From 3e8ce6711e01db089bad602978d13c2d507641f7 Mon Sep 17 00:00:00 2001
From: neil-yechenwei <yechenwei2007@126.com>
Date: Fri, 11 Dec 2020 14:31:55 +0800
Subject: [PATCH 1/3] New resource: azurerm_sentinel_alert_rule_fusion

---
 .../services/sentinel/registration.go         |   1 +
 .../sentinel_alert_rule_fusion_resource.go    | 190 ++++++++++++++++++
 ...entinel_alert_rule_fusion_resource_test.go | 167 +++++++++++++++
 website/azurerm.erb                           |   4 +
 .../sentinel_alert_rule_fusion.html.markdown  |  70 +++++++
 5 files changed, 432 insertions(+)
 create mode 100644 azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go
 create mode 100644 azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go
 create mode 100644 website/docs/r/sentinel_alert_rule_fusion.html.markdown

diff --git a/azurerm/internal/services/sentinel/registration.go b/azurerm/internal/services/sentinel/registration.go
index 8f0bcebfa534..2150e3c34178 100644
--- a/azurerm/internal/services/sentinel/registration.go
+++ b/azurerm/internal/services/sentinel/registration.go
@@ -28,6 +28,7 @@ func (r Registration) SupportedDataSources() map[string]*schema.Resource {
 // SupportedResources returns the supported Resources supported by this Service
 func (r Registration) SupportedResources() map[string]*schema.Resource {
 	return map[string]*schema.Resource{
+		"azurerm_sentinel_alert_rule_fusion":               resourceArmSentinelAlertRuleFusion(),
 		"azurerm_sentinel_alert_rule_ms_security_incident": resourceArmSentinelAlertRuleMsSecurityIncident(),
 		"azurerm_sentinel_alert_rule_scheduled":            resourceArmSentinelAlertRuleScheduled(),
 	}
diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go
new file mode 100644
index 000000000000..38c0fff7601c
--- /dev/null
+++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go
@@ -0,0 +1,190 @@
+package sentinel
+
+import (
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	loganalyticsParse "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/loganalytics/parse"
+	loganalyticsValidate "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/loganalytics/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/sentinel/parse"
+	azSchema "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tf/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmSentinelAlertRuleFusion() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmSentinelAlertRuleFusionCreateUpdate,
+		Read:   resourceArmSentinelAlertRuleFusionRead,
+		Update: resourceArmSentinelAlertRuleFusionCreateUpdate,
+		Delete: resourceArmSentinelAlertRuleFusionDelete,
+
+		Importer: azSchema.ValidateResourceIDPriorToImportThen(func(id string) error {
+			_, err := parse.SentinelAlertRuleID(id)
+			return err
+		}, importSentinelAlertRule(securityinsight.Fusion)),
+
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(30 * time.Minute),
+			Read:   schema.DefaultTimeout(5 * time.Minute),
+			Update: schema.DefaultTimeout(30 * time.Minute),
+			Delete: schema.DefaultTimeout(30 * time.Minute),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validation.StringIsNotEmpty,
+			},
+
+			"log_analytics_workspace_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: loganalyticsValidate.LogAnalyticsWorkspaceID,
+			},
+
+			"alert_rule_template_name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validation.IsUUID,
+			},
+
+			"enabled": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  true,
+			},
+		},
+	}
+}
+
+func resourceArmSentinelAlertRuleFusionCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Sentinel.AlertRulesClient
+	ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	name := d.Get("name").(string)
+
+	workspaceID, err := loganalyticsParse.LogAnalyticsWorkspaceID(d.Get("log_analytics_workspace_id").(string))
+	if err != nil {
+		return err
+	}
+
+	if d.IsNewResource() {
+		resp, err := client.Get(ctx, workspaceID.ResourceGroup, "Microsoft.OperationalInsights", workspaceID.WorkspaceName, name)
+		if err != nil {
+			if !utils.ResponseWasNotFound(resp.Response) {
+				return fmt.Errorf("checking for existing Sentinel Alert Rule Fusion %q (Resource Group %q): %+v", name, workspaceID.ResourceGroup, err)
+			}
+		}
+
+		id := alertRuleID(resp.Value)
+		if id != nil && *id != "" {
+			return tf.ImportAsExistsError("azurerm_sentinel_alert_rule_fusion", *id)
+		}
+	}
+
+	params := securityinsight.FusionAlertRule{
+		Kind: securityinsight.KindFusion,
+		FusionAlertRuleProperties: &securityinsight.FusionAlertRuleProperties{
+			AlertRuleTemplateName: utils.String(d.Get("alert_rule_template_name").(string)),
+			Enabled:               utils.Bool(d.Get("enabled").(bool)),
+		},
+	}
+
+	// Service avoid concurrent update of this resource via checking the "etag" to guarantee it is the same value as last Read.
+	if !d.IsNewResource() {
+		resp, err := client.Get(ctx, workspaceID.ResourceGroup, "Microsoft.OperationalInsights", workspaceID.WorkspaceName, name)
+		if err != nil {
+			return fmt.Errorf("retrieving Sentinel Alert Rule Fusion %q (Resource Group %q / Workspace: %q): %+v", name, workspaceID.ResourceGroup, workspaceID.WorkspaceName, err)
+		}
+
+		if err := assertAlertRuleKind(resp.Value, securityinsight.Fusion); err != nil {
+			return fmt.Errorf("asserting alert rule of %q (Resource Group %q / Workspace: %q): %+v", name, workspaceID.ResourceGroup, workspaceID.WorkspaceName, err)
+		}
+		params.Etag = resp.Value.(securityinsight.FusionAlertRule).Etag
+	}
+
+	if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, "Microsoft.OperationalInsights", workspaceID.WorkspaceName, name, params); err != nil {
+		return fmt.Errorf("creating Sentinel Alert Rule Fusion %q (Resource Group %q / Workspace: %q): %+v", name, workspaceID.ResourceGroup, workspaceID.WorkspaceName, err)
+	}
+
+	resp, err := client.Get(ctx, workspaceID.ResourceGroup, "Microsoft.OperationalInsights", workspaceID.WorkspaceName, name)
+	if err != nil {
+		return fmt.Errorf("retrieving Sentinel Alert Rule Fusion %q (Resource Group %q / Workspace: %q): %+v", name, workspaceID.ResourceGroup, workspaceID.WorkspaceName, err)
+	}
+	id := alertRuleID(resp.Value)
+	if id == nil || *id == "" {
+		return fmt.Errorf("empty or nil ID returned for Sentinel Alert Rule Fusion %q (Resource Group %q / Workspace: %q) ID", name, workspaceID.ResourceGroup, workspaceID.WorkspaceName)
+	}
+	d.SetId(*id)
+
+	return resourceArmSentinelAlertRuleFusionRead(d, meta)
+}
+
+func resourceArmSentinelAlertRuleFusionRead(d *schema.ResourceData, meta interface{}) error {
+	subscriptionId := meta.(*clients.Client).Account.SubscriptionId
+	client := meta.(*clients.Client).Sentinel.AlertRulesClient
+	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.SentinelAlertRuleID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resp, err := client.Get(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.Workspace, id.Name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			log.Printf("[DEBUG] Sentinel Alert Rule Fusion %q was not found in Workspace: %q in Resource Group %q - removing from state!", id.Name, id.Workspace, id.ResourceGroup)
+			d.SetId("")
+			return nil
+		}
+
+		return fmt.Errorf("retrieving Sentinel Alert Rule Fusion %q (Resource Group %q / Workspace: %q): %+v", id.Name, id.ResourceGroup, id.Workspace, err)
+	}
+
+	if err := assertAlertRuleKind(resp.Value, securityinsight.Fusion); err != nil {
+		return fmt.Errorf("asserting alert rule of %q (Resource Group %q / Workspace: %q): %+v", id.Name, id.ResourceGroup, id.Workspace, err)
+	}
+	rule := resp.Value.(securityinsight.FusionAlertRule)
+
+	d.Set("name", id.Name)
+
+	logAnalyticsWorkspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(subscriptionId, id.ResourceGroup, id.Workspace)
+	d.Set("log_analytics_workspace_id", logAnalyticsWorkspaceId.ID(subscriptionId))
+
+	if prop := rule.FusionAlertRuleProperties; prop != nil {
+		d.Set("enabled", prop.Enabled)
+		d.Set("alert_rule_template_name", prop.AlertRuleTemplateName)
+	}
+
+	return nil
+}
+
+func resourceArmSentinelAlertRuleFusionDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Sentinel.AlertRulesClient
+	ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.SentinelAlertRuleID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	if _, err := client.Delete(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.Workspace, id.Name); err != nil {
+		return fmt.Errorf("deleting Sentinel Alert Rule Fusion %q (Resource Group %q / Workspace: %q): %+v", id.Name, id.ResourceGroup, id.Workspace, err)
+	}
+
+	return nil
+}
diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go
new file mode 100644
index 000000000000..eb1f308d58d2
--- /dev/null
+++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go
@@ -0,0 +1,167 @@
+package sentinel_test
+
+import (
+	"context"
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/terraform"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance/check"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/sentinel/parse"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+type SentinelAlertRuleFusionResource struct{}
+
+func TestAccAzureRMSentinelAlertRuleFusion_basic(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_sentinel_alert_rule_fusion", "test")
+	r := SentinelAlertRuleFusionResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.basic(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
+func TestAccAzureRMSentinelAlertRuleFusion_complete(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_sentinel_alert_rule_fusion", "test")
+	r := SentinelAlertRuleFusionResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.complete(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
+func TestAccAzureRMSentinelAlertRuleFusion_update(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_sentinel_alert_rule_fusion", "test")
+	r := SentinelAlertRuleFusionResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.basic(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.complete(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.basic(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
+func TestAccAzureRMSentinelAlertRuleFusion_requiresImport(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_sentinel_alert_rule_fusion", "test")
+	r := SentinelAlertRuleFusionResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.basic(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.RequiresImportErrorStep(r.requiresImport),
+	})
+}
+
+func (r SentinelAlertRuleFusionResource) Exists(ctx context.Context, client *clients.Client, state *terraform.InstanceState) (*bool, error) {
+	alertRuleClient := client.Sentinel.AlertRulesClient
+	id, err := parse.SentinelAlertRuleID(state.ID)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := alertRuleClient.Get(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.Workspace, id.Name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			return utils.Bool(false), nil
+		}
+
+		return nil, fmt.Errorf("retrieving Sentinel Alert Rule Fusion %q: %+v", state.ID, err)
+	}
+
+	return utils.Bool(resp.Value != nil), nil
+}
+
+func (r SentinelAlertRuleFusionResource) basic(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+resource "azurerm_sentinel_alert_rule_fusion" "test" {
+  name                       = "acctest-SentinelAlertRule-Fusion-%d"
+  log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id
+  alert_rule_template_name   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
+}
+`, r.template(data), data.RandomInteger)
+}
+
+func (r SentinelAlertRuleFusionResource) complete(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+resource "azurerm_sentinel_alert_rule_fusion" "test" {
+  name                       = "acctest-SentinelAlertRule-Fusion-%d"
+  log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id
+  alert_rule_template_name   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
+  enabled                    = false
+}
+`, r.template(data), data.RandomInteger)
+}
+
+func (r SentinelAlertRuleFusionResource) requiresImport(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+resource "azurerm_sentinel_alert_rule_fusion" "import" {
