diff --git a/internal/services/machinelearning/machine_learning_datastore_datalake_gen2_resource.go b/internal/services/machinelearning/machine_learning_datastore_datalake_gen2_resource.go new file mode 100644 index 000000000000..d90e07917bae --- /dev/null +++ b/internal/services/machinelearning/machine_learning_datastore_datalake_gen2_resource.go @@ -0,0 +1,360 @@ +package machinelearning + +import ( + "context" + "fmt" + "strings" + "time" + + "github.com/hashicorp/go-azure-helpers/lang/response" + "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" + "github.com/hashicorp/go-azure-sdk/resource-manager/machinelearningservices/2022-05-01/datastore" + "github.com/hashicorp/go-azure-sdk/resource-manager/machinelearningservices/2022-05-01/workspaces" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" + "github.com/hashicorp/terraform-provider-azurerm/internal/sdk" + "github.com/hashicorp/terraform-provider-azurerm/internal/services/machinelearning/validate" + storageparse "github.com/hashicorp/terraform-provider-azurerm/internal/services/storage/parse" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation" + "github.com/hashicorp/terraform-provider-azurerm/utils" +) + +type MachineLearningDataStoreDataLakeGen2 struct{} + +type MachineLearningDataStoreDataLakeGen2Model struct { + Name string `tfschema:"name"` + WorkSpaceID string `tfschema:"workspace_id"` + StorageContainerID string `tfschema:"storage_container_id"` + TenantID string `tfschema:"tenant_id"` + ClientID string `tfschema:"client_id"` + ClientSecret string `tfschema:"client_secret"` + AuthorityUrl string `tfschema:"authority_url"` + Description string `tfschema:"description"` + IsDefault bool `tfschema:"is_default"` + ServiceDataIdentity string `tfschema:"service_data_identity"` + Tags map[string]string `tfschema:"tags"` +} + +func (r MachineLearningDataStoreDataLakeGen2) Attributes() map[string]*schema.Schema { + return map[string]*pluginsdk.Schema{ + "is_default": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + } +} + +func (r MachineLearningDataStoreDataLakeGen2) ModelObject() interface{} { + return &MachineLearningDataStoreDataLakeGen2Model{} +} + +func (r MachineLearningDataStoreDataLakeGen2) ResourceType() string { + return "azurerm_machine_learning_datastore_datalake_gen2" +} + +func (r MachineLearningDataStoreDataLakeGen2) IDValidationFunc() pluginsdk.SchemaValidateFunc { + return datastore.ValidateDataStoreID +} + +var _ sdk.ResourceWithUpdate = MachineLearningDataStoreDataLakeGen2{} + +func (r MachineLearningDataStoreDataLakeGen2) Arguments() map[string]*pluginsdk.Schema { + return map[string]*pluginsdk.Schema{ + "name": { + Type: pluginsdk.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validate.DataStoreName, + }, + + "workspace_id": { + Type: pluginsdk.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validate.WorkspaceID, + }, + + "storage_container_id": { + Type: pluginsdk.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringIsNotEmpty, + }, + + "tenant_id": { + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: validation.IsUUID, + RequiredWith: []string{"client_id", "client_secret"}, + }, + + "client_id": { + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: validation.IsUUID, + RequiredWith: []string{"tenant_id", "client_secret"}, + }, + + "client_secret": { + Type: pluginsdk.TypeString, + Optional: true, + Sensitive: true, + ValidateFunc: validation.StringIsNotEmpty, + RequiredWith: []string{"tenant_id", "client_id"}, + }, + + "description": { + Type: pluginsdk.TypeString, + Optional: true, + ForceNew: true, + }, + + "service_data_identity": { + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: validation.StringInSlice([]string{ + string(datastore.ServiceDataAccessAuthIdentityNone), + string(datastore.ServiceDataAccessAuthIdentityWorkspaceSystemAssignedIdentity), + string(datastore.ServiceDataAccessAuthIdentityWorkspaceUserAssignedIdentity), + }, + false), + Default: string(datastore.ServiceDataAccessAuthIdentityNone), + }, + + "authority_url": { + Type: pluginsdk.