Merge pull request #7411 from ptv-logistics/feature/postgresql_aad_admin

new resource: azurerm_postgresql_active_directory_administrator
hashicorp · Jun 25, 2020 · 7fedb2e · 7fedb2e
2 parents e1a102e + ca1372b
commit 7fedb2e
Show file tree

Hide file tree

Showing 6 changed files with 508 additions and 5 deletions.
diff --git a/azurerm/internal/services/postgres/client/client.go b/azurerm/internal/services/postgres/client/client.go
@@ -12,6 +12,7 @@ type Client struct {
 	ServersClient                     *postgresql.ServersClient
 	ServerSecurityAlertPoliciesClient *postgresql.ServerSecurityAlertPoliciesClient
 	VirtualNetworkRulesClient         *postgresql.VirtualNetworkRulesClient
+	ServerAdministratorsClient        *postgresql.ServerAdministratorsClient
 }
 
 func NewClient(o *common.ClientOptions) *Client {
@@ -33,12 +34,16 @@ func NewClient(o *common.ClientOptions) *Client {
 	virtualNetworkRulesClient := postgresql.NewVirtualNetworkRulesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&virtualNetworkRulesClient.Client, o.ResourceManagerAuthorizer)
 
+	serverAdministratorsClient := postgresql.NewServerAdministratorsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
+	o.ConfigureClient(&serverAdministratorsClient.Client, o.ResourceManagerAuthorizer)
+
 	return &Client{
 		ConfigurationsClient:              &configurationsClient,
 		DatabasesClient:                   &databasesClient,
 		FirewallRulesClient:               &firewallRulesClient,
 		ServersClient:                     &serversClient,
 		ServerSecurityAlertPoliciesClient: &serverSecurityAlertPoliciesClient,
 		VirtualNetworkRulesClient:         &virtualNetworkRulesClient,
+		ServerAdministratorsClient:        &serverAdministratorsClient,
 	}
 }
diff --git a/azurerm/internal/services/postgres/postgresql_aad_administrator_resource.go b/azurerm/internal/services/postgres/postgresql_aad_administrator_resource.go
@@ -0,0 +1,170 @@
+package postgres
+
+import (
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/services/postgresql/mgmt/2017-12-01/postgresql"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+	uuid "github.com/satori/go.uuid"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/features"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmPostgreSQLAdministrator() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmPostgreSQLAdministratorCreateUpdate,
+		Read:   resourceArmPostgreSQLAdministratorRead,
+		Update: resourceArmPostgreSQLAdministratorCreateUpdate,
+		Delete: resourceArmPostgreSQLAdministratorDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(30 * time.Minute),
+			Read:   schema.DefaultTimeout(5 * time.Minute),
+			Update: schema.DefaultTimeout(30 * time.Minute),
+			Delete: schema.DefaultTimeout(30 * time.Minute),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"server_name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupName(),
+
+			"login": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"object_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validation.IsUUID,
+			},
+
+			"tenant_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validation.IsUUID,
+			},
+		},
+	}
+}
+
+func resourceArmPostgreSQLAdministratorCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Postgres.ServerAdministratorsClient
+	ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	serverName := d.Get("server_name").(string)
+	resGroup := d.Get("resource_group_name").(string)
+	login := d.Get("login").(string)
+	objectId := uuid.FromStringOrNil(d.Get("object_id").(string))
+	tenantId := uuid.FromStringOrNil(d.Get("tenant_id").(string))
+
+	if features.ShouldResourcesBeImported() && d.IsNewResource() {
+		existing, err := client.Get(ctx, resGroup, serverName)
+		if err != nil {
+			if !utils.ResponseWasNotFound(existing.Response) {
+				return fmt.Errorf("Error checking for presence of existing PostgreSQL AD Administrator (Resource Group %q, Server %q): %+v", resGroup, serverName, err)
