diff --git a/internal/services/recoveryservices/recovery_services_vault_resource.go b/internal/services/recoveryservices/recovery_services_vault_resource.go index 8938f9d1b2fc..d58665dd7600 100644 --- a/internal/services/recoveryservices/recovery_services_vault_resource.go +++ b/internal/services/recoveryservices/recovery_services_vault_resource.go @@ -269,6 +269,18 @@ func resourceRecoveryServicesVaultCreate(d *pluginsdk.ResourceData, meta interfa vault.Properties.SecuritySettings = expandRecoveryServicesVaultSecuritySettings(immutability) } + // Async Operaation of creation with `UserAssigned` identity is returned with 404 + // Tracked on https://github.com/Azure/azure-rest-api-specs/issues/27869 + // `SystemAssigned, UserAssigned` Identity require an additional update to work + // Trakced on https://github.com/Azure/azure-rest-api-specs/issues/27851 + if expandedIdentity.Type == identity.TypeUserAssigned || expandedIdentity.Type == identity.TypeSystemAssignedUserAssigned { + requireAdditionalUpdate = true + updatePatch.Identity = expandedIdentity + vault.Identity = &identity.SystemAndUserAssignedMap{ + Type: identity.TypeNone, + } + } + err = client.CreateOrUpdateThenPoll(ctx, id, vault) if err != nil { return fmt.Errorf("creating %s: %+v", id.String(), err) diff --git a/internal/services/recoveryservices/recovery_services_vault_resource_test.go b/internal/services/recoveryservices/recovery_services_vault_resource_test.go index f2adab4a6d8a..e7e4b9deeee9 100644 --- a/internal/services/recoveryservices/recovery_services_vault_resource_test.go +++ b/internal/services/recoveryservices/recovery_services_vault_resource_test.go @@ -173,7 +173,7 @@ func TestAccRecoveryServicesVault_SystemAssignedIdentity(t *testing.T) { }) } -func TestAccRecoveryServicesVault_UserAssignedIdentity(t *testing.T) { +func TestAccRecoveryServicesVault_Identity(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_recovery_services_vault", "test") r := RecoveryServicesVaultResource{} @@ -185,6 +185,13 @@ func TestAccRecoveryServicesVault_UserAssignedIdentity(t *testing.T) { ), }, data.ImportStep(), + { + Config: r.basicWithSystemAssignedUserAssignedIdentity(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), }) } @@ -738,6 +745,41 @@ resource "azurerm_recovery_services_vault" "test" { `, data.RandomInteger, data.Locations.Primary) } +func (RecoveryServicesVaultResource) basicWithSystemAssignedUserAssignedIdentity(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_user_assigned_identity" "test" { + name = "acctest-uai-%[1]d" + resource_group_name = azurerm_resource_group.test.name + location = azurerm_resource_group.test.location +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-recovery-%[1]d" + location = "%[2]s" +} + +resource "azurerm_recovery_services_vault" "test" { + name = "acctest-Vault-%[1]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + sku = "Standard" + + identity { + type = "SystemAssigned, UserAssigned" + identity_ids = [ + azurerm_user_assigned_identity.test.id, + ] + } + + soft_delete_enabled = false +} +`, data.RandomInteger, data.Locations.Primary) +} + func (RecoveryServicesVaultResource) basicWithImmutability(data acceptance.TestData, immutability string) string { return fmt.Sprintf(` provider "azurerm" {