New resource: azurerm_eventhub_namespace_customer_managed_key #12159
Conversation
ghost
added
|
whats the reasoning for making this a seperate resource instead of adding it to the existing resource? |
|
@katbyte , I think we cannot directly add it to the existing resource. Because eventhub namespace would use the identity generated by itself at first creation to access the linked key vault while adding the encryption property. So we have to add key vault access policy for the generated identity before adding the encryption property. If we directly add the encryption property in eventhub namespace resource, we have to handle kv access policy in eventhub namespace resource and it would cause diff on kv. So I suggest to make it as a separate resource like other existing resource with similar scenario. |
|
This functionality has been released in v2.64.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Currently, The EventHub Namespace resource doesn't support to enable customer-managed key encryption. So I submitted this PR to implement it.
The encryption property only can be set on an existing resource.
--- PASS: TestAccEventHubNamespaceCustomerManagedKey_basic (15164.75s)
--- PASS: TestAccEventHubNamespaceCustomerManagedKey_complete (15168.92s)
--- PASS: TestAccEventHubNamespaceCustomerManagedKey_update (15377.69s)
--- PASS: TestAccEventHubNamespaceCustomerManagedKey_requiresImport (15387.40s)
API Reference:
https://github.com/Azure/azure-rest-api-specs/blob/d3a5ab585146ee8ee09f43eb0948c45daacd36f7/specification/eventhub/resource-manager/Microsoft.EventHub/preview/2021-01-01-preview/namespaces-preview.json#L662