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validation.StringIsNotEmpty, + }, + + "tags": commonschema.TagsForceNew(), + } +} + +func (r MachineLearningDataStoreDataLakeGen2) Create() sdk.ResourceFunc { + return sdk.ResourceFunc{ + Timeout: 30 * time.Minute, + Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error { + client := metadata.Client.MachineLearning.DatastoreClient + subscriptionId := metadata.Client.Account.SubscriptionId + + var model MachineLearningDataStoreDataLakeGen2Model + if err := metadata.Decode(&model); err != nil { + return fmt.Errorf("decoding %+v", err) + } + + workspaceId, err := workspaces.ParseWorkspaceID(model.WorkSpaceID) + if err != nil { + return err + } + + id := datastore.NewDataStoreID(subscriptionId, workspaceId.ResourceGroupName, workspaceId.WorkspaceName, model.Name) + + existing, err := client.Get(ctx, id) + if err != nil { + if !response.WasNotFound(existing.HttpResponse) { + return fmt.Errorf("checking for presence of existing %s: %+v", id, err) + } + } + if !response.WasNotFound(existing.HttpResponse) { + return tf.ImportAsExistsError("azurerm_machine_learning_datastore_datalake_gen2", id.ID()) + } + + containerId, err := storageparse.StorageContainerResourceManagerID(model.StorageContainerID) + if err != nil { + return err + } + + datastoreRaw := datastore.DatastoreResource{ + Name: utils.String(model.Name), + Type: utils.ToPtr(string(datastore.DatastoreTypeAzureDataLakeGenTwo)), + } + + props := &datastore.AzureDataLakeGen2Datastore{ + AccountName: containerId.StorageAccountName, + Filesystem: containerId.ContainerName, + Description: utils.String(model.Description), + ServiceDataAccessAuthIdentity: utils.ToPtr(datastore.ServiceDataAccessAuthIdentity(model.ServiceDataIdentity)), + Tags: utils.ToPtr(model.Tags), + } + + creds := map[string]interface{}{ + "credentialsType": "None", + } + + if len(model.TenantID) != 0 && len(model.ClientID) != 0 && len(model.ClientSecret) != 0 { + creds = map[string]interface{}{ + "credentialsType": string(datastore.CredentialsTypeServicePrincipal), + "authorityUrl": model.AuthorityUrl, + "resourceUrl": "https://datalake.azure.net/", + "tenantId": model.TenantID, + "clientId": model.ClientID, + "secrets": map[string]interface{}{ + "secretsType": "ServicePrincipal", + "clientSecret": model.ClientSecret, + }, + } + } + props.Credentials = creds + datastoreRaw.Properties = props + + _, err = client.CreateOrUpdate(ctx, id, datastoreRaw, datastore.DefaultCreateOrUpdateOperationOptions()) + if err != nil { + return fmt.Errorf("creating %s: %+v", id, err) + } + + metadata.SetID(id) + return nil + }, + } +} + +func (r MachineLearningDataStoreDataLakeGen2) Update() sdk.ResourceFunc { + return sdk.ResourceFunc{ + Timeout: 30 * time.Minute, + Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error { + client := metadata.Client.MachineLearning.DatastoreClient + + id, err := datastore.ParseDataStoreID(metadata.ResourceData.Id()) + if err != nil { + return err + } + + var state MachineLearningDataStoreDataLakeGen2Model + if err := metadata.Decode(&state); err != nil { + return err + } + containerId, err := storageparse.StorageContainerResourceManagerID(state.StorageContainerID) + if err != nil { + return err + } + + datastoreRaw := datastore.DatastoreResource{ + Name: utils.String(id.DataStoreName), + Type: utils.ToPtr(string(datastore.DatastoreTypeAzureDataLakeGenTwo)), + } + + props := &datastore.AzureDataLakeGen2Datastore{ + AccountName: containerId.StorageAccountName, + Filesystem: containerId.ContainerName, + Description: utils.String(state.Description), + ServiceDataAccessAuthIdentity: utils.ToPtr(datastore.ServiceDataAccessAuthIdentity(state.ServiceDataIdentity)), + Tags: utils.ToPtr(state.Tags), + } + + creds := map[string]interface{}{ + "credentialsType": "None", + } + + if