A `identity` block exports the following: * `tenant_id` - The ID of the Azure Active Directory Tenant. -* `type` - The type of Managed Identity assigned to this Purview Account. - --- A `managed_resources` block exports the following: diff --git a/website/docs/r/storage_account.html.markdown b/website/docs/r/storage_account.html.markdown index 28b9f017cd14..7e057a516b33 100644 --- a/website/docs/r/storage_account.html.markdown +++ b/website/docs/r/storage_account.html.markdown @@ -235,8 +235,6 @@ A `identity` block supports the following: * `type` - (Required) Specifies the identity type of the Storage Account. Possible values are `SystemAssigned`, `UserAssigned` and `SystemAssigned, UserAssigned` (to enable both). -~> **Note:** The older value `SystemAssigned,UserAssigned` (with no spaces) is deprecated and will be removed in version 3.0 of the Azure Provider. - ~> The assigned `principal_id` and `tenant_id` can be retrieved after the identity `type` has been set to `SystemAssigned` and Storage Account has been created. More details are available below. * `identity_ids` - (Optional) A list of IDs for User Assigned Managed Identity resources to be assigned. diff --git a/website/docs/r/synapse_workspace.html.markdown b/website/docs/r/synapse_workspace.html.markdown index c8293b4fd907..c478cc16ce1d 100644 --- a/website/docs/r/synapse_workspace.html.markdown +++ b/website/docs/r/synapse_workspace.html.markdown @@ -46,6 +46,10 @@ resource "azurerm_synapse_workspace" "example" { object_id = "00000000-0000-0000-0000-000000000000" tenant_id = "00000000-0000-0000-0000-000000000000" } + + identity { + type = "SystemAssigned" + } tags = { Env = "production" @@ -118,10 +122,15 @@ resource "azurerm_synapse_workspace" "example" { storage_data_lake_gen2_filesystem_id = azurerm_storage_data_lake_gen2_filesystem.example.id sql_administrator_login = "sqladminuser" sql_administrator_login_password = "H@Sh1CoR3!" + customer_managed_key { key_versionless_id = azurerm_key_vault_key.example.versionless_id key_name = "enckey" } + + identity { + type = "SystemAssigned" + } tags = { Env = "production" @@ -166,38 +175,42 @@ The following arguments are supported: * `location` - (Required) Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created. +* `identity` - (Required) An `identity` block as defined below. Changing this forces a new resource to be created. + * `storage_data_lake_gen2_filesystem_id` - (Required) Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created. * `sql_administrator_login` - (Required) Specifies The Login Name of the SQL administrator. Changing this forces a new resource to be created. * `sql_administrator_login_password` - (Required) The Password associated with the `sql_administrator_login` for the SQL administrator. -* `linking_allowed_for_aad_tenant_ids` - (Optional) Allowed Aad Tenant Ids For Linking. +--- + +* `aad_admin` - (Optional) An `aad_admin` block as defined below. Conflicts with `customer_managed_key`. * `compute_subnet_id` - (Optional) Subnet ID used for computes in workspace -* `data_exfiltration_protection_enabled` - (Optional) Is data exfiltration protection enabled in this workspace? If set to `true`, `managed_virtual_network_enabled` must also be set to `true`. Changing this forces a new resource to be created. +* `azure_devops_repo` - (Optional) An `azure_devops_repo` block as defined below. -* `managed_virtual_network_enabled` - (Optional) Is Virtual Network enabled for all computes in this workspace? Defaults to `false`. Changing this forces a new resource to be created. +* `data_exfiltration_protection_enabled` - (Optional) Is data exfiltration protection enabled in this workspace? If set to `true`, `managed_virtual_network_enabled` must also be set to `true`. Changing this forces a new resource to be created. -* `public_network_access_enabled` - (Optional) Whether public network access is allowed for the Cognitive Account. Defaults to `true`. +* `customer_managed_key` - (Optional) A `customer_managed_key` block as defined below. Conflicts with `aad_admin`. -* `purview_id` - (Optional) The ID of purview account. +* `github_repo` - (Optional) A `github_repo` block as defined below. -* `sql_identity_control_enabled` - (Optional) Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools? +* `linking_allowed_for_aad_tenant_ids` - (Optional) Allowed