From 4a5f1e06a27c4d31c7d8c3a09b83047c2787d6fc Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Wed, 28 Sep 2022 18:57:55 +0200 Subject: [PATCH 1/3] `r/azurerm_healthcare_fhir` - `public_network_access_enabled` added --- .../healthcare/healthcare_fhir_resource.go | 21 ++++++++ .../healthcare_fhir_resource_test.go | 49 +++++++++++++++++++ 2 files changed, 70 insertions(+) diff --git a/internal/services/healthcare/healthcare_fhir_resource.go b/internal/services/healthcare/healthcare_fhir_resource.go index dd0d6e96d3f0..16478587151f 100644 --- a/internal/services/healthcare/healthcare_fhir_resource.go +++ b/internal/services/healthcare/healthcare_fhir_resource.go @@ -183,6 +183,12 @@ func resourceHealthcareApisFhirService() *pluginsdk.Resource { ValidateFunc: validation.StringIsNotEmpty, }, + "public_network_access_enabled": { + Type: pluginsdk.TypeBool, + Optional: true, + Default: true, + }, + "tags": commonschema.Tags(), }, } @@ -235,6 +241,12 @@ func resourceHealthcareApisFhirServiceCreate(d *pluginsdk.ResourceData, meta int parameters.FhirServiceProperties.AccessPolicies = expandAccessPolicy(accessPolicyObjectIds.(*pluginsdk.Set).List()) } + publicNetworkAccess := healthcareapis.PublicNetworkAccessEnabled + if !d.Get("public_network_access_enabled").(bool) { + publicNetworkAccess = healthcareapis.PublicNetworkAccessDisabled + } + parameters.FhirServiceProperties.PublicNetworkAccess = publicNetworkAccess + storageAcc, hasValues := d.GetOk("configuration_export_storage_account_name") if hasValues { parameters.FhirServiceProperties.ExportConfiguration = &healthcareapis.FhirServiceExportConfiguration{ @@ -314,6 +326,9 @@ func resourceHealthcareApisFhirServiceRead(d *pluginsdk.ResourceData, meta inter if props.ExportConfiguration != nil && props.ExportConfiguration.StorageAccountName != nil { d.Set("configuration_export_storage_account_name", props.ExportConfiguration.StorageAccountName) } + if props.PublicNetworkAccess != "" { + d.Set("public_network_access_enabled", props.PublicNetworkAccess == healthcareapis.PublicNetworkAccessEnabled) + } if err := tags.FlattenAndSet(d, resp.Tags); err != nil { return err @@ -351,6 +366,12 @@ func resourceHealthcareApisFhirServiceUpdate(d *pluginsdk.ResourceData, meta int }, } + publicNetworkAccess := healthcareapis.PublicNetworkAccessEnabled + if !d.Get("public_network_access_enabled").(bool) { + publicNetworkAccess = healthcareapis.PublicNetworkAccessDisabled + } + parameters.FhirServiceProperties.PublicNetworkAccess = publicNetworkAccess + storageAcc, hasValues := d.GetOk("configuration_export_storage_account_name") if hasValues { parameters.FhirServiceProperties.ExportConfiguration = &healthcareapis.FhirServiceExportConfiguration{ diff --git a/internal/services/healthcare/healthcare_fhir_resource_test.go b/internal/services/healthcare/healthcare_fhir_resource_test.go index ec1ce504e99f..fc333b69c5fd 100644 --- a/internal/services/healthcare/healthcare_fhir_resource_test.go +++ b/internal/services/healthcare/healthcare_fhir_resource_test.go @@ -125,6 +125,35 @@ func TestAccHealthcareApiFhirService_updateCors(t *testing.T) { }) } +func TestAccHealthcareApiFhirService_publicNetworkingDisabled(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_healthcare_fhir_service", "test") + r := HealthcareApiFhirServiceResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.basic(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + { + Config: r.publicNetworkEnabled(data, false), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + { + Config: r.publicNetworkEnabled(data, true), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + func TestAccHealthcareApiFhirService_requiresImport(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_healthcare_fhir_service", "test") r := HealthcareApiFhirServiceResource{} @@ -412,6 +441,26 @@ resource "azurerm_healthcare_fhir_service" "test" { `, r.template(data), data.RandomInteger, data.Locations.Primary, data.Locations.Secondary, data.RandomInteger, data.RandomInteger) } +func (r HealthcareApiFhirServiceResource) publicNetworkEnabled(data acceptance.TestData, enabled bool) string { + return fmt.Sprintf(` +%s + +resource "azurerm_healthcare_fhir_service" "test" { + name = "fhir%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + workspace_id = azurerm_healthcare_workspace.test.id + kind = "fhir-R4" + public_network_access_enabled = "%t" + + authentication { + authority = "https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47" + audience = "https://acctestfhir.fhir.azurehealthcareapis.com" + } +} +`, r.template(data), data.RandomInteger, enabled) +} + func (HealthcareApiFhirServiceResource) template(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { From 23a27e4c672a534a60a43af02291ef67dc201a0a Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Wed, 28 Sep 2022 20:40:51 +0200 Subject: [PATCH 2/3] make public_network_access_enabled computed, write seems not supported --- .../healthcare/healthcare_fhir_resource.go | 15 +----- .../healthcare_fhir_resource_test.go | 49 ------------------- 2 files changed, 1 insertion(+), 63 deletions(-) diff --git a/internal/services/healthcare/healthcare_fhir_resource.go b/internal/services/healthcare/healthcare_fhir_resource.go index 16478587151f..31313f14cbdc 100644 --- a/internal/services/healthcare/healthcare_fhir_resource.go +++ b/internal/services/healthcare/healthcare_fhir_resource.go @@ -185,8 +185,7 @@ func resourceHealthcareApisFhirService() *pluginsdk.Resource { "public_network_access_enabled": { Type: pluginsdk.TypeBool, - Optional: true, - Default: true, + Computed: true, }, "tags": commonschema.Tags(), @@ -241,12 +240,6 @@ func resourceHealthcareApisFhirServiceCreate(d *pluginsdk.ResourceData, meta int parameters.FhirServiceProperties.AccessPolicies = expandAccessPolicy(accessPolicyObjectIds.