len(state.TenantID) != 0 && len(state.ClientID) != 0 && len(state.ClientSecret) != 0 { + creds = map[string]interface{}{ + "credentialsType": string(datastore.CredentialsTypeServicePrincipal), + "authorityUrl": state.AuthorityUrl, + "resourceUrl": "https://datalake.azure.net/", + "tenantId": state.TenantID, + "clientId": state.ClientID, + "secrets": map[string]interface{}{ + "secretsType": "ServicePrincipal", + "clientSecret": state.ClientSecret, + }, + } + } + props.Credentials = creds + datastoreRaw.Properties = props + + _, err = client.CreateOrUpdate(ctx, *id, datastoreRaw, datastore.DefaultCreateOrUpdateOperationOptions()) + if err != nil { + return fmt.Errorf("creating/updating %s: %+v", id, err) + } + + return nil + }, + } +} + +func (r MachineLearningDataStoreDataLakeGen2) Read() sdk.ResourceFunc { + return sdk.ResourceFunc{ + Timeout: 5 * time.Minute, + Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error { + client := metadata.Client.MachineLearning.DatastoreClient + subscriptionId := metadata.Client.Account.SubscriptionId + + id, err := datastore.ParseDataStoreID(metadata.ResourceData.Id()) + if err != nil { + return err + } + + resp, err := client.Get(ctx, *id) + if err != nil { + if response.WasNotFound(resp.HttpResponse) { + return metadata.MarkAsGone(id) + } + return fmt.Errorf("reading %s: %+v", *id, err) + } + + workspaceId := workspaces.NewWorkspaceID(subscriptionId, id.ResourceGroupName, id.WorkspaceName) + model := MachineLearningDataStoreDataLakeGen2Model{ + Name: *resp.Model.Name, + WorkSpaceID: workspaceId.ID(), + } + + data := resp.Model.Properties.(datastore.AzureDataLakeGen2Datastore) + serviceDataIdentity := "" + if v := data.ServiceDataAccessAuthIdentity; v != nil { + serviceDataIdentity = string(*v) + } + model.ServiceDataIdentity = serviceDataIdentity + + containerId := storageparse.NewStorageContainerResourceManagerID(subscriptionId, workspaceId.ResourceGroupName, data.AccountName, "default", data.Filesystem) + model.StorageContainerID = containerId.ID() + + model.IsDefault = *data.IsDefault + + if creds, ok := data.Credentials.(datastore.ServicePrincipalDatastoreCredentials); ok { + if !strings.EqualFold(creds.TenantId, "00000000-0000-0000-0000-000000000000") && !strings.EqualFold(creds.ClientId, "00000000-0000-0000-0000-000000000000") { + model.TenantID = creds.TenantId + model.ClientID = creds.ClientId + if v, ok := metadata.ResourceData.GetOk("client_secret"); ok { + if v.(string) != "" { + model.ClientSecret = v.(string) + } + } + } + } + + desc := "" + if v := data.Description; v != nil { + desc = *v + } + model.Description = desc + + if data.Tags != nil { + model.Tags = *data.Tags + } + + return metadata.Encode(&model) + }, + } +} + +func (r MachineLearningDataStoreDataLakeGen2) Delete() sdk.ResourceFunc { + return sdk.ResourceFunc{ + Timeout: 30 * time.Minute, + Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error { + client := metadata.Client.MachineLearning.DatastoreClient + + id, err := datastore.ParseDataStoreID(metadata.ResourceData.Id()) + if err != nil { + return err + } + + if _, err := client.Delete(ctx, *id); err != nil { + return fmt.Errorf("deleting %s: %+v", *id, err) + } + + return nil + }, + } +} diff --git a/internal/services/machinelearning/machine_learning_datastore_datalake_gen2_resource_test.go b/internal/services/machinelearning/machine_learning_datastore_datalake_gen2_resource_test.go new file mode 100644 index 000000000000..07883c122fbd --- /dev/null +++ b/internal/services/machinelearning/machine_learning_datastore_datalake_gen2_resource_test.go @@ -0,0 +1,239 @@ +package machinelearning_test + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/go-azure-helpers/lang/response" + "github.com/hashicorp/go-azure-sdk/resource-manager/machinelearningservices/2022-05-01/datastore" + "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" + "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" + "github.com/hashicorp/terraform-provider-azurerm/internal/clients" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" + "github.com/hashicorp/terraform-provider-azurerm/utils" +) + +type