+			}
+		}
+
+		if existing.ID != nil && *existing.ID != "" {
+			return tf.ImportAsExistsError("azurerm_postgresql_active_directory_administrator", *existing.ID)
+		}
+	}
+
+	parameters := postgresql.ServerAdministratorResource{
+		ServerAdministratorProperties: &postgresql.ServerAdministratorProperties{
+			AdministratorType: utils.String("ActiveDirectory"),
+			Login:             utils.String(login),
+			Sid:               &objectId,
+			TenantID:          &tenantId,
+		},
+	}
+
+	future, err := client.CreateOrUpdate(ctx, resGroup, serverName, parameters)
+	if err != nil {
+		return fmt.Errorf("Error issuing create/update request for PostgreSQL AD Administrator (Resource Group %q, Server %q): %+v", resGroup, serverName, err)
+	}
+
+	if err = future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("Error waiting on create/update future for PostgreSQL AD Administrator (Resource Group %q, Server %q): %+v", resGroup, serverName, err)
+	}
+
+	resp, err := client.Get(ctx, resGroup, serverName)
+	if err != nil {
+		return fmt.Errorf("Error issuing get request for PostgreSQL AD Administrator (Resource Group %q, Server %q): %+v", resGroup, serverName, err)
+	}
+
+	d.SetId(*resp.ID)
+
+	return nil
+}
+
+func resourceArmPostgreSQLAdministratorRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Postgres.ServerAdministratorsClient
+	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resourceGroup := id.ResourceGroup
+	serverName := id.Path["servers"]
+
+	resp, err := client.Get(ctx, resourceGroup, serverName)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			log.Printf("[INFO] Error reading PostgreSQL AD administrator %q - removing from state", d.Id())
+			d.SetId("")
+			return nil
+		}
+
+		return fmt.Errorf("Error reading PostgreSQL AD administrator: %+v", err)
+	}
+
+	d.Set("resource_group_name", resourceGroup)
+	d.Set("server_name", serverName)
+	d.Set("login", resp.Login)
+	d.Set("object_id", resp.Sid.String())
+	d.Set("tenant_id", resp.TenantID.String())
+
+	return nil
+}
+
+func resourceArmPostgreSQLAdministratorDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Postgres.ServerAdministratorsClient
+	ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resourceGroup := id.ResourceGroup
+	serverName := id.Path["servers"]
+
+	_, err = client.Delete(ctx, resourceGroup, serverName)
+	if err != nil {
+		return fmt.Errorf("Error deleting PostgreSQL AD Administrator: %+v", err)
+	}
+
+	return nil
+}
diff --git a/azurerm/internal/services/postgres/registration.go b/azurerm/internal/services/postgres/registration.go
@@ -28,10 +28,11 @@ func (r Registration) SupportedDataSources() map[string]*schema.Resource {
 // SupportedResources returns the supported Resources supported by this Service
 func (r Registration) SupportedResources() map[string]*schema.Resource {
 	return map[string]*schema.Resource{
-		"azurerm_postgresql_configuration":        resourceArmPostgreSQLConfiguration(),
-		"azurerm_postgresql_database":             resourceArmPostgreSQLDatabase(),
-		"azurerm_postgresql_firewall_rule":        resourceArmPostgreSQLFirewallRule(),
-		"azurerm_postgresql_server":               resourceArmPostgreSQLServer(),
-		"azurerm_postgresql_virtual_network_rule": resourceArmPostgreSQLVirtualNetworkRule(),
+		"azurerm_postgresql_configuration":                  resourceArmPostgreSQLConfiguration(),
+		"azurerm_postgresql_database":                       resourceArmPostgreSQLDatabase(),
+		"azurerm_postgresql_firewall_rule":                  resourceArmPostgreSQLFirewallRule(),
+		"azurerm_postgresql_server":                         resourceArmPostgreSQLServer(),
+		"azurerm_postgresql_virtual_network_rule":           resourceArmPostgreSQLVirtualNetworkRule(),
+		"azurerm_postgresql_active_directory_administrator": resourceArmPostgreSQLAdministrator(),
 	}
 }