Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

data azurerm_disk_encryption_set - support identity #23005

Merged
merged 1 commit into from
Aug 18, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions internal/services/compute/disk_encryption_set_data_source.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (

"github.com/hashicorp/go-azure-helpers/lang/response"
"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
"github.com/hashicorp/go-azure-helpers/resourcemanager/identity"
"github.com/hashicorp/go-azure-helpers/resourcemanager/location"
"github.com/hashicorp/go-azure-helpers/resourcemanager/tags"
"github.com/hashicorp/go-azure-sdk/resource-manager/compute/2022-03-02/diskencryptionsets"
Expand Down Expand Up @@ -48,6 +49,8 @@ func dataSourceDiskEncryptionSet() *pluginsdk.Resource {
Computed: true,
},

"identity": commonschema.SystemAssignedUserAssignedIdentityComputed(),

"tags": commonschema.TagsDataSource(),
},
}
Expand Down Expand Up @@ -85,5 +88,14 @@ func dataSourceDiskEncryptionSetRead(d *pluginsdk.ResourceData, meta interface{}
}
}

flattenedIdentity, err := identity.FlattenSystemAndUserAssignedMap(model.Identity)
if err != nil {
return fmt.Errorf("flattening `identity`: %+v", err)
}

if err := d.Set("identity", flattenedIdentity); err != nil {
return fmt.Errorf("setting `identity`: %+v", err)
}

return tags.FlattenAndSet(d, model.Tags)
}
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,23 @@ func TestAccDataSourceDiskEncryptionSet_update(t *testing.T) {
})
}

func TestAccDataSourceDiskEncryptionSet_identity(t *testing.T) {
data := acceptance.BuildTestData(t, "data.azurerm_disk_encryption_set", "test")
r := DiskEncryptionSetDataSource{}
data.DataSourceTest(t, []acceptance.TestStep{
{
Config: r.identity(data),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).Key("location").Exists(),
check.That(data.ResourceName).Key("identity.0.type").HasValue("SystemAssigned, UserAssigned"),
check.That(data.ResourceName).Key("identity.0.principal_id").Exists(),
check.That(data.ResourceName).Key("identity.0.tenant_id").Exists(),
check.That(data.ResourceName).Key("identity.0.identity_ids.#").HasValue("1"),
),
},
})
}

func (DiskEncryptionSetDataSource) basic(data acceptance.TestData) string {
return fmt.Sprintf(`
%s
Expand All @@ -65,3 +82,14 @@ data "azurerm_disk_encryption_set" "test" {
}
`, DiskEncryptionSetResource{}.complete(data))
}

func (DiskEncryptionSetDataSource) identity(data acceptance.TestData) string {
return fmt.Sprintf(`
%s

data "azurerm_disk_encryption_set" "test" {
name = azurerm_disk_encryption_set.test.name
resource_group_name = azurerm_disk_encryption_set.test.resource_group_name
}
`, DiskEncryptionSetResource{}.systemAssignedUserAssignedIdentity(data))
}
Original file line number Diff line number Diff line change
Expand Up @@ -341,7 +341,8 @@ resource "azurerm_key_vault_access_policy" "disk-encryption" {

tenant_id = azurerm_disk_encryption_set.test.identity.0.tenant_id
object_id = azurerm_disk_encryption_set.test.identity.0.principal_id
}`, r.dependencies(data, true))
}
`, r.dependencies(data, true))
}

func (r DiskEncryptionSetResource) basic(data acceptance.TestData) string {
Expand Down
14 changes: 14 additions & 0 deletions website/docs/d/disk_encryption_set.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,22 @@ The following attributes are exported:

* `key_vault_key_url` - The URL for the Key Vault Key or Key Vault Secret that is currently being used by the service.

* `identity` - An `identity` block as defined below.

* `tags` - A mapping of tags assigned to the Disk Encryption Set.

---

An `identity` block exports the following:

* `type` - The type of Managed Service Identity that is configured on this Disk Encryption Set.

* `identity_ids` - A list of User Assigned Managed Identity IDs assigned to this Disk Encryption Set.

* `principal_id` - The (Client) ID of the Service Principal.

* `tenant_id` - The ID of the Tenant the Service Principal is assigned in.

## Timeouts

The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions:
Expand Down
Loading