(*pluginsdk.Set).List()) } - publicNetworkAccess := healthcareapis.PublicNetworkAccessEnabled - if !d.Get("public_network_access_enabled").(bool) { - publicNetworkAccess = healthcareapis.PublicNetworkAccessDisabled - } - parameters.FhirServiceProperties.PublicNetworkAccess = publicNetworkAccess - storageAcc, hasValues := d.GetOk("configuration_export_storage_account_name") if hasValues { parameters.FhirServiceProperties.ExportConfiguration = &healthcareapis.FhirServiceExportConfiguration{ @@ -366,12 +359,6 @@ func resourceHealthcareApisFhirServiceUpdate(d *pluginsdk.ResourceData, meta int }, } - publicNetworkAccess := healthcareapis.PublicNetworkAccessEnabled - if !d.Get("public_network_access_enabled").(bool) { - publicNetworkAccess = healthcareapis.PublicNetworkAccessDisabled - } - parameters.FhirServiceProperties.PublicNetworkAccess = publicNetworkAccess - storageAcc, hasValues := d.GetOk("configuration_export_storage_account_name") if hasValues { parameters.FhirServiceProperties.ExportConfiguration = &healthcareapis.FhirServiceExportConfiguration{ diff --git a/internal/services/healthcare/healthcare_fhir_resource_test.go b/internal/services/healthcare/healthcare_fhir_resource_test.go index fc333b69c5fd..ec1ce504e99f 100644 --- a/internal/services/healthcare/healthcare_fhir_resource_test.go +++ b/internal/services/healthcare/healthcare_fhir_resource_test.go @@ -125,35 +125,6 @@ func TestAccHealthcareApiFhirService_updateCors(t *testing.T) { }) } -func TestAccHealthcareApiFhirService_publicNetworkingDisabled(t *testing.T) { - data := acceptance.BuildTestData(t, "azurerm_healthcare_fhir_service", "test") - r := HealthcareApiFhirServiceResource{} - - data.ResourceTest(t, r, []acceptance.TestStep{ - { - Config: r.basic(data), - Check: acceptance.ComposeTestCheckFunc( - check.That(data.ResourceName).ExistsInAzure(r), - ), - }, - data.ImportStep(), - { - Config: r.publicNetworkEnabled(data, false), - Check: acceptance.ComposeTestCheckFunc( - check.That(data.ResourceName).ExistsInAzure(r), - ), - }, - data.ImportStep(), - { - Config: r.publicNetworkEnabled(data, true), - Check: acceptance.ComposeTestCheckFunc( - check.That(data.ResourceName).ExistsInAzure(r), - ), - }, - data.ImportStep(), - }) -} - func TestAccHealthcareApiFhirService_requiresImport(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_healthcare_fhir_service", "test") r := HealthcareApiFhirServiceResource{} @@ -441,26 +412,6 @@ resource "azurerm_healthcare_fhir_service" "test" { `, r.template(data), data.RandomInteger, data.Locations.Primary, data.Locations.Secondary, data.RandomInteger, data.RandomInteger) } -func (r HealthcareApiFhirServiceResource) publicNetworkEnabled(data acceptance.TestData, enabled bool) string { - return fmt.Sprintf(` -%s - -resource "azurerm_healthcare_fhir_service" "test" { - name = "fhir%d" - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name - workspace_id = azurerm_healthcare_workspace.test.id - kind = "fhir-R4" - public_network_access_enabled = "%t" - - authentication { - authority = "https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47" - audience = "https://acctestfhir.fhir.azurehealthcareapis.com" - } -} -`, r.template(data), data.RandomInteger, enabled) -} - func (HealthcareApiFhirServiceResource) template(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { From 945a2ec8e59165f8a4487ced3404e0cf1f57fc07 Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Wed, 28 Sep 2022 20:54:47 +0200 Subject: [PATCH 3/3] Enhance docs --- website/docs/r/healthcare_fhir_service.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/healthcare_fhir_service.html.markdown b/website/docs/r/healthcare_fhir_service.html.markdown index e60a41e5e1f2..a16b87629790 100644 --- a/website/docs/r/healthcare_fhir_service.html.markdown +++ b/website/docs/r/healthcare_fhir_service.html.markdown @@ -85,8 +85,6 @@ The following arguments are supported: * `configuration_export_storage_account_name` - (Optional) Specifies the name of the storage account which the operation configuration information is exported to. -* `public_network_access_enabled` - (Optional) Whether to enabled public networks when data plane traffic coming from public networks while private endpoint is enabled. - --- An `identity` block supports the following: @@ -114,6 +112,8 @@ The following attributes are exported: * `id` - The ID of the Healthcare FHIR Service. +* `public_network_access_enabled` - Whether public networks access is enabled. + ## Timeouts The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: