Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_mysql_server - support public_network_access_enabled property #6590

Merged
merged 3 commits into from
Apr 23, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions azurerm/internal/services/mysql/resource_arm_mysql_server.go
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,12 @@ func resourceArmMySqlServer() *schema.Resource {
DiffSuppressFunc: suppress.CaseDifference,
},

"public_network_access_enabled": {
Type: schema.TypeBool,
Optional: true,
Default: true,
},

"fqdn": {
Type: schema.TypeString,
Computed: true,
Expand Down Expand Up @@ -184,6 +190,11 @@ func resourceArmMySqlServerCreate(d *schema.ResourceData, meta interface{}) erro
location := azure.NormalizeLocation(d.Get("location").(string))
resourceGroup := d.Get("resource_group_name").(string)

publicAccess := mysql.PublicNetworkAccessEnumEnabled
if v := d.Get("public_network_access_enabled").(bool); !v {
publicAccess = mysql.PublicNetworkAccessEnumDisabled
}

if features.ShouldResourcesBeImported() && d.IsNewResource() {
existing, err := client.Get(ctx, resourceGroup, name)
if err != nil {
Expand Down Expand Up @@ -211,6 +222,7 @@ func resourceArmMySqlServerCreate(d *schema.ResourceData, meta interface{}) erro
SslEnforcement: mysql.SslEnforcementEnum(d.Get("ssl_enforcement").(string)),
StorageProfile: expandMySQLStorageProfile(d),
CreateMode: mysql.CreateMode("Default"),
PublicNetworkAccess: publicAccess,
},
Sku: sku,
Tags: tags.Expand(d.Get("tags").(map[string]interface{})),
Expand Down Expand Up @@ -254,12 +266,18 @@ func resourceArmMySqlServerUpdate(d *schema.ResourceData, meta interface{}) erro
return fmt.Errorf("error expanding sku_name for MySQL Server %q (Resource Group %q): %v", name, resourceGroup, err)
}

publicAccess := mysql.PublicNetworkAccessEnumEnabled
if v := d.Get("public_network_access_enabled").(bool); !v {
publicAccess = mysql.PublicNetworkAccessEnumDisabled
}

properties := mysql.ServerUpdateParameters{
ServerUpdateParametersProperties: &mysql.ServerUpdateParametersProperties{
StorageProfile: expandMySQLStorageProfile(d),
AdministratorLoginPassword: utils.String(d.Get("administrator_login_password").(string)),
Version: mysql.ServerVersion(d.Get("version").(string)),
SslEnforcement: mysql.SslEnforcementEnum(d.Get("ssl_enforcement").(string)),
PublicNetworkAccess: publicAccess,
},
Sku: sku,
Tags: tags.Expand(d.Get("tags").(map[string]interface{})),
Expand Down Expand Up @@ -324,6 +342,7 @@ func resourceArmMySqlServerRead(d *schema.ResourceData, meta interface{}) error
d.Set("administrator_login", resp.AdministratorLogin)
d.Set("version", string(resp.Version))
d.Set("ssl_enforcement", string(resp.SslEnforcement))
d.Set("public_network_access_enabled", resp.PublicNetworkAccess != mysql.PublicNetworkAccessEnumDisabled)

if err := d.Set("storage_profile", flattenMySQLStorageProfile(resp.StorageProfile)); err != nil {
return fmt.Errorf("Error setting `storage_profile`: %+v", err)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,25 @@ func TestAccAzureRMMySQLServer_basicFiveSix(t *testing.T) {
})
}

func TestAccAzureRMMySQLServer_disablePublicNetworkAccess(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_mysql_server", "test")

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acceptance.PreCheck(t) },
Providers: acceptance.SupportedProviders,
CheckDestroy: testCheckAzureRMMySQLServerDestroy,
Steps: []resource.TestStep{
{
Config: testAccAzureRMMySQLServer_disablePublicNetworkAccess(data),
Check: resource.ComposeTestCheckFunc(
testCheckAzureRMMySQLServerExists(data.ResourceName),
),
},
data.ImportStep("administrator_login_password"), // not returned as sensitive
},
})
}

func TestAccAzureRMMySQLServer_requiresImport(t *testing.T) {
if !features.ShouldResourcesBeImported() {
t.Skip("Skipping since resources aren't required to be imported")
Expand Down Expand Up @@ -297,6 +316,39 @@ resource "azurerm_mysql_server" "test" {
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
}

func testAccAzureRMMySQLServer_disablePublicNetworkAccess(data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}

resource "azurerm_resource_group" "test" {
name = "acctestRG-%d"
location = "%s"
}

resource "azurerm_mysql_server" "test" {
name = "acctestmysqlsvr-%d"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name

sku_name = "GP_Gen5_2"

storage_profile {
storage_mb = 51200
backup_retention_days = 7
geo_redundant_backup = "Disabled"
}

administrator_login = "acctestun"
administrator_login_password = "H@Sh1CoR3!"
version = "5.6"
ssl_enforcement = "Enabled"
public_network_access_enabled = false
}
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
}

func testAccAzureRMMySQLServer_basicFiveSeven(data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
Expand Down
2 changes: 2 additions & 0 deletions website/docs/r/mysql_server.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,8 @@ The following arguments are supported:

* `ssl_enforcement` - (Required) Specifies if SSL should be enforced on connections. Possible values are `Enabled` and `Disabled`.

* `public_network_access_enabled` - (Optional) Should public network access be allowed for this server? Defaults to `true`.

* `tags` - (Optional) A mapping of tags to assign to the resource.

---
Expand Down