From e40dc3550fafbc79f555aa43c161bd10627b6360 Mon Sep 17 00:00:00 2001 From: elena Date: Thu, 24 Nov 2022 16:21:33 +0800 Subject: [PATCH 1/2] fix issue 19406 --- .../api_management_data_source.go | 38 ++++++++++ .../api_management_data_source_test.go | 72 +++++++++++++++++++ website/docs/d/api_management.html.markdown | 14 ++++ 3 files changed, 124 insertions(+) diff --git a/internal/services/apimanagement/api_management_data_source.go b/internal/services/apimanagement/api_management_data_source.go index ce528f60c3d8..e9376ae3be8a 100644 --- a/internal/services/apimanagement/api_management_data_source.go +++ b/internal/services/apimanagement/api_management_data_source.go @@ -194,6 +194,33 @@ func dataSourceApiManagementService() *pluginsdk.Resource { }, }, + "tenant_access": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + "tenant_id": { + Type: pluginsdk.TypeString, + Computed: true, + }, + "primary_key": { + Type: pluginsdk.TypeString, + Computed: true, + Sensitive: true, + }, + "secondary_key": { + Type: pluginsdk.TypeString, + Computed: true, + Sensitive: true, + }, + }, + }, + }, + "tags": tags.SchemaDataSource(), }, } @@ -201,6 +228,7 @@ func dataSourceApiManagementService() *pluginsdk.Resource { func dataSourceApiManagementRead(d *pluginsdk.ResourceData, meta interface{}) error { client := meta.(*clients.Client).ApiManagement.ServiceClient + tenantAccessClient := meta.(*clients.Client).ApiManagement.TenantAccessClient ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d) defer cancel() @@ -263,6 +291,16 @@ func dataSourceApiManagementRead(d *pluginsdk.ResourceData, meta interface{}) er d.Set("sku_name", flattenApiManagementServiceSkuName(resp.Sku)) + if resp.Sku.Name != apimanagement.SkuTypeConsumption { + tenantAccessInformationContract, err := tenantAccessClient.ListSecrets(ctx, id.ResourceGroup, id.ServiceName, "access") + if err != nil { + return fmt.Errorf("retrieving tenant access properties for %s: %+v", *id, err) + } + if err := d.Set("tenant_access", flattenApiManagementTenantAccessSettings(tenantAccessInformationContract)); err != nil { + return fmt.Errorf("setting `tenant_access`: %+v", err) + } + } + return tags.FlattenAndSet(d, resp.Tags) } diff --git a/internal/services/apimanagement/api_management_data_source_test.go b/internal/services/apimanagement/api_management_data_source_test.go index 527a58fece21..cbbe5bc3d45e 100644 --- a/internal/services/apimanagement/api_management_data_source_test.go +++ b/internal/services/apimanagement/api_management_data_source_test.go @@ -28,6 +28,18 @@ func TestAccDataSourceApiManagement_basic(t *testing.T) { }) } +func TestAccDataSourceApiManagement_tenantAccess(t *testing.T) { + data := acceptance.BuildTestData(t, "data.azurerm_api_management", "test") + r := ApiManagementDataSource{} + + data.DataSourceTest(t, []acceptance.TestStep{ + { + Config: r.tenantAccess(data), + Check: acceptance.ComposeTestCheckFunc(), + }, + }) +} + func TestAccDataSourceApiManagement_identitySystemAssigned(t *testing.T) { data := acceptance.BuildTestData(t, "data.azurerm_api_management", "test") r := ApiManagementDataSource{} @@ -89,6 +101,66 @@ func TestAccDataSourceApiManagement_virtualNetwork(t *testing.T) { }) } +func (ApiManagementDataSource) tenantAccess(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "amtestRG-%[1]d" + location = "%[2]s" +} + +resource "azurerm_api_management" "test" { + name = "acctestAM-%[1]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + publisher_name = "pub1" + publisher_email = "pub1@email.com" + + sku_name = "Developer_1" +} + +resource "azurerm_api_management_product" "test" { + product_id = "test-product" + api_management_name = azurerm_api_management.test.name + resource_group_name = azurerm_resource_group.test.name + display_name = "Test Product" + subscription_required = true + approval_required = false + published = true +} + +resource "azurerm_api_management_user" "test" { + user_id = "acctestuser%[1]d" + api_management_name = azurerm_api_management.test.name + resource_group_name = azurerm_resource_group.test.name + first_name = "Acceptance" + last_name = "Test" + email = "azure-acctest%[1]d@example.com" +} + +data "azurerm_api_management" "test" { + name = azurerm_api_management.test.name + resource_group_name = azurerm_api_management.test.resource_group_name +} + +resource "azurerm_api_management_subscription" "test" { + subscription_id = "This-Is-A-Valid-Subscription-ID" + resource_group_name = azurerm_api_management.test.resource_group_name + api_management_name = azurerm_api_management.test.name + user_id = azurerm_api_management_user.test.id + product_id = azurerm_api_management_product.test.id + display_name = "Butter Parser API Enterprise Edition" + state = "active" + allow_tracing = false + primary_key = data.azurerm_api_management.test.tenant_access[0].primary_key + secondary_key = data.azurerm_api_management.test.tenant_access[0].secondary_key +} +`, data.RandomInteger, data.Locations.Primary) +} + func (ApiManagementDataSource) basic(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { diff --git a/website/docs/d/api_management.html.markdown b/website/docs/d/api_management.html.markdown index a70db6714169..ee8947837a97 100644 --- a/website/docs/d/api_management.html.markdown +++ b/website/docs/d/api_management.html.markdown @@ -69,6 +69,8 @@ output "api_management_id" { * `sku` - A `sku` block as documented below. +* `tenant_access` - A `tenant_access` block as defined below. + * `tags` - A mapping of tags assigned to the resource. --- @@ -177,6 +179,18 @@ A `sku` block exports the following: --- +A `tenant_access` block supports the following: + +* `enabled` - Should the access to the management API be enabled? + +* `tenant_id` - The identifier for the tenant access information contract. + +* `primary_key` - Primary access key for the tenant access information contract. + +* `secondary_key` - Secondary access key for the tenant access information contract. + +--- + ## Timeouts The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: From d2a7a1fe0394f49860d370740dd1e06daac8bc9a Mon Sep 17 00:00:00 2001 From: elena Date: Fri, 25 Nov 2022 13:44:23 +0800 Subject: [PATCH 2/2] update code --- .../services/apimanagement/api_management_data_source.go | 8 +++++--- .../apimanagement/api_management_data_source_test.go | 8 +++++++- website/docs/d/api_management.html.markdown | 6 +++--- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/internal/services/apimanagement/api_management_data_source.go b/internal/services/apimanagement/api_management_data_source.go index e9376ae3be8a..8b50e029b37c 100644 --- a/internal/services/apimanagement/api_management_data_source.go +++ b/internal/services/apimanagement/api_management_data_source.go @@ -291,14 +291,16 @@ func dataSourceApiManagementRead(d *pluginsdk.ResourceData, meta interface{}) er d.Set("sku_name", flattenApiManagementServiceSkuName(resp.Sku)) + tenantAccess := make([]interface{}, 0) if resp.Sku.Name != apimanagement.SkuTypeConsumption { tenantAccessInformationContract, err := tenantAccessClient.ListSecrets(ctx, id.ResourceGroup, id.ServiceName, "access") if err != nil { return fmt.Errorf("retrieving tenant access properties for %s: %+v", *id, err) } - if err := d.Set("tenant_access", flattenApiManagementTenantAccessSettings(tenantAccessInformationContract)); err != nil { - return fmt.Errorf("setting `tenant_access`: %+v", err) - } + tenantAccess = flattenApiManagementTenantAccessSettings(tenantAccessInformationContract) + } + if err := d.Set("tenant_access", tenantAccess); err != nil { + return fmt.Errorf("setting `tenant_access`: %+v", err) } return tags.FlattenAndSet(d, resp.Tags) diff --git a/internal/services/apimanagement/api_management_data_source_test.go b/internal/services/apimanagement/api_management_data_source_test.go index cbbe5bc3d45e..d00f6d9a6ea7 100644 --- a/internal/services/apimanagement/api_management_data_source_test.go +++ b/internal/services/apimanagement/api_management_data_source_test.go @@ -23,6 +23,7 @@ func TestAccDataSourceApiManagement_basic(t *testing.T) { check.That(data.ResourceName).Key("sku_name").HasValue("Developer_1"), check.That(data.ResourceName).Key("tags.%").HasValue("0"), check.That(data.ResourceName).Key("public_ip_addresses.#").Exists(), + check.That(data.ResourceName).Key("tenant_access.#").HasValue("1"), ), }, }) @@ -35,7 +36,12 @@ func TestAccDataSourceApiManagement_tenantAccess(t *testing.T) { data.DataSourceTest(t, []acceptance.TestStep{ { Config: r.tenantAccess(data), - Check: acceptance.ComposeTestCheckFunc(), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).Key("publisher_email").HasValue("pub1@email.com"), + check.That(data.ResourceName).Key("publisher_name").HasValue("pub1"), + check.That(data.ResourceName).Key("sku_name").HasValue("Developer_1"), + check.That(data.ResourceName).Key("tenant_access.0.enabled").Exists(), + ), }, }) } diff --git a/website/docs/d/api_management.html.markdown b/website/docs/d/api_management.html.markdown index ee8947837a97..2cd092a7f7c6 100644 --- a/website/docs/d/api_management.html.markdown +++ b/website/docs/d/api_management.html.markdown @@ -179,11 +179,11 @@ A `sku` block exports the following: --- -A `tenant_access` block supports the following: +A `tenant_access` block exports the following: -* `enabled` - Should the access to the management API be enabled? +* `enabled` - Is access to the Management API enabled (presumably "for this Tenant")? -* `tenant_id` - The identifier for the tenant access information contract. +* `tenant_id` - The ID of the Tenant which has access to this API Management instance. * `primary_key` - Primary access key for the tenant access information contract.