From 12f372ddb9c4fbf0417a39c5197ce4557ea1aa9f Mon Sep 17 00:00:00 2001 From: Simon Halsey Date: Sun, 28 Jan 2018 16:26:25 +0000 Subject: [PATCH 1/9] Added AD administrator schema --- azurerm/resource_arm_sql_server.go | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/azurerm/resource_arm_sql_server.go b/azurerm/resource_arm_sql_server.go index 613ec039a477..dc11778d2d06 100644 --- a/azurerm/resource_arm_sql_server.go +++ b/azurerm/resource_arm_sql_server.go @@ -55,6 +55,30 @@ func resourceArmSqlServer() *schema.Resource { Sensitive: true, }, + "ad_administrator": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "login": { + Type: schema.TypeString, + Required: true, + }, + + "object_id": { + Type: schema.TypeString, + Required: true, + }, + + "tenant_id": { + Type: schema.TypeString, + Required: true, + }, + }, + }, + }, + "fully_qualified_domain_name": { Type: schema.TypeString, Computed: true, From bf8645b0957e8a0f1940213063a23403cd33042e Mon Sep 17 00:00:00 2001 From: Simon Halsey Date: Sun, 28 Jan 2018 19:49:18 +0000 Subject: [PATCH 2/9] Added sql AD administrators --- azurerm/config.go | 32 +++-- azurerm/provider.go | 1 + azurerm/resource_arm_sql_administrator.go | 143 ++++++++++++++++++++++ azurerm/resource_arm_sql_server.go | 24 ---- 4 files changed, 164 insertions(+), 36 deletions(-) create mode 100644 azurerm/resource_arm_sql_administrator.go diff --git a/azurerm/config.go b/azurerm/config.go index 69e84c52b2e6..82fa2a54fb62 100644 --- a/azurerm/config.go +++ b/azurerm/config.go @@ -112,18 +112,19 @@ type ArmClient struct { vmClient compute.VirtualMachinesClient // Databases - mysqlConfigurationsClient mysql.ConfigurationsClient - mysqlDatabasesClient mysql.DatabasesClient - mysqlFirewallRulesClient mysql.FirewallRulesClient - mysqlServersClient mysql.ServersClient - postgresqlConfigurationsClient postgresql.ConfigurationsClient - postgresqlDatabasesClient postgresql.DatabasesClient - postgresqlFirewallRulesClient postgresql.FirewallRulesClient - postgresqlServersClient postgresql.ServersClient - sqlDatabasesClient sql.DatabasesClient - sqlElasticPoolsClient sql.ElasticPoolsClient - sqlFirewallRulesClient sql.FirewallRulesClient - sqlServersClient sql.ServersClient + mysqlConfigurationsClient mysql.ConfigurationsClient + mysqlDatabasesClient mysql.DatabasesClient + mysqlFirewallRulesClient mysql.FirewallRulesClient + mysqlServersClient mysql.ServersClient + postgresqlConfigurationsClient postgresql.ConfigurationsClient + postgresqlDatabasesClient postgresql.DatabasesClient + postgresqlFirewallRulesClient postgresql.FirewallRulesClient + postgresqlServersClient postgresql.ServersClient + sqlDatabasesClient sql.DatabasesClient + sqlElasticPoolsClient sql.ElasticPoolsClient + sqlFirewallRulesClient sql.FirewallRulesClient + sqlServersClient sql.ServersClient + sqlServerAzureADAdministratorsClient sql.ServerAzureADAdministratorsClient // KeyVault keyVaultClient keyvault.VaultsClient @@ -586,6 +587,13 @@ func (c *ArmClient) registerDatabases(endpoint, subscriptionId string, auth auto sqlSrvClient.Sender = sender sqlSrvClient.SkipResourceProviderRegistration = c.skipProviderRegistration c.sqlServersClient = sqlSrvClient + + sqlADClient := sql.NewServerAzureADAdministratorsClientWithBaseURI(endpoint, subscriptionId) + setUserAgent(&sqlADClient.Client) + sqlADClient.Authorizer = auth + sqlADClient.Sender = sender + sqlADClient.SkipResourceProviderRegistration = c.skipProviderRegistration + c.sqlServerAzureADAdministratorsClient = sqlADClient } func (c *ArmClient) registerDNSClients(endpoint, subscriptionId string, auth autorest.Authorizer, sender autorest.Sender) { diff --git a/azurerm/provider.go b/azurerm/provider.go index 9bc8e0c49480..29c2519e975f 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -181,6 +181,7 @@ func Provider() terraform.ResourceProvider { "azurerm_sql_database": resourceArmSqlDatabase(), "azurerm_sql_elasticpool": resourceArmSqlElasticPool(), "azurerm_sql_firewall_rule": resourceArmSqlFirewallRule(), + "azurerm_sql_administrator": resourceArmSqlAdministrator(), "azurerm_sql_server": resourceArmSqlServer(), "azurerm_storage_account": resourceArmStorageAccount(), "azurerm_storage_blob": resourceArmStorageBlob(), diff --git a/azurerm/resource_arm_sql_administrator.go b/azurerm/resource_arm_sql_administrator.go new file mode 100644 index 000000000000..6c5aaceccc7f --- /dev/null +++ b/azurerm/resource_arm_sql_administrator.go @@ -0,0 +1,143 @@ +package azurerm + +import ( + "fmt" + "log" + + "github.com/Azure/azure-sdk-for-go/services/sql/mgmt/2015-05-01-preview/sql" + "github.com/hashicorp/terraform/helper/schema" + uuid "github.com/satori/go.uuid" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" + //"github.com/hashicorp/terraform/helper/validation" + //"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/response" +) + +func resourceArmSqlAdministrator() *schema.Resource { + return &schema.Resource{ + Create: resourceArmSqlAdministratorCreateUpdate, + Read: resourceArmSqlAdministratorRead, + Update: resourceArmSqlAdministratorCreateUpdate, + Delete: resourceArmSqlAdministratorDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "server_name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + + "resource_group_name": resourceGroupNameSchema(), + + "login": { + Type: schema.TypeString, + Required: true, + }, + + "object_id": { + Type: schema.TypeString, + Required: true, + }, + + "tenant_id": { + Type: schema.TypeString, + Required: true, + }, + }, + } +} + +func resourceArmSqlAdministratorCreateUpdate(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).sqlServerAzureADAdministratorsClient + ctx := meta.(*ArmClient).StopContext + + serverName := d.Get("server_name").(string) + resGroup := d.Get("resource_group_name").(string) + administratorName := "activeDirectory" + login := d.Get("login").(string) + objectId := uuid.FromStringOrNil(d.Get("object_id").(string)) + tenantId := uuid.FromStringOrNil(d.Get("tenant_id").(string)) + parameters := sql.ServerAzureADAdministrator{ + ServerAdministratorProperties: &sql.ServerAdministratorProperties{ + AdministratorType: utils.String("ActiveDirectory"), + Login: utils.String(login), + Sid: &objectId, + TenantID: &tenantId, + }, + } + + future, error := client.CreateOrUpdate(ctx, resGroup, serverName, administratorName, parameters) + if error != nil { + return error + } + + error = future.WaitForCompletion(ctx, client.Client) + if error != nil { + return error + } + + resp, error := client.Get(ctx, resGroup, serverName, administratorName) + if error != nil { + return error + } + + d.SetId(*resp.ID) + + return nil +} + +func resourceArmSqlAdministratorRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).sqlServerAzureADAdministratorsClient + ctx := meta.(*ArmClient).StopContext + + id, err := parseAzureResourceID(d.Id()) + if err != nil { + return err + } + + resourceGroup := id.ResourceGroup + serverName := id.Path["servers"] + administratorName := id.Path["administrators"] + + resp, err := client.Get(ctx, resourceGroup, serverName, administratorName) + if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + log.Printf("[INFO] Error reading SQL AD administrator %q - removing from state", d.Id()) + d.SetId("") + return nil + } + + return fmt.Errorf("Error reading SQL AD administrator: %+v", err) + } + + d.Set("resource_group_name", resourceGroup) + d.Set("server_name", serverName) + d.Set("login", resp.Login) + d.Set("object_id", resp.Sid.String()) + d.Set("tenant_id", resp.TenantID.String()) + + return nil +} + +func resourceArmSqlAdministratorDelete(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).sqlServerAzureADAdministratorsClient + ctx := meta.(*ArmClient).StopContext + + id, err := parseAzureResourceID(d.Id()) + if err != nil { + return err + } + + resourceGroup := id.ResourceGroup + serverName := id.Path["servers"] + administratorName := id.Path["administrators"] + + _, err = client.Delete(ctx, resourceGroup, serverName, administratorName) + if err != nil { + return fmt.Errorf("Error deleting SQL AD administrator: %+v", err) + } + + return nil +} diff --git a/azurerm/resource_arm_sql_server.go b/azurerm/resource_arm_sql_server.go index dc11778d2d06..613ec039a477 100644 --- a/azurerm/resource_arm_sql_server.go +++ b/azurerm/resource_arm_sql_server.go @@ -55,30 +55,6 @@ func resourceArmSqlServer() *schema.Resource { Sensitive: true, }, - "ad_administrator": { - Type: schema.TypeList, - Optional: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "login": { - Type: schema.TypeString, - Required: true, - }, - - "object_id": { - Type: schema.TypeString, - Required: true, - }, - - "tenant_id": { - Type: schema.TypeString, - Required: true, - }, - }, - }, - }, - "fully_qualified_domain_name": { Type: schema.TypeString, Computed: true, From fd5b00a6bd9a942dc8a486f3e7721da3fb98667e Mon Sep 17 00:00:00 2001 From: Simon Halsey Date: Mon, 29 Jan 2018 00:10:28 +0000 Subject: [PATCH 3/9] Added tests --- .../resource_arm_sql_administrator_test.go | 184 ++++++++++++++++++ 1 file changed, 184 insertions(+) create mode 100644 azurerm/resource_arm_sql_administrator_test.go diff --git a/azurerm/resource_arm_sql_administrator_test.go b/azurerm/resource_arm_sql_administrator_test.go new file mode 100644 index 000000000000..ba05dc3d520e --- /dev/null +++ b/azurerm/resource_arm_sql_administrator_test.go @@ -0,0 +1,184 @@ +package azurerm + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccAzureRMSqlAdministrator_basic(t *testing.T) { + resourceName := "azurerm_sql_administrator.test" + ri := acctest.RandInt() + preConfig := testAccAzureRMSqlAdministrator_basic(ri, testLocation()) + postConfig := testAccAzureRMSqlAdministrator_withUpdates(ri, testLocation()) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMSqlAdministratorDestroy, + Steps: []resource.TestStep{ + { + Config: preConfig, + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMSqlAdministratorExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "login", "sqladmin"), + ), + }, + { + Config: postConfig, + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMSqlAdministratorExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "login", "sqladmin2"), + ), + }, + }, + }) +} + +func TestAccAzureRMSqlAdministrator_disappears(t *testing.T) { + resourceName := "azurerm_sql_administrator.test" + ri := acctest.RandInt() + config := testAccAzureRMSqlAdministrator_basic(ri, testLocation()) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMSqlAdministratorDestroy, + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMSqlAdministratorExists(resourceName), + testCheckAzureRMSqlAdministratorDisappears(resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + +func testCheckAzureRMSqlAdministratorExists(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("Not found: %s", name) + } + + resourceGroup := rs.Primary.Attributes["resource_group_name"] + serverName := rs.Primary.Attributes["server_name"] + + client := testAccProvider.Meta().(*ArmClient).sqlServerAzureADAdministratorsClient + ctx := testAccProvider.Meta().(*ArmClient).StopContext + + _, err := client.Get(ctx, resourceGroup, serverName, "activeDirectory") + if err != nil { + return err + } + + return nil + } +} + +func testCheckAzureRMSqlAdministratorDisappears(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("Not found: %s", name) + } + + resourceGroup := rs.Primary.Attributes["resource_group_name"] + serverName := rs.Primary.Attributes["server_name"] + + client := testAccProvider.Meta().(*ArmClient).sqlServerAzureADAdministratorsClient + ctx := testAccProvider.Meta().(*ArmClient).StopContext + + _, err := client.Delete(ctx, resourceGroup, serverName, "activeDirectory") + if err != nil { + return fmt.Errorf("Bad: Delete on sqlAdministratorClient: %+v", err) + } + + return nil + } +} + +func testCheckAzureRMSqlAdministratorDestroy(s *terraform.State) error { + for _, rs := range s.RootModule().Resources { + if rs.Type != "azurerm_sql_administrator" { + continue + } + + resourceGroup := rs.Primary.Attributes["resource_group_name"] + serverName := rs.Primary.Attributes["server_name"] + + client := testAccProvider.Meta().(*ArmClient).sqlServerAzureADAdministratorsClient + ctx := testAccProvider.Meta().