New resource azurerm_cognitive_account_ai_services

[xuzhang3]

Community Note

• Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
• Please do not leave "+1" or "me too" comments, they generate extra noise for PR followers and do not help prioritize for review

Description

PR Checklist

• I have followed the guidelines in our Contributing Documentation.
• I have checked to ensure there aren't other open Pull Requests for the same update/change.
• I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
• I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
• I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
  For example: “resource_name_here - description of change e.g. adding property new_property_name_here”

Changes to existing Resource / Data Source

• I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
• I have written new tests for my resource or datasource changes & updated any relevent documentation.
• I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
• (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

• My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

• azurerm_resource - support for the thing1 property [GH-00000]

This is a (please select all that apply):

• Bug Fix
• New Feature (ie adding a service, resource, or data source)
• Enhancement
• Breaking Change

Related Issue(s)

Fixes #0000

Note

If this PR changes meaningfully during the course of review please update the title and description as required.

[xuzhang3]

=== RUN   TestAccCognitiveAIServicesAccount_basic
=== PAUSE TestAccCognitiveAIServicesAccount_basic
=== RUN   TestAccCognitiveAIServicesAccount_requiresImport
=== PAUSE TestAccCognitiveAIServicesAccount_requiresImport
=== RUN   TestAccCognitiveAIServicesAccount_complete
=== PAUSE TestAccCognitiveAIServicesAccount_complete
=== RUN   TestAccCognitiveAIServicesAccount_update
=== PAUSE TestAccCognitiveAIServicesAccount_update
=== RUN   TestAccCognitiveAIServicesAccount_networkACLsVirtualNetworkRules
=== PAUSE TestAccCognitiveAIServicesAccount_networkACLsVirtualNetworkRules
=== RUN   TestAccCognitiveAIServicesAccount_networkACLs
=== PAUSE TestAccCognitiveAIServicesAccount_networkACLs
=== RUN   TestAccCognitiveAIServicesAccount_identity
=== PAUSE TestAccCognitiveAIServicesAccount_identity
=== RUN   TestAccCognitiveAIServicesAccount_customerManagedKey
=== PAUSE TestAccCognitiveAIServicesAccount_customerManagedKey
=== CONT  TestAccCognitiveAIServicesAccount_basic
=== CONT  TestAccCognitiveAIServicesAccount_networkACLsVirtualNetworkRules
=== CONT  TestAccCognitiveAIServicesAccount_identity
=== CONT  TestAccCognitiveAIServicesAccount_requiresImport
=== CONT  TestAccCognitiveAIServicesAccount_networkACLs
=== CONT  TestAccCognitiveAIServicesAccount_update
--- PASS: TestAccCognitiveAIServicesAccount_requiresImport (288.59s)
--- PASS: TestAccCognitiveAIServicesAccount_networkACLs (419.91s)
--- PASS: TestAccCognitiveAIServicesAccount_identity (505.50s)
--- PASS: TestAccCognitiveAIServicesAccount_networkACLsVirtualNetworkRules (509.13s)
--- PASS: TestAccCognitiveAIServicesAccount_customerManagedKey (1402.96s)
--- PASS: TestAccCognitiveAIServicesAccount_update (1459.11s)
--- PASS: TestAccCognitiveAIServicesAccount_complete (1530.32s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/cognitive     1546.807s

[tombuildsstuff]

hey @xuzhang3

I've taken a look through and left some comments inline, but there's a few questions in there - once those are resolved/clarified we can take another look through 👍

Thanks!

[tombuildsstuff]

can we reuse the cognitive_account block for this purpose?

Suggested change

* `cognitive_account_ai_services` - (Optional) A `cognitive_account_ai_services` block as defined below.

[tombuildsstuff]

can we reuse the cognitive_account block for this purpose?

Suggested change

	cognitive_account_ai_services {
	purge_soft_delete_on_destroy = true
	}

[tombuildsstuff]

we can reuse the CognitiveAccount block/toggle here

[tombuildsstuff]

Suggested change

CognitiveAccountAIServices CognitiveAccountAIServicesFeatures

[tombuildsstuff]

can we reuse the cognitive_account block for this purpose?

Suggested change

	"cognitive_account_ai_services": {
	Type: pluginsdk.TypeList,
	Optional: true,
	MaxItems: 1,
	Elem: &pluginsdk.Resource{
	Schema: map[string]*pluginsdk.Schema{
	"purge_soft_delete_on_destroy": {
	Type: pluginsdk.TypeBool,
	Optional: true,
	Default: true,
	},
	},
	},
	},

[tombuildsstuff]

can we expose this as public_network_access with the constant values here?

[xuzhang3]

rename to public_network_access ? Sorry, I didn't get the point.

