From 4b79bf13fcded3e809a22339f80f8d746d16b090 Mon Sep 17 00:00:00 2001
From: Matthew <mbfrahry@gmail.com>
Date: Fri, 15 Dec 2023 15:56:17 -0800
Subject: [PATCH 1/2] azurerm_logic_app_standard - add support for
 site_config.0.public_network_access_enabled

---
 .../logic/logic_app_standard_resource.go      | 22 +++++++++
 .../logic/logic_app_standard_resource_test.go | 47 +++++++++++++++++++
 .../docs/r/logic_app_standard.html.markdown   |  2 +
 3 files changed, 71 insertions(+)

diff --git a/internal/services/logic/logic_app_standard_resource.go b/internal/services/logic/logic_app_standard_resource.go
index ed63c76e14f6..3bf80e58497f 100644
--- a/internal/services/logic/logic_app_standard_resource.go
+++ b/internal/services/logic/logic_app_standard_resource.go
@@ -5,6 +5,8 @@ package logic
 
 import (
 	"fmt"
+	"github.com/hashicorp/go-azure-helpers/lang/pointer"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/services/appservice/helpers"
 	"log"
 	"strconv"
 	"strings"
@@ -868,6 +870,12 @@ func schemaLogicAppStandardSiteConfig() *pluginsdk.Schema {
 					Computed: true,
 				},
 
+				"public_network_access_enabled": {
+					Type:     pluginsdk.TypeBool,
+					Optional: true,
+					Default:  true,
+				},
+
 				"auto_swap_slot_name": {
 					Type:     pluginsdk.TypeString,
 					Computed: true,
@@ -1115,6 +1123,12 @@ func flattenLogicAppStandardSiteConfig(input *web.SiteConfig) []interface{} {
 	}
 	result["vnet_route_all_enabled"] = vnetRouteAllEnabled
 
+	publicNetworkAccessEnabled := true
+	if input.PublicNetworkAccess != nil {
+		publicNetworkAccessEnabled = !strings.EqualFold(pointer.From(input.PublicNetworkAccess), helpers.PublicNetworkAccessDisabled)
+	}
+	result["public_network_access_enabled"] = publicNetworkAccessEnabled
+
 	results = append(results, result)
 	return results
 }
@@ -1342,6 +1356,14 @@ func expandLogicAppStandardSiteConfig(d *pluginsdk.ResourceData) (web.SiteConfig
 		siteConfig.VnetRouteAllEnabled = utils.Bool(v.(bool))
 	}
 
+	if v, ok := config["public_network_access_enabled"]; ok {
+		pna := helpers.PublicNetworkAccessEnabled
+		if !v.(bool) {
+			pna = helpers.PublicNetworkAccessDisabled
+		}
+		siteConfig.PublicNetworkAccess = pointer.To(pna)
+	}
+
 	return siteConfig, nil
 }
 
diff --git a/internal/services/logic/logic_app_standard_resource_test.go b/internal/services/logic/logic_app_standard_resource_test.go
index 187652de3880..201efecac485 100644
--- a/internal/services/logic/logic_app_standard_resource_test.go
+++ b/internal/services/logic/logic_app_standard_resource_test.go
@@ -866,6 +866,30 @@ func TestAccLogicAppStandard_vNetIntegrationUpdate(t *testing.T) {
 	})
 }
 
+func TestAccLogicAppStandard_publicNetworkAccessEnabled(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_logic_app_standard", "test")
+	r := LogicAppStandardResource{}
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.publicNetworkAccessEnabled(data, false),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("site_config.0.public_network_access_enabled").HasValue("false"),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.publicNetworkAccessEnabled(data, true),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("site_config.0.public_network_access_enabled").HasValue("true"),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
 func (r LogicAppStandardResource) Exists(ctx context.Context, clients *clients.Client, state *pluginsdk.InstanceState) (*bool, error) {
 	id, err := parse.LogicAppStandardID(state.ID)
 	if err != nil {
@@ -2174,3 +2198,26 @@ resource "azurerm_logic_app_standard" "test" {
 
 `, data.RandomInteger, data.Locations.Primary, data.RandomString)
 }
+
+func (r LogicAppStandardResource) publicNetworkAccessEnabled(data acceptance.TestData, enabled bool) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+%s
+
+resource "azurerm_logic_app_standard" "test" {
+  name                       = "acctest-%d-func"
+  location                   = azurerm_resource_group.test.location
+  resource_group_name        = azurerm_resource_group.test.name
+  app_service_plan_id        = azurerm_app_service_plan.test.id
+  storage_account_name       = azurerm_storage_account.test.name
+  storage_account_access_key = azurerm_storage_account.test.primary_access_key
+
+  site_config {
+    public_network_access_enabled = %t
+  }
+}
+`, r.template(data), data.RandomInteger, enabled)
+}
diff --git a/website/docs/r/logic_app_standard.html.markdown b/website/docs/r/logic_app_standard.html.markdown
index 0af9d8bbaf48..5eff9eab07ba 100644
--- a/website/docs/r/logic_app_standard.html.markdown
+++ b/website/docs/r/logic_app_standard.html.markdown
@@ -211,6 +211,8 @@ The `site_config` block supports the following:
 
 * `pre_warmed_instance_count` - (Optional) The number of pre-warmed instances for this Logic App Only affects apps on the Premium plan.
 
+* `public_network_access_enabled` - (Optional) Is public network access enabled? Defaults to `true`.
+
 * `runtime_scale_monitoring_enabled` - (Optional) Should Runtime Scale Monitoring be enabled?. Only applicable to apps on the Premium plan. Defaults to `false`.
 
 * `use_32_bit_worker_process` - (Optional) Should the Logic App run in 32 bit mode, rather than 64 bit mode? Defaults to `true`.

From 6b13988f91efd550db763be2c5d898c0b825ec16 Mon Sep 17 00:00:00 2001
From: Matthew <mbfrahry@gmail.com>
Date: Fri, 15 Dec 2023 15:57:29 -0800
Subject: [PATCH 2/2] goimport

---
 internal/services/logic/logic_app_standard_resource.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/internal/services/logic/logic_app_standard_resource.go b/internal/services/logic/logic_app_standard_resource.go
index 3bf80e58497f..4f74724c7e07 100644
--- a/internal/services/logic/logic_app_standard_resource.go
+++ b/internal/services/logic/logic_app_standard_resource.go
@@ -5,20 +5,20 @@ package logic
 
 import (
 	"fmt"
-	"github.com/hashicorp/go-azure-helpers/lang/pointer"
-	"github.com/hashicorp/terraform-provider-azurerm/internal/services/appservice/helpers"
 	"log"
 	"strconv"
 	"strings"
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/services/web/mgmt/2021-02-01/web" // nolint: staticcheck
+	"github.com/hashicorp/go-azure-helpers/lang/pointer"
 	"github.com/hashicorp/go-azure-helpers/resourcemanager/commonids"
 	"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
 	"github.com/hashicorp/go-azure-helpers/resourcemanager/identity"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/azure"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/services/appservice/helpers"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/logic/parse"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/logic/validate"
 	storageValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/storage/validate"