(*ArmClient).StopContext + + resp, err := client.Get(ctx, resourceGroup, serverName, "activeDirectory") + if err != nil { + return err + } + + return fmt.Errorf("SQL Administrator (server %q / resource group %q) still exists: %+v", serverName, resourceGroup, resp) + } + + return nil +} + +func testAccAzureRMSqlAdministrator_basic(rInt int, location string) string { + return fmt.Sprintf(` +data "azurerm_client_config" "current" {} + +resource "azure_resource_group" "test" { + name = "acctestRG_%d" + location = "%s" +} + +resource "azurerm_sql_server" "test" { + name = "acctestsqlserver%d" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "${azurerm_resource_group.test.location}" + version = "12.0" + administrator_login = "mradministrator" + administrator_login_password = "thisIsDog11" +} + +resource "azurerm_sql_administrator" "test" { + server_name = "${azurerm_sql_server.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + login = "sqladmin" + tenant_id = "${data.azurerm_client_config.current.tenant_id}" + object_id = "${data.azurerm_client_config.current.client_id}" +} +`, rInt, location, rInt) +} + +func testAccAzureRMSqlAdministrator_withUpdates(rInt int, location string) string { + return fmt.Sprintf(` +data "azurerm_client_config" "current" {} + +resource "azure_resource_group" "test" { + name = "acctestRG_%d" + location = "%s" +} + +resource "azurerm_sql_server" "test" { + name = "acctestsqlserver%d" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "${azurerm_resource_group.test.location}" + version = "12.0" + administrator_login = "mradministrator" + administrator_login_password = "thisIsDog11" +} + +resource "azurerm_sql_administrator" "test" { + server_name = "${azurerm_sql_server.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + login = "sqladmin2" + tenant_id = "${data.azurerm_client_config.current.tenant_id}" + object_id = "${data.azurerm_client_config.current.client_id}" +} +`, rInt, location, rInt) +} From 230b15b6517d61479321377fc78ee5a48eb0dbc6 Mon Sep 17 00:00:00 2001 From: Simon Halsey Date: Thu, 22 Feb 2018 00:47:10 +0000 Subject: [PATCH 4/9] implemented PR comments --- azurerm/import_arm_sql_administrator_test.go | 32 ++++++++++++++ azurerm/provider.go | 2 +- azurerm/resource_arm_sql_administrator.go | 44 +++++++++---------- .../resource_arm_sql_administrator_test.go | 16 +++---- 4 files changed, 63 insertions(+), 31 deletions(-) create mode 100644 azurerm/import_arm_sql_administrator_test.go diff --git a/azurerm/import_arm_sql_administrator_test.go b/azurerm/import_arm_sql_administrator_test.go new file mode 100644 index 000000000000..48fe0e71d60d --- /dev/null +++ b/azurerm/import_arm_sql_administrator_test.go @@ -0,0 +1,32 @@ +package azurerm + +import ( + "testing" + + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" +) + +func TestAccAzureRMSqlAdministrator_importBasic(t *testing.T) { + resourceName := "azurerm_sql_active_directory_administrator.test" + + ri := acctest.RandInt() + config := testAccAzureRMSqlAdministrator_basic(ri, testLocation()) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMSqlAdministratorDestroy, + Steps: []resource.TestStep{ + { + Config: config, + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{}, + }, + }, + }) +} diff --git a/azurerm/provider.go b/azurerm/provider.go index 29c2519e975f..f4424deaa787 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -181,7 +181,7 @@ func Provider() terraform.ResourceProvider { "azurerm_sql_database": resourceArmSqlDatabase(), "azurerm_sql_elasticpool": resourceArmSqlElasticPool(), "azurerm_sql_firewall_rule": resourceArmSqlFirewallRule(), - "azurerm_sql_administrator": resourceArmSqlAdministrator(), + "azurerm_sql_active_directory_administrator": resourceArmSqlAdministrator(), "azurerm_sql_server": resourceArmSqlServer(), "azurerm_storage_account": resourceArmStorageAccount(), "azurerm_storage_blob": resourceArmStorageBlob(), diff --git a/azurerm/resource_arm_sql_administrator.go b/azurerm/resource_arm_sql_administrator.go index 6c5aaceccc7f..923ce5d9fe2a 100644 --- a/azurerm/resource_arm_sql_administrator.go +++ b/azurerm/resource_arm_sql_administrator.go @@ -8,16 +8,14 @@ import ( "github.com/hashicorp/terraform/helper/schema" uuid "github.com/satori/go.uuid" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" - //"github.com/hashicorp/terraform/helper/validation" - //"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/response" ) func