From 36c34e3f3fb8c7340e61ddf8a28fc12c9fc8de65 Mon Sep 17 00:00:00 2001 From: Lee Sutcliffe Date: Thu, 24 Nov 2022 11:14:59 +0000 Subject: [PATCH 1/3] adds sftp_enabled property to azurerm_storage_account Relates-to: https://github.com/hashicorp/terraform-provider-azurerm/issues/14736 --- .../storage/storage_account_resource.go | 24 ++++++ .../storage/storage_account_resource_test.go | 73 +++++++++++++++++++ website/docs/r/storage_account.html.markdown | 4 + 3 files changed, 101 insertions(+) diff --git a/internal/services/storage/storage_account_resource.go b/internal/services/storage/storage_account_resource.go index 48cf2741f895..24abb26e9a9b 100644 --- a/internal/services/storage/storage_account_resource.go +++ b/internal/services/storage/storage_account_resource.go @@ -811,6 +811,12 @@ func resourceStorageAccount() *pluginsdk.Resource { }, }, + "sftp_enabled": { + Type: pluginsdk.TypeBool, + Optional: true, + Default: false, + }, + "large_file_share_enabled": { Type: pluginsdk.TypeBool, Optional: true, @@ -1071,6 +1077,7 @@ func resourceStorageAccountCreate(d *pluginsdk.ResourceData, meta interface{}) e defaultToOAuthAuthentication := d.Get("default_to_oauth_authentication").(bool) crossTenantReplication := d.Get("cross_tenant_replication_enabled").(bool) publicNetworkAccess := storage.PublicNetworkAccessDisabled + isSftpEnabled := d.Get("sftp_enabled").(bool) if d.Get("public_network_access_enabled").(bool) { publicNetworkAccess = storage.PublicNetworkAccessEnabled } @@ -1097,6 +1104,7 @@ func resourceStorageAccountCreate(d *pluginsdk.ResourceData, meta interface{}) e DefaultToOAuthAuthentication: &defaultToOAuthAuthentication, AllowCrossTenantReplication: &crossTenantReplication, SasPolicy: expandStorageAccountSASPolicy(d.Get("sas_policy").([]interface{})), + IsSftpEnabled: &isSftpEnabled, }, } @@ -1552,6 +1560,20 @@ func resourceStorageAccountUpdate(d *pluginsdk.ResourceData, meta interface{}) e } + if d.HasChange("sftp_enabled") { + sftpEnabled := d.Get("sftp_enabled").(bool) + + opts := storage.AccountUpdateParameters{ + AccountPropertiesUpdateParameters: &storage.AccountPropertiesUpdateParameters{ + IsSftpEnabled: &sftpEnabled, + }, + } + + if _, err := client.Update(ctx, id.ResourceGroup, id.Name, opts); err != nil { + return fmt.Errorf("updating Azure Storage Account sftp_enabled %q: %+v", id.Name, err) + } + } + if d.HasChange("enable_https_traffic_only") { enableHTTPSTrafficOnly := d.Get("enable_https_traffic_only").(bool) @@ -2046,6 +2068,8 @@ func resourceStorageAccountRead(d *pluginsdk.ResourceData, meta interface{}) err if err := d.Set("sas_policy", flattenStorageAccountSASPolicy(props.SasPolicy)); err != nil { return fmt.Errorf("setting `sas_policy`: %+v", err) } + + d.Set("sftp_enabled", props.IsSftpEnabled) } if accessKeys := keys.Keys; accessKeys != nil { diff --git a/internal/services/storage/storage_account_resource_test.go b/internal/services/storage/storage_account_resource_test.go index 32c346469e2a..94379b540cd3 100644 --- a/internal/services/storage/storage_account_resource_test.go +++ b/internal/services/storage/storage_account_resource_test.go @@ -1350,6 +1350,29 @@ func TestAccStorageAccount_sasPolicy(t *testing.T) { }) } +func TestAccStorageAccount_isSftpEnabled(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_storage_account", "test") + r := StorageAccountResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.isSftpEnabledTrue(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("sftp_enabled").HasValue("true"), + ), + }, + data.ImportStep(), + { + Config: r.isSftpEnabledFalse(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("sftp_enabled").HasValue("false"), + ), + }, + }) +} + func (r StorageAccountResource) Exists(ctx context.Context, client *clients.Client, state *pluginsdk.InstanceState) (*bool, error) { id, err := parse.StorageAccountID(state.ID) if err != nil { @@ -4107,3 +4130,53 @@ resource "azurerm_storage_account" "test" { } `, data.RandomInteger, data.Locations.Primary, data.RandomString) } + +func (r StorageAccountResource) isSftpEnabledTrue(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-storage-%d" + location = "%s" +} + +resource "azurerm_storage_account" "test" { + name = "unlikely23exst2acct%s" + resource_group_name = azurerm_resource_group.test.name + + location = azurerm_resource_group.test.location + account_kind = "StorageV2" + account_tier = "Standard" + account_replication_type = "LRS" + is_hns_enabled = true + sftp_enabled = true +} +`, data.RandomInteger, data.Locations.Primary, data.RandomString) +} + +func (r StorageAccountResource) isSftpEnabledFalse(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-storage-%d" + location = "%s" +} + +resource "azurerm_storage_account" "test" { + name = "unlikely23exst2acct%s" + resource_group_name = azurerm_resource_group.test.name + + location = azurerm_resource_group.test.location + account_kind = "StorageV2" + account_tier = "Standard" + account_replication_type = "LRS" + is_hns_enabled = true + sftp_enabled = false +} +`, data.RandomInteger, data.Locations.Primary, data.RandomString) +} diff --git a/website/docs/r/storage_account.html.markdown b/website/docs/r/storage_account.html.markdown index d2e168e626c3..7f522767e1f5 100644 --- a/website/docs/r/storage_account.html.markdown +++ b/website/docs/r/storage_account.html.markdown @@ -166,6 +166,10 @@ The following arguments are supported: * `sas_policy` - (Optional) A `sas_policy` block as defined below. +* `stfp_enabled` - (Optional) Boolean, enable SFTP for the storage account + +-> **NOTE:** SFTP support requires `is_hns_enabled` set to `true`. SFTP Support is not yet available in the West Europe region. See [here](https://learn.microsoft.com/en-us/azure/storage/blobs/secure-file-transfer-protocol-support) for more information. Defaults to `False` + * `tags` - (Optional) A mapping of tags to assign to the resource. --- From 0e923aa688cc5ed11a63f229763cbb342ba1fef1 Mon Sep 17 00:00:00 2001 From: Lee Sutcliffe Date: Thu, 24 Nov 2022 17:28:47 +0000 Subject: [PATCH 2/3] resolves lint error Relates-to: https://github.com/hashicorp/terraform-provider-azurerm/issues/14736 --- internal/services/storage/storage_account_resource_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/services/storage/storage_account_resource_test.go b/internal/services/storage/storage_account_resource_test.go index f09d9974dc83..e2b4fa2525d5 100644 --- a/internal/services/storage/storage_account_resource_test.go +++ b/internal/services/storage/storage_account_resource_test.go @@ -4219,4 +4219,4 @@ resource "azurerm_storage_account" "test" { sftp_enabled = false } `, data.RandomInteger, data.Locations.Primary, data.RandomString) -} \ No newline at end of file +} From b6628baa6cefa60edf35ea856badb573ea340aad Mon Sep 17 00:00:00 2001 From: Lee Sutcliffe Date: Mon, 28 Nov 2022 12:47:24 +0000 Subject: [PATCH 3/3] resolves comments, bool in notes and error msg format Relates-to: https://github.com/hashicorp/terraform-provider-azurerm/issues/14736 --- internal/services/storage/storage_account_resource.go | 2 +- website/docs/r/storage_account.html.markdown | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/services/storage/storage_account_resource.go b/internal/services/storage/storage_account_resource.go index 5a70c0acf3a9..025f5772d1fd 100644 --- a/internal/services/storage/storage_account_resource.go +++ b/internal/services/storage/storage_account_resource.go @@ -1581,7 +1581,7 @@ func resourceStorageAccountUpdate(d *pluginsdk.ResourceData, meta interface{}) e } if _, err := client.Update(ctx, id.ResourceGroup, id.Name, opts); err != nil { - return fmt.Errorf("updating Azure Storage Account sftp_enabled %q: %+v", id.Name, err) + return fmt.Errorf("updating `sftp_enabled` for %s: %+v", *id, err) } } diff --git a/website/docs/r/storage_account.html.markdown b/website/docs/r/storage_account.html.markdown index 7f522767e1f5..ea19340650c0 100644 --- a/website/docs/r/storage_account.html.markdown +++ b/website/docs/r/storage_account.html.markdown @@ -168,7 +168,7 @@ The following arguments are supported: * `stfp_enabled` - (Optional) Boolean, enable SFTP for the storage account --> **NOTE:** SFTP support requires `is_hns_enabled` set to `true`. SFTP Support is not yet available in the West Europe region. See [here](https://learn.microsoft.com/en-us/azure/storage/blobs/secure-file-transfer-protocol-support) for more information. Defaults to `False` +-> **NOTE:** SFTP support requires `is_hns_enabled` set to `true`. [More information on SFTP support can be found here](https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support). Defaults to `false` * `tags` - (Optional) A mapping of tags to assign to the resource.