New Resource - azurerm_mssql_server (#6677)

azurerm/internal/services/mssql/client/client.go

@@ -13,6 +13,8 @@ type Client struct {
 	ElasticPoolsClient                                 *sql.ElasticPoolsClient
 	DatabaseVulnerabilityAssessmentRuleBaselinesClient *sql.DatabaseVulnerabilityAssessmentRuleBaselinesClient
 	ServersClient                                      *sql.ServersClient
+	ServerExtendedBlobAuditingPoliciesClient           *sql.ExtendedServerBlobAuditingPoliciesClient
+	ServerConnectionPoliciesClient                     *sql.ServerConnectionPoliciesClient
 	ServerSecurityAlertPoliciesClient                  *sql.ServerSecurityAlertPoliciesClient
 	ServerVulnerabilityAssessmentsClient               *sql.ServerVulnerabilityAssessmentsClient
 	VirtualMachinesClient                              *sqlvirtualmachine.SQLVirtualMachinesClient
@@ -37,12 +39,18 @@ func NewClient(o *common.ClientOptions) *Client {
 	serverSecurityAlertPoliciesClient := sql.NewServerSecurityAlertPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&serverSecurityAlertPoliciesClient.Client, o.ResourceManagerAuthorizer)
 
-	serversClient := sql.NewServersClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
-	o.ConfigureClient(&serversClient.Client, o.ResourceManagerAuthorizer)
+	serverExtendedBlobAuditingPoliciesClient := sql.NewExtendedServerBlobAuditingPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
+	o.ConfigureClient(&serverExtendedBlobAuditingPoliciesClient.Client, o.ResourceManagerAuthorizer)
 
 	serverVulnerabilityAssessmentsClient := sql.NewServerVulnerabilityAssessmentsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&serverVulnerabilityAssessmentsClient.Client, o.ResourceManagerAuthorizer)
 
+	serversClient := sql.NewServersClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
+	o.ConfigureClient(&serversClient.Client, o.ResourceManagerAuthorizer)
+
+	serverConnectionPoliciesClient := sql.NewServerConnectionPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
+	o.ConfigureClient(&serverConnectionPoliciesClient.Client, o.ResourceManagerAuthorizer)
+
 	sqlVirtualMachinesClient := sqlvirtualmachine.NewSQLVirtualMachinesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&sqlVirtualMachinesClient.Client, o.ResourceManagerAuthorizer)
 
@@ -53,6 +61,8 @@ func NewClient(o *common.ClientOptions) *Client {
 		DatabaseVulnerabilityAssessmentRuleBaselinesClient: &databaseVulnerabilityAssessmentRuleBaselinesClient,
 		ElasticPoolsClient:                                 &elasticPoolsClient,
 		ServersClient:                                      &serversClient,
+		ServerExtendedBlobAuditingPoliciesClient:           &serverExtendedBlobAuditingPoliciesClient,
+		ServerConnectionPoliciesClient:                     &serverConnectionPoliciesClient,
 		ServerSecurityAlertPoliciesClient:                  &serverSecurityAlertPoliciesClient,
 		ServerVulnerabilityAssessmentsClient:               &serverVulnerabilityAssessmentsClient,
 		VirtualMachinesClient:                              &sqlVirtualMachinesClient,

