From 72efe20c9e3036617658d044cccb28a864fe68f7 Mon Sep 17 00:00:00 2001 From: Yun Liu Date: Mon, 25 Nov 2024 16:01:18 +0800 Subject: [PATCH] `azurerm_search_service` - support attribute `customer_managed_key_encryption_compliance_status` (#27478) * add attribute `customer_managed_key_encryption_compliance_status` in search_service * Update internal/services/search/search_service_data_source.go Co-authored-by: stephybun * Apply suggestions from code review Co-authored-by: stephybun * Fix compile error in data source `azurerm_search_service` --------- Co-authored-by: stephybun --- internal/services/search/search_service_data_source.go | 9 +++++++++ .../services/search/search_service_data_source_test.go | 1 + internal/services/search/search_service_resource.go | 6 ++++++ internal/services/search/search_service_resource_test.go | 1 + website/docs/d/search_service.html.markdown | 2 ++ website/docs/r/search_service.html.markdown | 2 ++ 6 files changed, 21 insertions(+) diff --git a/internal/services/search/search_service_data_source.go b/internal/services/search/search_service_data_source.go index 7af7aeb8dd23..8d07d7bf6dd6 100644 --- a/internal/services/search/search_service_data_source.go +++ b/internal/services/search/search_service_data_source.go @@ -38,6 +38,11 @@ func dataSourceSearchService() *pluginsdk.Resource { "resource_group_name": commonschema.ResourceGroupNameForDataSource(), + "customer_managed_key_encryption_compliance_status": { + Type: pluginsdk.TypeString, + Computed: true, + }, + "replica_count": { Type: pluginsdk.TypeInt, Computed: true, @@ -115,6 +120,10 @@ func dataSourceSearchServiceRead(d *pluginsdk.ResourceData, meta interface{}) er replicaCount := 1 publicNetworkAccess := true + if props.EncryptionWithCmk != nil { + d.Set("customer_managed_key_encryption_compliance_status", string(pointer.From(props.EncryptionWithCmk.EncryptionComplianceStatus))) + } + if count := props.PartitionCount; count != nil { partitionCount = int(*count) } diff --git a/internal/services/search/search_service_data_source_test.go b/internal/services/search/search_service_data_source_test.go index 8b6a90886d5f..a0353257ca01 100644 --- a/internal/services/search/search_service_data_source_test.go +++ b/internal/services/search/search_service_data_source_test.go @@ -21,6 +21,7 @@ func TestAccDataSourceSearchService_basic(t *testing.T) { { Config: r.basic(data), Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).Key("customer_managed_key_encryption_compliance_status").Exists(), check.That(data.ResourceName).Key("replica_count").Exists(), check.That(data.ResourceName).Key("partition_count").Exists(), check.That(data.ResourceName).Key("primary_key").Exists(), diff --git a/internal/services/search/search_service_resource.go b/internal/services/search/search_service_resource.go index daedfa8b7850..bf2377663a02 100644 --- a/internal/services/search/search_service_resource.go +++ b/internal/services/search/search_service_resource.go @@ -125,6 +125,11 @@ func resourceSearchService() *pluginsdk.Resource { Default: false, }, + "customer_managed_key_encryption_compliance_status": { + Type: pluginsdk.TypeString, + Computed: true, + }, + "primary_key": { Type: pluginsdk.TypeString, Computed: true, @@ -557,6 +562,7 @@ func resourceSearchServiceRead(d *pluginsdk.ResourceData, meta interface{}) erro if props.EncryptionWithCmk != nil { cmkEnforcement = strings.EqualFold(string(pointer.From(props.EncryptionWithCmk.Enforcement)), string(services.SearchEncryptionWithCmkEnabled)) + d.Set("customer_managed_key_encryption_compliance_status", string(pointer.From(props.EncryptionWithCmk.EncryptionComplianceStatus))) } // I am using 'DisableLocalAuth' here because when you are in diff --git a/internal/services/search/search_service_resource_test.go b/internal/services/search/search_service_resource_test.go index 1c07f7ca127d..a1d3c06d2070 100644 --- a/internal/services/search/search_service_resource_test.go +++ b/internal/services/search/search_service_resource_test.go @@ -337,6 +337,7 @@ func TestAccSearchService_customerManagedKeyEnforcement(t *testing.T) { Config: r.customerManagedKeyEnforcement(data, true), Check: acceptance.ComposeTestCheckFunc( check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("customer_managed_key_encryption_compliance_status").HasValue("Compliant"), ), }, data.ImportStep(), diff --git a/website/docs/d/search_service.html.markdown b/website/docs/d/search_service.html.markdown index d1e0a2b8eb37..795657833859 100644 --- a/website/docs/d/search_service.html.markdown +++ b/website/docs/d/search_service.html.markdown @@ -38,6 +38,8 @@ In addition to the Arguments listed above - the following Attributes are exporte * `id` - The ID of the Search Service. +* `customer_managed_key_encryption_compliance_status` - Describes whether the search service is compliant or not with respect to having non-customer encrypted resources. If a service has more than one non-customer encrypted resource and `Enforcement` is `enabled` then the service will be marked as `NonCompliant`. If all the resources are customer encrypted, then the service will be marked as `Compliant`. + * `primary_key` - The Primary Key used for Search Service Administration. * `secondary_key` - The Secondary Key used for Search Service Administration. diff --git a/website/docs/r/search_service.html.markdown b/website/docs/r/search_service.html.markdown index 3d39cdaefcb9..3cff1397cb1d 100644 --- a/website/docs/r/search_service.html.markdown +++ b/website/docs/r/search_service.html.markdown @@ -128,6 +128,8 @@ In addition to the Arguments listed above - the following Attributes are exporte * `id` - The ID of the Search Service. +* `customer_managed_key_encryption_compliance_status` - Describes whether the search service is compliant or not with respect to having non-customer encrypted resources. If a service has more than one non-customer encrypted resource and `Enforcement` is `enabled` then the service will be marked as `NonCompliant`. If all the resources are customer encrypted, then the service will be marked as `Compliant`. + * `primary_key` - The Primary Key used for Search Service Administration. * `query_keys` - A `query_keys` block as defined below.