azurerm_postgresql_server - do not attempt to get the threat protecti…

…on with the basic SKU (#7015) fixes #6945
hashicorp · May 21, 2020 · 7e80903 · 7e80903
1 parent 46df426
commit 7e80903
Show file tree

Hide file tree

Showing 2 changed files with 71 additions and 18 deletions.
diff --git a/azurerm/internal/services/postgres/postgresql_server_resource.go b/azurerm/internal/services/postgres/postgresql_server_resource.go
@@ -620,8 +620,10 @@ func resourceArmPostgreSQLServerRead(d *schema.ResourceData, meta interface{}) e
 		d.Set("location", azure.NormalizeLocation(*location))
 	}
 
+	tier := postgresql.Basic
 	if sku := resp.Sku; sku != nil {
 		d.Set("sku_name", sku.Name)
+		tier = sku.Tier
 	}
 
 	if props := resp.ServerProperties; props != nil {
@@ -649,15 +651,18 @@ func resourceArmPostgreSQLServerRead(d *schema.ResourceData, meta interface{}) e
 		d.Set("fqdn", props.FullyQualifiedDomainName)
 	}
 
-	secResp, err := securityClient.Get(ctx, id.ResourceGroup, id.Name)
-	if err != nil && !utils.ResponseWasNotFound(secResp.Response) {
-		return fmt.Errorf("error making read request to postgres server security alert policy: %+v", err)
-	}
+	// the basic does not support threat detection policies
+	if tier == postgresql.GeneralPurpose || tier == postgresql.MemoryOptimized {
+		secResp, err := securityClient.Get(ctx, id.ResourceGroup, id.Name)
+		if err != nil && !utils.ResponseWasNotFound(secResp.Response) {
+			return fmt.Errorf("error making read request to postgres server security alert policy: %+v", err)
+		}
 
-	if !utils.ResponseWasNotFound(secResp.Response) {
-		block := flattenSecurityAlertPolicy(secResp.SecurityAlertPolicyProperties, d.Get("threat_detection_policy.0.storage_account_access_key").(string))
-		if err := d.Set("threat_detection_policy", block); err != nil {
-			return fmt.Errorf("setting `threat_detection_policy`: %+v", err)
+		if !utils.ResponseWasNotFound(secResp.Response) {
+			block := flattenSecurityAlertPolicy(secResp.SecurityAlertPolicyProperties, d.Get("threat_detection_policy.0.storage_account_access_key").(string))
+			if err := d.Set("threat_detection_policy", block); err != nil {
+				return fmt.Errorf("setting `threat_detection_policy`: %+v", err)
+			}
 		}
 	}
 

diff --git a/azurerm/internal/services/postgres/tests/postgresql_server_resource_test.go b/azurerm/internal/services/postgres/tests/postgresql_server_resource_test.go
@@ -45,7 +45,7 @@ func TestAccAzureRMPostgreSQLServer_basicNinePointFiveDeprecated(t *testing.T) {
 			},
 			data.ImportStep("administrator_login_password"),
 			{
-				Config: testAccAzureRMPostgreSQLServer_basic(data, "9.5"),
+				Config: testAccAzureRMPostgreSQLServer_gp(data, "9.5"),
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureRMPostgreSQLServerExists(data.ResourceName),
 				),
@@ -91,6 +91,42 @@ func TestAccAzureRMPostgreSQLServer_basicTenPointZero(t *testing.T) {
 	})
 }
 
+func TestAccAzureRMPostgreSQLServer_gpTenPointZero(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_postgresql_server", "test")
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMPostgreSQLServerDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMPostgreSQLServer_gp(data, "10.0"),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMPostgreSQLServerExists(data.ResourceName),
+				),
+			},
+			data.ImportStep("administrator_login_password"),
+		},
+	})
+}
+
+func TestAccAzureRMPostgreSQLServer_moTenPointZero(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_postgresql_server", "test")
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMPostgreSQLServerDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMPostgreSQLServer_mo(data, "10.0"),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMPostgreSQLServerExists(data.ResourceName),
+				),
+			},
+			data.ImportStep("administrator_login_password"),
+		},
+	})
+}
+
 func TestAccAzureRMPostgreSQLServer_basicEleven(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_postgresql_server", "test")
 	resource.ParallelTest(t, resource.TestCase{
@@ -125,7 +161,7 @@ func TestAccAzureRMPostgreSQLServer_autogrowOnly(t *testing.T) {
 			},
 			data.ImportStep("administrator_login_password"),
 			{
-				Config: testAccAzureRMPostgreSQLServer_basic(data, "11"),
+				Config: testAccAzureRMPostgreSQLServer_gp(data, "11"),
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureRMPostgreSQLServerExists(data.ResourceName),
 				),
@@ -212,7 +248,7 @@ func TestAccAzureRMPostgreSQLServer_updated(t *testing.T) {
 		CheckDestroy: testCheckAzureRMPostgreSQLServerDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAzureRMPostgreSQLServer_basic(data, "9.6"),
+				Config: testAccAzureRMPostgreSQLServer_gp(data, "9.6"),
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureRMPostgreSQLServerExists(data.ResourceName),
 				),
@@ -233,7 +269,7 @@ func TestAccAzureRMPostgreSQLServer_updated(t *testing.T) {
 			},
 			data.ImportStep("administrator_login_password"),
 			{
-				Config: testAccAzureRMPostgreSQLServer_basic(data, "9.6"),
+				Config: testAccAzureRMPostgreSQLServer_gp(data, "9.6"),
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureRMPostgreSQLServerExists(data.ResourceName),
 				),
@@ -301,7 +337,7 @@ func TestAccAzureRMPostgreSQLServer_createReplica(t *testing.T) {
 		CheckDestroy: testCheckAzureRMPostgreSQLServerDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAzureRMPostgreSQLServer_basic(data, "11"),
+				Config: testAccAzureRMPostgreSQLServer_gp(data, "11"),
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureRMPostgreSQLServerExists(data.ResourceName),
 				),
@@ -329,7 +365,7 @@ func TestAccAzureRMPostgreSQLServer_createPointInTimeRestore(t *testing.T) {
 		CheckDestroy: testCheckAzureRMPostgreSQLServerDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAzureRMPostgreSQLServer_basic(data, "11"),
+				Config: testAccAzureRMPostgreSQLServer_gp(data, "11"),
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAzureRMPostgreSQLServerExists(data.ResourceName),
 				),
@@ -406,7 +442,7 @@ func testCheckAzureRMPostgreSQLServerDestroy(s *terraform.State) error {
 	return nil
 }
 
-func testAccAzureRMPostgreSQLServer_basic(data acceptance.TestData, version string) string {
+func testAccAzureRMPostgreSQLServer_template(data acceptance.TestData, sku, version string) string {
 	return fmt.Sprintf(`
 provider "azurerm" {
   features {}
@@ -425,13 +461,25 @@ resource "azurerm_postgresql_server" "test" {
   administrator_login          = "acctestun"
   administrator_login_password = "H@Sh1CoR3!"
 
-  sku_name   = "GP_Gen5_2"
+  sku_name   = "%s"
   version    = "%s"
   storage_mb = 51200
 
   ssl_enforcement_enabled = true
 }
-`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, version)
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, sku, version)
+}
+
+func testAccAzureRMPostgreSQLServer_basic(data acceptance.TestData, version string) string {
+	return testAccAzureRMPostgreSQLServer_template(data, "B_Gen5_1", version)
+}
+
+func testAccAzureRMPostgreSQLServer_mo(data acceptance.TestData, version string) string {
+	return testAccAzureRMPostgreSQLServer_template(data, "MO_Gen5_2", version)
+}
+
+func testAccAzureRMPostgreSQLServer_gp(data acceptance.TestData, version string) string {
+	return testAccAzureRMPostgreSQLServer_template(data, "GP_Gen5_2", version)
 }
 
 func testAccAzureRMPostgreSQLServer_autogrow(data acceptance.TestData, version string) string {
@@ -532,7 +580,7 @@ resource "azurerm_postgresql_server" "test" {
   resource_group_name = azurerm_resource_group.test.name
 
   version  = "%s"
-  sku_name = "GP_Gen5_4"
+  sku_name = "GP_Gen5_2"
 
   administrator_login          = "acctestun"
   administrator_login_password = "H@Sh1CoR3!"