azurerm/internal/services/mssql/helper/sql_extended_auditing.go

@@ -42,8 +42,63 @@ func ExtendedAuditingSchema() *schema.Schema {
 	}
 }
 
+func ExpandAzureRmSqlServerBlobAuditingPolicies(input []interface{}) *sql.ExtendedServerBlobAuditingPolicyProperties {
+	if len(input) == 0 || input[0] == nil {
+		return &sql.ExtendedServerBlobAuditingPolicyProperties{
+			State: sql.BlobAuditingPolicyStateDisabled,
+		}
+	}
+	serverBlobAuditingPolicies := input[0].(map[string]interface{})
+
+	ExtendedServerBlobAuditingPolicyProperties := sql.ExtendedServerBlobAuditingPolicyProperties{
+		State:                   sql.BlobAuditingPolicyStateEnabled,
+		StorageAccountAccessKey: utils.String(serverBlobAuditingPolicies["storage_account_access_key"].(string)),
+		StorageEndpoint:         utils.String(serverBlobAuditingPolicies["storage_endpoint"].(string)),
+	}
+	if v, ok := serverBlobAuditingPolicies["storage_account_access_key_is_secondary"]; ok {
+		ExtendedServerBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse = utils.Bool(v.(bool))
+	}
+	if v, ok := serverBlobAuditingPolicies["retention_in_days"]; ok {
+		ExtendedServerBlobAuditingPolicyProperties.RetentionDays = utils.Int32(int32(v.(int)))
+	}
+
+	return &ExtendedServerBlobAuditingPolicyProperties
+}
+
+func FlattenAzureRmSqlServerBlobAuditingPolicies(extendedServerBlobAuditingPolicy *sql.ExtendedServerBlobAuditingPolicy, d *schema.ResourceData) []interface{} {
+	if extendedServerBlobAuditingPolicy == nil || extendedServerBlobAuditingPolicy.State == sql.BlobAuditingPolicyStateDisabled {
+		return []interface{}{}
+	}
+	var storageEndpoint, storageAccessKey string
+	// storage_account_access_key will not be returned, so we transfer the schema value
+	if v, ok := d.GetOk("extended_auditing_policy.0.storage_account_access_key"); ok {
+		storageAccessKey = v.(string)
+	}
+	if extendedServerBlobAuditingPolicy.StorageEndpoint != nil {
+		storageEndpoint = *extendedServerBlobAuditingPolicy.StorageEndpoint
+	}
+
+	var secondKeyInUse bool
+	if extendedServerBlobAuditingPolicy.IsStorageSecondaryKeyInUse != nil {
+		secondKeyInUse = *extendedServerBlobAuditingPolicy.IsStorageSecondaryKeyInUse
+	}
+	var retentionDays int32
+	if extendedServerBlobAuditingPolicy.RetentionDays != nil {
+		retentionDays = *extendedServerBlobAuditingPolicy.RetentionDays
+	}
+
+	return []interface{}{
+		map[string]interface{}{
+			"storage_account_access_key":              storageAccessKey,
+			"storage_endpoint":                        storageEndpoint,
+			"storage_account_access_key_is_secondary": secondKeyInUse,
+			"retention_in_days":                       retentionDays,
+		},
+	}
+}
+
 func ExpandAzureRmMsSqlDBBlobAuditingPolicies(input []interface{}) *sql.ExtendedDatabaseBlobAuditingPolicyProperties {
-	if len(input) == 0 {
+	if len(input) == 0 || input[0] == nil {
 		return &sql.ExtendedDatabaseBlobAuditingPolicyProperties{
 			State: sql.BlobAuditingPolicyStateDisabled,
 		}

azurerm/internal/services/mssql/registration.go

@@ -32,6 +32,7 @@ func (r Registration) SupportedResources() map[string]*schema.Resource {
 		"azurerm_mssql_database": resourceArmMsSqlDatabase(),
 		"azurerm_mssql_database_vulnerability_assessment_rule_baseline": resourceArmMssqlDatabaseVulnerabilityAssessmentRuleBaseline(),
 		"azurerm_mssql_elasticpool":                                     resourceArmMsSqlElasticPool(),
+		"azurerm_mssql_server":                                          resourceArmMsSqlServer(),
 		"azurerm_mssql_server_security_alert_policy":                    resourceArmMssqlServerSecurityAlertPolicy(),
 		"azurerm_mssql_server_vulnerability_assessment":                 resourceArmMssqlServerVulnerabilityAssessment(),
 		"azurerm_mssql_virtual_machine":                                 resourceArmMsSqlVirtualMachine(),

azurerm/internal/services/mssql/resource_arm_mssql_database_vulnerability_assessment_rule_baseline.go

@@ -85,6 +85,7 @@ func resourceArmMssqlDatabaseVulnerabilityAssessmentRuleBaseline() *schema.Resou
 
 func resourceArmMssqlDatabaseVulnerabilityAssessmentRuleBaselineCreateUpdate(d *schema.ResourceData, meta interface{}) error {
 	client := meta.(*clients.Client).MSSQL.DatabaseVulnerabilityAssessmentRuleBaselinesClient
+	vulnerabilityClient := meta.(*clients.Client).MSSQL.ServerVulnerabilityAssessmentsClient
 	ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d)
 	defer cancel()
 
@@ -97,9 +98,8 @@ func resourceArmMssqlDatabaseVulnerabilityAssessmentRuleBaselineCreateUpdate(d *
 
 	resourceGroupName := vulnerabilityAssessmentId.ResourceGroup
 	serverName := vulnerabilityAssessmentId.Path["servers"]
-	vulnerabilityAssessmentClient := meta.(*clients.Client).MSSQL.ServerVulnerabilityAssessmentsClient
 
-	vulnerabilityAssessment, err := vulnerabilityAssessmentClient.Get(ctx, resourceGroupName, serverName)
+	vulnerabilityAssessment, err := vulnerabilityClient.Get(ctx, resourceGroupName, serverName)
 	if err != nil {
 		return fmt.Errorf("Error retrieving Server Vulnerability Assessment Settings: %+v", err)
 	}