diff --git a/internal/services/machinelearning/machine_learning_compute_instance_resource.go b/internal/services/machinelearning/machine_learning_compute_instance_resource.go index 7369b6097f1f..979ac8bb7695 100644 --- a/internal/services/machinelearning/machine_learning_compute_instance_resource.go +++ b/internal/services/machinelearning/machine_learning_compute_instance_resource.go @@ -148,6 +148,13 @@ func resourceComputeInstance() *pluginsdk.Resource { ValidateFunc: networkValidate.SubnetID, }, + "node_public_ip_enabled": { + Type: pluginsdk.TypeBool, + Optional: true, + Default: true, + ForceNew: true, + }, + "tags": commonschema.TagsForceNew(), }, } @@ -186,12 +193,17 @@ func resourceComputeInstanceCreate(d *pluginsdk.ResourceData, meta interface{}) } } + if !d.Get("node_public_ip_enabled").(bool) && d.Get("subnet_resource_id").(string) == "" { + return fmt.Errorf("`subnet_resource_id` must be set if `node_public_ip_enabled` is set to `false`") + } + computeInstance := &machinelearningcomputes.ComputeInstance{ Properties: &machinelearningcomputes.ComputeInstanceProperties{ VMSize: utils.String(d.Get("virtual_machine_size").(string)), Subnet: subnet, SshSettings: expandComputeSSHSetting(d.Get("ssh").([]interface{})), PersonalComputeInstanceSettings: expandComputePersonalComputeInstanceSetting(d.Get("assign_to_user").([]interface{})), + EnableNodePublicIP: pointer.To(d.Get("node_public_ip_enabled").(bool)), }, ComputeLocation: utils.String(d.Get("location").(string)), Description: utils.String(d.Get("description").(string)), @@ -273,6 +285,11 @@ func resourceComputeInstanceRead(d *pluginsdk.ResourceData, meta interface{}) er d.Set("authorization_type", string(pointer.From(props.Properties.ComputeInstanceAuthorizationType))) d.Set("ssh", flattenComputeSSHSetting(props.Properties.SshSettings)) d.Set("assign_to_user", flattenComputePersonalComputeInstanceSetting(props.Properties.PersonalComputeInstanceSettings)) + enableNodePublicIP := true + if props.Properties.ConnectivityEndpoints.PublicIPAddress == nil { + enableNodePublicIP = false + } + d.Set("node_public_ip_enabled", enableNodePublicIP) } return tags.FlattenAndSet(d, resp.Model.Tags) diff --git a/internal/services/machinelearning/machine_learning_compute_instance_resource_test.go b/internal/services/machinelearning/machine_learning_compute_instance_resource_test.go index cdf51b99d427..82b2c317a7db 100644 --- a/internal/services/machinelearning/machine_learning_compute_instance_resource_test.go +++ b/internal/services/machinelearning/machine_learning_compute_instance_resource_test.go @@ -180,12 +180,42 @@ resource "azurerm_subnet_network_security_group_association" "test" { network_security_group_id = azurerm_network_security_group.test.id } +resource "azurerm_private_dns_zone" "test" { + name = "privatelink.api.azureml.ms" + resource_group_name = azurerm_resource_group.test.name +} + +resource "azurerm_private_dns_zone_virtual_network_link" "test" { + name = "test-vlink" + resource_group_name = azurerm_resource_group.test.name + private_dns_zone_name = azurerm_private_dns_zone.test.name + virtual_network_id = azurerm_virtual_network.test.id +} + +resource "azurerm_private_endpoint" "test" { + name = "test-pe-%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + subnet_id = azurerm_subnet.test.id + private_service_connection { + name = "test-mlworkspace-%d" + private_connection_resource_id = azurerm_machine_learning_workspace.test.id + subresource_names = ["amlworkspace"] + is_manual_connection = false + } + private_dns_zone_group { + name = "test" + private_dns_zone_ids = [azurerm_private_dns_zone.test.id] + } +} + resource "azurerm_machine_learning_compute_instance" "test" { name = "acctest%d" location = azurerm_resource_group.test.location machine_learning_workspace_id = azurerm_machine_learning_workspace.test.id virtual_machine_size = "STANDARD_DS2_V2" authorization_type = "personal" + node_public_ip_enabled = false ssh { public_key = var.ssh_key } @@ -196,9 +226,10 @@ resource "azurerm_machine_learning_compute_instance" "test" { } depends_on = [ azurerm_subnet_network_security_group_association.test, + azurerm_private_endpoint.test ] } -`, template, data.RandomIntOfLength(8), data.RandomIntOfLength(8), data.RandomIntOfLength(8)) +`, template, data.RandomIntOfLength(8), data.RandomIntOfLength(8), data.RandomIntOfLength(8), data.RandomIntOfLength(8), data.RandomIntOfLength(8)) } func (r ComputeInstanceResource) requiresImport(data acceptance.TestData) string { @@ -340,8 +371,6 @@ resource "azurerm_machine_learning_workspace" "test" { type = "SystemAssigned" } } -`, data.RandomInteger, data.Locations.Primary, - data.RandomIntOfLength(12), data.RandomIntOfLength(15), data.RandomIntOfLength(16), - data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, - data.RandomInteger, data.RandomInteger) +`, data.RandomInteger, data.Locations.Primary, data.RandomIntOfLength(12), + data.RandomIntOfLength(15), data.RandomIntOfLength(16)) } diff --git a/website/docs/r/machine_learning_compute_instance.html.markdown b/website/docs/r/machine_learning_compute_instance.html.markdown index 2da6223a9631..a7ec149be78b 100644 --- a/website/docs/r/machine_learning_compute_instance.html.markdown +++ b/website/docs/r/machine_learning_compute_instance.html.markdown @@ -121,6 +121,8 @@ The following arguments are supported: * `subnet_resource_id` - (Optional) Virtual network subnet resource ID the compute nodes belong to. Changing this forces a new Machine Learning Compute Instance to be created. +* `node_public_ip_enabled` - (Optional) Whether the compute instance will have a public ip. To set this to false a `subnet_resource_id` needs to be set. Defaults to `true`. Changing this forces a new Machine Learning Compute Cluster to be created. + * `tags` - (Optional) A mapping of tags which should be assigned to the Machine Learning Compute Instance. Changing this forces a new Machine Learning Compute Instance to be created. ---