New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
azurerm_app_service
ip_restriction
- support for name
& priority
#6705
Changes from 4 commits
27e5d73
88f3786
1270e90
b3c16f4
c3da179
f1caf09
581e48e
4c3ce82
fc209f9
a6362e4
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -316,6 +316,17 @@ func SchemaAppServiceSiteConfig() *schema.Schema { | |
Optional: true, | ||
ValidateFunc: validation.StringIsNotEmpty, | ||
}, | ||
"name": { | ||
Type: schema.TypeString, | ||
Optional: true, | ||
ValidateFunc: validation.StringIsNotEmpty, | ||
}, | ||
"priority": { | ||
Type: schema.TypeInt, | ||
Optional: true, | ||
Computed: true, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. as @sebader noted, priority defaults to 65000 when not provided. Should we make that an explicit default or let it be computed? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm not sure where the default of 65000 is injected in this case. Might be in the Go SDK? Since in CLI, Powershell and the portal the parameter must be manually specified, there is no default there. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. So might actually be better so explicitly set it?! |
||
ValidateFunc: validation.IntBetween(1, 2147483647), | ||
}, | ||
}, | ||
}, | ||
}, | ||
|
@@ -679,6 +690,14 @@ func SchemaAppServiceDataSourceSiteConfig() *schema.Schema { | |
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"name": { | ||
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"priority": { | ||
Type: schema.TypeInt, | ||
Computed: true, | ||
}, | ||
}, | ||
}, | ||
}, | ||
|
@@ -1419,6 +1438,8 @@ func ExpandAppServiceSiteConfig(input interface{}) (*web.SiteConfig, error) { | |
|
||
ipAddress := restriction["ip_address"].(string) | ||
vNetSubnetID := restriction["virtual_network_subnet_id"].(string) | ||
name := restriction["name"].(string) | ||
priority := restriction["priority"].(int) | ||
if vNetSubnetID != "" && ipAddress != "" { | ||
return siteConfig, fmt.Errorf(fmt.Sprintf("only one of `ip_address` or `virtual_network_subnet_id` can be set for `site_config.0.ip_restriction.%d`", i)) | ||
} | ||
|
@@ -1440,6 +1461,14 @@ func ExpandAppServiceSiteConfig(input interface{}) (*web.SiteConfig, error) { | |
ipSecurityRestriction.VnetSubnetResourceID = &vNetSubnetID | ||
} | ||
|
||
if name != "" { | ||
ipSecurityRestriction.Name = &name | ||
} | ||
|
||
if priority != 0 { | ||
ipSecurityRestriction.Priority = utils.Int32(int32(priority)) | ||
} | ||
|
||
restrictions = append(restrictions, ipSecurityRestriction) | ||
} | ||
siteConfig.IPSecurityRestrictions = &restrictions | ||
|
@@ -1564,6 +1593,12 @@ func FlattenAppServiceSiteConfig(input *web.SiteConfig) []interface{} { | |
if vNetSubnetID := v.VnetSubnetResourceID; vNetSubnetID != nil { | ||
block["virtual_network_subnet_id"] = *vNetSubnetID | ||
} | ||
if name := v.Name; name != nil { | ||
block["name"] = *name | ||
} | ||
if priority := v.Priority; priority != nil { | ||
block["priority"] = *priority | ||
} | ||
restrictions = append(restrictions, block) | ||
} | ||
} | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -514,6 +514,27 @@ func TestAccAzureRMAppService_oneIpRestriction(t *testing.T) { | |
}) | ||
} | ||
|
||
func TestAccAzureRMAppService_completeIpRestriction(t *testing.T) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Could we have an additional test that updates an app_service by adding, then removing, a 2nd |
||
data := acceptance.BuildTestData(t, "azurerm_app_service", "test") | ||
resource.ParallelTest(t, resource.TestCase{ | ||
PreCheck: func() { acceptance.PreCheck(t) }, | ||
Providers: acceptance.SupportedProviders, | ||
CheckDestroy: testCheckAzureRMAppServiceDestroy, | ||
Steps: []resource.TestStep{ | ||
{ | ||
Config: testAccAzureRMAppService_completeIpRestriction(data), | ||
Check: resource.ComposeTestCheckFunc( | ||
testCheckAzureRMAppServiceExists(data.ResourceName), | ||
resource.TestCheckResourceAttr(data.ResourceName, "site_config.0.ip_restriction.0.ip_address", "10.10.10.10/32"), | ||
resource.TestCheckResourceAttr(data.ResourceName, "site_config.0.ip_restriction.0.name", "test-restriction"), | ||
resource.TestCheckResourceAttr(data.ResourceName, "site_config.0.ip_restriction.0.priority", "123"), | ||
), | ||
}, | ||
data.ImportStep(), | ||
}, | ||
}) | ||
} | ||
|
||
func TestAccAzureRMAppService_oneVNetSubnetIpRestriction(t *testing.T) { | ||
data := acceptance.BuildTestData(t, "azurerm_app_service", "test") | ||
resource.ParallelTest(t, resource.TestCase{ | ||
|
@@ -2582,6 +2603,45 @@ resource "azurerm_app_service" "test" { | |
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger) | ||
} | ||
|
||
func testAccAzureRMAppService_completeIpRestriction(data acceptance.TestData) string { | ||
return fmt.Sprintf(` | ||
provider "azurerm" { | ||
features {} | ||
} | ||
|
||
resource "azurerm_resource_group" "test" { | ||
name = "acctestRG-%d" | ||
location = "%s" | ||
} | ||
|
||
resource "azurerm_app_service_plan" "test" { | ||
name = "acctestASP-%d" | ||
location = azurerm_resource_group.test.location | ||
resource_group_name = azurerm_resource_group.test.name | ||
|
||
sku { | ||
tier = "Standard" | ||
size = "S1" | ||
} | ||
} | ||
|
||
resource "azurerm_app_service" "test" { | ||
name = "acctestAS-%d" | ||
location = azurerm_resource_group.test.location | ||
resource_group_name = azurerm_resource_group.test.name | ||
app_service_plan_id = azurerm_app_service_plan.test.id | ||
|
||
site_config { | ||
ip_restriction { | ||
ip_address = "10.10.10.10/32" | ||
name = "test-restriction" | ||
priority = 123 | ||
} | ||
} | ||
} | ||
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger) | ||
} | ||
|
||
func testAccAzureRMAppService_oneVNetSubnetIpRestriction(data acceptance.TestData) string { | ||
return fmt.Sprintf(` | ||
provider "azurerm" { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we'll want
Computed: true,
on here.