From caed56d3213de02837473569cb00e33175fc657a Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 19 Oct 2022 14:51:36 +0800 Subject: [PATCH 1/2] New resource: `azurerm_sentinel_data_connector_office_365_project` --- internal/services/sentinel/registration.go | 1 + .../sentinel/sentinel_data_connector.go | 2 + ...tinel_data_connector_office_365_project.go | 194 ++++++++++++++++++ ..._data_connector_office_365_project_test.go | 153 ++++++++++++++ ...connector_office_365_project.html.markdown | 81 ++++++++ 5 files changed, 431 insertions(+) create mode 100644 internal/services/sentinel/sentinel_data_connector_office_365_project.go create mode 100644 internal/services/sentinel/sentinel_data_connector_office_365_project_test.go create mode 100644 website/docs/r/sentinel_data_connector_office_365_project.html.markdown diff --git a/internal/services/sentinel/registration.go b/internal/services/sentinel/registration.go index 4c98e3d6e6cf..47e334e066a1 100644 --- a/internal/services/sentinel/registration.go +++ b/internal/services/sentinel/registration.go @@ -63,5 +63,6 @@ func (r Registration) Resources() []sdk.Resource { WatchlistResource{}, WatchlistItemResource{}, DataConnectorAwsS3Resource{}, + DataConnectorOffice365ProjectResource{}, } } diff --git a/internal/services/sentinel/sentinel_data_connector.go b/internal/services/sentinel/sentinel_data_connector.go index ee7070d14bcf..9d90e25bf022 100644 --- a/internal/services/sentinel/sentinel_data_connector.go +++ b/internal/services/sentinel/sentinel_data_connector.go @@ -43,6 +43,8 @@ func assertDataConnectorKind(dc securityinsight.BasicDataConnector, expectKind s kind = securityinsight.DataConnectorKindMicrosoftCloudAppSecurity case securityinsight.TIDataConnector: kind = securityinsight.DataConnectorKindThreatIntelligence + case securityinsight.Office365ProjectDataConnector: + kind = securityinsight.DataConnectorKindOffice365Project case securityinsight.OfficeDataConnector: kind = securityinsight.DataConnectorKindOffice365 case securityinsight.OfficeATPDataConnector: diff --git a/internal/services/sentinel/sentinel_data_connector_office_365_project.go b/internal/services/sentinel/sentinel_data_connector_office_365_project.go new file mode 100644 index 000000000000..176a00898d65 --- /dev/null +++ b/internal/services/sentinel/sentinel_data_connector_office_365_project.go @@ -0,0 +1,194 @@ +package sentinel + +import ( + "context" + "fmt" + "time" + + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2022-01-01-preview/securityinsight" + "github.com/hashicorp/go-azure-sdk/resource-manager/operationalinsights/2020-08-01/workspaces" + "github.com/hashicorp/terraform-provider-azurerm/internal/sdk" + "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" + "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/validate" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation" + "github.com/hashicorp/terraform-provider-azurerm/utils" +) + +type DataConnectorOffice365ProjectResource struct{} + +var _ sdk.ResourceWithCustomImporter = DataConnectorOffice365ProjectResource{} + +type DataConnectorOffice365ProjectModel struct { + Name string `tfschema:"name"` + LogAnalyticsWorkspaceId string `tfschema:"log_analytics_workspace_id"` + TenantId string `tfschema:"tenant_id"` +} + +func (r DataConnectorOffice365ProjectResource) Arguments() map[string]*pluginsdk.Schema { + return map[string]*pluginsdk.Schema{ + "name": { + Type: pluginsdk.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringIsNotEmpty, + }, + + "log_analytics_workspace_id": { + Type: pluginsdk.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: workspaces.ValidateWorkspaceID, + }, + + "tenant_id": { + Type: pluginsdk.