Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azurerm_api_management: Enable Tenant Access #10475

Merged
merged 5 commits into from
Feb 18, 2021
Merged

azurerm_api_management: Enable Tenant Access #10475

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f5de63d
#85778 add tenant_access property
patst Feb 4, 2021
e23ea9a
add output for primary and secondary key
patst Feb 4, 2021
1225f6d
export id
patst Feb 15, 2021
4684f1b
add docs for tenant_access block
patst Feb 16, 2021
6a2715b
rename id to tenant_id
patst Feb 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 78 additions & 0 deletions azurerm/internal/services/apimanagement/api_management_resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -528,6 +528,30 @@ func resourceApiManagementService() *schema.Resource {
Computed: true,
},

"tenant_access": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"enabled": {
Type: schema.TypeBool,
Required: true,
},
"primary_key": {
Type: schema.TypeString,
Computed: true,
Sensitive: true,
},
"secondary_key": {
Type: schema.TypeString,
Computed: true,
Sensitive: true,
},
},
},
},

"tags": tags.Schema(),
},

Expand Down Expand Up @@ -702,13 +726,23 @@ func resourceApiManagementServiceCreateUpdate(d *schema.ResourceData, meta inter
}
}

if d.HasChange("tenant_access") {
tenantAccessInformationParametersRaw := d.Get("tenant_access").([]interface{})
tenantAccessInformationParameters := expandApiManagementTenantAccessSettings(tenantAccessInformationParametersRaw)
tenantAccessClient := meta.(*clients.Client).ApiManagement.TenantAccessClient
if _, err := tenantAccessClient.Update(ctx, resourceGroup, name, tenantAccessInformationParameters, ""); err != nil {
return fmt.Errorf(" updating tenant access settings for API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
}
}

return resourceApiManagementServiceRead(d, meta)
}

func resourceApiManagementServiceRead(d *schema.ResourceData, meta interface{}) error {
client := meta.(*clients.Client).ApiManagement.ServiceClient
signInClient := meta.(*clients.Client).ApiManagement.SignInClient
signUpClient := meta.(*clients.Client).ApiManagement.SignUpClient
tenantAccessClient := meta.(*clients.Client).ApiManagement.TenantAccessClient
environment := meta.(*clients.Client).Account.Environment
ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
defer cancel()
Expand Down Expand Up @@ -824,6 +858,14 @@ func resourceApiManagementServiceRead(d *schema.ResourceData, meta interface{})
d.Set("sign_up", []interface{}{})
}

tenantAccessInformationContract, err := tenantAccessClient.ListSecrets(ctx, resourceGroup, name)
if err != nil {
return fmt.Errorf("retrieving tenant access properties for API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
}
if err := d.Set("tenant_access", flattenApiManagementTenantAccessSettings(tenantAccessInformationContract)); err != nil {
return fmt.Errorf("setting `tenant_access`: %+v", err)
}

return tags.FlattenAndSet(d, resp.Tags)
}

Expand Down Expand Up @@ -1599,3 +1641,39 @@ func flattenApiManagementPolicies(d *schema.ResourceData, input apimanagement.Po

return []interface{}{output}
}

func expandApiManagementTenantAccessSettings(input []interface{}) apimanagement.AccessInformationUpdateParameters {
enabled := false

if len(input) > 0 {
vs := input[0].(map[string]interface{})
enabled = vs["enabled"].(bool)
}

return apimanagement.AccessInformationUpdateParameters{
AccessInformationUpdateParameterProperties: &apimanagement.AccessInformationUpdateParameterProperties{
Enabled: utils.Bool(enabled),
},
}
}

func flattenApiManagementTenantAccessSettings(input apimanagement.AccessInformationContract) []interface{} {
enabled := false

result := make(map[string]interface{})

if input.Enabled != nil {
enabled = *input.Enabled
}
result["enabled"] = enabled

if input.PrimaryKey != nil {
result["primary_key"] = *input.PrimaryKey
}

if input.SecondaryKey != nil {
result["secondary_key"] = *input.SecondaryKey
}

return []interface{}{result}
}
45 changes: 45 additions & 0 deletions azurerm/internal/services/apimanagement/api_management_resource_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -501,6 +501,24 @@ func TestAccApiManagement_identitySystemAssignedUserAssignedUpdateUserAssigned(t
})
}

func TestAccApiManagement_tenantAccess(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
r := ApiManagementResource{}

data.ResourceTest(t, r, []resource.TestStep{
{
Config: r.tenantAccess(data),
Check: resource.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
check.That(data.ResourceName).Key("tenant_access.0.enabled").HasValue("true"),
check.That(data.ResourceName).Key("tenant_access.0.primary_key").Exists(),
check.That(data.ResourceName).Key("tenant_access.0.secondary_key").Exists(),
),
},
data.ImportStep(),
})
}

func (ApiManagementResource) basic(data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
Expand Down Expand Up @@ -1248,3 +1266,30 @@ resource "azurerm_api_management" "test" {
}
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
}

func (ApiManagementResource) tenantAccess(data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}

resource "azurerm_resource_group" "test" {
name = "acctestRG-%d"
location = "%s"
}

resource "azurerm_api_management" "test" {
name = "acctestAM-%d"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
publisher_name = "pub1"
publisher_email = "[email protected]"

sku_name = "Developer_1"

tenant_access {
enabled = true
}
}
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
}
5 changes: 5 additions & 0 deletions azurerm/internal/services/apimanagement/client/client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ type Client struct {
SignInClient *apimanagement.SignInSettingsClient
SignUpClient *apimanagement.SignUpSettingsClient
SubscriptionsClient *apimanagement.SubscriptionClient
TenantAccessClient *apimanagement.TenantAccessClient
UsersClient *apimanagement.UserClient
}

Expand Down Expand Up @@ -114,6 +115,9 @@ func NewClient(o *common.ClientOptions) *Client {
subscriptionsClient := apimanagement.NewSubscriptionClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
o.ConfigureClient(&subscriptionsClient.Client, o.ResourceManagerAuthorizer)

tenantAccessClient := apimanagement.NewTenantAccessClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
o.ConfigureClient(&tenantAccessClient.Client, o.ResourceManagerAuthorizer)

usersClient := apimanagement.NewUserClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
o.ConfigureClient(&usersClient.Client, o.ResourceManagerAuthorizer)

Expand Down Expand Up @@ -144,6 +148,7 @@ func NewClient(o *common.ClientOptions) *Client {
SignInClient: &signInClient,
SignUpClient: &signUpClient,
SubscriptionsClient: &subscriptionsClient,
TenantAccessClient: &tenantAccessClient,
UsersClient: &usersClient,
}
}