[tombuildsstuff]

We're moving away from using public_network_access_enabled, since the Azure API is gradually supporting three values for this field (Disabled, Enabled and SecuredByPerimeter) - as such new resources should expose this as a string field (we'll be making this a commonschema field in hashicorp/go-azure-helpers#238) - and existing resources will be updated in time.

As such, can we make this a string field, public_network_access, with the constant values being the possible values - rather than a boolean?

[xuzhang3]

public_network_access_enabled has been renamed to public_network_access

[tombuildsstuff]

These'll be validated from the config, so can be parsed directly:

Suggested change

	subnetId, err := commonids.ParseSubnetIDInsensitively(v)
	subnetId, err := commonids.ParseSubnetID(v)

[tombuildsstuff]

we can parse the ID from metadata.ID

[tombuildsstuff]

we'd also need to lock on the virtual network ids the resource is using (e.g. from the read function) fwiw, else we'd cause errors in other places if we update two at once?

[tombuildsstuff]

hashicorp/go-azure-sdk should do this for you - is this an LRO/is there a bug in the API Definitions here?

[xuzhang3]

this is copied from Cognitive Account and I just remove the unnecessary properties and codes

[tombuildsstuff]

Sure, but presumably when doing so you've looked to see if these can be removed? As such, what's the API actually doing here, is the Swagger wrong and this is an LRO - or is there also an API bug going on here?

[xuzhang3]

thanks, will remove the refresh part. There's only one API for cognitive account, keep everything the same is my first choice.

[tombuildsstuff]

@xuzhang3 with respect, you still haven’t answered my question: what’s the API actually doing here? Can you show the HTTP Request/Response of what’s being sent/coming back over the wire, so that we can understand if there’s another issue here?

[xuzhang3]

@tombuildsstuff the SDK can help handle the request, so I removed the state refresh and replaced by future.Poller.PollUntilDone

[xuzhang3]

=== RUN   TestAccCognitiveAIServicesAccount_basic
=== PAUSE TestAccCognitiveAIServicesAccount_basic
=== RUN   TestAccCognitiveAIServicesAccount_requiresImport
=== PAUSE TestAccCognitiveAIServicesAccount_requiresImport
=== RUN   TestAccCognitiveAIServicesAccount_complete
=== PAUSE TestAccCognitiveAIServicesAccount_complete
=== RUN   TestAccCognitiveAIServicesAccount_update
=== PAUSE TestAccCognitiveAIServicesAccount_update
=== RUN   TestAccCognitiveAIServicesAccount_networkACLsVirtualNetworkRules
=== PAUSE TestAccCognitiveAIServicesAccount_networkACLsVirtualNetworkRules
=== RUN   TestAccCognitiveAIServicesAccount_networkACLs
=== PAUSE TestAccCognitiveAIServicesAccount_networkACLs
=== RUN   TestAccCognitiveAIServicesAccount_identity
=== PAUSE TestAccCognitiveAIServicesAccount_identity
=== RUN   TestAccCognitiveAIServicesAccount_customerManagedKey
=== PAUSE TestAccCognitiveAIServicesAccount_customerManagedKey
=== CONT  TestAccCognitiveAIServicesAccount_basic
=== CONT  TestAccCognitiveAIServicesAccount_networkACLsVirtualNetworkRules
=== CONT  TestAccCognitiveAIServicesAccount_complete
=== CONT  TestAccCognitiveAIServicesAccount_update
=== CONT  TestAccCognitiveAIServicesAccount_identity
=== CONT  TestAccCognitiveAIServicesAccount_requiresImport
=== CONT  TestAccCognitiveAIServicesAccount_customerManagedKey
=== CONT  TestAccCognitiveAIServicesAccount_networkACLs
--- PASS: TestAccCognitiveAIServicesAccount_basic (252.60s)
--- PASS: TestAccCognitiveAIServicesAccount_requiresImport (325.06s)
--- PASS: TestAccCognitiveAIServicesAccount_networkACLs (382.02s)
--- PASS: TestAccCognitiveAIServicesAccount_networkACLsVirtualNetworkRules (386.18s)
--- PASS: TestAccCognitiveAIServicesAccount_identity (528.49s)
--- PASS: TestAccCognitiveAIServicesAccount_complete (1470.42s)
--- PASS: TestAccCognitiveAIServicesAccount_update (1574.76s)
--- PASS: TestAccCognitiveAIServicesAccount_customerManagedKey (2242.81s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/cognitive     2269.238s

[xuzhang3]

@tombuildsstuff all required changes has been updated

[katbyte]

@xuzhang3 could we add in a mhsm_key_vault_key property like we now have in storage_account resource so we can support them properly?

[katbyte]

@xuzhang3 could wemplease update this as tom asked?