Aad Tenant Ids For Linking. * `managed_resource_group_name` - (Optional) Workspace managed resource group. -* `aad_admin` - (Optional) An `aad_admin` block as defined below. Conflicts with `customer_managed_key`. - -* `azure_devops_repo` - (Optional) An `azure_devops_repo` block as defined below. +* `managed_virtual_network_enabled` - (Optional) Is Virtual Network enabled for all computes in this workspace? Defaults to `false`. Changing this forces a new resource to be created. -* `github_repo` - (Optional) A `github_repo` block as defined below. +* `public_network_access_enabled` - (Optional) Whether public network access is allowed for the Cognitive Account. Defaults to `true`. -* `customer_managed_key` - (Optional) A `customer_managed_key` block as defined below. Conflicts with `aad_admin`. +* `purview_id` - (Optional) The ID of purview account. * `sql_aad_admin` - (Optional) An `sql_aad_admin` block as defined below. +* `sql_identity_control_enabled` - (Optional) Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools? + * `tags` - (Optional) A mapping of tags which should be assigned to the Synapse Workspace. --- @@ -212,16 +225,6 @@ An `aad_admin` block supports the following: --- -An `sql_aad_admin` block supports the following: - -* `login` - (Required) The login name of the Azure AD Administrator of this Synapse Workspace SQL. - -* `object_id` - (Required) The object id of the Azure AD Administrator of this Synapse Workspace SQL. - -* `tenant_id` - (Required) The tenant id of the Azure AD Administrator of this Synapse Workspace SQL. - ---- - An `azure_devops_repo` block supports the following: * `account_name` - (Required) Specifies the Azure DevOps account name. @@ -240,6 +243,20 @@ An `azure_devops_repo` block supports the following: --- +A `customer_managed_key` block supports the following: + +* `key_versionless_id` - (Required) The Azure Key Vault Key Versionless ID to be used as the Customer Managed Key (CMK) for double encryption (e.g. `https://example-keyvault.vault.azure.net/type/cmk/`). + +* `key_name` - (Optional) An identifier for the key. Name needs to match the name of the key used with the `azurerm_synapse_workspace_key` resource. Defaults to "cmk" if not specified. + +--- + +The `identity` block supports the following: + +* `type` - (Required) the Type of Managed Identity to assign to this Synapse Workspace. At this time the only supported value is `SystemAssigned`. Changing this forces a new resource to be created. + +--- + A `github_repo` block supports the following: * `account_name` - (Required) Specifies the GitHub account name. @@ -258,11 +275,13 @@ A `github_repo` block supports the following: --- -A `customer_managed_key` block supports the following: +An `sql_aad_admin` block supports the following: -* `key_versionless_id` - (Required) The Azure Key Vault Key Versionless ID to be used as the Customer Managed Key (CMK) for double encryption (e.g. `https://example-keyvault.vault.azure.net/type/cmk/`). +* `login` - (Required) The login name of the Azure AD Administrator of this Synapse Workspace SQL. -* `key_name` - (Optional) An identifier for the key. Name needs to match the name of the key used with the `azurerm_synapse_workspace_key` resource. Defaults to "cmk" if not specified. +* `object_id` - (Required) The object id of the Azure AD Administrator of this Synapse Workspace SQL. + +* `tenant_id` - (Required) The tenant id of the Azure AD Administrator of this Synapse Workspace SQL. ## Attributes Reference @@ -272,14 +291,10 @@ In addition to the Arguments listed above - the following Attributes are exporte * `connectivity_endpoints` - A list of Connectivity endpoints for this Synapse Workspace. -* `identity` - An `identity` block as defined below, which contains the Managed Service Identity information for this Synapse Workspace. - --- The `identity` block exports the following: -* `type` - The Identity Type for the Service Principal associated with the Managed Service Identity of this Synapse Workspace. - * `principal_id` - The Principal ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace. * `tenant_id` - The Tenant ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace.