Added documentation and fixed whitespace

hashicorp · Dec 17, 2020 · ef84e2b · ef84e2b
1 parent 3860c70
commit ef84e2b
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 3 deletions.
diff --git a/azurerm/internal/services/storage/resource_arm_storage_data_lake_gen2_filesystem_test.go b/azurerm/internal/services/storage/resource_arm_storage_data_lake_gen2_filesystem_test.go
@@ -334,8 +334,8 @@ resource "azurerm_storage_data_lake_gen2_filesystem" "test" {
     permissions = "---"
   }
   depends_on = [
-	azurerm_role_assignment.storageAccountRoleAssignment,
-	azuread_service_principal.test
+    azurerm_role_assignment.storageAccountRoleAssignment,
+    azuread_service_principal.test
   ]
 }
 `, template, data.RandomInteger)

diff --git a/website/docs/r/storage_data_lake_gen2_filesystem.html.markdown b/website/docs/r/storage_data_lake_gen2_filesystem.html.markdown
@@ -48,9 +48,26 @@ The following arguments are supported:
 
 * `storage_account_id` - (Required) Specifies the ID of the Storage Account in which the Data Lake Gen2 File System should exist. Changing this forces a new resource to be created.
 
+* `properties` - (Optional) A mapping of Key to Base64-Encoded Values which should be assigned to this Data Lake Gen2 File System.
+
+* `ace` - (Optional) One or more `ace` blocks as defined below to specify the entries for the ACL for the path.
+
 ~> **NOTE:** The Storage Account requires `account_kind` to be either `StorageV2` or `BlobStorage`. In addition, `is_hns_enabled` has to be set to `true`.
 
-* `properties` - (Optional) A mapping of Key to Base64-Encoded Values which should be assigned to this Data Lake Gen2 File System.
+---
+
+An `ace` block supports the following:
+
+* `scope` - (Optional) Specifies whether the ACE represents an `access` entry or a `default` entry. Default value is `access`.
+
+* `type` - (Required) Specifies the type of entry. Can be `user`, `group`, `mask` or `other`.
+
+* `id` - (Optional) Specifies the Object ID of the Azure Active Directory User or Group that the entry relates to. Only valid for `user` or `group` entries.
+
+* `permissions` - (Required) Specifies the permissions for the entry in `rwx` form. For example, `rwx` gives full permissions but `r--` only gives read permissions.
+
+More details on ACLs can be found here: https://docs.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-access-control#access-control-lists-on-files-and-directories
+
 
 ## Attributes Reference