resourceArmSqlAdministrator() *schema.Resource { return &schema.Resource{ - Create: resourceArmSqlAdministratorCreateUpdate, - Read: resourceArmSqlAdministratorRead, - Update: resourceArmSqlAdministratorCreateUpdate, - Delete: resourceArmSqlAdministratorDelete, + Create: resourceArmSqlActiveDirectoryAdministratorCreateUpdate, + Read: resourceArmSqlActiveDirectoryAdministratorRead, + Update: resourceArmSqlActiveDirectoryAdministratorCreateUpdate, + Delete: resourceArmSqlActiveDirectoryAdministratorDelete, Importer: &schema.ResourceImporter{ State: schema.ImportStatePassthrough, }, @@ -37,19 +35,21 @@ func resourceArmSqlAdministrator() *schema.Resource { }, "object_id": { - Type: schema.TypeString, - Required: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validateUUID, }, "tenant_id": { - Type: schema.TypeString, - Required: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validateUUID, }, }, } } -func resourceArmSqlAdministratorCreateUpdate(d *schema.ResourceData, meta interface{}) error { +func resourceArmSqlActiveDirectoryAdministratorCreateUpdate(d *schema.ResourceData, meta interface{}) error { client := meta.(*ArmClient).sqlServerAzureADAdministratorsClient ctx := meta.(*ArmClient).StopContext @@ -68,19 +68,19 @@ func resourceArmSqlAdministratorCreateUpdate(d *schema.ResourceData, meta interf }, } - future, error := client.CreateOrUpdate(ctx, resGroup, serverName, administratorName, parameters) - if error != nil { - return error + future, err := client.CreateOrUpdate(ctx, resGroup, serverName, administratorName, parameters) + if err != nil { + return err } - error = future.WaitForCompletion(ctx, client.Client) - if error != nil { - return error + err = future.WaitForCompletion(ctx, client.Client) + if err != nil { + return err } - resp, error := client.Get(ctx, resGroup, serverName, administratorName) - if error != nil { - return error + resp, err := client.Get(ctx, resGroup, serverName, administratorName) + if err != nil { + return err } d.SetId(*resp.ID) @@ -88,7 +88,7 @@ func resourceArmSqlAdministratorCreateUpdate(d *schema.ResourceData, meta interf return nil } -func resourceArmSqlAdministratorRead(d *schema.ResourceData, meta interface{}) error { +func resourceArmSqlActiveDirectoryAdministratorRead(d *schema.ResourceData, meta interface{}) error { client := meta.(*ArmClient).sqlServerAzureADAdministratorsClient ctx := meta.(*ArmClient).StopContext @@ -121,7 +121,7 @@ func resourceArmSqlAdministratorRead(d *schema.ResourceData, meta interface{}) e return nil } -func resourceArmSqlAdministratorDelete(d *schema.ResourceData, meta interface{}) error { +func resourceArmSqlActiveDirectoryAdministratorDelete(d *schema.ResourceData, meta interface{}) error { client := meta.(*ArmClient).sqlServerAzureADAdministratorsClient ctx := meta.(*ArmClient).StopContext diff --git a/azurerm/resource_arm_sql_administrator_test.go b/azurerm/resource_arm_sql_administrator_test.go index ba05dc3d520e..f9f615b53138 100644 --- a/azurerm/resource_arm_sql_administrator_test.go +++ b/azurerm/resource_arm_sql_administrator_test.go @@ -145,10 +145,10 @@ resource "azurerm_sql_server" "test" { administrator_login_password = "thisIsDog11" } -resource "azurerm_sql_administrator" "test" { - server_name = "${azurerm_sql_server.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - login = "sqladmin" +resource "azurerm_sql_active_directory_administrator" "test" { + server_name = "${azurerm_sql_server.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + login = "sqladmin" tenant_id = "${data.azurerm_client_config.current.tenant_id}" object_id = "${data.azurerm_client_config.current.client_id}" } @@ -173,10 +173,10 @@ resource "azurerm_sql_server" "test" { administrator_login_password = "thisIsDog11" } -resource "azurerm_sql_administrator" "test" { - server_name = "${azurerm_sql_server.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - login = "sqladmin2" +resource "azurerm_sql_active_directory_administrator" "test" { + server_name = "${azurerm_sql_server.