Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_role_assignment - fix id parsing for root or provider scoped role assignments #27237

Merged
merged 2 commits into from
Oct 4, 2024

Conversation

Felix-Franz
Copy link
Contributor

Community Note

  • Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
  • Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for PR followers and do not help prioritize for review

Description

With the azurerm_role_assignment resource it is possible to make RBAC assignments on root or resource provider scope.
The functionality was added in #26663.

The creation succeeds, but the provider cannot parse the resource ID from the ARM-response.
Following error is displayed:

Error: could not parse Role Assignment ID "/providers/Microsoft.Authorization/roleAssignments/23456781-2349-8764-5631-234567890121"

The PR is intended to fix the parsing of the resource ID and thus enable an assignment on root or resource provider scope.

PR Checklist

  • I have followed the guidelines in our Contributing Documentation.
  • I have checked to ensure there aren't other open Pull Requests for the same update/change.
  • I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
  • I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
  • I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
    For example: “resource_name_here - description of change e.g. adding property new_property_name_here

Changes to existing Resource / Data Source

  • I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
  • I have written new tests for my resource or datasource changes & updated any relevent documentation.
  • I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.

Testing

  • My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

  • azurerm_resource - support for the thing1 property [GH-00000]

This is a (please select all that apply):

  • Bug Fix
  • New Feature (ie adding a service, resource, or data source)
  • Enhancement
  • Breaking Change

Related Issue(s)

Fixes #0000

Note

If this PR changes meaningfully during the course of review please update the title and description as required.

@Felix-Franz
Copy link
Contributor Author

@stephybun @catriona-m I am taging you because you were involved in the original PR.
Could you please review this PR?

Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this PR @Felix-Franz.

I'm wondering whether the parser used in the delete call might also require an update? Looking at what it's doing I believe it will be fine, but since our testing credentials lack the privileges to create role assignments on these scopes, it'd help us out if you could confirm whether with this fix you can also delete the role assignments without issue?

internal/services/authorization/parse/role_assignment.go Outdated Show resolved Hide resolved
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @Felix-Franz LGTM 🏖️

@stephybun stephybun merged commit 22e2f9a into hashicorp:main Oct 4, 2024
31 checks passed
@github-actions github-actions bot added this to the v4.4.0 milestone Oct 4, 2024
stephybun added a commit that referenced this pull request Oct 4, 2024
Copy link

github-actions bot commented Nov 4, 2024

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 4, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants