diff --git a/azurerm/helpers/azure/eventhub.go b/azurerm/helpers/azure/eventhub.go new file mode 100644 index 000000000000..f346e9a3de66 --- /dev/null +++ b/azurerm/helpers/azure/eventhub.go @@ -0,0 +1,145 @@ +package azure + +import ( + "fmt" + "log" + "regexp" + + "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/helper/validation" + + "github.com/Azure/azure-sdk-for-go/services/eventhub/mgmt/2017-04-01/eventhub" +) + +//validation +func ValidateEventHubNamespaceName() schema.SchemaValidateFunc { + return validation.StringMatch( + regexp.MustCompile("^[a-zA-Z][-a-zA-Z0-9]{4,48}[a-zA-Z0-9]$"), + "The namespace name can contain only letters, numbers, and hyphens. The namespace must start with a letter, and it must end with a letter or number and be between 6 and 50 characters long.", + ) +} + +func ValidateEventHubName() schema.SchemaValidateFunc { + return validation.StringMatch( + regexp.MustCompile("^[a-zA-Z][-a-zA-Z0-9]{4,48}[a-zA-Z0-9]$"), + "The namespace name can contain only letters, numbers, and hyphens. The namespace must start with a letter, and it must end with a letter or number and be between 6 and 50 characters long.", + ) +} + +func ValidateEventHubConsumerName() schema.SchemaValidateFunc { + return validation.StringMatch( + regexp.MustCompile("^[a-zA-Z][-a-zA-Z0-9]{4,48}[a-zA-Z0-9]$"), + "The namespace name can contain only letters, numbers, and hyphens. The namespace must start with a letter, and it must end with a letter or number and be between 6 and 50 characters long.", + ) +} + +func ValidateEventHubAuthorizationRuleName() schema.SchemaValidateFunc { + return validation.StringMatch( + regexp.MustCompile("^[a-zA-Z0-9][-._a-zA-Z0-9]{0,48}([a-zA-Z0-9])?$"), + "The name can contain only letters, numbers, periods, hyphens and underscores. The name must start and end with a letter or number and be less the 50 characters long.", + ) +} + +//schema +func ExpandEventHubAuthorizationRuleRights(d *schema.ResourceData) *[]eventhub.AccessRights { + rights := []eventhub.AccessRights{} + + if d.Get("listen").(bool) { + rights = append(rights, eventhub.Listen) + } + + if d.Get("send").(bool) { + rights = append(rights, eventhub.Send) + } + + if d.Get("manage").(bool) { + rights = append(rights, eventhub.Manage) + } + + return &rights +} + +func FlattenEventHubAuthorizationRuleRights(rights *[]eventhub.AccessRights) (listen bool, send bool, manage bool) { + //zero (initial) value for a bool in go is false + + if rights != nil { + for _, right := range *rights { + switch right { + case eventhub.Listen: + listen = true + case eventhub.Send: + send = true + case eventhub.Manage: + manage = true + default: + log.Printf("[DEBUG] Unknown Authorization Rule Right '%s'", right) + } + } + } + + return +} + +func EventHubAuthorizationRuleSchemaFrom(s map[string]*schema.Schema) map[string]*schema.Schema { + + authSchema := map[string]*schema.Schema{ + "listen": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + + "send": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + + "manage": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + + "primary_key": { + Type: schema.TypeString, + Computed: true, + Sensitive: true, + }, + + "primary_connection_string": { + Type: schema.TypeString, + Computed: true, + Sensitive: true, + }, + + "secondary_key": { + Type: schema.TypeString, + Computed: true, + Sensitive: true, + }, + + "secondary_connection_string": { + Type: schema.TypeString, + Computed: true, + Sensitive: true, + }, + } + return MergeSchema(s, authSchema) +} + +func EventHubAuthorizationRuleCustomizeDiff(d *schema.ResourceDiff, _ interface{}) error { + listen, hasListen := d.GetOk("listen") + send, hasSend := d.GetOk("send") + manage, hasManage := d.GetOk("manage") + + if !hasListen && !hasSend && !hasManage { + return fmt.Errorf("One of the `listen`, `send` or `manage` properties needs to be set") + } + + if manage.(bool) && !listen.(bool) && !send.(bool) { + return fmt.Errorf("if `manage` is set both `listen` and `send` must be set to true too") + } + + return nil +} diff --git a/azurerm/import_arm_eventhub_authorization_rule_test.go b/azurerm/import_arm_eventhub_authorization_rule_test.go deleted file mode 100644 index 9675c64aabe6..000000000000 --- a/azurerm/import_arm_eventhub_authorization_rule_test.go +++ /dev/null @@ -1,104 +0,0 @@ -package azurerm - -import ( - "testing" - - "github.com/hashicorp/terraform/helper/acctest" - "github.com/hashicorp/terraform/helper/resource" -) - -func TestAccAzureRMEventHubAuthorizationRule_importListen(t *testing.T) { - resourceName := "azurerm_eventhub_authorization_rule.test" - - ri := acctest.RandInt() - config := testAccAzureRMEventHubAuthorizationRule_listen(ri, testLocation()) - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testCheckAzureRMEventHubAuthorizationRuleDestroy, - Steps: []resource.TestStep{ - { - Config: config, - }, - - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - }, - }, - }) -} - -func TestAccAzureRMEventHubAuthorizationRule_importSend(t *testing.T) { - resourceName := "azurerm_eventhub_authorization_rule.test" - - ri := acctest.RandInt() - config := testAccAzureRMEventHubAuthorizationRule_send(ri, testLocation()) - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testCheckAzureRMEventHubAuthorizationRuleDestroy, - Steps: []resource.TestStep{ - { - Config: config, - }, - - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - }, - }, - }) -} - -func TestAccAzureRMEventHubAuthorizationRule_importReadWrite(t *testing.T) { - resourceName := "azurerm_eventhub_authorization_rule.test" - - ri := acctest.RandInt() - config := testAccAzureRMEventHubAuthorizationRule_readWrite(ri, testLocation()) - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testCheckAzureRMEventHubAuthorizationRuleDestroy, - Steps: []resource.TestStep{ - { - Config: config, - }, - - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - }, - }, - }) -} - -func TestAccAzureRMEventHubAuthorizationRule_importManage(t *testing.T) { - resourceName := "azurerm_eventhub_authorization_rule.test" - - ri := acctest.RandInt() - config := testAccAzureRMEventHubAuthorizationRule_manage(ri, testLocation()) - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testCheckAzureRMEventHubAuthorizationRuleDestroy, - Steps: []resource.TestStep{ - { - Config: config, - }, - - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - }, - }, - }) -} diff --git a/azurerm/provider.go b/azurerm/provider.go index 1baf6908822b..cdcd8afcd251 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -154,6 +154,7 @@ func Provider() terraform.ResourceProvider { "azurerm_eventhub_authorization_rule": resourceArmEventHubAuthorizationRule(), "azurerm_eventhub_consumer_group": resourceArmEventHubConsumerGroup(), "azurerm_eventhub_namespace": resourceArmEventHubNamespace(), + "azurerm_eventhub_namespace_authorization_rule": resourceArmEventHubNamespaceAuthorizationRule(), "azurerm_express_route_circuit": resourceArmExpressRouteCircuit(), "azurerm_express_route_circuit_authorization": resourceArmExpressRouteCircuitAuthorization(), "azurerm_express_route_circuit_peering": resourceArmExpressRouteCircuitPeering(), diff --git a/azurerm/resource_arm_eventhub.go b/azurerm/resource_arm_eventhub.go index 793b12839612..80f7774ecd6d 100644 --- a/azurerm/resource_arm_eventhub.go +++ b/azurerm/resource_arm_eventhub.go @@ -9,6 +9,7 @@ import ( "github.com/Azure/azure-sdk-for-go/services/eventhub/mgmt/2017-04-01/eventhub" "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/helper/validation" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" ) @@ -24,15 +25,17 @@ func resourceArmEventHub() *schema.Resource { Schema: map[string]*schema.Schema{ "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubName(), }, "namespace_name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubNamespaceName(), }, "resource_group_name": resourceGroupNameSchema(), diff --git a/azurerm/resource_arm_eventhub_authorization_rule.go b/azurerm/resource_arm_eventhub_authorization_rule.go index 5ddb3ed51c18..d9cfb33362c2 100644 --- a/azurerm/resource_arm_eventhub_authorization_rule.go +++ b/azurerm/resource_arm_eventhub_authorization_rule.go @@ -7,6 +7,7 @@ import ( "github.com/Azure/azure-sdk-for-go/services/eventhub/mgmt/2017-04-01/eventhub" "github.com/hashicorp/terraform/helper/schema" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" ) @@ -16,112 +17,71 @@ func resourceArmEventHubAuthorizationRule() *schema.Resource { Read: resourceArmEventHubAuthorizationRuleRead, Update: resourceArmEventHubAuthorizationRuleCreateUpdate, Delete: resourceArmEventHubAuthorizationRuleDelete, + Importer: &schema.ResourceImporter{ State: schema.ImportStatePassthrough, }, - Schema: map[string]*schema.Schema{ + Schema: azure.EventHubAuthorizationRuleSchemaFrom(map[string]*schema.Schema{ "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubAuthorizationRuleName(), }, "namespace_name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubNamespaceName(), }, "eventhub_name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubName(), }, "resource_group_name": resourceGroupNameSchema(), "location": deprecatedLocationSchema(), + }), - "listen": { - Type: schema.TypeBool, - Optional: true, - Default: false, - }, - - "send": { - Type: schema.TypeBool, - Optional: true, - Default: false, - }, - - "manage": { - Type: schema.TypeBool, - Optional: true, - Default: false, - }, - - "primary_key": { - Type: schema.TypeString, - Computed: true, - Sensitive: true, - }, - - "primary_connection_string": { - Type: schema.TypeString, - Computed: true, - Sensitive: true, - }, - - "secondary_key": { - Type: schema.TypeString, - Computed: true, - Sensitive: true, - }, - - "secondary_connection_string": { - Type: schema.TypeString, - Computed: true, - Sensitive: true, - }, - }, + CustomizeDiff: azure.EventHubAuthorizationRuleCustomizeDiff, } } func resourceArmEventHubAuthorizationRuleCreateUpdate(d *schema.ResourceData, meta interface{}) error { client := meta.(*ArmClient).eventHubClient ctx := meta.(*ArmClient).StopContext + log.Printf("[INFO] preparing arguments for AzureRM EventHub Authorization Rule creation.") name := d.Get("name").(string) namespaceName := d.Get("namespace_name").(string) eventHubName := d.Get("eventhub_name").(string) - resGroup := d.Get("resource_group_name").(string) - - rights, err := expandEventHubAuthorizationRuleAccessRights(d) - if err != nil { - return err - } + resourceGroup := d.Get("resource_group_name").(string) parameters := eventhub.AuthorizationRule{ Name: &name, AuthorizationRuleProperties: &eventhub.AuthorizationRuleProperties{ - Rights: rights, + Rights: azure.ExpandEventHubAuthorizationRuleRights(d), }, } - _, err = client.CreateOrUpdateAuthorizationRule(ctx, resGroup, namespaceName, eventHubName, name, parameters) - if err != nil { - return err + if _, err := client.CreateOrUpdateAuthorizationRule(ctx, resourceGroup, namespaceName, eventHubName, name, parameters); err != nil { + return fmt.Errorf("Error creating/updating EventHub Authorization Rule %q (Resource Group %q): %+v", name, resourceGroup, err) } - read, err := client.GetAuthorizationRule(ctx, resGroup, namespaceName, eventHubName, name) + read, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, eventHubName, name) if err != nil { return err } if read.ID == nil { - return fmt.Errorf("Cannot read EventHub Authorization Rule %s (resource group %s) ID", name, resGroup) + return fmt.Errorf("Cannot read EventHub Authorization Rule %s (resource group %s) ID", name, resourceGroup) } d.SetId(*read.ID) @@ -137,12 +97,13 @@ func resourceArmEventHubAuthorizationRuleRead(d *schema.ResourceData, meta inter if err != nil { return err } - resGroup := id.ResourceGroup + + name := id.Path["authorizationRules"] + resourceGroup := id.ResourceGroup namespaceName := id.Path["namespaces"] eventHubName := id.Path["eventhubs"] - name := id.Path["authorizationRules"] - resp, err := client.GetAuthorizationRule(ctx, resGroup, namespaceName, eventHubName, name) + resp, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, eventHubName, name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { d.SetId("") @@ -151,21 +112,26 @@ func resourceArmEventHubAuthorizationRuleRead(d *schema.ResourceData, meta inter return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule %s: %+v", name, err) } - keysResp, err := client.ListKeys(ctx, resGroup, namespaceName, eventHubName, name) - if err != nil { - return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule List Keys %s: %+v", name, err) - } - d.Set("name", name) d.Set("eventhub_name", eventHubName) d.Set("namespace_name", namespaceName) - d.Set("resource_group_name", resGroup) + d.Set("resource_group_name", resourceGroup) - flattenEventHubAuthorizationRuleAccessRights(d, resp) + if properties := resp.AuthorizationRuleProperties; properties != nil { + listen, send, manage := azure.FlattenEventHubAuthorizationRuleRights(properties.Rights) + d.Set("manage", manage) + d.Set("listen", listen) + d.Set("send", send) + } + + keysResp, err := client.ListKeys(ctx, resourceGroup, namespaceName, eventHubName, name) + if err != nil { + return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule List Keys %s: %+v", name, err) + } d.Set("primary_key", keysResp.PrimaryKey) - d.Set("primary_connection_string", keysResp.PrimaryConnectionString) d.Set("secondary_key", keysResp.SecondaryKey) + d.Set("primary_connection_string", keysResp.PrimaryConnectionString) d.Set("secondary_connection_string", keysResp.SecondaryConnectionString) return nil @@ -179,12 +145,13 @@ func resourceArmEventHubAuthorizationRuleDelete(d *schema.ResourceData, meta int if err != nil { return err } - resGroup := id.ResourceGroup + + name := id.Path["authorizationRules"] + resourceGroup := id.ResourceGroup namespaceName := id.Path["namespaces"] eventHubName := id.Path["eventhubs"] - name := id.Path["authorizationRules"] - resp, err := eventhubClient.DeleteAuthorizationRule(ctx, resGroup, namespaceName, eventHubName, name) + resp, err := eventhubClient.DeleteAuthorizationRule(ctx, resourceGroup, namespaceName, eventHubName, name) if resp.StatusCode != http.StatusOK { return fmt.Errorf("Error issuing Azure ARM delete request of EventHub Authorization Rule '%s': %+v", name, err) @@ -192,55 +159,3 @@ func resourceArmEventHubAuthorizationRuleDelete(d *schema.ResourceData, meta int return nil } - -func expandEventHubAuthorizationRuleAccessRights(d *schema.ResourceData) (*[]eventhub.AccessRights, error) { - canSend := d.Get("send").(bool) - canListen := d.Get("listen").(bool) - canManage := d.Get("manage").(bool) - rights := []eventhub.AccessRights{} - if canListen { - rights = append(rights, eventhub.Listen) - } - - if canSend { - rights = append(rights, eventhub.Send) - } - - if canManage { - rights = append(rights, eventhub.Manage) - } - - if len(rights) == 0 { - return nil, fmt.Errorf("At least one Authorization Rule State must be enabled (e.g. Listen/Manage/Send)") - } - - if canManage && !(canListen && canSend) { - return nil, fmt.Errorf("In order to enable the 'Manage' Authorization Rule - both the 'Listen' and 'Send' rules must be enabled") - } - - return &rights, nil -} - -func flattenEventHubAuthorizationRuleAccessRights(d *schema.ResourceData, resp eventhub.AuthorizationRule) { - - var canListen = false - var canSend = false - var canManage = false - - for _, right := range *resp.Rights { - switch right { - case eventhub.Listen: - canListen = true - case eventhub.Send: - canSend = true - case eventhub.Manage: - canManage = true - default: - log.Printf("[DEBUG] Unknown Authorization Rule Right '%s'", right) - } - } - - d.Set("listen", canListen) - d.Set("send", canSend) - d.Set("manage", canManage) -} diff --git a/azurerm/resource_arm_eventhub_authorization_rule_test.go b/azurerm/resource_arm_eventhub_authorization_rule_test.go index 7f7c4ea9f604..99e5ddf0ef85 100644 --- a/azurerm/resource_arm_eventhub_authorization_rule_test.go +++ b/azurerm/resource_arm_eventhub_authorization_rule_test.go @@ -2,6 +2,7 @@ package azurerm import ( "fmt" + "strconv" "testing" "github.com/hashicorp/terraform/helper/acctest" @@ -11,27 +12,23 @@ import ( ) func TestAccAzureRMEventHubAuthorizationRule_listen(t *testing.T) { - ri := acctest.RandInt() - config := testAccAzureRMEventHubAuthorizationRule_listen(ri, testLocation()) - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testCheckAzureRMEventHubAuthorizationRuleDestroy, - Steps: []resource.TestStep{ - { - Config: config, - Check: resource.ComposeTestCheckFunc( - testCheckAzureRMEventHubAuthorizationRuleExists("azurerm_eventhub_authorization_rule.test"), - ), - }, - }, - }) + testAccAzureRMEventHubAuthorizationRule(t, true, false, false) } func TestAccAzureRMEventHubAuthorizationRule_send(t *testing.T) { - ri := acctest.RandInt() - config := testAccAzureRMEventHubAuthorizationRule_send(ri, testLocation()) + testAccAzureRMEventHubAuthorizationRule(t, false, true, false) +} + +func TestAccAzureRMEventHubAuthorizationRule_listensend(t *testing.T) { + testAccAzureRMEventHubAuthorizationRule(t, true, true, false) +} + +func TestAccAzureRMEventHubAuthorizationRule_manage(t *testing.T) { + testAccAzureRMEventHubAuthorizationRule(t, true, true, true) +} + +func testAccAzureRMEventHubAuthorizationRule(t *testing.T, listen, send, manage bool) { + resourceName := "azurerm_eventhub_authorization_rule.test" resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -39,18 +36,32 @@ func TestAccAzureRMEventHubAuthorizationRule_send(t *testing.T) { CheckDestroy: testCheckAzureRMEventHubAuthorizationRuleDestroy, Steps: []resource.TestStep{ { - Config: config, + Config: testAccAzureRMEventHubAuthorizationRule_base(acctest.RandInt(), testLocation(), listen, send, manage), Check: resource.ComposeTestCheckFunc( - testCheckAzureRMEventHubAuthorizationRuleExists("azurerm_eventhub_authorization_rule.test"), + testCheckAzureRMEventHubAuthorizationRuleExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "name"), + resource.TestCheckResourceAttrSet(resourceName, "namespace_name"), + resource.TestCheckResourceAttrSet(resourceName, "eventhub_name"), + resource.TestCheckResourceAttrSet(resourceName, "primary_key"), + resource.TestCheckResourceAttrSet(resourceName, "secondary_key"), + resource.TestCheckResourceAttrSet(resourceName, "primary_connection_string"), + resource.TestCheckResourceAttrSet(resourceName, "secondary_connection_string"), + resource.TestCheckResourceAttr(resourceName, "listen", strconv.FormatBool(listen)), + resource.TestCheckResourceAttr(resourceName, "send", strconv.FormatBool(send)), + resource.TestCheckResourceAttr(resourceName, "manage", strconv.FormatBool(manage)), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } -func TestAccAzureRMEventHubAuthorizationRule_readwrite(t *testing.T) { - ri := acctest.RandInt() - config := testAccAzureRMEventHubAuthorizationRule_readWrite(ri, testLocation()) +func TestAccAzureRMEventHubAuthorizationRule_rightsUpdate(t *testing.T) { + resourceName := "azurerm_eventhub_authorization_rule.test" resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -58,30 +69,34 @@ func TestAccAzureRMEventHubAuthorizationRule_readwrite(t *testing.T) { CheckDestroy: testCheckAzureRMEventHubAuthorizationRuleDestroy, Steps: []resource.TestStep{ { - Config: config, + Config: testAccAzureRMEventHubAuthorizationRule_base(acctest.RandInt(), testLocation(), true, false, false), Check: resource.ComposeTestCheckFunc( - testCheckAzureRMEventHubAuthorizationRuleExists("azurerm_eventhub_authorization_rule.test"), + testCheckAzureRMEventHubAuthorizationRuleExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "listen", "true"), + resource.TestCheckResourceAttr(resourceName, "send", "false"), + resource.TestCheckResourceAttr(resourceName, "manage", "false"), ), }, - }, - }) -} - -func TestAccAzureRMEventHubAuthorizationRule_manage(t *testing.T) { - ri := acctest.RandInt() - config := testAccAzureRMEventHubAuthorizationRule_manage(ri, testLocation()) - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testCheckAzureRMEventHubAuthorizationRuleDestroy, - Steps: []resource.TestStep{ { - Config: config, + Config: testAccAzureRMEventHubAuthorizationRule_base(acctest.RandInt(), testLocation(), true, true, true), Check: resource.ComposeTestCheckFunc( - testCheckAzureRMEventHubAuthorizationRuleExists("azurerm_eventhub_authorization_rule.test"), + testCheckAzureRMEventHubAuthorizationRuleExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "name"), + resource.TestCheckResourceAttrSet(resourceName, "namespace_name"), + resource.TestCheckResourceAttrSet(resourceName, "primary_key"), + resource.TestCheckResourceAttrSet(resourceName, "secondary_key"), + resource.TestCheckResourceAttrSet(resourceName, "primary_connection_string"), + resource.TestCheckResourceAttrSet(resourceName, "secondary_connection_string"), + resource.TestCheckResourceAttr(resourceName, "listen", "true"), + resource.TestCheckResourceAttr(resourceName, "send", "true"), + resource.TestCheckResourceAttr(resourceName, "manage", "true"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -132,7 +147,7 @@ func testCheckAzureRMEventHubAuthorizationRuleExists(name string) resource.TestC resp, err := conn.GetAuthorizationRule(ctx, resourceGroup, namespaceName, eventHubName, name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { - return fmt.Errorf("Bad: Event Hub Authorization Rule %q (eventhub %s, namespace %s / resource group: %s) does not exist", name, eventHubName, namespaceName, resourceGroup) + return fmt.Errorf("Bad: Event Hub Authorization Rule %q (eventhub %s / namespace %s / resource group: %s) does not exist", name, eventHubName, namespaceName, resourceGroup) } return fmt.Errorf("Bad: Get on eventHubClient: %+v", err) @@ -142,138 +157,39 @@ func testCheckAzureRMEventHubAuthorizationRuleExists(name string) resource.TestC } } -func testAccAzureRMEventHubAuthorizationRule_listen(rInt int, location string) string { +func testAccAzureRMEventHubAuthorizationRule_base(rInt int, location string, listen, send, manage bool) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" + name = "acctestRG-%[1]d" + location = "%[2]s" } resource "azurerm_eventhub_namespace" "test" { - name = "acctesteventhubnamespace-%d" + name = "acctesteventhubnamespace-%[1]d" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" - sku = "Standard" -} - -resource "azurerm_eventhub" "test" { - name = "acctesteventhub-%d" - namespace_name = "${azurerm_eventhub_namespace.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - partition_count = 2 - message_retention = 7 -} - -resource "azurerm_eventhub_authorization_rule" "test" { - name = "acctesteventhubrule-%d" - namespace_name = "${azurerm_eventhub_namespace.test.name}" - eventhub_name = "${azurerm_eventhub.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - listen = true - send = false - manage = false -} -`, rInt, location, rInt, rInt, rInt) -} - -func testAccAzureRMEventHubAuthorizationRule_send(rInt int, location string) string { - return fmt.Sprintf(` -resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" -} -resource "azurerm_eventhub_namespace" "test" { - name = "acctesteventhubnamespace-%d" - location = "${azurerm_resource_group.test.location}" - resource_group_name = "${azurerm_resource_group.test.name}" sku = "Standard" } resource "azurerm_eventhub" "test" { - name = "acctesteventhub-%d" + name = "acctesteventhub-%[1]d" namespace_name = "${azurerm_eventhub_namespace.test.name}" resource_group_name = "${azurerm_resource_group.test.name}" - partition_count = 2 - message_retention = 7 -} - -resource "azurerm_eventhub_authorization_rule" "test" { - name = "acctesteventhubrule-%d" - namespace_name = "${azurerm_eventhub_namespace.test.name}" - eventhub_name = "${azurerm_eventhub.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - listen = false - send = true - manage = false -} -`, rInt, location, rInt, rInt, rInt) -} - -func testAccAzureRMEventHubAuthorizationRule_readWrite(rInt int, location string) string { - return fmt.Sprintf(` -resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" -} - -resource "azurerm_eventhub_namespace" "test" { - name = "acctesteventhubnamespace-%d" - location = "${azurerm_resource_group.test.location}" - resource_group_name = "${azurerm_resource_group.test.name}" - sku = "Standard" -} -resource "azurerm_eventhub" "test" { - name = "acctesteventhub-%d" - namespace_name = "${azurerm_eventhub_namespace.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" partition_count = 2 - message_retention = 7 + message_retention = 1 } resource "azurerm_eventhub_authorization_rule" "test" { - name = "acctesteventhubrule-%d" + name = "acctest-%[1]d" namespace_name = "${azurerm_eventhub_namespace.test.name}" eventhub_name = "${azurerm_eventhub.test.name}" resource_group_name = "${azurerm_resource_group.test.name}" - listen = true - send = true - manage = false -} -`, rInt, location, rInt, rInt, rInt) -} -func testAccAzureRMEventHubAuthorizationRule_manage(rInt int, location string) string { - return fmt.Sprintf(` -resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" -} - -resource "azurerm_eventhub_namespace" "test" { - name = "acctesteventhubnamespace-%d" - location = "${azurerm_resource_group.test.location}" - resource_group_name = "${azurerm_resource_group.test.name}" - sku = "Standard" -} - -resource "azurerm_eventhub" "test" { - name = "acctesteventhub-%d" - namespace_name = "${azurerm_eventhub_namespace.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - partition_count = 2 - message_retention = 7 -} - -resource "azurerm_eventhub_authorization_rule" "test" { - name = "acctesteventhubrule-%d" - namespace_name = "${azurerm_eventhub_namespace.test.name}" - eventhub_name = "${azurerm_eventhub.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - listen = true - send = true - manage = true + listen = %[3]t + send = %[4]t + manage = %[5]t } -`, rInt, location, rInt, rInt, rInt) +`, rInt, location, listen, send, manage) } diff --git a/azurerm/resource_arm_eventhub_consumer_group.go b/azurerm/resource_arm_eventhub_consumer_group.go index 694f6a9ef34f..b80acaf8253c 100644 --- a/azurerm/resource_arm_eventhub_consumer_group.go +++ b/azurerm/resource_arm_eventhub_consumer_group.go @@ -7,6 +7,7 @@ import ( "github.com/Azure/azure-sdk-for-go/services/eventhub/mgmt/2017-04-01/eventhub" "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/helper/validation" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" ) @@ -22,21 +23,24 @@ func resourceArmEventHubConsumerGroup() *schema.Resource { Schema: map[string]*schema.Schema{ "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubConsumerName(), }, "namespace_name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubNamespaceName(), }, "eventhub_name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubName(), }, "resource_group_name": resourceGroupNameSchema(), diff --git a/azurerm/resource_arm_eventhub_namespace.go b/azurerm/resource_arm_eventhub_namespace.go index 845c057f502d..b69f6e49310b 100644 --- a/azurerm/resource_arm_eventhub_namespace.go +++ b/azurerm/resource_arm_eventhub_namespace.go @@ -11,6 +11,7 @@ import ( "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/helper/validation" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/response" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" ) @@ -31,9 +32,10 @@ func resourceArmEventHubNamespace() *schema.Resource { Schema: map[string]*schema.Schema{ "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubNamespaceName(), }, "location": locationSchema(), diff --git a/azurerm/resource_arm_eventhub_namespace_authorization_rule.go b/azurerm/resource_arm_eventhub_namespace_authorization_rule.go new file mode 100644 index 000000000000..9a59032abb7d --- /dev/null +++ b/azurerm/resource_arm_eventhub_namespace_authorization_rule.go @@ -0,0 +1,150 @@ +package azurerm + +import ( + "fmt" + "log" + "net/http" + + "github.com/Azure/azure-sdk-for-go/services/eventhub/mgmt/2017-04-01/eventhub" + "github.com/hashicorp/terraform/helper/schema" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" +) + +func resourceArmEventHubNamespaceAuthorizationRule() *schema.Resource { + return &schema.Resource{ + Create: resourceArmEventHubNamespaceAuthorizationRuleCreateUpdate, + Read: resourceArmEventHubNamespaceAuthorizationRuleRead, + Update: resourceArmEventHubNamespaceAuthorizationRuleCreateUpdate, + Delete: resourceArmEventHubNamespaceAuthorizationRuleDelete, + + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: azure.EventHubAuthorizationRuleSchemaFrom(map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubAuthorizationRuleName(), + }, + + "namespace_name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: azure.ValidateEventHubNamespaceName(), + }, + + "resource_group_name": resourceGroupNameSchema(), + + "location": deprecatedLocationSchema(), + }), + + CustomizeDiff: azure.EventHubAuthorizationRuleCustomizeDiff, + } +} + +func resourceArmEventHubNamespaceAuthorizationRuleCreateUpdate(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).eventHubNamespacesClient + ctx := meta.(*ArmClient).StopContext + + log.Printf("[INFO] preparing arguments for AzureRM EventHub Namespace Authorization Rule creation.") + + name := d.Get("name").(string) + namespaceName := d.Get("namespace_name").(string) + resourceGroup := d.Get("resource_group_name").(string) + + parameters := eventhub.AuthorizationRule{ + Name: &name, + AuthorizationRuleProperties: &eventhub.AuthorizationRuleProperties{ + Rights: azure.ExpandEventHubAuthorizationRuleRights(d), + }, + } + + if _, err := client.CreateOrUpdateAuthorizationRule(ctx, resourceGroup, namespaceName, name, parameters); err != nil { + return fmt.Errorf("Error creating/updating EventHub Namespace Authorization Rule %q (Resource Group %q): %+v", name, resourceGroup, err) + } + + read, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, name) + if err != nil { + return err + } + + if read.ID == nil { + return fmt.Errorf("Cannot read EventHub Namespace Authorization Rule %s (resource group %s) ID", name, resourceGroup) + } + + d.SetId(*read.ID) + + return resourceArmEventHubNamespaceAuthorizationRuleRead(d, meta) +} + +func resourceArmEventHubNamespaceAuthorizationRuleRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).eventHubNamespacesClient + ctx := meta.(*ArmClient).StopContext + + id, err := parseAzureResourceID(d.Id()) + if err != nil { + return err + } + + name := id.Path["AuthorizationRules"] //this is different then eventhub where its authorizationRules + resourceGroup := id.ResourceGroup + namespaceName := id.Path["namespaces"] + + resp, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, name) + if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + d.SetId("") + return nil + } + return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule %s: %+v", name, err) + } + + d.Set("name", name) + d.Set("namespace_name", namespaceName) + d.Set("resource_group_name", resourceGroup) + + if properties := resp.AuthorizationRuleProperties; properties != nil { + listen, send, manage := azure.FlattenEventHubAuthorizationRuleRights(properties.Rights) + d.Set("manage", manage) + d.Set("listen", listen) + d.Set("send", send) + } + + keysResp, err := client.ListKeys(ctx, resourceGroup, namespaceName, name) + if err != nil { + return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule List Keys %s: %+v", name, err) + } + + d.Set("primary_key", keysResp.PrimaryKey) + d.Set("secondary_key", keysResp.SecondaryKey) + d.Set("primary_connection_string", keysResp.PrimaryConnectionString) + d.Set("secondary_connection_string", keysResp.SecondaryConnectionString) + + return nil +} + +func resourceArmEventHubNamespaceAuthorizationRuleDelete(d *schema.ResourceData, meta interface{}) error { + eventhubClient := meta.(*ArmClient).eventHubNamespacesClient + ctx := meta.(*ArmClient).StopContext + + id, err := parseAzureResourceID(d.Id()) + if err != nil { + return err + } + + name := id.Path["AuthorizationRules"] //this is different then eventhub where its authorizationRules + resourceGroup := id.ResourceGroup + namespaceName := id.Path["namespaces"] + + resp, err := eventhubClient.DeleteAuthorizationRule(ctx, resourceGroup, namespaceName, name) + + if resp.StatusCode != http.StatusOK { + return fmt.Errorf("Error issuing Azure ARM delete request of EventHub Authorization Rule '%s': %+v", name, err) + } + + return nil +} diff --git a/azurerm/resource_arm_eventhub_namespace_authorization_rule_test.go b/azurerm/resource_arm_eventhub_namespace_authorization_rule_test.go new file mode 100644 index 000000000000..c718558ec67b --- /dev/null +++ b/azurerm/resource_arm_eventhub_namespace_authorization_rule_test.go @@ -0,0 +1,182 @@ +package azurerm + +import ( + "fmt" + "strconv" + "testing" + + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" +) + +func TestAccAzureRMEventHubNamespaceAuthorizationRule_listen(t *testing.T) { + testAccAzureRMEventHubNamespaceAuthorizationRule(t, true, false, false) +} + +func TestAccAzureRMEventHubNamespaceAuthorizationRule_send(t *testing.T) { + testAccAzureRMEventHubNamespaceAuthorizationRule(t, false, true, false) +} + +func TestAccAzureRMEventHubNamespaceAuthorizationRule_listensend(t *testing.T) { + testAccAzureRMEventHubNamespaceAuthorizationRule(t, true, true, false) +} + +func TestAccAzureRMEventHubNamespaceAuthorizationRule_manage(t *testing.T) { + testAccAzureRMEventHubNamespaceAuthorizationRule(t, true, true, true) +} + +func testAccAzureRMEventHubNamespaceAuthorizationRule(t *testing.T, listen, send, manage bool) { + resourceName := "azurerm_eventhub_namespace_authorization_rule.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMEventHubNamespaceAuthorizationRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMEventHubNamespaceAuthorizationRule_base(acctest.RandInt(), testLocation(), listen, send, manage), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMEventHubNamespaceAuthorizationRuleExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "name"), + resource.TestCheckResourceAttrSet(resourceName, "namespace_name"), + resource.TestCheckResourceAttrSet(resourceName, "primary_key"), + resource.TestCheckResourceAttrSet(resourceName, "secondary_key"), + resource.TestCheckResourceAttrSet(resourceName, "primary_connection_string"), + resource.TestCheckResourceAttrSet(resourceName, "secondary_connection_string"), + resource.TestCheckResourceAttr(resourceName, "listen", strconv.FormatBool(listen)), + resource.TestCheckResourceAttr(resourceName, "send", strconv.FormatBool(send)), + resource.TestCheckResourceAttr(resourceName, "manage", strconv.FormatBool(manage)), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAzureRMEventHubNamespaceAuthorizationRule_rightsUpdate(t *testing.T) { + resourceName := "azurerm_eventhub_namespace_authorization_rule.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMEventHubNamespaceAuthorizationRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMEventHubNamespaceAuthorizationRule_base(acctest.RandInt(), testLocation(), true, false, false), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMEventHubNamespaceAuthorizationRuleExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "listen", "true"), + resource.TestCheckResourceAttr(resourceName, "send", "false"), + resource.TestCheckResourceAttr(resourceName, "manage", "false"), + ), + }, + { + Config: testAccAzureRMEventHubNamespaceAuthorizationRule_base(acctest.RandInt(), testLocation(), true, true, true), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMEventHubNamespaceAuthorizationRuleExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "name"), + resource.TestCheckResourceAttrSet(resourceName, "namespace_name"), + resource.TestCheckResourceAttrSet(resourceName, "primary_key"), + resource.TestCheckResourceAttrSet(resourceName, "secondary_key"), + resource.TestCheckResourceAttrSet(resourceName, "primary_connection_string"), + resource.TestCheckResourceAttrSet(resourceName, "secondary_connection_string"), + resource.TestCheckResourceAttr(resourceName, "listen", "true"), + resource.TestCheckResourceAttr(resourceName, "send", "true"), + resource.TestCheckResourceAttr(resourceName, "manage", "true"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testCheckAzureRMEventHubNamespaceAuthorizationRuleDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*ArmClient).eventHubNamespacesClient + ctx := testAccProvider.Meta().(*ArmClient).StopContext + + for _, rs := range s.RootModule().Resources { + if rs.Type != "azurerm_eventhub_authorization_rule" { + continue + } + + name := rs.Primary.Attributes["name"] + namespaceName := rs.Primary.Attributes["namespace_name"] + resourceGroup := rs.Primary.Attributes["resource_group_name"] + + resp, err := conn.GetAuthorizationRule(ctx, resourceGroup, namespaceName, name) + if err != nil { + if !utils.ResponseWasNotFound(resp.Response) { + return err + } + } + } + + return nil +} + +func testCheckAzureRMEventHubNamespaceAuthorizationRuleExists(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + // Ensure we have enough information in state to look up in API + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("Not found: %s", name) + } + + name := rs.Primary.Attributes["name"] + namespaceName := rs.Primary.Attributes["namespace_name"] + resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] + if !hasResourceGroup { + return fmt.Errorf("Bad: no resource group found in state for Event Hub: %s", name) + } + + conn := testAccProvider.Meta().(*ArmClient).eventHubNamespacesClient + ctx := testAccProvider.Meta().(*ArmClient).StopContext + resp, err := conn.GetAuthorizationRule(ctx, resourceGroup, namespaceName, name) + if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + return fmt.Errorf("Bad: Event Hub Namespace Authorization Rule %q (namespace %q / resource group: %q) does not exist", name, namespaceName, resourceGroup) + } + + return fmt.Errorf("Bad: Get on eventHubClient: %+v", err) + } + + return nil + } +} + +func testAccAzureRMEventHubNamespaceAuthorizationRule_base(rInt int, location string, listen, send, manage bool) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%[1]d" + location = "%[2]s" +} + +resource "azurerm_eventhub_namespace" "test" { + name = "acctesteventhubnamespace-%[1]d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + sku = "Standard" +} + +resource "azurerm_eventhub_namespace_authorization_rule" "test" { + name = "acctest-%[1]d" + namespace_name = "${azurerm_eventhub_namespace.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + + listen = %[3]t + send = %[4]t + manage = %[5]t +} +`, rInt, location, listen, send, manage) +} diff --git a/azurerm/resource_arm_servicebus_namespace_authorization_rule.go b/azurerm/resource_arm_servicebus_namespace_authorization_rule.go index 065709010b52..bd1ed46b5806 100644 --- a/azurerm/resource_arm_servicebus_namespace_authorization_rule.go +++ b/azurerm/resource_arm_servicebus_namespace_authorization_rule.go @@ -51,7 +51,7 @@ func resourceArmServiceBusNamespaceAuthorizationRuleCreateUpdate(d *schema.Resou log.Printf("[INFO] preparing arguments for AzureRM ServiceBus Namespace Authorization Rule creation.") name := d.Get("name").(string) - resGroup := d.Get("resource_group_name").(string) + resourceGroup := d.Get("resource_group_name").(string) namespaceName := d.Get("namespace_name").(string) parameters := servicebus.SBAuthorizationRule{ @@ -61,18 +61,17 @@ func resourceArmServiceBusNamespaceAuthorizationRuleCreateUpdate(d *schema.Resou }, } - _, err := client.CreateOrUpdateAuthorizationRule(ctx, resGroup, namespaceName, name, parameters) - if err != nil { - return err + if _, err := client.CreateOrUpdateAuthorizationRule(ctx, resourceGroup, namespaceName, name, parameters); err != nil { + return fmt.Errorf("Error creating/updating ServiceBus Namespace Authorization Rule %q (Resource Group %q): %+v", name, resourceGroup, err) } - read, err := client.GetAuthorizationRule(ctx, resGroup, namespaceName, name) + read, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, name) if err != nil { return err } if read.ID == nil { - return fmt.Errorf("Cannot read ServiceBus Namespace Authorization Rule %s (resource group %s) ID", name, resGroup) + return fmt.Errorf("Cannot read ServiceBus Namespace Authorization Rule %s (resource group %s) ID", name, resourceGroup) } d.SetId(*read.ID) diff --git a/azurerm/resource_arm_servicebus_queue_authorization_rule.go b/azurerm/resource_arm_servicebus_queue_authorization_rule.go index 4ddca0e4ad6b..fd4b93e9aaba 100644 --- a/azurerm/resource_arm_servicebus_queue_authorization_rule.go +++ b/azurerm/resource_arm_servicebus_queue_authorization_rule.go @@ -57,7 +57,7 @@ func resourceArmServiceBusQueueAuthorizationRuleCreateUpdate(d *schema.ResourceD log.Printf("[INFO] preparing arguments for AzureRM ServiceBus Queue Authorization Rule creation.") name := d.Get("name").(string) - resGroup := d.Get("resource_group_name").(string) + resourceGroup := d.Get("resource_group_name").(string) namespaceName := d.Get("namespace_name").(string) queueName := d.Get("queue_name").(string) @@ -68,18 +68,17 @@ func resourceArmServiceBusQueueAuthorizationRuleCreateUpdate(d *schema.ResourceD }, } - _, err := client.CreateOrUpdateAuthorizationRule(ctx, resGroup, namespaceName, queueName, name, parameters) - if err != nil { - return err + if _, err := client.CreateOrUpdateAuthorizationRule(ctx, resourceGroup, namespaceName, queueName, name, parameters); err != nil { + return fmt.Errorf("Error creating/updating ServiceBus Queue Authorization Rule %q (Resource Group %q): %+v", name, resourceGroup, err) } - read, err := client.GetAuthorizationRule(ctx, resGroup, namespaceName, queueName, name) + read, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, queueName, name) if err != nil { return err } if read.ID == nil { - return fmt.Errorf("Cannot read ServiceBus Namespace Queue Authorization Rule %q (Queue %q / Namespace %q / Resource Group %q) ID", name, queueName, namespaceName, resGroup) + return fmt.Errorf("Cannot read ServiceBus Namespace Queue Authorization Rule %q (Queue %q / Namespace %q / Resource Group %q) ID", name, queueName, namespaceName, resourceGroup) } d.SetId(*read.ID) @@ -107,6 +106,7 @@ func resourceArmServiceBusQueueAuthorizationRuleRead(d *schema.ResourceData, met d.SetId("") return nil } + return fmt.Errorf("Error making Read request on Azure ServiceBus Queue Authorization Rule %q (Queue %q / Namespace %q / Resource Group %q): %+v", name, queueName, namespaceName, resGroup, err) } diff --git a/azurerm/resource_arm_servicebus_topic_authorization_rule.go b/azurerm/resource_arm_servicebus_topic_authorization_rule.go index 388f8accbda4..e20dae5c325a 100644 --- a/azurerm/resource_arm_servicebus_topic_authorization_rule.go +++ b/azurerm/resource_arm_servicebus_topic_authorization_rule.go @@ -59,7 +59,7 @@ func resourceArmServiceBusTopicAuthorizationRuleCreateUpdate(d *schema.ResourceD name := d.Get("name").(string) namespaceName := d.Get("namespace_name").(string) topicName := d.Get("topic_name").(string) - resGroup := d.Get("resource_group_name").(string) + resourceGroup := d.Get("resource_group_name").(string) parameters := servicebus.SBAuthorizationRule{ Name: &name, @@ -68,18 +68,17 @@ func resourceArmServiceBusTopicAuthorizationRuleCreateUpdate(d *schema.ResourceD }, } - _, err := client.CreateOrUpdateAuthorizationRule(ctx, resGroup, namespaceName, topicName, name, parameters) - if err != nil { - return err + if _, err := client.CreateOrUpdateAuthorizationRule(ctx, resourceGroup, namespaceName, topicName, name, parameters); err != nil { + return fmt.Errorf("Error creating/updating ServiceBus Topic Authorization Rule %q (Resource Group %q): %+v", name, resourceGroup, err) } - read, err := client.GetAuthorizationRule(ctx, resGroup, namespaceName, topicName, name) + read, err := client.GetAuthorizationRule(ctx, resourceGroup, namespaceName, topicName, name) if err != nil { return err } if read.ID == nil { - return fmt.Errorf("Cannot read ServiceBus Topic Authorization Rule %s (resource group %s) ID", name, resGroup) + return fmt.Errorf("Cannot read ServiceBus Topic Authorization Rule %s (resource group %s) ID", name, resourceGroup) } d.SetId(*read.ID) diff --git a/examples/eventhub/main.tf b/examples/eventhub/main.tf new file mode 100644 index 000000000000..ef94dddd62f2 --- /dev/null +++ b/examples/eventhub/main.tf @@ -0,0 +1,61 @@ +resource "azurerm_resource_group" "example" { + name = "${var.resource_group}" + location = "${var.location}" +} + +resource "random_integer" "ri" { + min = 10000 + max = 99999 +} + +resource "azurerm_eventhub_namespace" "example" { + name = "tfex-eventhub${random_integer.ri.result}-namespace" + location = "${azurerm_resource_group.example.location}" + resource_group_name = "${azurerm_resource_group.example.name}" + + sku = "Standard" + capacity = 2 + + tags { + environment = "Examples" + } +} + +resource "azurerm_eventhub_namespace_authorization_rule" "test" { + name = "tfex-eventhub-namespace-authrule" + namespace_name = "${azurerm_eventhub_namespace.example.name}" + eventhub_name = "${azurerm_eventhub.example.name}" + resource_group_name = "${azurerm_resource_group.example.name}" + + listen = true + send = true + manage = false +} + +resource "azurerm_eventhub" "example" { + name = "tfex-eventhub${random_integer.ri.result}" + namespace_name = "${azurerm_eventhub_namespace.example.name}" + resource_group_name = "${azurerm_resource_group.example.name}" + + partition_count = 2 + message_retention = 1 +} + +resource "azurerm_eventhub_authorization_rule" "test" { +name = "tfex-eventhub-authrule" +namespace_name = "${azurerm_eventhub_namespace.example.name}" +eventhub_name = "${azurerm_eventhub.example.name}" +resource_group_name = "${azurerm_resource_group.example.name}" + +listen = true +send = true +manage = true +} + +resource "azurerm_eventhub_consumer_group" "example" { + name = "tfex-eventhub${random_integer.ri.result}-consumer" + namespace_name = "${azurerm_eventhub_namespace.example.name}" + eventhub_name = "${azurerm_eventhub.example.name}" + resource_group_name = "${azurerm_resource_group.example.name}" + user_metadata = "some-meta-data" +} \ No newline at end of file diff --git a/examples/eventhub/outputs.tf b/examples/eventhub/outputs.tf new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/examples/eventhub/variables.tf b/examples/eventhub/variables.tf new file mode 100644 index 000000000000..5fec1720c26d --- /dev/null +++ b/examples/eventhub/variables.tf @@ -0,0 +1,9 @@ +variable "resource_group" { + description = "The name of the resource group in which to create the Service Bus" + default = "tfex-servicebus-topic_subscription" +} + +variable "location" { + description = "The location/region where the Service Bus is created. Changing this forces a new resource to be created." + default = "southcentralus" +} diff --git a/website/docs/r/eventhub_namespace_authorization_rule.html.markdown b/website/docs/r/eventhub_namespace_authorization_rule.html.markdown new file mode 100644 index 000000000000..d3efb9807f60 --- /dev/null +++ b/website/docs/r/eventhub_namespace_authorization_rule.html.markdown @@ -0,0 +1,82 @@ +--- +layout: "azurerm" +page_title: "Azure Resource Manager: azurerm_eventhub_namespace_authorization_rule" +sidebar_current: "docs-azurerm-resource-eventhub-namespace-authorization-rule" +description: |- + Manages an Authorization Rule for an Event Hub Namespace. +--- + +# azurerm_eventhub_namespace_authorization_rule + +Manages an Authorization Rule for an Event Hub Namespace. + +## Example Usage + +```hcl +resource "azurerm_resource_group" "test" { + name = "resourceGroup1" + location = "West US" +} + +resource "azurerm_eventhub_namespace" "test" { + name = "acceptanceTestEventHubNamespace" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + sku = "Basic" + capacity = 2 + + tags { + environment = "Production" + } +} + +resource "azurerm_eventhub_namespace_authorization_rule" "test" { + name = "navi" + namespace_name = "${azurerm_eventhub_namespace.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + + listen = true + send = false + manage = false +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) Specifies the name of the Authorization Rule. Changing this forces a new resource to be created. + +* `namespace_name` - (Required) Specifies the name of the EventHub Namespace. Changing this forces a new resource to be created. + +* `resource_group_name` - (Required) The name of the resource group in which the EventHub Namespace exists. Changing this forces a new resource to be created. + +~> **NOTE** At least one of the 3 permissions below needs to be set. + +* `listen` - (Optional) Grants listen access to this this Authorization Rule. Defaults to `false`. + +* `send` - (Optional) Grants send access to this this Authorization Rule. Defaults to `false`. + +* `manage` - (Optional) Grants manage access to this this Authorization Rule. When this property is `true` - both `listen` and `send` must be too. Defaults to `false`. + +## Attributes Reference + +The following attributes are exported: + +* `id` - The EventHub ID. + +* `primary_key` - The Primary Key for the Authorization Rule. + +* `primary_connection_string` - The Primary Connection String for the Authorization Rule. + +* `secondary_key` - The Secondary Key for the Authorization Rule. + +* `secondary_connection_string` - The Secondary Connection String for the Authorization Rule. + +## Import + +EventHubs can be imported using the `resource id`, e.g. + +```shell +terraform import azurerm_eventhub_namespace_authorization_rule.rule1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.EventHub/namespaces/namespace1/authorizationRules/rule1 +``` diff --git a/website/docs/r/servicebus_queue_authorization_rule.html.markdown b/website/docs/r/servicebus_queue_authorization_rule.html.markdown index de62bb11621d..e5615a597022 100644 --- a/website/docs/r/servicebus_queue_authorization_rule.html.markdown +++ b/website/docs/r/servicebus_queue_authorization_rule.html.markdown @@ -1,4 +1,3 @@ - --- layout: "azurerm" page_title: "Azure Resource Manager: azurerm_servicebus_queue_authorization_rule" @@ -90,5 +89,4 @@ ServiceBus Queue Authorization Rules can be imported using the `resource id`, e. ```shell terraform import azurerm_servicebus_queue_authorization_rule.rule1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.ServiceBus/namespaces/namespace1/queues/queue1/authorizationRules/rule1 -``` -`` +``` \ No newline at end of file