From 538b4f599eec943d151b642ee5a2fba8e9f1aea7 Mon Sep 17 00:00:00 2001 From: hqhqhqhqhqhqhqhqhqhqhq Date: Fri, 10 Jan 2025 01:00:55 +1100 Subject: [PATCH] `azurerm_healthcare_dicom_service` resource & data source - support for new properties (#27375) * add several properties for healthcareapi dicomservice * Update healthcare_dicom_data_source.go * fix issues addressed in review * Update healthcare_dicom_data_source.go * Update docs * Update resource & data source & test * fix: extend error message * Update healthcare_dicom_resource_test.go * Update healthcare_dicom_data_source.go * Update healthcare_dicom_data_source.go * fix: update url to URL for API Response * Update healthcare_dicom_resource_test.go * Update healthcare_dicom_resource.go * Update healthcare_dicom_resource.go --- .../healthcare_dicom_data_source.go | 86 ++++++ .../healthcare/healthcare_dicom_resource.go | 281 +++++++++++++++++- .../healthcare_dicom_resource_test.go | 149 ++++++---- website/docs/d/healthcare_dicom.html.markdown | 35 ++- website/docs/r/healthcare_dicom.html.markdown | 34 ++- 5 files changed, 518 insertions(+), 67 deletions(-) diff --git a/internal/services/healthcare/healthcare_dicom_data_source.go b/internal/services/healthcare/healthcare_dicom_data_source.go index f778c84641fd..85776f481ce2 100644 --- a/internal/services/healthcare/healthcare_dicom_data_source.go +++ b/internal/services/healthcare/healthcare_dicom_data_source.go @@ -7,6 +7,7 @@ import ( "fmt" "time" + "github.com/hashicorp/go-azure-helpers/lang/pointer" "github.com/hashicorp/go-azure-helpers/lang/response" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" "github.com/hashicorp/go-azure-helpers/resourcemanager/identity" @@ -54,6 +55,7 @@ func dataSourceHealthcareDicomService() *pluginsdk.Resource { Type: pluginsdk.TypeString, Computed: true, }, + "audience": { Type: pluginsdk.TypeList, Computed: true, @@ -86,6 +88,76 @@ func dataSourceHealthcareDicomService() *pluginsdk.Resource { Computed: true, }, + "data_partitions_enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "cors": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "allowed_origins": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + }, + }, + + "allowed_headers": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + }, + }, + + "allowed_methods": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + }, + }, + + "max_age_in_seconds": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + + "allow_credentials": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + }, + }, + }, + + "encryption_key_url": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "storage": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "file_system_name": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "storage_account_id": { + Type: pluginsdk.TypeString, + Computed: true, + }, + }, + }, + }, + "tags": commonschema.TagsDataSource(), }, } @@ -123,6 +195,20 @@ func dataSourceHealthcareApisDicomServiceRead(d *pluginsdk.ResourceData, meta in d.Set("authentication", flattenDicomAuthentication(props.AuthenticationConfiguration)) d.Set("private_endpoint", flattenDicomServicePrivateEndpoint(props.PrivateEndpointConnections)) d.Set("service_url", props.ServiceURL) + + d.Set("data_partitions_enabled", pointer.From(props.EnableDataPartitions)) + + d.Set("cors", flattenDicomServiceCorsConfiguration(props.CorsConfiguration)) + + if props.Encryption != nil && props.Encryption.CustomerManagedKeyEncryption != nil { + d.Set("encryption_key_url", pointer.From(props.Encryption.CustomerManagedKeyEncryption.KeyEncryptionKeyURL)) + } + + storage, err := flattenStorageConfiguration(props.StorageConfiguration) + if err != nil { + return fmt.Errorf("flattening `storage`: %+v", err) + } + d.Set("storage", storage) } i, err := identity.FlattenLegacySystemAndUserAssignedMap(m.Identity) diff --git a/internal/services/healthcare/healthcare_dicom_resource.go b/internal/services/healthcare/healthcare_dicom_resource.go index efac4ebbe9ec..fd50a207b889 100644 --- a/internal/services/healthcare/healthcare_dicom_resource.go +++ b/internal/services/healthcare/healthcare_dicom_resource.go @@ -11,6 +11,7 @@ import ( "github.com/hashicorp/go-azure-helpers/lang/pointer" "github.com/hashicorp/go-azure-helpers/lang/response" + "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" "github.com/hashicorp/go-azure-helpers/resourcemanager/identity" "github.com/hashicorp/go-azure-helpers/resourcemanager/location" @@ -22,7 +23,9 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/services/healthcare/migration" "github.com/hashicorp/terraform-provider-azurerm/internal/services/healthcare/validate" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation" "github.com/hashicorp/terraform-provider-azurerm/internal/timeouts" + "github.com/hashicorp/terraform-provider-azurerm/utils" ) func resourceHealthcareApisDicomService() *pluginsdk.Resource { @@ -77,6 +80,7 @@ func resourceHealthcareApisDicomService() *pluginsdk.Resource { Type: pluginsdk.TypeString, Computed: true, }, + "audience": { Type: pluginsdk.TypeList, Computed: true, @@ -115,6 +119,95 @@ func resourceHealthcareApisDicomService() *pluginsdk.Resource { Default: true, }, + "cors": { + Type: pluginsdk.TypeList, + Optional: true, + // NOTE: O+C API sets defaults for these if omitted + Computed: true, + MaxItems: 1, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "allowed_origins": { + Type: pluginsdk.TypeList, + Optional: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + ValidateFunc: validation.StringIsNotEmpty, + }, + }, + + "allowed_headers": { + Type: pluginsdk.TypeList, + Optional: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + ValidateFunc: validation.StringIsNotEmpty, + }, + }, + + "allowed_methods": { + Type: pluginsdk.TypeList, + Optional: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + ValidateFunc: validation.StringIsNotEmpty, + }, + }, + + "max_age_in_seconds": { + Type: pluginsdk.TypeInt, + Optional: true, + ValidateFunc: validation.IntBetween(0, 99998), + }, + + "allow_credentials": { + Type: pluginsdk.TypeBool, + Optional: true, + Default: false, + }, + }, + }, + }, + + "data_partitions_enabled": { + Type: pluginsdk.TypeBool, + Optional: true, + Default: false, + ForceNew: true, + }, + + "encryption_key_url": { + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: validation.IsURLWithHTTPS, + }, + + "storage": { + Type: pluginsdk.TypeList, + Optional: true, + // NOTE: O+C API sets defaults for these if omitted + Computed: true, + ForceNew: true, + MaxItems: 1, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "file_system_name": { + Type: pluginsdk.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringIsNotEmpty, + }, + + "storage_account_id": { + Type: pluginsdk.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: commonids.ValidateStorageAccountID, + }, + }, + }, + }, + "tags": commonschema.Tags(), }, } @@ -162,6 +255,28 @@ func resourceHealthcareApisDicomServiceCreate(d *pluginsdk.ResourceData, meta in Tags: tags.Expand(t), } + if v, ok := d.GetOk("data_partitions_enabled"); ok { + parameters.Properties.EnableDataPartitions = pointer.To(v.(bool)) + } + + cors := expandDicomServiceCorsConfiguration(d.Get("cors").([]interface{})) + if cors != nil { + parameters.Properties.CorsConfiguration = cors + } + + if v, ok := d.GetOk("encryption_key_url"); ok && v.(string) != "" { + parameters.Properties.Encryption = &dicomservices.Encryption{ + CustomerManagedKeyEncryption: &dicomservices.EncryptionCustomerManagedKeyEncryption{ + KeyEncryptionKeyURL: pointer.To(v.