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + ValidateFunc: validation.IsUUID, + }, + } +} + +func (r DataConnectorOffice365ProjectResource) Attributes() map[string]*pluginsdk.Schema { + return map[string]*pluginsdk.Schema{} +} + +func (r DataConnectorOffice365ProjectResource) ResourceType() string { + return "azurerm_sentinel_data_connector_office_365_project" +} + +func (r DataConnectorOffice365ProjectResource) ModelObject() interface{} { + return &DataConnectorOffice365ProjectModel{} +} + +func (r DataConnectorOffice365ProjectResource) IDValidationFunc() pluginsdk.SchemaValidateFunc { + return validate.DataConnectorID +} + +func (r DataConnectorOffice365ProjectResource) CustomImporter() sdk.ResourceRunFunc { + return func(ctx context.Context, metadata sdk.ResourceMetaData) error { + _, err := importSentinelDataConnector(securityinsight.DataConnectorKindOffice365Project)(ctx, metadata.ResourceData, metadata.Client) + return err + } +} + +func (r DataConnectorOffice365ProjectResource) Create() sdk.ResourceFunc { + return sdk.ResourceFunc{ + Timeout: 30 * time.Minute, + Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error { + client := metadata.Client.Sentinel.DataConnectorsClient + + var plan DataConnectorOffice365ProjectModel + if err := metadata.Decode(&plan); err != nil { + return fmt.Errorf("decoding %+v", err) + } + + workspaceId, err := workspaces.ParseWorkspaceID(plan.LogAnalyticsWorkspaceId) + if err != nil { + return err + } + + id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroupName, workspaceId.WorkspaceName, plan.Name) + existing, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) + if err != nil { + if !utils.ResponseWasNotFound(existing.Response) { + return fmt.Errorf("checking for presence of existing %s: %+v", id, err) + } + } + if !utils.ResponseWasNotFound(existing.Response) { + return metadata.ResourceRequiresImport(r.ResourceType(), id) + } + + tenantId := plan.TenantId + if tenantId == "" { + tenantId = metadata.Client.Account.TenantId + } + + params := securityinsight.Office365ProjectDataConnector{ + Name: &plan.Name, + Office365ProjectDataConnectorProperties: &securityinsight.Office365ProjectDataConnectorProperties{ + TenantID: &tenantId, + DataTypes: &securityinsight.Office365ProjectConnectorDataTypes{ + Logs: &securityinsight.Office365ProjectConnectorDataTypesLogs{ + State: securityinsight.DataTypeStateEnabled, + }, + }, + }, + Kind: securityinsight.KindBasicDataConnectorKindOffice365Project, + } + + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, params); err != nil { + return fmt.Errorf("creating %s: %+v", id, err) + } + + metadata.SetID(id) + return nil + }, + } +} + +func (r DataConnectorOffice365ProjectResource) Read() sdk.ResourceFunc { + return sdk.ResourceFunc{ + Timeout: 5 * time.Minute, + + Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error { + client := metadata.Client.Sentinel.DataConnectorsClient + id, err := parse.DataConnectorID(metadata.ResourceData.Id()) + if err != nil { + return err + } + + workspaceId := workspaces.NewWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) + + existing, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) + if err != nil { + if utils.ResponseWasNotFound(existing.Response) { + return metadata.MarkAsGone(id) + } + return fmt.Errorf("retrieving %s: %+v", id, err) + } + + dc, ok := existing.Value.(securityinsight.Office365ProjectDataConnector) + if !ok { + return fmt.Errorf("%s was not an Office 365 Project Data Connector", id) + } + + var tenantId string + if props := dc.Office365ProjectDataConnectorProperties; props != nil { + if props.TenantID != nil { + tenantId = *props.TenantID + } + } + + model := DataConnectorOffice365ProjectModel{ + Name: id.Name, + LogAnalyticsWorkspaceId: workspaceId.ID(), + TenantId: tenantId, + } + + return metadata.Encode(&model) + }, + } +} + +func (r DataConnectorOffice365ProjectResource) Delete() sdk.ResourceFunc { + return sdk.ResourceFunc{ + Timeout: 30 * time.Minute, + Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error { + client := metadata.Client.Sentinel.DataConnectorsClient + + id, err := parse.DataConnectorID(metadata.ResourceData.Id()) + if err != nil { + return err + } + + if _, err := client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { + return fmt.Errorf("deleting %s: %+v", id, err) + } + + return nil + }, + } +} diff --git a/internal/services/sentinel/sentinel_data_connector_office_365_project_test.go b/internal/services/sentinel/sentinel_data_connector_office_365_project_test.go new file mode 100644 index 000000000000..74b6de9bb3cd --- /dev/null +++ b/internal/services/sentinel/sentinel_data_connector_office_365_project_test.go @@ -0,0 +1,153 @@ +package sentinel_test + +import ( + "context" + "fmt" + "testing" + + "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" + "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" + "github.com/hashicorp/terraform-provider-azurerm/internal/clients" + "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" + "github.com/hashicorp/terraform-provider-azurerm/utils" +) + +type SentinelDataConnectorOffice365ProjectResource struct{} + +func TestAccSentinelDataConnectorOffice365Project_basic(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_sentinel_data_connector_office_365_project", "test") + r := SentinelDataConnectorOffice365ProjectResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.basic(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + +func TestAccSentinelDataConnectorOffice365Project_complete(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_sentinel_data_connector_office_365_project", "test") + r := SentinelDataConnectorOffice365ProjectResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.complete(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + +func TestAccSentinelDataConnectorOffice365Project_requiresImport(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_sentinel_data_connector_office_365_project", "test") + r := SentinelDataConnectorOffice365ProjectResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.basic(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.RequiresImportErrorStep(r.requiresImport), + }) +} + +func (r SentinelDataConnectorOffice365ProjectResource) Exists(ctx context.Context, clients *clients.Client, state *pluginsdk.InstanceState) (*bool, error) { + client := clients.Sentinel.DataConnectorsClient + + id, err := parse.DataConnectorID(state.ID) + if err != nil { + return nil, err + } + + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { + if utils.ResponseWasNotFound(resp.Response) { + return utils.Bool(false), nil + } + return nil, fmt.Errorf("retrieving %s: %+v", id, err) + } + + return utils.Bool(true), nil +} + +func (r SentinelDataConnectorOffice365ProjectResource) basic(data acceptance.TestData) string { + template := r.template(data) + return fmt.Sprintf(` +%s + +resource "azurerm_sentinel_data_connector_office_365_project" "test" { + name = "accTestDC-%d" + log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id + depends_on = [azurerm_log_analytics_solution.test] +} +`, template, data.RandomInteger) +} + +func (r SentinelDataConnectorOffice365ProjectResource) complete(data acceptance.TestData) string { + template := r.template(data) + return fmt.Sprintf(` +%s + +data "azurerm_client_config" "test" {} + +resource "azurerm_sentinel_data_connector_office_365_project" "test" { + name = "accTestDC-%d" + log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id + tenant_id = data.azurerm_client_config.test.tenant_id + depends_on = [azurerm_log_analytics_solution.test] +} +`, template, data.RandomInteger) +} + +func (r SentinelDataConnectorOffice365ProjectResource) requiresImport(data acceptance.TestData) string { + template := r.basic(data) + return fmt.Sprintf(` +%s + +resource "azurerm_sentinel_data_connector_office_365_project" "import" { + name = azurerm_sentinel_data_connector_office_365_project.test.name + log_analytics_workspace_id = azurerm_sentinel_data_connector_office_365_project.test.log_analytics_workspace_id +} +`, template) +} + +func (r SentinelDataConnectorOffice365ProjectResource) template(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-sentinel-%d" + location = "%s" +} + +resource "azurerm_log_analytics_workspace" "test" { + name = "acctestLAW-%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + sku = "PerGB2018" +} + +resource "azurerm_log_analytics_solution" "test" { + solution_name = "SecurityInsights" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + workspace_resource_id = azurerm_log_analytics_workspace.test.id + workspace_name = azurerm_log_analytics_workspace.test.name + + plan { + publisher = "Microsoft" + product = "OMSGallery/SecurityInsights" + } +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger) +} diff --git a/website/docs/r/sentinel_data_connector_office_365_project.html.markdown b/website/docs/r/sentinel_data_connector_office_365_project.html.markdown new file mode 100644 index 000000000000..6a31c337bf71 --- /dev/null +++ b/website/docs/r/sentinel_data_connector_office_365_project.html.markdown @@ -0,0 +1,81 @@ +--- +subcategory: "Sentinel" +layout: "azurerm" +page_title: "Azure Resource Manager: azurerm_sentinel_data_connector_office_365_project" +description: |- + Manages a Office 365 Project Data Connector. +--- + +# azurerm_sentinel_data_connector_office_365_project + +Manages a Office 365 Project Data Connector. + +## Example Usage + +```hcl +resource "azurerm_resource_group" "example" { + name = "example-rg" + location = "West Europe" +} + +resource "azurerm_log_analytics_workspace" "example" { + name = "example-workspace" + location = azurerm_resource_group.example.location + resource_group_name = azurerm_resource_group.example.name + sku = "PerGB2018" +} + +resource "azurerm_log_analytics_solution" "example" { + solution_name = "SecurityInsights" + location = azurerm_resource_group.example.location + resource_group_name = azurerm_resource_group.example.name + workspace_resource_id = azurerm_log_analytics_workspace.example.id + workspace_name = azurerm_log_analytics_workspace.example.name + + plan { + publisher = "Microsoft" + product = "OMSGallery/SecurityInsights" + } +} + +resource "azurerm_sentinel_data_connector_office_365_project" "example" { + name = "example" + log_analytics_workspace_id = azurerm_log_analytics_solution.example.workspace_resource_id +} +``` + +## Arguments Reference + +The following arguments are supported: + +* `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace that this Office 365 Project Data Connector resides in. Changing this forces a new Office 365 Project Data Connector to be created. + +* `name` - (Required) The name which should be used for this Office 365 Project Data Connector. Changing this forces a new Office 365 Project Data Connector to be created. + +--- + +* `tenant_id` - (Optional) The ID of the tenant that this Office 365 Project Data Connector connects to. Changing this forces a new Office 365 Project Data Connector to be created. + +-> **NOTE** Currently, only the same tenant as the running account is allowed. Cross-tenant scenario is not supported yet. + +## Attributes Reference + +In addition to the Arguments listed above - the following Attributes are exported: + +* `id` - The ID of the Office 365 Project Data Connector. + +## Timeouts + +The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: + +* `create` - (Defaults to 30 minutes) Used when creating the Office 365 Project Data Connector. +* `read` - (Defaults to 5 minutes) Used when retrieving the Office 365 Project Data Connector. +* `delete` - (Defaults to 30 minutes) Used when deleting the Office 365 Project Data Connector. + +## Import + +Office 365 Project Data Connectors can be imported using the `resource id`, e.g. + +```shell +terraform import azurerm_sentinel_data_connector_office_365_project.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/dataConnectors/dc1 +``` From 9e970f038da47dfca8e36a20ca25b7dc89cedac0 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 19 Oct 2022 15:34:32 +0800 Subject: [PATCH 2/2] grammar --- .../sentinel_data_connector_office_365_project.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/sentinel_data_connector_office_365_project.html.markdown b/website/docs/r/sentinel_data_connector_office_365_project.html.markdown index 6a31c337bf71..e94d0ed58627 100644 --- a/website/docs/r/sentinel_data_connector_office_365_project.html.markdown +++ b/website/docs/r/sentinel_data_connector_office_365_project.html.markdown @@ -3,12 +3,12 @@ subcategory: "Sentinel" layout: "azurerm" page_title: "Azure Resource Manager: azurerm_sentinel_data_connector_office_365_project" description: |- - Manages a Office 365 Project Data Connector. + Manages an Office 365 Project Data Connector. --- # azurerm_sentinel_data_connector_office_365_project -Manages a Office 365 Project Data Connector. +Manages an Office 365 Project Data Connector. ## Example Usage