azurerm_security_center_storage_defender: add scan_results_event_grid_topic_id property

[patst]

Add scan_results_event_grid_topic_id property to azurerm_security_center_storage_defender resource.

Closes: #23607

(The Github issue has an additional comment asking for the scan_results_log_analytics_workspace_id property as well. This is not included in this PR, because the current API-Version does not support that. It would involve an API-Version upgrade, which can be done separated from this change.

Community Note

• Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for PR followers and do not help prioritize for review

Description

PR Checklist

• I have followed the guidelines in our Contributing Documentation.
• I have checked to ensure there aren't other open Pull Requests for the same update/change.
• I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
• I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
• I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
  For example: “resource_name_here - description of change e.g. adding property new_property_name_here”

Changes to existing Resource / Data Source

• I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
• I have written new tests for my resource or datasource changes & updated any relevent documentation.
• I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
• (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

• My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

• azurerm_security_center_storage_defender: add scan_results_event_grid_topic_id property [Add scan_results_eventgrid_topic_id argument in azurerm_security_center_storage_defender resource #23607]

This is a (please select all that apply):

• Bug Fix
• New Feature (ie adding a service, resource, or data source)
• Enhancement
• Breaking Change

Related Issue(s)

Fixes #23607

Note

If this PR changes meaningfully during the course of review please update the title and description as required.

[stephybun]

Thanks for this PR @patst. A few minor adjustments are needed, but otherwise this is looking good!

[patst]

Thanks for this PR @patst. A few minor adjustments are needed, but otherwise this is looking good!

@stephybun thanks for the review! I applied the requested changes

[patst]

the unit tests pass locally on my client. Maybe an issue with the pipeline run? I am unsure what the exact issue is

[patst]

@stephybun don't want to stress you, but if you see anything still missing give me a sign :-)

Thanks for your help!

[stephybun]

@patst the acceptance tests are currently failing with the following error:

        Error: creating Scope (Scope: "/subscriptions/*******/resourceGroups/acctestRG-storage-240729064442070764/providers/Microsoft.Storage/storageAccounts/acctestacc7su6p"): unexpected status 400 (400 Bad Request) with error: BadRequest: ScanResultsEventGridTopicResourceId can't be set if OnUpload.IsEnabled is false
          with azurerm_security_center_storage_defender.test,
          on terraform_plugin_test.tf line 45, in resource "azurerm_security_center_storage_defender" "test":
          45: resource "azurerm_security_center_storage_defender" "test" {
        creating Scope (Scope:
        "/subscriptions/*******/resourceGroups/acctestRG-storage-240729064442070764/providers/Microsoft.Storage/storageAccounts/acctestacc7su6p"):
        unexpected status 400 (400 Bad Request) with error: BadRequest:
        ScanResultsEventGridTopicResourceId can't be set if OnUpload.IsEnabled is
        false

I left a suggestion in line on what I think might fix the problem.

[patst]

@patst the acceptance tests are currently failing with the following error:

        Error: creating Scope (Scope: "/subscriptions/*******/resourceGroups/acctestRG-storage-240729064442070764/providers/Microsoft.Storage/storageAccounts/acctestacc7su6p"): unexpected status 400 (400 Bad Request) with error: BadRequest: ScanResultsEventGridTopicResourceId can't be set if OnUpload.IsEnabled is false
          with azurerm_security_center_storage_defender.test,
          on terraform_plugin_test.tf line 45, in resource "azurerm_security_center_storage_defender" "test":
          45: resource "azurerm_security_center_storage_defender" "test" {
        creating Scope (Scope:
        "/subscriptions/*******/resourceGroups/acctestRG-storage-240729064442070764/providers/Microsoft.Storage/storageAccounts/acctestacc7su6p"):
        unexpected status 400 (400 Bad Request) with error: BadRequest:
        ScanResultsEventGridTopicResourceId can't be set if OnUpload.IsEnabled is
        false

I left a suggestion in line on what I think might fix the problem.

@stephybun can you rerun the integration tests?

[stephybun]

Tests are looking good now, thanks @patst LGTM 👍

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.