(string)), + }, + } + } + + storage := expandStorageConfiguration(d.Get("storage").([]interface{})) + if storage != nil { + parameters.Properties.StorageConfiguration = storage + } + if enabled := d.Get("public_network_access_enabled").(bool); !enabled { parameters.Properties.PublicNetworkAccess = pointer.To(dicomservices.PublicNetworkAccessDisabled) } @@ -209,6 +324,20 @@ func resourceHealthcareApisDicomServiceRead(d *pluginsdk.ResourceData, meta inte if pna := pointer.From(props.PublicNetworkAccess); pna != "" { d.Set("public_network_access_enabled", pointer.From(props.PublicNetworkAccess) == dicomservices.PublicNetworkAccessEnabled) } + + d.Set("data_partitions_enabled", pointer.From(props.EnableDataPartitions)) + + d.Set("cors", flattenDicomServiceCorsConfiguration(props.CorsConfiguration)) + + if props.Encryption != nil && props.Encryption.CustomerManagedKeyEncryption != nil { + d.Set("encryption_key_url", pointer.From(props.Encryption.CustomerManagedKeyEncryption.KeyEncryptionKeyURL)) + } + + storage, err := flattenStorageConfiguration(props.StorageConfiguration) + if err != nil { + return fmt.Errorf("flattening `storage`: %+v", err) + } + d.Set("storage", storage) } i, err := identity.FlattenLegacySystemAndUserAssignedMap(m.Identity) @@ -234,21 +363,51 @@ func resourceHealthcareApisDicomServiceUpdate(d *pluginsdk.ResourceData, meta in return err } - i, err := identity.ExpandLegacySystemAndUserAssignedMap(d.Get("identity").([]interface{})) + // Retrieve the existing resource + existing, err := client.Get(ctx, *id) if err != nil { - return fmt.Errorf("expanding `identity`: %+v", err) + return fmt.Errorf("retrieving %s: %+v", id, err) } - parameters := dicomservices.DicomService{ - Location: pointer.To(location.Normalize(d.Get("location").(string))), - Properties: &dicomservices.DicomServiceProperties{ - PublicNetworkAccess: pointer.To(dicomservices.PublicNetworkAccessEnabled), - }, - Identity: i, + if existing.Model == nil { + return fmt.Errorf("retrieving %s: `model` was nil", id) + } + if existing.Model.Properties == nil { + return fmt.Errorf("retrieving %s: `properties` was nil", id) } - if enabled := d.Get("public_network_access_enabled").(bool); !enabled { - parameters.Properties.PublicNetworkAccess = pointer.To(dicomservices.PublicNetworkAccessDisabled) + payload := existing.Model + + if d.HasChange("cors") { + payload.Properties.CorsConfiguration = expandDicomServiceCorsConfiguration(d.Get("cors").([]interface{})) + } + + if d.HasChange("encryption_key_url") { + payload.Properties.Encryption = &dicomservices.Encryption{ + CustomerManagedKeyEncryption: &dicomservices.EncryptionCustomerManagedKeyEncryption{ + KeyEncryptionKeyURL: pointer.To(d.Get("encryption_key_url").(string)), + }, + } + } + + if d.HasChange("public_network_access_enabled") { + if enabled := d.Get("public_network_access_enabled").(bool); !enabled { + payload.Properties.PublicNetworkAccess = pointer.To(dicomservices.PublicNetworkAccessDisabled) + } else { + payload.Properties.PublicNetworkAccess = pointer.To(dicomservices.PublicNetworkAccessEnabled) + } + } + + if d.HasChange("identity") { + i, err := identity.ExpandLegacySystemAndUserAssignedMap(d.Get("identity").([]interface{})) + if err != nil { + return fmt.Errorf("expanding `identity`: %+v", err) + } + payload.Identity = i + } + + if d.HasChange("location") { + payload.Location = pointer.To(location.Normalize(d.Get("location").