diff --git a/internal/services/securitycenter/security_center_subscription_pricing_resource.go b/internal/services/securitycenter/security_center_subscription_pricing_resource.go index d141bcf97265..4f1581d1bb8f 100644 --- a/internal/services/securitycenter/security_center_subscription_pricing_resource.go +++ b/internal/services/securitycenter/security_center_subscription_pricing_resource.go @@ -290,10 +290,16 @@ func expandSecurityCenterSubscriptionPricingExtensions(inputList []interface{}, isEnabled = pricings_v2023_01_01.IsEnabledTrue } output := pricings_v2023_01_01.Extension{ - Name: extensionName, - IsEnabled: isEnabled, - AdditionalExtensionProperties: pointer.To(extensionProperties), + Name: extensionName, + IsEnabled: isEnabled, } + + if vAdditional, ok := extensionProperties[extensionName]; ok { + props, _ := vAdditional.(*interface{}) + p := (*props).(map[string]interface{}) + output.AdditionalExtensionProperties = pointer.To(p) + } + outputList = append(outputList, output) } diff --git a/internal/services/securitycenter/security_center_subscription_pricing_resource_test.go b/internal/services/securitycenter/security_center_subscription_pricing_resource_test.go index cc068d58218e..16962b71ac43 100644 --- a/internal/services/securitycenter/security_center_subscription_pricing_resource_test.go +++ b/internal/services/securitycenter/security_center_subscription_pricing_resource_test.go @@ -60,6 +60,15 @@ func TestAccSecurityCenterSubscriptionPricing_cloudPosture(t *testing.T) { }) } +func TestAccSecurityCenterSubscriptionPricing_storage(t *testing.T) { + acceptance.RunTestsInSequence(t, map[string]map[string]func(t *testing.T){ + "securityCenterSubscriptionPricing": { + "subplan": testAccSecurityCenterSubscriptionPricing_storageAccountSubplan, + "defender": testAccSecurityCenterSubscriptionPricing_storageAccountDefender, + }, + }) +} + func TestAccSecurityCenterSubscriptionPricing_update(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_security_center_subscription_pricing", "test") r := SecurityCenterSubscriptionPricingResource{} @@ -92,7 +101,7 @@ func TestAccSecurityCenterSubscriptionPricing_cosmosDbs(t *testing.T) { }) } -func TestAccSecurityCenterSubscriptionPricing_storageAccountSubplan(t *testing.T) { +func testAccSecurityCenterSubscriptionPricing_storageAccountSubplan(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_security_center_subscription_pricing", "test") r := SecurityCenterSubscriptionPricingResource{} @@ -109,6 +118,21 @@ func TestAccSecurityCenterSubscriptionPricing_storageAccountSubplan(t *testing.T }) } +func testAccSecurityCenterSubscriptionPricing_storageAccountDefender(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_security_center_subscription_pricing", "test") + r := SecurityCenterSubscriptionPricingResource{} + + data.ResourceSequentialTest(t, r, []acceptance.TestStep{ + { + Config: r.storageAccountDefender(), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + func testAccSecurityCenterSubscriptionPricing_cloudPostureExtension(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_security_center_subscription_pricing", "test") r := SecurityCenterSubscriptionPricingResource{} @@ -242,6 +266,31 @@ resource "azurerm_security_center_subscription_pricing" "test" { ` } +func (SecurityCenterSubscriptionPricingResource) storageAccountDefender() string { + return ` +provider "azurerm" { + features {} +} + +resource "azurerm_security_center_subscription_pricing" "test" { + tier = "Standard" + resource_type = "StorageAccounts" + subplan = "DefenderForStorageV2" + + extension { + additional_extension_properties = { + "CapGBPerMonthPerStorageAccount" = "5000" + } + name = "OnUploadMalwareScanning" + } + + extension { + name = "SensitiveDataDiscovery" + } +} +` +} + func (SecurityCenterSubscriptionPricingResource) cloudPostureExtension() string { return ` provider "azurerm" {