From f89131ef07d7553735c4c19ef4f4538ee9409b60 Mon Sep 17 00:00:00 2001 From: "joseph.denheen" Date: Tue, 18 Dec 2018 16:41:28 +0000 Subject: [PATCH] Adding support for Azure Active Directory resource --- .../resource_arm_service_fabric_cluster.go | 79 ++++++++++++++++++- ...esource_arm_service_fabric_cluster_test.go | 74 +++++++++++++++++ .../r/service_fabric_cluster.html.markdown | 12 +++ 3 files changed, 164 insertions(+), 1 deletion(-) diff --git a/azurerm/resource_arm_service_fabric_cluster.go b/azurerm/resource_arm_service_fabric_cluster.go index 50686d889797..1a343c50cbad 100644 --- a/azurerm/resource_arm_service_fabric_cluster.go +++ b/azurerm/resource_arm_service_fabric_cluster.go @@ -70,7 +70,7 @@ func resourceArmServiceFabricCluster() *schema.Resource { Required: true, ForceNew: true, }, - + "add_on_features": { Type: schema.TypeSet, Optional: true, @@ -78,6 +78,31 @@ func resourceArmServiceFabricCluster() *schema.Resource { Set: schema.HashString, }, + "azure_active_directory": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "tenant_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "cluster_application": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "client_application": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + }, + }, + }, + "certificate": { Type: schema.TypeList, Optional: true, @@ -288,6 +313,9 @@ func resourceArmServiceFabricClusterCreate(d *schema.ResourceData, meta interfac addOnFeaturesRaw := d.Get("add_on_features").(*schema.Set).List() addOnFeatures := expandServiceFabricClusterAddOnFeatures(addOnFeaturesRaw) + azureActiveDirectoryRaw := d.Get("azure_active_directory").([]interface{}) + azureActiveDirectory := expandServiceFabricClusterAzureActiveDirectory(azureActiveDirectoryRaw) + certificateRaw := d.Get("certificate").([]interface{}) certificate := expandServiceFabricClusterCertificate(certificateRaw) @@ -308,6 +336,7 @@ func resourceArmServiceFabricClusterCreate(d *schema.ResourceData, meta interfac Tags: expandTags(tags), ClusterProperties: &servicefabric.ClusterProperties{ AddOnFeatures: addOnFeatures, + AzureActiveDirectory: azureActiveDirectory, Certificate: certificate, ClientCertificateThumbprints: clientCertificateThumbprints, DiagnosticsStorageAccountConfig: diagnostics, @@ -445,6 +474,11 @@ func resourceArmServiceFabricClusterRead(d *schema.ResourceData, meta interface{ return fmt.Errorf("Error setting `add_on_features`: %+v", err) } + azureActiveDirectory := flattenServiceFabricClusterAzureActiveDirectory(props.AzureActiveDirectory) + if err := d.Set("azure_active_directory", azureActiveDirectory); err != nil { + return fmt.Errorf("Error setting `azure_active_directory`: %+v", err) + } + certificate := flattenServiceFabricClusterCertificate(props.Certificate) if err := d.Set("certificate", certificate); err != nil { return fmt.Errorf("Error setting `certificate`: %+v", err) @@ -509,6 +543,49 @@ func expandServiceFabricClusterAddOnFeatures(input []interface{}) *[]string { return &output } +func expandServiceFabricClusterAzureActiveDirectory(input []interface{}) *servicefabric.AzureActiveDirectory { + if len(input) == 0 { + return nil + } + + v := input[0].(map[string]interface{}) + + tenantId := v["tenant_id"].(string) + clusterApplication := v["cluster_application"].(string) + clientApplication := v["client_application"].(string) + + config := servicefabric.AzureActiveDirectory{ + TenantID: utils.String(tenantId), + ClusterApplication: utils.String(clusterApplication), + ClientApplication: utils.String(clientApplication), + } + return &config +} + +func flattenServiceFabricClusterAzureActiveDirectory(input *servicefabric.AzureActiveDirectory) []interface{} { + results := make([]interface{}, 0) + + if v := input; v != nil { + output := make(map[string]interface{}) + + if name := v.TenantID; name != nil { + output["tenant_id"] = *name + } + + if name := v.ClusterApplication; name != nil { + output["cluster_application"] = *name + } + + if endpoint := v.ClientApplication; endpoint != nil { + output["client_application"] = *endpoint + } + + results = append(results, output) + } + + return results +} + func flattenServiceFabricClusterAddOnFeatures(input *[]string) []interface{} { output := make([]interface{}, 0) diff --git a/azurerm/resource_arm_service_fabric_cluster_test.go b/azurerm/resource_arm_service_fabric_cluster_test.go index fd8c6ae44474..187a5db7129c 100644 --- a/azurerm/resource_arm_service_fabric_cluster_test.go +++ b/azurerm/resource_arm_service_fabric_cluster_test.go @@ -29,6 +29,7 @@ func TestAccAzureRMServiceFabricCluster_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "add_on_features.#", "0"), resource.TestCheckResourceAttr(resourceName, "certificate.#", "0"), resource.TestCheckResourceAttr(resourceName, "client_certificate_thumbprint.#", "0"), + resource.TestCheckResourceAttr(resourceName, "azure_active_directory.#", "0"), resource.TestCheckResourceAttr(resourceName, "diagnostics_config.#", "0"), resource.TestCheckResourceAttr(resourceName, "node_type.#", "1"), resource.TestCheckResourceAttr(resourceName, "node_type.0.instance_count", "3"), @@ -234,6 +235,38 @@ func TestAccAzureRMServiceFabricCluster_readerAdminClientCertificateThumbprint(t }) } +func TestAccAzureRMServiceFabricCluster_azureActiveDirectory(t *testing.T) { + resourceName := "azurerm_service_fabric_cluster.test" + ri := acctest.RandInt() + location := testLocation() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMServiceFabricClusterDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMServiceFabricCluster_clientCertificateThumbprint(ri, location), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMServiceFabricClusterExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "azure_active_directory.#", "1"), + resource.TestCheckResourceAttr(resourceName, "azure_active_directory.tenant_id", "00000000-0000-0000-0000-00000000000"), + resource.TestCheckResourceAttr(resourceName, "azure_active_directory.cluster_application", "00000000-0000-0000-0000-000000000000"), + resource.TestCheckResourceAttr(resourceName, "azure_active_directory.client_application", "00000000-0000-0000-0000-000000000000"), + resource.TestCheckResourceAttr(resourceName, "fabric_settings.0.name", "Security"), + resource.TestCheckResourceAttr(resourceName, "fabric_settings.0.parameters.ClusterProtectionLevel", "EncryptAndSign"), + resource.TestCheckResourceAttr(resourceName, "management_endpoint", "https://example:80"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAzureRMServiceFabricCluster_diagnosticsConfig(t *testing.T) { resourceName := "azurerm_service_fabric_cluster.test" ri := acctest.RandInt() @@ -721,6 +754,47 @@ resource "azurerm_service_fabric_cluster" "test" { `, rInt, location, rInt) } +func testAccAzureRMServiceFabricCluster_readerAdminClientCertificateThumbprint(rInt int, location string) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%d" + location = "%s" +} + +resource "azurerm_service_fabric_cluster" "test" { + name = "acctest-%d" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "${azurerm_resource_group.test.location}" + reliability_level = "Bronze" + upgrade_mode = "Automatic" + vm_image = "Windows" + management_endpoint = "https://example:80" + + azure_active_directory { + tenant_id = "00000000-0000-0000-0000-000000000000" + cluster_application = "00000000-0000-0000-0000-000000000000" + client_application = "00000000-0000-0000-0000-000000000000" + } + + fabric_settings { + name = "Security" + + parameters { + "ClusterProtectionLevel" = "EncryptAndSign" + } + } + + node_type { + name = "first" + instance_count = 3 + is_primary = true + client_endpoint_port = 2020 + http_endpoint_port = 80 + } +} +`, rInt, location, rInt) +} + func testAccAzureRMServiceFabricCluster_diagnosticsConfig(rInt int, rString, location string) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { diff --git a/website/docs/r/service_fabric_cluster.html.markdown b/website/docs/r/service_fabric_cluster.html.markdown index 330febf18a8b..bef8f138c02d 100644 --- a/website/docs/r/service_fabric_cluster.html.markdown +++ b/website/docs/r/service_fabric_cluster.html.markdown @@ -65,6 +65,8 @@ The following arguments are supported: * `add_on_features` - (Optional) A List of one or more features which should be enabled, such as `DnsService`. +* `azure_active_directory` - (Optional) `azure_active_directory` block as defined below. Changing this forces a new resource to be created. + * `certificate` - (Optional) A `certificate` block as defined below. * `client_certificate_thumbprint` - (Optional) One or two `client_certificate_thumbprint` blocks as defined below. @@ -79,6 +81,16 @@ The following arguments are supported: --- +A `azure_active_directory` block supports the following: + +* `tenant_id` - (Required) The TenantID of the Azure Active Directory resource. + +* `cluster_application` - (Required) The GUID of the cluster application. + +* `client_application` - (Required) The GUID of the client application. + +--- + A `certificate` block supports the following: * `thumbprint` - (Required) The Thumbprint of the Certificate.