(string))) } if d.HasChange("tags") { @@ -257,7 +416,7 @@ func resourceHealthcareApisDicomServiceUpdate(d *pluginsdk.ResourceData, meta in } } - err = client.CreateOrUpdateThenPoll(ctx, *id, parameters) + err = client.CreateOrUpdateThenPoll(ctx, *id, *payload) if err != nil { return fmt.Errorf("updating %s: %+v", id, err) } @@ -372,3 +531,103 @@ func flattenDicomServicePrivateEndpoint(input *[]dicomservices.PrivateEndpointCo } return results } + +func expandStorageConfiguration(input []interface{}) *dicomservices.StorageConfiguration { + if len(input) == 0 || input[0] == nil { + return nil + } + storageSettings := input[0].(map[string]interface{}) + + var storageResourceId *string + if v, ok := storageSettings["storage_account_id"]; ok { + storageResourceId = pointer.To(v.(string)) + } + + var fileSystemName *string + if v, ok := storageSettings["file_system_name"]; ok { + fileSystemName = pointer.To(v.(string)) + } + + return &dicomservices.StorageConfiguration{ + FileSystemName: fileSystemName, + StorageResourceId: storageResourceId, + } +} + +func flattenStorageConfiguration(configuration *dicomservices.StorageConfiguration) (interface{}, error) { + if configuration == nil { + return []interface{}{}, nil + } + + result := make(map[string]interface{}) + if configuration.FileSystemName != nil { + result["file_system_name"] = pointer.From(configuration.FileSystemName) + } + + if v := pointer.From(configuration.StorageResourceId); v != "" { + id, err := commonids.ParseStorageAccountID(v) + if err != nil { + return nil, err + } + result["storage_account_id"] = id.ID() + } + + return []interface{}{result}, nil +} + +func expandDicomServiceCorsConfiguration(inputList []interface{}) *dicomservices.CorsConfiguration { + if len(inputList) == 0 { + return nil + } + + input := inputList[0].(map[string]interface{}) + output := dicomservices.CorsConfiguration{} + + if v, ok := input["allowed_origins"]; ok { + output.Origins = utils.ExpandStringSlice(v.([]interface{})) + } + + if v, ok := input["allowed_headers"]; ok { + output.Headers = utils.ExpandStringSlice(v.([]interface{})) + } + + if v, ok := input["allowed_methods"]; ok { + output.Methods = utils.ExpandStringSlice(v.([]interface{})) + } + + if v, ok := input["max_age_in_seconds"]; ok { + output.MaxAge = pointer.To(int64(v.(int))) + } + + if v, ok := input["allow_credentials"]; ok { + output.AllowCredentials = pointer.To(v.(bool)) + } + + return &output +} + +func flattenDicomServiceCorsConfiguration(input *dicomservices.CorsConfiguration) []interface{} { + outputList := make([]interface{}, 0) + if input == nil { + return outputList + } + + output := make(map[string]interface{}) + output["allow_credentials"] = pointer.From(input.AllowCredentials) + + if input.Headers != nil { + output["allowed_headers"] = utils.FlattenStringSlice(input.Headers) + } + + output["max_age_in_seconds"] = pointer.From(input.MaxAge) + + if input.Methods != nil { + output["allowed_methods"] = utils.FlattenStringSlice(input.Methods) + } + + if input.Origins != nil { + output["allowed_origins"] = utils.FlattenStringSlice(input.Origins) + } + + return append(outputList, output) +} diff --git a/internal/services/healthcare/healthcare_dicom_resource_test.go b/internal/services/healthcare/healthcare_dicom_resource_test.go index df15c2de4803..778427c08656 100644 --- a/internal/services/healthcare/healthcare_dicom_resource_test.go +++ b/internal/services/healthcare/healthcare_dicom_resource_test.go @@ -63,22 +63,8 @@ func TestAccHealthCareDicomResource_update(t *testing.T) { check.That(data.ResourceName).ExistsInAzure(r)), }, data.ImportStep(), - }) -} - -func TestAccHealthCareDicomResource_updateUserAssignedIdentity(t *testing.T) { - data := acceptance.BuildTestData(t, "azurerm_healthcare_dicom_service", "test") - r := HealthCareDicomResource{} - - data.ResourceTest(t, r, []acceptance.TestStep{ { - Config: r.complete(data), - Check: acceptance.ComposeTestCheckFunc( - check.That(data.ResourceName).ExistsInAzure(r)), - }, - data.ImportStep(), - { - Config: