From 80fcfb57999c3bec27fa4e54ec1b347c15d9410a Mon Sep 17 00:00:00 2001 From: Jack Batzner Date: Tue, 16 Feb 2021 20:40:51 -0600 Subject: [PATCH 1/3] r/lighthouse: Expose `principal_id_display_name` field --- .../lighthouse_definition_resource.go | 21 +++++++++++++++---- .../lighthouse_definition_resource_test.go | 6 ++++-- .../r/lighthouse_definition.html.markdown | 7 +++++-- 3 files changed, 26 insertions(+), 8 deletions(-) diff --git a/azurerm/internal/services/lighthouse/lighthouse_definition_resource.go b/azurerm/internal/services/lighthouse/lighthouse_definition_resource.go index 2a70150a1641..7d75a4fb656b 100644 --- a/azurerm/internal/services/lighthouse/lighthouse_definition_resource.go +++ b/azurerm/internal/services/lighthouse/lighthouse_definition_resource.go @@ -73,6 +73,12 @@ func resourceLighthouseDefinition() *schema.Resource { Required: true, ValidateFunc: validation.IsUUID, }, + + "principal_id_display_name": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringIsNotEmpty, + }, }, }, }, @@ -225,9 +231,15 @@ func flattenLighthouseDefinitionAuthorization(input *[]managedservices.Authoriza roleDefinitionID = *item.RoleDefinitionID } + principalIDDisplayName := "" + if item.PrincipalIDDisplayName != nil { + principalIDDisplayName = *item.PrincipalIDDisplayName + } + results = append(results, map[string]interface{}{ - "role_definition_id": roleDefinitionID, - "principal_id": principalID, + "role_definition_id": roleDefinitionID, + "principal_id": principalID, + "principal_id_display_name": principalIDDisplayName, }) } @@ -239,8 +251,9 @@ func expandLighthouseDefinitionAuthorization(input []interface{}) *[]managedserv for _, item := range input { v := item.(map[string]interface{}) result := managedservices.Authorization{ - RoleDefinitionID: utils.String(v["role_definition_id"].(string)), - PrincipalID: utils.String(v["principal_id"].(string)), + RoleDefinitionID: utils.String(v["role_definition_id"].(string)), + PrincipalID: utils.String(v["principal_id"].(string)), + PrincipalIDDisplayName: utils.String(v["principal_id_display_name"].(string)), } results = append(results, result) } diff --git a/azurerm/internal/services/lighthouse/lighthouse_definition_resource_test.go b/azurerm/internal/services/lighthouse/lighthouse_definition_resource_test.go index cdd706d772dc..f40baaed19c8 100644 --- a/azurerm/internal/services/lighthouse/lighthouse_definition_resource_test.go +++ b/azurerm/internal/services/lighthouse/lighthouse_definition_resource_test.go @@ -36,6 +36,7 @@ func TestAccLighthouseDefinition_basic(t *testing.T) { check.That(data.ResourceName).ExistsInAzure(r), check.That(data.ResourceName).Key("scope").Exists(), resource.TestMatchResourceAttr(data.ResourceName, "lighthouse_definition_id", validate.UUIDRegExp), + check.That(data.ResourceName).Key("authorization.0.principal_id_display_name").HasValue("Tier 1 Support"), ), }, }) @@ -160,8 +161,9 @@ resource "azurerm_lighthouse_definition" "test" { managing_tenant_id = "%s" authorization { - principal_id = "%s" - role_definition_id = data.azurerm_role_definition.contributor.role_definition_id + principal_id = "%s" + role_definition_id = data.azurerm_role_definition.contributor.role_definition_id + principal_id_display_name = "Tier 1 Support" } } `, id, data.RandomInteger, secondTenantID, principalID) diff --git a/website/docs/r/lighthouse_definition.html.markdown b/website/docs/r/lighthouse_definition.html.markdown index 42693c4fbbbf..e7c29424a0c6 100644 --- a/website/docs/r/lighthouse_definition.html.markdown +++ b/website/docs/r/lighthouse_definition.html.markdown @@ -24,8 +24,9 @@ resource "azurerm_lighthouse_definition" "example" { managing_tenant_id = "00000000-0000-0000-0000-000000000000" authorization { - principal_id = "00000000-0000-0000-0000-000000000000" - role_definition_id = data.azurerm_role_definition.contributor.role_definition_id + principal_id = "00000000-0000-0000-0000-000000000000" + role_definition_id = data.azurerm_role_definition.contributor.role_definition_id + principal_id_display_name = "Tier 1 Support" } } ``` @@ -50,6 +51,8 @@ An `authorization` block supports the following: * `principal_id` - (Required) Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription. +* `principal_id_display_name` - (Optional) The display name of the security group/service principal/user that would be assigned permissions to the projected subscription. + * `role_definition_id` - (Required) The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an `Owner` role. ## Attributes Reference From fee69e738bd4ab29250f75be829f18ae777ad5a9 Mon Sep 17 00:00:00 2001 From: Jack Batzner Date: Tue, 16 Feb 2021 20:48:27 -0600 Subject: [PATCH 2/3] fix lint --- website/docs/r/lighthouse_definition.