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + login = "sqladmin2" tenant_id = "${data.azurerm_client_config.current.tenant_id}" object_id = "${data.azurerm_client_config.current.client_id}" } From 831238b16a200911470bfc747278c097ce60e8b5 Mon Sep 17 00:00:00 2001 From: Simon Halsey Date: Thu, 22 Feb 2018 01:29:33 +0000 Subject: [PATCH 5/9] Added documentation --- website/azurerm.erb | 4 ++ ...ql_active_directory_administrator.markdown | 67 +++++++++++++++++++ 2 files changed, 71 insertions(+) create mode 100644 website/docs/r/sql_active_directory_administrator.markdown diff --git a/website/azurerm.erb b/website/azurerm.erb index cdb56ffd271f..d66949c30f3e 100644 --- a/website/azurerm.erb +++ b/website/azurerm.erb @@ -313,6 +313,10 @@ azurerm_sql_database + > + azurerm_sql_active_directory_administrator + + > azurerm_sql_elasticpool diff --git a/website/docs/r/sql_active_directory_administrator.markdown b/website/docs/r/sql_active_directory_administrator.markdown new file mode 100644 index 000000000000..b4a548441f81 --- /dev/null +++ b/website/docs/r/sql_active_directory_administrator.markdown @@ -0,0 +1,67 @@ +--- +layout: "azurerm" +page_title: "Azure Resource manager: azurerm_sql_active_directory_administrator" +sidebar_current: "docs-azurerm-resource-database-sql-administrator" +description: |- + Add a Active Directory administrator to a SQL server +--- + +# azurerm\_sql\_active\_directory\_administrator + +Allows you to set a user or group as the AD administrator for an Azure SQL server + +## Example Usage + +```hcl +data "azurerm_client_config" "current" {} + +resource "azurerm_resource_group" "test" { + name = "acceptanceTestResourceGroup1" + location = "West US" +} + +resource "azurerm_sql_server" "test" { + name = "mysqlserver" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "West US" + version = "12.0" + administrator_login = "4dm1n157r470r" + administrator_login_password = "4-v3ry-53cr37-p455w0rd" +} + +resource "azurerm_sql_active_directory_administrator" "test" { + server_name = "${azurerm_sql_server.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + login = "sqladmin" + tenant_id = "${data.azurerm_client_config.current.tenant_id}" + object_id = "${data.azurerm_client_config.current.service_principal_object_id}" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `server_name` - (Required) The name of the SQL Server on which to set the administrator + +* `resource_group_name` - (Required) The name of the resource group for the SQL server. + +* `login` - (Required) The login name of the principal to set as the server administrator + +* `object_id` - (Required) The ID of the principal to set as the server administrator + +* `tenant_id` - (Required) The Azure Tenant ID + +## Attributes Reference + +The following attributes are exported: + +* `id` - The SQL Active Directory Administrator ID. + +## Import + +A SQL Active Directory Administratir can be imported using the `resource id`, e.g. + +```shell +terraform import azurerm_sql_active_directory_administrator.administrator /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Sql/servers/myserver/administrators/activeDirectory +``` From 45047063b71d66991c9bfd1e24ea0ec99e3bbdce Mon Sep 17 00:00:00 2001 From: tombuildsstuff Date: Fri, 2 Mar 2018 13:10:51 -0800 Subject: [PATCH 6/9] Minor tweaks from the PR review --- azurerm/import_arm_sql_administrator_test.go | 7 ++-- ...ql_active_directory_administrator.markdown | 32 +++++++++---------- 2 files changed, 19 insertions(+), 20 deletions(-) diff --git a/azurerm/import_arm_sql_administrator_test.go b/azurerm/import_arm_sql_administrator_test.go index 48fe0e71d60d..ede826f63788 100644 --- a/azurerm/import_arm_sql_administrator_test.go +++ b/azurerm/import_arm_sql_administrator_test.go @@ -22,10 +22,9 @@ func TestAccAzureRMSqlAdministrator_importBasic(t *testing.T) { Config: config, }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, }, }, }) diff --git a/website/docs/r/sql_active_directory_administrator.markdown b/website/docs/r/sql_active_directory_administrator.markdown index b4a548441f81..426e1506c9c7 100644 --- a/website/docs/r/sql_active_directory_administrator.markdown +++ b/website/docs/r/sql_active_directory_administrator.markdown @@ -3,10 +3,10 @@ layout: "azurerm" page_title: "Azure Resource manager: azurerm_sql_active_directory_administrator" sidebar_current: "docs-azurerm-resource-database-sql-administrator" description: |- - Add a Active Directory administrator to a SQL server + Manages an Active Directory administrator on a SQL server --- -# azurerm\_sql\_active\_directory\_administrator +# azurerm_sql_active_directory_administrator Allows you to set a user or group as the AD administrator for an Azure SQL server @@ -21,20 +21,20 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_sql_server" "test" { - name = "mysqlserver" - resource_group_name = "${azurerm_resource_group.test.name}" - location = "West US" - version = "12.0" - administrator_login = "4dm1n157r470r" - administrator_login_password = "4-v3ry-53cr37-p455w0rd" + name = "mysqlserver" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "${azurerm_resource_group.test.location}" + version = "12.0" + administrator_login = "4dm1n157r470r" + administrator_login_password = "4-v3ry-53cr37-p455w0rd" } resource "azurerm_sql_active_directory_administrator" "test" { - server_name = "${azurerm_sql_server.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - login = "sqladmin" - tenant_id = "${data.azurerm_client_config.current.tenant_id}" - object_id = "${data.azurerm_client_config.current.service_principal_object_id}" + server_name = "${azurerm_sql_server.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + login = "sqladmin" + tenant_id = "${data.azurerm_client_config.current.tenant_id}" + object_id = "${data.azurerm_client_config.current.service_principal_object_id}" } ``` @@ -42,9 +42,9 @@ resource "azurerm_sql_active_directory_administrator" "test" { The following arguments are supported: -* `server_name` - (Required) The name of the SQL Server on which to set the administrator +* `server_name` - (Required) The name of the SQL Server on which to set the administrator. Changing this forces a new resource to be created. -* `resource_group_name` - (Required) The name of the resource group for the SQL server. +* `resource_group_name` - (Required) The name of the resource group for the SQL server. Changing this forces a new resource to be created. * `login` - (Required) The login name of the principal to set as the server administrator @@ -60,7 +60,7 @@ The following attributes are exported: ## Import -A SQL Active Directory Administratir can be imported using the `resource id`, e.g. +A SQL Active Directory Administrator can be imported using the `resource id`, e.g. ```shell terraform import azurerm_sql_active_directory_administrator.administrator /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Sql/servers/myserver/administrators/activeDirectory From b3870ae2d084bd794dbb3a1028533ece839715b4 Mon Sep 17 00:00:00 2001 From: tombuildsstuff Date: Fri, 2 Mar 2018 13:15:52 -0800 Subject: [PATCH 7/9] Fixing the resource name --- .../resource_arm_sql_administrator_test.go | 46 +++++++++---------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/azurerm/resource_arm_sql_administrator_test.go b/azurerm/resource_arm_sql_administrator_test.go index f9f615b53138..2fdaad32cc5e 100644 --- a/azurerm/resource_arm_sql_administrator_test.go +++ b/azurerm/resource_arm_sql_administrator_test.go @@ -131,18 +131,18 @@ func testAccAzureRMSqlAdministrator_basic(rInt int, location string) string { return fmt.Sprintf(` data "azurerm_client_config" "current" {} -resource "azure_resource_group" "test" { - name = "acctestRG_%d" - location = "%s" +resource "azurerm_resource_group" "test" { + name = "acctestRG_%d" + location = "%s" } resource "azurerm_sql_server" "test" { - name = "acctestsqlserver%d" - resource_group_name = "${azurerm_resource_group.test.name}" - location = "${azurerm_resource_group.test.location}" - version = "12.0" - administrator_login = "mradministrator" - administrator_login_password = "thisIsDog11" + name = "acctestsqlserver%d" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "${azurerm_resource_group.test.location}" + version = "12.0" + administrator_login = "mradministrator" + administrator_login_password = "thisIsDog11" } resource "azurerm_sql_active_directory_administrator" "test" { @@ -159,26 +159,26 @@ func testAccAzureRMSqlAdministrator_withUpdates(rInt int, location string) strin return fmt.Sprintf(` data "azurerm_client_config" "current" {} -resource "azure_resource_group" "test" { - name = "acctestRG_%d" - location = "%s" +resource "azurerm_resource_group" "test" { + name = "acctestRG_%d" + location = "%s" } resource "azurerm_sql_server" "test" { - name = "acctestsqlserver%d" - resource_group_name = "${azurerm_resource_group.test.name}" - location = "${azurerm_resource_group.test.location}" - version = "12.0" - administrator_login = "mradministrator" - administrator_login_password = "thisIsDog11" + name = "acctestsqlserver%d" + resource_group_name = "${azurerm_resource_group.test.name}" + location = "${azurerm_resource_group.test.location}" + version = "12.0" + administrator_login = "mradministrator" + administrator_login_password = "thisIsDog11" } resource "azurerm_sql_active_directory_administrator" "test" { - server_name = "${azurerm_sql_server.test.name}" - resource_group_name = "${azurerm_resource_group.test.name}" - login = "sqladmin2" - tenant_id = "${data.azurerm_client_config.current.tenant_id}" - object_id = "${data.azurerm_client_config.current.client_id}" + server_name = "${azurerm_sql_server.test.name}" + resource_group_name = "${azurerm_resource_group.test.name}" + login = "sqladmin2" + tenant_id = "${data.azurerm_client_config.current.tenant_id}" + object_id = "${data.azurerm_client_config.current.client_id}" } `, rInt, location, rInt) } From dc1a2dacf4123adf5f52c46f80b301fc046ace24 Mon Sep 17 00:00:00 2001 From: tombuildsstuff Date: Fri, 2 Mar 2018 13:41:53 -0800 Subject: [PATCH 8/9] Updating the resource name --- azurerm/resource_arm_sql_administrator_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/azurerm/resource_arm_sql_administrator_test.go b/azurerm/resource_arm_sql_administrator_test.go index 2fdaad32cc5e..213adb4a1485 100644 --- a/azurerm/resource_arm_sql_administrator_test.go +++ b/azurerm/resource_arm_sql_administrator_test.go @@ -10,7 +10,7 @@ import ( ) func TestAccAzureRMSqlAdministrator_basic(t *testing.T) { - resourceName := "azurerm_sql_administrator.test" + resourceName := "azurerm_sql_active_directory_administrator.test" ri := acctest.RandInt() preConfig := testAccAzureRMSqlAdministrator_basic(ri, testLocation()) postConfig := testAccAzureRMSqlAdministrator_withUpdates(ri, testLocation()) @@ -39,7 +39,7 @@ func TestAccAzureRMSqlAdministrator_basic(t *testing.T) { } func TestAccAzureRMSqlAdministrator_disappears(t *testing.T) { - resourceName := "azurerm_sql_administrator.test" + resourceName := "azurerm_sql_active_directory_administrator.test" ri := acctest.RandInt() config := testAccAzureRMSqlAdministrator_basic(ri, testLocation()) @@ -106,7 +106,7 @@ func testCheckAzureRMSqlAdministratorDisappears(name string) resource.TestCheckF func testCheckAzureRMSqlAdministratorDestroy(s *terraform.State) error { for _, rs := range s.RootModule().Resources { - if rs.Type != "azurerm_sql_administrator" { + if rs.Type != "azurerm_sql_active_directory_administrator" { continue } From a02d35a7638a972455b9f8ff268cbe43a0455cd4 Mon Sep 17 00:00:00 2001 From: tombuildsstuff Date: Fri, 2 Mar 2018 13:57:29 -0800 Subject: [PATCH 9/9] Handling the resource group being deleted --- azurerm/resource_arm_sql_administrator_test.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/azurerm/resource_arm_sql_administrator_test.go b/azurerm/resource_arm_sql_administrator_test.go index 213adb4a1485..f4e67d32b5e7 100644 --- a/azurerm/resource_arm_sql_administrator_test.go +++ b/azurerm/resource_arm_sql_administrator_test.go @@ -7,6 +7,7 @@ import ( "github.com/hashicorp/terraform/helper/acctest" "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/terraform" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" ) func TestAccAzureRMSqlAdministrator_basic(t *testing.T) { @@ -118,6 +119,10 @@ func testCheckAzureRMSqlAdministratorDestroy(s *terraform.State) error { resp, err := client.Get(ctx, resourceGroup, serverName, "activeDirectory") if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + return nil + } + return err }