r.userAssignedIdentity(data), + Config: r.basic(data), Check: acceptance.ComposeTestCheckFunc( check.That(data.ResourceName).ExistsInAzure(r)), }, @@ -119,33 +105,65 @@ func (r HealthCareDicomResource) basic(data acceptance.TestData) string { %s resource "azurerm_healthcare_dicom_service" "test" { - name = "dicom%d" + name = "acctestdicom%[2]s" workspace_id = azurerm_healthcare_workspace.test.id - location = "%s" + location = azurerm_resource_group.test.location depends_on = [azurerm_healthcare_workspace.test] } -`, r.template(data), data.RandomIntOfLength(10), data.Locations.Primary) +`, r.template(data), data.RandomString) } func (r HealthCareDicomResource) complete(data acceptance.TestData) string { return fmt.Sprintf(` %s +resource "azurerm_storage_account" "test" { + name = "acctestsa%[2]s" + resource_group_name = azurerm_resource_group.test.name + location = azurerm_resource_group.test.location + account_kind = "StorageV2" + account_tier = "Standard" + account_replication_type = "LRS" + is_hns_enabled = true +} + +resource "azurerm_storage_data_lake_gen2_filesystem" "test" { + name = "acctestfs%[2]s" + storage_account_id = azurerm_storage_account.test.id +} + resource "azurerm_healthcare_dicom_service" "test" { - name = "dicom%d" + name = "acctestdicom%[2]s" workspace_id = azurerm_healthcare_workspace.test.id - location = "%s" + location = azurerm_resource_group.test.location + + cors { + allowed_origins = ["http://www.example.com", "http://www.example2.com"] + allowed_headers = ["*"] + allowed_methods = ["GET"] + max_age_in_seconds = 500 + allow_credentials = true + } + + data_partitions_enabled = true + + encryption_key_url = azurerm_key_vault_key.test.id + + storage { + storage_account_id = azurerm_storage_account.test.id + file_system_name = azurerm_storage_data_lake_gen2_filesystem.test.name + } identity { - type = "SystemAssigned" + type = "UserAssigned" + identity_ids = [azurerm_user_assigned_identity.test.id] } tags = { environment = "None" } - depends_on = [azurerm_healthcare_workspace.test] } -`, r.template(data), data.RandomIntOfLength(10), data.Locations.Primary) +`, r.template(data), data.RandomString) } func (r HealthCareDicomResource) update(data acceptance.TestData) string { @@ -153,32 +171,19 @@ func (r HealthCareDicomResource) update(data acceptance.TestData) string { %s resource "azurerm_healthcare_dicom_service" "test" { - name = "dicom%d" + name = "acctestdicom%[2]s" workspace_id = azurerm_healthcare_workspace.test.id - location = "%s" - - tags = { - environment = "Prod" + location = azurerm_resource_group.test.location + + cors { + allowed_origins = ["http://www.example.com", "http://www.example2.com"] + allowed_headers = ["*"] + allowed_methods = ["GET"] + max_age_in_seconds = 500 + allow_credentials = true } - depends_on = [azurerm_healthcare_workspace.test] -} -`, r.template(data), data.RandomIntOfLength(10), data.Locations.Primary) -} - -func (r HealthCareDicomResource) userAssignedIdentity(data acceptance.TestData) string { - return fmt.Sprintf(` -%s - -resource "azurerm_user_assigned_identity" "test" { - name = "acctest-uai-%d" - resource_group_name = azurerm_resource_group.test.name - location = azurerm_resource_group.test.location -} -resource "azurerm_healthcare_dicom_service" "test" { - name = "dicom%d" - workspace_id = azurerm_healthcare_workspace.test.id - location = "%s" + encryption_key_url = azurerm_key_vault_key.test.id identity { type = "UserAssigned" @@ -186,11 +191,10 @@ resource "azurerm_healthcare_dicom_service" "test" { } tags = { - environment = "None" + environment = "Prod" } - depends_on = [azurerm_healthcare_workspace.test, azurerm_user_assigned_identity.test] } -`, r.template(data), data.RandomInteger, data.RandomIntOfLength(10), data.Locations.Primary) +`, r.template(data), data.RandomString) } func (r HealthCareDicomResource) requiresImport(data acceptance.TestData) string { @@ -211,14 +215,53 @@ provider "azurerm" { } resource "azurerm_resource_group" "test" { - name = "acctestRG-dicom-%d" - location = "%s" + name = "acctestrg%[2]s" + location = "%[1]s" +} + +data "azurerm_client_config" "current" {} + +resource "azurerm_user_assigned_identity" "test" { + name = "acctestuai%[2]s" + resource_group_name = azurerm_resource_group.test.name + location = azurerm_resource_group.test.location +} + +resource "azurerm_key_vault" "test" { + name = "acctestkv%[2]s" + resource_group_name = azurerm_resource_group.test.name + location = azurerm_resource_group.test.location + sku_name = "standard" + tenant_id = data.azurerm_client_config.current.tenant_id + soft_delete_retention_days = 7 + purge_protection_enabled = true + + access_policy { + tenant_id = data.azurerm_client_config.current.tenant_id + object_id = data.azurerm_client_config.current.object_id + key_permissions = ["Create", "Delete", "Get", "Purge", "Recover", "Update", "GetRotationPolicy", "SetRotationPolicy"] + } + + access_policy { + tenant_id = data.azurerm_client_config.current.tenant_id + object_id = azurerm_user_assigned_identity.test.principal_id + key_permissions = ["Create", "Delete", "Get", "Import", "Purge", "UnwrapKey", "WrapKey", "GetRotationPolicy"] + } +} + +resource "azurerm_key_vault_key" "test" { + name = "acctestkvkey%[2]s" + key_vault_id = azurerm_key_vault.test.id + key_type = "RSA" + key_size = 2048 + + key_opts = ["decrypt", "encrypt", "sign", "unwrapKey", "verify", "wrapKey"] } resource "azurerm_healthcare_workspace" "test" { - name = "wk%d" + name = "acctesthw%[2]s" resource_group_name = azurerm_resource_group.test.name location = azurerm_resource_group.test.location } -`, data.RandomInteger, data.Locations.Primary, data.RandomIntOfLength(10)) +`, data.Locations.Primary, data.RandomString) } diff --git a/website/docs/d/healthcare_dicom.html.markdown b/website/docs/d/healthcare_dicom.html.markdown index 19cb3b5db757..7b5985a04ffe 100644 --- a/website/docs/d/healthcare_dicom.html.markdown +++ b/website/docs/d/healthcare_dicom.html.markdown @@ -27,7 +27,7 @@ output "azurerm_healthcare_dicom_service" { * `name` - The name of the Healthcare DICOM Service -* `workspace_id` - The id of the Healthcare Workspace in which the Healthcare DICOM Service exists. +* `workspace_id` - The ID of the Healthcare Workspace in which the Healthcare DICOM Service exists. ## Attributes Reference @@ -39,18 +39,49 @@ The following attributes are exported: * `authentication` - The `authentication` block as defined below. +* `data_partitions_enabled` - If data partitions are enabled or not. + +* `cors` - The `cors` block as defined below. + +* `encryption_key_url` - The URL of the key to use for encryption as part of the customer-managed key encryption settings. + * `service_url` - The url of the Healthcare DICOM Services. +* `storage` - The `storage` block as defined below. + * `tags` - A map of tags assigned to the Healthcare DICOM Service. --- -An `authentication` supports the following: +An `authentication` exports the following: * `authority` - The Azure Active Directory (tenant) that serves as the authentication authority to access the service. The default authority is the Directory defined in the authentication scheme in use when running Terraform. Authority must be registered to Azure AD and in the following format: }. * `audience` - The intended audience to receive authentication tokens for the service. The default value is +--- + +A `cors` exports the following: + +* `allowed_origins` - A list of allowed origins for