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/lighthouse_definition.html.markdown b/website/docs/r/lighthouse_definition.html.markdown index e7c29424a0c6..70dab2edb247 100644 --- a/website/docs/r/lighthouse_definition.html.markdown +++ b/website/docs/r/lighthouse_definition.html.markdown @@ -26,7 +26,7 @@ resource "azurerm_lighthouse_definition" "example" { authorization { principal_id = "00000000-0000-0000-0000-000000000000" role_definition_id = data.azurerm_role_definition.contributor.role_definition_id - principal_id_display_name = "Tier 1 Support" + principal_id_display_name = "Tier 1 Support" } } ``` @@ -45,7 +45,7 @@ The following arguments are supported: * `authorization` - (Required) An authorization block as defined below. ---- +--- An `authorization` block supports the following: From c4b185893b32558df35d76b270eea2fe4e9ea238 Mon Sep 17 00:00:00 2001 From: Jack Batzner Date: Thu, 18 Feb 2021 06:47:47 -0600 Subject: [PATCH 3/3] Rename prop --- .../lighthouse/lighthouse_definition_resource.go | 10 +++++----- .../lighthouse/lighthouse_definition_resource_test.go | 8 ++++---- website/docs/r/lighthouse_definition.html.markdown | 8 ++++---- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/azurerm/internal/services/lighthouse/lighthouse_definition_resource.go b/azurerm/internal/services/lighthouse/lighthouse_definition_resource.go index 7d75a4fb656b..96076c7c4568 100644 --- a/azurerm/internal/services/lighthouse/lighthouse_definition_resource.go +++ b/azurerm/internal/services/lighthouse/lighthouse_definition_resource.go @@ -74,7 +74,7 @@ func resourceLighthouseDefinition() *schema.Resource { ValidateFunc: validation.IsUUID, }, - "principal_id_display_name": { + "principal_display_name": { Type: schema.TypeString, Optional: true, ValidateFunc: validation.StringIsNotEmpty, @@ -237,9 +237,9 @@ func flattenLighthouseDefinitionAuthorization(input *[]managedservices.Authoriza } results = append(results, map[string]interface{}{ - "role_definition_id": roleDefinitionID, - "principal_id": principalID, - "principal_id_display_name": principalIDDisplayName, + "role_definition_id": roleDefinitionID, + "principal_id": principalID, + "principal_display_name": principalIDDisplayName, }) } @@ -253,7 +253,7 @@ func expandLighthouseDefinitionAuthorization(input []interface{}) *[]managedserv result := managedservices.Authorization{ RoleDefinitionID: utils.String(v["role_definition_id"].(string)), PrincipalID: utils.String(v["principal_id"].(string)), - PrincipalIDDisplayName: utils.String(v["principal_id_display_name"].(string)), + PrincipalIDDisplayName: utils.String(v["principal_display_name"].(string)), } results = append(results, result) } diff --git a/azurerm/internal/services/lighthouse/lighthouse_definition_resource_test.go b/azurerm/internal/services/lighthouse/lighthouse_definition_resource_test.go index f40baaed19c8..b5aa384d101a 100644 --- a/azurerm/internal/services/lighthouse/lighthouse_definition_resource_test.go +++ b/azurerm/internal/services/lighthouse/lighthouse_definition_resource_test.go @@ -36,7 +36,7 @@ func TestAccLighthouseDefinition_basic(t *testing.T) { check.That(data.ResourceName).ExistsInAzure(r), check.That(data.ResourceName).Key("scope").Exists(), resource.TestMatchResourceAttr(data.ResourceName, "lighthouse_definition_id", validate.UUIDRegExp), - check.That(data.ResourceName).Key("authorization.0.principal_id_display_name").HasValue("Tier 1 Support"), + check.That(data.ResourceName).Key("authorization.0.principal_display_name").HasValue("Tier 1 Support"), ), }, }) @@ -161,9 +161,9 @@ resource "azurerm_lighthouse_definition" "test" { managing_tenant_id = "%s" authorization { - principal_id = "%s" - role_definition_id = data.azurerm_role_definition.contributor.role_definition_id - principal_id_display_name = "Tier 1 Support" + principal_id = "%s" + role_definition_id = data.azurerm_role_definition.contributor.role_definition_id + principal_display_name = "Tier 1 Support" } } `, id, data.RandomInteger, secondTenantID, principalID) diff --git a/website/docs/r/lighthouse_definition.html.markdown b/website/docs/r/lighthouse_definition.html.markdown index 70dab2edb247..ddb85262b7e7 100644 --- a/website/docs/r/lighthouse_definition.html.markdown +++ b/website/docs/r/lighthouse_definition.html.markdown @@ -24,9 +24,9 @@ resource "azurerm_lighthouse_definition" "example" { managing_tenant_id = "00000000-0000-0000-0000-000000000000" authorization { - principal_id = "00000000-0000-0000-0000-000000000000" - role_definition_id = data.azurerm_role_definition.contributor.role_definition_id - principal_id_display_name = "Tier 1 Support" + principal_id = "00000000-0000-0000-0000-000000000000" + role_definition_id = data.azurerm_role_definition.contributor.role_definition_id + principal_display_name = "Tier 1 Support" } } ``` @@ -51,7 +51,7 @@ An `authorization` block supports the following: * `principal_id` - (Required) Principal ID of the security group/service principal/user that would be assigned permissions to the projected subscription. -* `principal_id_display_name` - (Optional) The display name of the security group/service principal/user that would be assigned permissions to the projected subscription. +* `principal_display_name` - (Optional) The display name of the security group/service principal/user that would be assigned permissions to the projected subscription. * `role_definition_id` - (Required) The role definition identifier. This role will define the permissions that are granted to the principal. This cannot be an `Owner` role.