New resource: azurerm_sentinel_watchlist

[magodo]

This PR adds a new resource azurerm_sentinel_watchlist.

Currently, this is only an empty watchlist. If users want to add watchlist items into it, they need to use other approaches outside of Terraform. While we can add support for this, but I didn't figure out a very good way to do so.

My first attempt to do so is to adding a raw_content to this resource, which allows users to specify the content of a csv file, where each line represents an item. This won't work because the API behavior related to the rawContent is monotonous. This means you can only add new items to the list, but can't remove them. For example, if you send a PUT request on the watchlist, with rawContent set to (item1). Later you change it to be (item2) and send a PUT again, it ends up with both (item1) and (item2).

Another way we can proceed to add supports for the items is to create a new resource: azurerm_sentinel_watchlist_item, where each instance represents an item. There is item related API, which means it should work. However, from the UX point of view, this asks users to name each item with a UUID, which brings unnecessary burdens. Also a typical usage of the watchlist is to update the items in batch, which makes such kind of granularity not makes sense.

Due to above situation, this PR only allows users to create an empty watchlist.

Test

💢 TF_ACC=1 go test -timeout=3h -v ./internal/services/sentinel -run='TestAccWatchlist_'
=== RUN   TestAccWatchlist_basic
=== PAUSE TestAccWatchlist_basic
=== RUN   TestAccWatchlist_complete
=== PAUSE TestAccWatchlist_complete
=== RUN   TestAccWatchlist_requiresImport
=== PAUSE TestAccWatchlist_requiresImport
=== CONT  TestAccWatchlist_basic
=== CONT  TestAccWatchlist_requiresImport
=== CONT  TestAccWatchlist_complete
--- PASS: TestAccWatchlist_basic (96.83s)
--- PASS: TestAccWatchlist_complete (159.04s)
--- PASS: TestAccWatchlist_requiresImport (169.79s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel      169.821s

Reference

https://docs.microsoft.com/en-us/azure/sentinel/watchlists

[katbyte]

Thanks @magodo - LGTM 💯

[github-actions]

This functionality has been released in v2.87.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.