+  name                       = azurerm_sentinel_alert_rule_fusion.test.name
+  log_analytics_workspace_id = azurerm_sentinel_alert_rule_fusion.test.log_analytics_workspace_id
+  alert_rule_template_name   = azurerm_sentinel_alert_rule_fusion.test.alert_rule_template_name
+}
+`, r.basic(data))
+}
+
+func (r SentinelAlertRuleFusionResource) template(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-sentinel-%d"
+  location = "%s"
+}
+
+resource "azurerm_log_analytics_workspace" "test" {
+  name                = "acctestLAW-%d"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+  sku                 = "PerGB2018"
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
+}
diff --git a/website/azurerm.erb b/website/azurerm.erb
index 78240f975d60..a0270b7ef50d 100644
--- a/website/azurerm.erb
+++ b/website/azurerm.erb
@@ -2774,6 +2774,10 @@
             <li>
               <a href="#">Sentinel Resources</a>
               <ul class="nav">
+                <li>
+                  <a href="/docs/providers/azurerm/r/sentinel_alert_rule_fusion.html">azurerm_sentinel_alert_rule_fusion</a>
+                </li>
+
                 <li>
                   <a href="/docs/providers/azurerm/r/sentinel_alert_rule_ms_security_incident.html">azurerm_sentinel_alert_rule_ms_security_incident</a>
                 </li>
diff --git a/website/docs/r/sentinel_alert_rule_fusion.html.markdown b/website/docs/r/sentinel_alert_rule_fusion.html.markdown
new file mode 100644
index 000000000000..82586f5c3a88
--- /dev/null
+++ b/website/docs/r/sentinel_alert_rule_fusion.html.markdown
@@ -0,0 +1,70 @@
+---
+subcategory: "Sentinel"
+layout: "azurerm"
+page_title: "Azure Resource Manager: azurerm_sentinel_alert_rule_fusion"
+description: |-
+  Manages a Sentinel Fusion Alert Rule.
+---
+
+# azurerm_sentinel_alert_rule_fusion
+
+Manages a Sentinel Fusion Alert Rule.
+
+## Example Usage
+
+```hcl
+resource "azurerm_resource_group" "example" {
+  name     = "example-resources"
+  location = "West Europe"
+}
+
+resource "azurerm_log_analytics_workspace" "example" {
+  name                = "example-workspace"
+  location            = azurerm_resource_group.example.location
+  resource_group_name = azurerm_resource_group.example.name
+  sku                 = "pergb2018"
+}
+
+resource "azurerm_sentinel_alert_rule_fusion" "example" {
+  name                       = "example-fusion-alert-rule"
+  log_analytics_workspace_id = azurerm_log_analytics_workspace.example.id
+  alert_rule_template_name   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
+}
+```
+
+## Arguments Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The name which should be used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
+
+* `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace this Sentinel Fusion Alert Rule belongs to. Changing this forces a new Sentinel Fusion Alert Rule to be created.
+
+* `alert_rule_template_name` - (Required) The name of the alert rule template which is used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
+
+-> **NOTE** `alert_rule_template_name` should be a valid GUID.
+
+* `enabled` - (Optional) Should this Sentinel Fusion Alert Rule be enabled? Defaults to `true`.
+
+## Attributes Reference
+
+In addition to the Arguments listed above - the following Attributes are exported: 
+
+* `id` - The ID of the Sentinel Fusion Alert Rule.
+
+## Timeouts
+
+The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
+
+* `create` - (Defaults to 30 minutes) Used when creating the Sentinel Fusion Alert Rule.
+* `read` - (Defaults to 5 minutes) Used when retrieving the Sentinel Fusion Alert Rule.
+* `update` - (Defaults to 30 minutes) Used when updating the Sentinel Fusion Alert Rule.
+* `delete` - (Defaults to 30 minutes) Used when deleting the Sentinel Fusion Alert Rule.
+
+## Import
+
+Sentinel Fusion Alert Rules can be imported using the `resource id`, e.g.
+
+```shell
+terraform import azurerm_sentinel_alert_rule_fusion.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/alertRules/rule1
+```