CORS. + +* `allowed_headers` - A list of allowed headers for CORS. + +* `allowed_methods` - A list of allowed methods for CORS. + +* `max_age_in_seconds` - The maximum age in seconds for the CORS configuration. + +* `allow_credentials` - Whether to allow credentials in CORS. + +--- + +A `storage` block exports the following: + +* `file_system_name` - The filesystem name of connected storage account. + +* `storage_account_id` - The resource ID of connected storage account. + + ## Timeouts The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: diff --git a/website/docs/r/healthcare_dicom.html.markdown b/website/docs/r/healthcare_dicom.html.markdown index 5fff05fd5590..8bc193248a3c 100644 --- a/website/docs/r/healthcare_dicom.html.markdown +++ b/website/docs/r/healthcare_dicom.html.markdown @@ -40,14 +40,22 @@ The following arguments are supported: * `name` - (Required) Specifies the name of the Healthcare DICOM Service. Changing this forces a new Healthcare DICOM Service to be created. -* `workspace_id` - (Required) Specifies the id of the Healthcare Workspace where the Healthcare DICOM Service should exist. Changing this forces a new Healthcare DICOM Service to be created. +* `workspace_id` - (Required) Specifies the ID of the Healthcare Workspace where the Healthcare DICOM Service should exist. Changing this forces a new Healthcare DICOM Service to be created. * `location` - (Required) Specifies the Azure Region where the Healthcare DICOM Service should be created. Changing this forces a new Healthcare DICOM Service to be created. +* `data_partitions_enabled` - (Optional) If data partitions are enabled or not. Defaults to `false`. Changing this forces a new Healthcare DICOM Service to be created. + +* `cors` - (Optional) A `cors` block as defined below. + +* `encryption_key_url` - (Optional) The URL of the key to use for encryption as part of the customer-managed key encryption settings. For more details, refer to the [Azure Customer-Managed Keys Overview](https://learn.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview). + * `identity` - (Optional) An `identity` block as defined below. * `public_network_access_enabled` - (Optional) Whether to enabled public networks when data plane traffic coming from public networks while private endpoint is enabled. Defaults to `true`. +* `storage` - (Optional) A `storage` block as defined below. + * `tags` - (Optional) A mapping of tags to assign to the Healthcare DICOM Service. --- @@ -58,6 +66,30 @@ An `identity` block supports the following: * `identity_ids` - (Optional) A list of User Assigned Identity IDs which should be assigned to this Healthcare DICOM service. +--- + +A `cors` block supports the following: + +* `allowed_origins` - (Optional) A list of allowed origins for CORS. + +* `allowed_headers` - (Optional) A list of allowed headers for CORS. + +* `allowed_methods` - (Optional) A list of allowed methods for CORS. + +* `max_age_in_seconds` - (Optional) The maximum age in seconds for the CORS configuration (must be between 0 and 99998 inclusive). + +* `allow_credentials` - (Optional) Whether to allow credentials in CORS. Defaults to `false`. + +--- + +A `storage` block supports the following: + +* `file_system_name` - (Required) The filesystem name of connected storage account. Changing this forces a new Healthcare DICOM Service to be created. + +* `storage_account_id` - (Required) The resource ID of connected storage account. Changing this forces a new Healthcare DICOM Service to be created. + +~> **Note:** The `is_hns_enabled` needs to be set to `true` for the storage account to be used with the Healthcare DICOM Service. + ## Attributes Reference In addition to the Arguments listed above - the following Attributes are exported: