Adding support for Azure Active Directory resource

steve-hawkins · Dec 18, 2018 · f89131e · f89131e
1 parent b44b8b7
commit f89131e
Show file tree

Hide file tree

Showing 3 changed files with 164 additions and 1 deletion.
diff --git a/azurerm/resource_arm_service_fabric_cluster.go b/azurerm/resource_arm_service_fabric_cluster.go
@@ -70,14 +70,39 @@ func resourceArmServiceFabricCluster() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
-
+			
 			"add_on_features": {
 				Type:     schema.TypeSet,
 				Optional: true,
 				Elem:     &schema.Schema{Type: schema.TypeString},
 				Set:      schema.HashString,
 			},
 
+			"azure_active_directory": {
+				Type:     schema.TypeList,
+				Optional: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"tenant_id": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+						"cluster_application": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+						"client_application": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+					},
+				},
+			},
+
 			"certificate": {
 				Type:     schema.TypeList,
 				Optional: true,
@@ -288,6 +313,9 @@ func resourceArmServiceFabricClusterCreate(d *schema.ResourceData, meta interfac
 	addOnFeaturesRaw := d.Get("add_on_features").(*schema.Set).List()
 	addOnFeatures := expandServiceFabricClusterAddOnFeatures(addOnFeaturesRaw)
 
+	azureActiveDirectoryRaw := d.Get("azure_active_directory").([]interface{})
+	azureActiveDirectory := expandServiceFabricClusterAzureActiveDirectory(azureActiveDirectoryRaw)
+
 	certificateRaw := d.Get("certificate").([]interface{})
 	certificate := expandServiceFabricClusterCertificate(certificateRaw)
 
@@ -308,6 +336,7 @@ func resourceArmServiceFabricClusterCreate(d *schema.ResourceData, meta interfac
 		Tags:     expandTags(tags),
 		ClusterProperties: &servicefabric.ClusterProperties{
 			AddOnFeatures:                   addOnFeatures,
+			AzureActiveDirectory:            azureActiveDirectory,
 			Certificate:                     certificate,
 			ClientCertificateThumbprints:    clientCertificateThumbprints,
 			DiagnosticsStorageAccountConfig: diagnostics,
@@ -445,6 +474,11 @@ func resourceArmServiceFabricClusterRead(d *schema.ResourceData, meta interface{
 			return fmt.Errorf("Error setting `add_on_features`: %+v", err)
 		}
 
+		azureActiveDirectory := flattenServiceFabricClusterAzureActiveDirectory(props.AzureActiveDirectory)
+		if err := d.Set("azure_active_directory", azureActiveDirectory); err != nil {
+			return fmt.Errorf("Error setting `azure_active_directory`: %+v", err)
+		}
+
 		certificate := flattenServiceFabricClusterCertificate(props.Certificate)
 		if err := d.Set("certificate", certificate); err != nil {
 			return fmt.Errorf("Error setting `certificate`: %+v", err)
@@ -509,6 +543,49 @@ func expandServiceFabricClusterAddOnFeatures(input []interface{}) *[]string {
 	return &output
 }
 
+func expandServiceFabricClusterAzureActiveDirectory(input []interface{}) *servicefabric.AzureActiveDirectory {
+	if len(input) == 0 {
+		return nil
+	}
+
+	v := input[0].(map[string]interface{})
+
+	tenantId := v["tenant_id"].(string)
+	clusterApplication := v["cluster_application"].(string)
+	clientApplication := v["client_application"].(string)
+
+	config := servicefabric.AzureActiveDirectory{
+		TenantID:           utils.String(tenantId),
+		ClusterApplication: utils.String(clusterApplication),
+		ClientApplication:  utils.String(clientApplication),
+	}
+	return &config
+}
+
+func flattenServiceFabricClusterAzureActiveDirectory(input *servicefabric.AzureActiveDirectory) []interface{} {
+	results := make([]interface{}, 0)
+
+	if v := input; v != nil {
+		output := make(map[string]interface{})
+
+		if name := v.TenantID; name != nil {
+			output["tenant_id"] = *name
+		}
+
+		if name := v.ClusterApplication; name != nil {
+			output["cluster_application"] = *name
+		}
+
+		if endpoint := v.ClientApplication; endpoint != nil {
+			output["client_application"] = *endpoint
+		}
+
+		results = append(results, output)
+	}
+
+	return results
+}
+
 func flattenServiceFabricClusterAddOnFeatures(input *[]string) []interface{} {
 	output := make([]interface{}, 0)
 

diff --git a/azurerm/resource_arm_service_fabric_cluster_test.go b/azurerm/resource_arm_service_fabric_cluster_test.go
@@ -29,6 +29,7 @@ func TestAccAzureRMServiceFabricCluster_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "add_on_features.#", "0"),
 					resource.TestCheckResourceAttr(resourceName, "certificate.#", "0"),
 					resource.TestCheckResourceAttr(resourceName, "client_certificate_thumbprint.#", "0"),
+					resource.TestCheckResourceAttr(resourceName, "azure_active_directory.#", "0"),
 					resource.TestCheckResourceAttr(resourceName, "diagnostics_config.#", "0"),
 					resource.TestCheckResourceAttr(resourceName, "node_type.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "node_type.0.instance_count", "3"),
@@ -234,6 +235,38 @@ func TestAccAzureRMServiceFabricCluster_readerAdminClientCertificateThumbprint(t
 	})
 }
 
+func TestAccAzureRMServiceFabricCluster_azureActiveDirectory(t *testing.T) {
+	resourceName := "azurerm_service_fabric_cluster.test"
+	ri := acctest.RandInt()
+	location := testLocation()
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testCheckAzureRMServiceFabricClusterDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMServiceFabricCluster_clientCertificateThumbprint(ri, location),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMServiceFabricClusterExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "azure_active_directory.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "azure_active_directory.tenant_id", "00000000-0000-0000-0000-00000000000"),
+					resource.TestCheckResourceAttr(resourceName, "azure_active_directory.cluster_application", "00000000-0000-0000-0000-000000000000"),
+					resource.TestCheckResourceAttr(resourceName, "azure_active_directory.client_application", "00000000-0000-0000-0000-000000000000"),
+					resource.TestCheckResourceAttr(resourceName, "fabric_settings.0.name", "Security"),
+					resource.TestCheckResourceAttr(resourceName, "fabric_settings.0.parameters.ClusterProtectionLevel", "EncryptAndSign"),
+					resource.TestCheckResourceAttr(resourceName, "management_endpoint", "https://example:80"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func TestAccAzureRMServiceFabricCluster_diagnosticsConfig(t *testing.T) {
 	resourceName := "azurerm_service_fabric_cluster.test"
 	ri := acctest.RandInt()
@@ -721,6 +754,47 @@ resource "azurerm_service_fabric_cluster" "test" {
 `, rInt, location, rInt)
 }
 
+func testAccAzureRMServiceFabricCluster_readerAdminClientCertificateThumbprint(rInt int, location string) string {
+	return fmt.Sprintf(`
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-%d"
+  location = "%s"
+}
+
+resource "azurerm_service_fabric_cluster" "test" {
+  name                = "acctest-%d"
+  resource_group_name = "${azurerm_resource_group.test.name}"
+  location            = "${azurerm_resource_group.test.location}"
+  reliability_level   = "Bronze"
+  upgrade_mode        = "Automatic"
+  vm_image            = "Windows"
+  management_endpoint = "https://example:80"
+	
+	azure_active_directory {
+		tenant_id           = "00000000-0000-0000-0000-000000000000"
+		cluster_application = "00000000-0000-0000-0000-000000000000"
+		client_application  = "00000000-0000-0000-0000-000000000000"
+	}
+
+  fabric_settings {
+    name = "Security"
+
+    parameters {
+      "ClusterProtectionLevel" = "EncryptAndSign"
+    }
+  }
+
+  node_type {
+    name                 = "first"
+    instance_count       = 3
+    is_primary           = true
+    client_endpoint_port = 2020
+    http_endpoint_port   = 80
+  }
+}
+`, rInt, location, rInt)
+}
+
 func testAccAzureRMServiceFabricCluster_diagnosticsConfig(rInt int, rString, location string) string {
 	return fmt.Sprintf(`
 resource "azurerm_resource_group" "test" {

diff --git a/website/docs/r/service_fabric_cluster.html.markdown b/website/docs/r/service_fabric_cluster.html.markdown
@@ -65,6 +65,8 @@ The following arguments are supported:
 
 * `add_on_features` - (Optional) A List of one or more features which should be enabled, such as `DnsService`.
 
+* `azure_active_directory` - (Optional) `azure_active_directory` block as defined below. Changing this forces a new resource to be created.
+
 * `certificate` - (Optional) A `certificate` block as defined below.
 
 * `client_certificate_thumbprint` - (Optional) One or two `client_certificate_thumbprint` blocks as defined below.
@@ -79,6 +81,16 @@ The following arguments are supported:
 
 ---
 
+A `azure_active_directory` block supports the following:
+
+* `tenant_id` - (Required) The TenantID of the Azure Active Directory resource.
+
+* `cluster_application` - (Required) The GUID of the cluster application.
+
+* `client_application` - (Required) The GUID of the client application.
+
+---
+
 A `certificate` block supports the following:
 
 * `thumbprint` - (Required) The Thumbprint of the Certificate.