From a2ee094471076b271f812c33059ebc85ad662bb5 Mon Sep 17 00:00:00 2001
From: neil-yechenwei <yechenwei2007@126.com>
Date: Mon, 14 Dec 2020 11:04:08 +0800
Subject: [PATCH 2/3] update code

---
 .../sentinel_alert_rule_fusion_resource.go    | 29 +++++++++----------
 ...entinel_alert_rule_fusion_resource_test.go | 16 +++++-----
 .../sentinel_alert_rule_fusion.html.markdown  |  6 ++--
 3 files changed, 24 insertions(+), 27 deletions(-)

diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go
index 38c0fff7601c..cae22156d282 100644
--- a/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go
+++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go
@@ -18,12 +18,12 @@ import (
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
 )
 
-func resourceArmSentinelAlertRuleFusion() *schema.Resource {
+func resourceSentinelAlertRuleFusion() *schema.Resource {
 	return &schema.Resource{
-		Create: resourceArmSentinelAlertRuleFusionCreateUpdate,
-		Read:   resourceArmSentinelAlertRuleFusionRead,
-		Update: resourceArmSentinelAlertRuleFusionCreateUpdate,
-		Delete: resourceArmSentinelAlertRuleFusionDelete,
+		Create: resourceSentinelAlertRuleFusionCreateUpdate,
+		Read:   resourceSentinelAlertRuleFusionRead,
+		Update: resourceSentinelAlertRuleFusionCreateUpdate,
+		Delete: resourceSentinelAlertRuleFusionDelete,
 
 		Importer: azSchema.ValidateResourceIDPriorToImportThen(func(id string) error {
 			_, err := parse.SentinelAlertRuleID(id)
@@ -52,7 +52,7 @@ func resourceArmSentinelAlertRuleFusion() *schema.Resource {
 				ValidateFunc: loganalyticsValidate.LogAnalyticsWorkspaceID,
 			},
 
-			"alert_rule_template_name": {
+			"alert_rule_template_guid": {
 				Type:         schema.TypeString,
 				Required:     true,
 				ForceNew:     true,
@@ -68,7 +68,7 @@ func resourceArmSentinelAlertRuleFusion() *schema.Resource {
 	}
 }
 
-func resourceArmSentinelAlertRuleFusionCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+func resourceSentinelAlertRuleFusionCreateUpdate(d *schema.ResourceData, meta interface{}) error {
 	client := meta.(*clients.Client).Sentinel.AlertRulesClient
 	ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d)
 	defer cancel()
@@ -97,7 +97,7 @@ func resourceArmSentinelAlertRuleFusionCreateUpdate(d *schema.ResourceData, meta
 	params := securityinsight.FusionAlertRule{
 		Kind: securityinsight.KindFusion,
 		FusionAlertRuleProperties: &securityinsight.FusionAlertRuleProperties{
-			AlertRuleTemplateName: utils.String(d.Get("alert_rule_template_name").(string)),
+			AlertRuleTemplateName: utils.String(d.Get("alert_rule_template_guid").(string)),
 			Enabled:               utils.Bool(d.Get("enabled").(bool)),
 		},
 	}
@@ -129,11 +129,10 @@ func resourceArmSentinelAlertRuleFusionCreateUpdate(d *schema.ResourceData, meta
 	}
 	d.SetId(*id)
 
-	return resourceArmSentinelAlertRuleFusionRead(d, meta)
+	return resourceSentinelAlertRuleFusionRead(d, meta)
 }
 
-func resourceArmSentinelAlertRuleFusionRead(d *schema.ResourceData, meta interface{}) error {
-	subscriptionId := meta.(*clients.Client).Account.SubscriptionId
+func resourceSentinelAlertRuleFusionRead(d *schema.ResourceData, meta interface{}) error {
 	client := meta.(*clients.Client).Sentinel.AlertRulesClient
 	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
 	defer cancel()
@@ -161,18 +160,18 @@ func resourceArmSentinelAlertRuleFusionRead(d *schema.ResourceData, meta interfa
 
 	d.Set("name", id.Name)
 