MachineLearningDataStoreDataLakeGen2 struct{} + +func TestAccMachineLearningDataStoreDataLakeGen2_basic(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_machine_learning_datastore_datalake_gen2", "test") + r := MachineLearningDataStoreDataLakeGen2{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.dataLakeGen2Basic(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + +func TestAccMachineLearningDataStoreDataLakeGen2_spn(t *testing.T) { + if os.Getenv("ARM_TENANT_ID") == "" || os.Getenv("ARM_CLIENT_ID") == "" || + os.Getenv("ARM_CLIENT_SECRET") == "" { + t.Skip("Skipping as `ARM_TENANT_ID` or `ARM_CLIENT_ID` or `ARM_CLIENT_SECRET` not specified") + } + + data := acceptance.BuildTestData(t, "azurerm_machine_learning_datastore_datalake_gen2", "test") + r := MachineLearningDataStoreDataLakeGen2{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.dataLakeGen2Spn(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep("client_secret"), + }) +} + +func TestAccMachineLearningDataStoreDataLakeGen2_Update(t *testing.T) { + if os.Getenv("ARM_TENANT_ID") == "" || os.Getenv("ARM_CLIENT_ID") == "" || + os.Getenv("ARM_CLIENT_SECRET") == "" { + t.Skip("Skipping as `ARM_TENANT_ID` or `ARM_CLIENT_ID` or `ARM_CLIENT_SECRET` not specified") + } + + data := acceptance.BuildTestData(t, "azurerm_machine_learning_datastore_datalake_gen2", "test") + r := MachineLearningDataStoreDataLakeGen2{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.dataLakeGen2Basic(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep("client_secret"), + { + Config: r.dataLakeGen2Spn(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep("client_secret"), + }) +} + +func TestAccMachineLearningDataStoreDataLakeGen2_requiresImport(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_machine_learning_datastore_datalake_gen2", "test") + r := MachineLearningDataStoreDataLakeGen2{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.dataLakeGen2Basic(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.RequiresImportErrorStep(r.requiresImport), + }) +} + +func (r MachineLearningDataStoreDataLakeGen2) Exists(ctx context.Context, client *clients.Client, state *pluginsdk.InstanceState) (*bool, error) { + dataStoreClient := client.MachineLearning.DatastoreClient + id, err := datastore.ParseDataStoreID(state.ID) + if err != nil { + return nil, err + } + + resp, err := dataStoreClient.Get(ctx, *id) + if err != nil { + if response.WasNotFound(resp.HttpResponse) { + return utils.Bool(false), nil + } + return nil, fmt.Errorf("retrieving Machine Learning Data Store %q: %+v", state.ID, err) + } + + return utils.Bool(resp.Model.Properties != nil), nil +} + +func (r MachineLearningDataStoreDataLakeGen2) dataLakeGen2Basic(data acceptance.TestData) string { + template := r.template(data) + return fmt.Sprintf(` +%s + +resource "azurerm_storage_container" "test" { + name = "acctestcontainer%[2]d" + storage_account_name = azurerm_storage_account.test.name + container_access_type = "private" +} + +resource "azurerm_machine_learning_datastore_datalake_gen2" "test" { + name = "accdatastore%[2]d" + workspace_id = azurerm_machine_learning_workspace.test.id + storage_container_id = azurerm_storage_container.test.resource_manager_id +} +`, template, data.RandomInteger) +} + +func (r MachineLearningDataStoreDataLakeGen2) dataLakeGen2Spn(data acceptance.TestData) string { + template := r.template(data) + return fmt.Sprintf(` +%s + +resource "azurerm_storage_container" "test" { + name = "acctestcontainer%[2]d" + storage_account_name = azurerm_storage_account.test.name + container_access_type = "private" +} + +resource "azurerm_machine_learning_datastore_datalake_gen2" "test" { + name = "accdatastore%[2]d" + workspace_id = azurerm_machine_learning_workspace.test.id + storage_container_id = azurerm_storage_container.test.resource_manager_id + tenant_id = "%[3]s" + client_id = "%[4]s" + client_secret = "%[5]s" +} +`, template, data.RandomInteger, os.Getenv("ARM_TENANT_ID"), os.Getenv("ARM_CLIENT_ID"), os.Getenv("ARM_CLIENT_SECRET")) +} + +func (r MachineLearningDataStoreDataLakeGen2) requiresImport(data acceptance.TestData) string { + template := r.dataLakeGen2Basic(data) + return fmt.Sprintf(` +%s + +resource "azurerm_machine_learning_datastore_datalake_gen2" "import" { + name = azurerm_machine_learning_datastore_datalake_gen2.test.name + workspace_id = azurerm_machine_learning_datastore_datalake_gen2.test.workspace_id + storage_container_id = azurerm_machine_learning_datastore_datalake_gen2.test.storage_container_id +} +`, template) +} + +func (r MachineLearningDataStoreDataLakeGen2) template(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features { + key_vault { + purge_soft_delete_on_destroy = false + purge_soft_deleted_keys_on_destroy = false + } + } +} + +data "azurerm_client_config" "current" {} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-ml-%[1]d" + location = "%[2]s" +} + +resource "azurerm_application_insights" "test" { + name = "acctestai-%[1]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + application_type = "web" +} + +resource "azurerm_key_vault" "test" { + name = "acctestvault%[3]s" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + tenant_id = data.azurerm_client_config.current.tenant_id + + sku_name = "standard" + + purge_protection_enabled = true +} + +resource "azurerm_key_vault_access_policy" "test" { + key_vault_id = azurerm_key_vault.test.id + tenant_id = data.azurerm_client_config.current.tenant_id + object_id = data.azurerm_client_config.current.object_id + + key_permissions = [ + "Create", + "Get", + "Delete", + "Purge", + ] +} + +resource "azurerm_storage_account" "test" { + name = "acctestsa%[4]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + account_tier = "Standard" + account_replication_type = "LRS" +} + +resource "azurerm_machine_learning_workspace" "test" { + name = "acctest-MLW-%[1]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + application_insights_id = azurerm_application_insights.test.id + key_vault_id = azurerm_key_vault.test.id + storage_account_id = azurerm_storage_account.test.id + + identity { + type = "SystemAssigned" + } +} +`, data.RandomInteger, data.Locations.Primary, data.RandomString, data.RandomIntOfLength(15)) +} diff --git a/internal/services/machinelearning/registration.go b/internal/services/machinelearning/registration.go index 6d3fbe4d1f57..c7a7f9fa6321 100644 --- a/internal/services/machinelearning/registration.go +++ b/internal/services/machinelearning/registration.go @@ -52,6 +52,7 @@ func (r Registration) DataSources() []sdk.DataSource { func (r Registration) Resources() []sdk.Resource { return []sdk.Resource{ MachineLearningDataStoreBlobStorage{}, + MachineLearningDataStoreDataLakeGen2{}, MachineLearningDataStoreFileShare{}, } } diff --git a/website/docs/r/machine_learning_datastore_datalake_gen2.html.markdown b/website/docs/r/machine_learning_datastore_datalake_gen2.html.markdown new file mode 100644 index 000000000000..9cd7e989a067 --- /dev/null +++ b/website/docs/r/machine_learning_datastore_datalake_gen2.html.markdown @@ -0,0 +1,123 @@ +--- +subcategory: "Machine Learning" +layout: "azurerm" +page_title: "Azure Resource Manager: azurerm_machine_learning_datastore_datalake_gen2" +description: |- + Manages a Machine Learning Data Lake Gen2 DataStore. +--- + +# azurerm_machine_learning_datastore_datalake_gen2 + +Manages a Machine Learning Data Lake Gen2 DataStore. + +## Example Usage + +```hcl +provider "azurerm" { + features {} +} + +data "azurerm_client_config" "current" {} + +resource "azurerm_resource_group" "example" { + name = "example-resources" + location = "West Europe" +} + +resource "azurerm_application_insights" "example" { + name = "workspace-example-ai" + location = azurerm_resource_group.example.location + resource_group_name = azurerm_resource_group.example.name + application_type = "web" +} + +resource "azurerm_key_vault" "example" { + name = "workspaceexamplekeyvault" + location = azurerm_resource_group.example.location + resource_group_name = azurerm_resource_group.example.name + tenant_id = data.azurerm_client_config.current.tenant_id + sku_name = "premium" +} + +resource "azurerm_storage_account" "example" { + name = "workspacestorageaccount" + location = azurerm_resource_group.example.location + resource_group_name = azurerm_resource_group.example.name + account_tier = "Standard" + account_replication_type = "GRS" +} + +resource "azurerm_machine_learning_workspace" "example" { + name = "example-workspace" + location = azurerm_resource_group.example.location + resource_group_name = azurerm_resource_group.example.name + application_insights_id = azurerm_application_insights.example.id + key_vault_id = azurerm_key_vault.example.id + storage_account_id = azurerm_storage_account.example.id + + identity { + type = "SystemAssigned" + } +} + +resource "azurerm_storage_container" "example" { + name = "example-container" + storage_account_name = azurerm_storage_account.example.name + container_access_type = "private" +} + +resource "azurerm_machine_learning_datastore_datalake_gen2" "example" { + name = "example-datastore" + workspace_id = azurerm_machine_learning_workspace.example.id + storage_container_id = azurerm_storage_container.example.resource_manager_id +} +``` + +## Arguments Reference + +The following arguments are supported: + +* `name` - (Required) The name of the Machine Learning DataStore. Changing this forces a new Machine Learning DataStore to be created. + +* `workspace_id` - (Required) The ID of the Machine Learning Workspace. Changing this forces a new Machine Learning DataStore to be created. + +* `storage_container_id` - (Required) The ID of the Storage Account Container. Changing this forces a new Machine Learning DataStore to be created. +--- +* `tenant_id` - (Optional) The ID of the Tenant which the Service Principal belongs to. + +* `client_id` - (Optional) The object ID of the Service Principal. + +* `client_secret` - (Optional) The secret of the Service Principal. + +* `authority_url` - (Optional) An URL used for authentication. + +* `description` - (Optional) Text used to describe the asset. Changing this forces a new Machine Learning DataStore to be created. + +* `service_data_identity` - (Optional) Specifies which identity to use when retrieving data from the specified source. Defaults to `None`. Possible values are `None`, `WorkspaceSystemAssignedIdentity` and `WorkspaceUserAssignedIdentity`. + +* `tags` - (Optional) A mapping of tags which should be assigned to the Machine Learning DataStore. Changing this forces a new Machine Learning DataStore to be created. + +## Attributes Reference + +In addition to the Arguments listed above - the following Attributes are exported: + +* `id` - The ID of the Machine Learning DataStore. + +* `is_default` - Indicates whether this Machines Learning DataStore is the default for the Workspace. + +## Timeouts + +The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: + +* `create` - (Defaults to 30 minutes) Used when creating the Machine Learning DataStore. +* `read` - (Defaults to 5 minutes) Used when retrieving the Machine Learning DataStore. +* `update` - (Defaults to 30 minutes) Used when updating the Machine Learning DataStore. +* `delete` - (Defaults to 30 minutes) Used when deleting the Machine Learning DataStore. + +## Import + +Machine Learning DataStores can be imported using the `resource id`, e.g. + +```shell +terraform import azurerm_machine_learning_datastore_datalake_gen2.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.MachineLearningServices/workspaces/mlw1/datastores/datastore1 +```