-	logAnalyticsWorkspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(subscriptionId, id.ResourceGroup, id.Workspace)
-	d.Set("log_analytics_workspace_id", logAnalyticsWorkspaceId.ID(subscriptionId))
+	workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.Workspace)
+	d.Set("log_analytics_workspace_id", workspaceId.ID())
 
 	if prop := rule.FusionAlertRuleProperties; prop != nil {
 		d.Set("enabled", prop.Enabled)
-		d.Set("alert_rule_template_name", prop.AlertRuleTemplateName)
+		d.Set("alert_rule_template_guid", prop.AlertRuleTemplateName)
 	}
 
 	return nil
 }
 
-func resourceArmSentinelAlertRuleFusionDelete(d *schema.ResourceData, meta interface{}) error {
+func resourceSentinelAlertRuleFusionDelete(d *schema.ResourceData, meta interface{}) error {
 	client := meta.(*clients.Client).Sentinel.AlertRulesClient
 	ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
 	defer cancel()
diff --git a/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go
index eb1f308d58d2..813f76b77e24 100644
--- a/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go
+++ b/azurerm/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go
@@ -16,7 +16,7 @@ import (
 
 type SentinelAlertRuleFusionResource struct{}
 
-func TestAccAzureRMSentinelAlertRuleFusion_basic(t *testing.T) {
+func TestAccSentinelAlertRuleFusion_basic(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_sentinel_alert_rule_fusion", "test")
 	r := SentinelAlertRuleFusionResource{}
 
@@ -31,7 +31,7 @@ func TestAccAzureRMSentinelAlertRuleFusion_basic(t *testing.T) {
 	})
 }
 
-func TestAccAzureRMSentinelAlertRuleFusion_complete(t *testing.T) {
+func TestAccSentinelAlertRuleFusion_complete(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_sentinel_alert_rule_fusion", "test")
 	r := SentinelAlertRuleFusionResource{}
 
@@ -46,7 +46,7 @@ func TestAccAzureRMSentinelAlertRuleFusion_complete(t *testing.T) {
 	})
 }
 
-func TestAccAzureRMSentinelAlertRuleFusion_update(t *testing.T) {
+func TestAccSentinelAlertRuleFusion_update(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_sentinel_alert_rule_fusion", "test")
 	r := SentinelAlertRuleFusionResource{}
 
@@ -75,7 +75,7 @@ func TestAccAzureRMSentinelAlertRuleFusion_update(t *testing.T) {
 	})
 }
 
-func TestAccAzureRMSentinelAlertRuleFusion_requiresImport(t *testing.T) {
+func TestAccSentinelAlertRuleFusion_requiresImport(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_sentinel_alert_rule_fusion", "test")
 	r := SentinelAlertRuleFusionResource{}
 
@@ -103,7 +103,7 @@ func (r SentinelAlertRuleFusionResource) Exists(ctx context.Context, client *cli
 			return utils.Bool(false), nil
 		}
 
-		return nil, fmt.Errorf("retrieving Sentinel Alert Rule Fusion %q: %+v", state.ID, err)
+		return nil, fmt.Errorf("retrieving Sentinel Alert Rule Fusion (%q): %+v", state.String(), err)
 	}
 
 	return utils.Bool(resp.Value != nil), nil
@@ -116,7 +116,7 @@ func (r SentinelAlertRuleFusionResource) basic(data acceptance.TestData) string
 resource "azurerm_sentinel_alert_rule_fusion" "test" {
   name                       = "acctest-SentinelAlertRule-Fusion-%d"
   log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id
-  alert_rule_template_name   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
+  alert_rule_template_guid   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
 }
 `, r.template(data), data.RandomInteger)
 }
@@ -128,7 +128,7 @@ func (r SentinelAlertRuleFusionResource) complete(data acceptance.TestData) stri
 resource "azurerm_sentinel_alert_rule_fusion" "test" {
   name                       = "acctest-SentinelAlertRule-Fusion-%d"
   log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id
-  alert_rule_template_name   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
+  alert_rule_template_guid   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
   enabled                    = false
 }
 `, r.template(data), data.RandomInteger)
@@ -141,7 +141,7 @@ func (r SentinelAlertRuleFusionResource) requiresImport(data acceptance.TestData
 resource "azurerm_sentinel_alert_rule_fusion" "import" {
   name                       = azurerm_sentinel_alert_rule_fusion.test.name
   log_analytics_workspace_id = azurerm_sentinel_alert_rule_fusion.test.log_analytics_workspace_id
-  alert_rule_template_name   = azurerm_sentinel_alert_rule_fusion.test.alert_rule_template_name
+  alert_rule_template_guid   = azurerm_sentinel_alert_rule_fusion.test.alert_rule_template_guid
 }
 `, r.basic(data))
 }
diff --git a/website/docs/r/sentinel_alert_rule_fusion.html.markdown b/website/docs/r/sentinel_alert_rule_fusion.html.markdown
index 82586f5c3a88..b565bb3a9fc8 100644
--- a/website/docs/r/sentinel_alert_rule_fusion.html.markdown
+++ b/website/docs/r/sentinel_alert_rule_fusion.html.markdown
@@ -28,7 +28,7 @@ resource "azurerm_log_analytics_workspace" "example" {
 resource "azurerm_sentinel_alert_rule_fusion" "example" {
   name                       = "example-fusion-alert-rule"
   log_analytics_workspace_id = azurerm_log_analytics_workspace.example.id
-  alert_rule_template_name   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
+  alert_rule_template_guid   = "f71aba3d-28fb-450b-b192-4e76a83015c8"
 }
 ```
 
@@ -40,9 +40,7 @@ The following arguments are supported:
 
 * `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace this Sentinel Fusion Alert Rule belongs to. Changing this forces a new Sentinel Fusion Alert Rule to be created.
 
-* `alert_rule_template_name` - (Required) The name of the alert rule template which is used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
-
--> **NOTE** `alert_rule_template_name` should be a valid GUID.
+* `alert_rule_template_guid` - (Required) The GUID of the alert rule template which is used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
 
 * `enabled` - (Optional) Should this Sentinel Fusion Alert Rule be enabled? Defaults to `true`.
 

From bd587c6f06089a3dee9e014651547acbab8006a4 Mon Sep 17 00:00:00 2001
From: neil-yechenwei <yechenwei2007@126.com>
Date: Mon, 14 Dec 2020 11:28:56 +0800
Subject: [PATCH 3/3] update code

---
 azurerm/internal/services/sentinel/registration.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/azurerm/internal/services/sentinel/registration.go b/azurerm/internal/services/sentinel/registration.go
index 443aead1c59f..557756060fce 100644
--- a/azurerm/internal/services/sentinel/registration.go
+++ b/azurerm/internal/services/sentinel/registration.go
@@ -28,7 +28,7 @@ func (r Registration) SupportedDataSources() map[string]*schema.Resource {
 // SupportedResources returns the supported Resources supported by this Service
 func (r Registration) SupportedResources() map[string]*schema.Resource {
 	return map[string]*schema.Resource{
-		"azurerm_sentinel_alert_rule_fusion":               resourceArmSentinelAlertRuleFusion(),
+		"azurerm_sentinel_alert_rule_fusion":               resourceSentinelAlertRuleFusion(),
 		"azurerm_sentinel_alert_rule_ms_security_incident": resourceSentinelAlertRuleMsSecurityIncident(),
 		"azurerm_sentinel_alert_rule_scheduled":            resourceSentinelAlertRuleScheduled(),
 	}