diff --git a/internal/services/machinelearning/machine_learning_compute_cluster_resource.go b/internal/services/machinelearning/machine_learning_compute_cluster_resource.go index 073272c09935..f05414d54f5b 100644 --- a/internal/services/machinelearning/machine_learning_compute_cluster_resource.go +++ b/internal/services/machinelearning/machine_learning_compute_cluster_resource.go @@ -100,6 +100,13 @@ func resourceComputeCluster() *pluginsdk.Resource { ForceNew: true, }, + "node_public_ip_enabled": { + Type: pluginsdk.TypeBool, + Optional: true, + Default: true, + ForceNew: true, + }, + "ssh": { Type: pluginsdk.TypeList, Optional: true, @@ -175,12 +182,17 @@ func resourceComputeClusterCreate(d *pluginsdk.ResourceData, meta interface{}) e return tf.ImportAsExistsError("azurerm_machine_learning_compute_cluster", id.ID()) } + if !d.Get("node_public_ip_enabled").(bool) && d.Get("subnet_resource_id").(string) == "" { + return fmt.Errorf("`subnet_resource_id` must be set if `node_public_ip_enabled` is set to `false`") + } + vmPriority := machinelearningcomputes.VMPriority(d.Get("vm_priority").(string)) computeClusterAmlComputeProperties := machinelearningcomputes.AmlComputeProperties{ VMSize: utils.String(d.Get("vm_size").(string)), VMPriority: &vmPriority, ScaleSettings: expandScaleSettings(d.Get("scale_settings").([]interface{})), UserAccountCredentials: expandUserAccountCredentials(d.Get("ssh").([]interface{})), + EnableNodePublicIP: pointer.To(d.Get("node_public_ip_enabled").(bool)), } computeClusterAmlComputeProperties.RemoteLoginPortPublicAccess = utils.ToPtr(machinelearningcomputes.RemoteLoginPortPublicAccessDisabled) @@ -270,6 +282,11 @@ func resourceComputeClusterRead(d *pluginsdk.ResourceData, meta interface{}) err d.Set("vm_priority", string(pointer.From(props.VMPriority))) d.Set("scale_settings", flattenScaleSettings(props.ScaleSettings)) d.Set("ssh", flattenUserAccountCredentials(props.UserAccountCredentials)) + enableNodePublicIP := true + if props.EnableNodePublicIP != nil { + enableNodePublicIP = *props.EnableNodePublicIP + } + d.Set("node_public_ip_enabled", enableNodePublicIP) if props.Subnet != nil { d.Set("subnet_resource_id", props.Subnet.Id) } diff --git a/internal/services/machinelearning/machine_learning_compute_cluster_resource_test.go b/internal/services/machinelearning/machine_learning_compute_cluster_resource_test.go index 3573ede9dafc..bcd845a8583b 100644 --- a/internal/services/machinelearning/machine_learning_compute_cluster_resource_test.go +++ b/internal/services/machinelearning/machine_learning_compute_cluster_resource_test.go @@ -205,6 +205,7 @@ resource "azurerm_machine_learning_compute_cluster" "test" { vm_size = "STANDARD_DS2_V2" machine_learning_workspace_id = azurerm_machine_learning_workspace.test.id subnet_resource_id = azurerm_subnet.test.id + node_public_ip_enabled = false description = "Machine Learning" tags = { environment = "test" @@ -225,7 +226,8 @@ resource "azurerm_machine_learning_compute_cluster" "test" { key_value = var.ssh_key } depends_on = [ - azurerm_subnet_network_security_group_association.test + azurerm_subnet_network_security_group_association.test, + azurerm_private_endpoint.test, ] } `, template, data.RandomIntOfLength(8)) @@ -367,7 +369,11 @@ resource "azurerm_machine_learning_compute_cluster" "test" { func (r ComputeClusterResource) template_basic(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } data "azurerm_client_config" "current" {} @@ -426,7 +432,11 @@ resource "azurerm_machine_learning_workspace" "test" { func (r ComputeClusterResource) template_complete(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } data "azurerm_client_config" "current" {} @@ -478,6 +488,37 @@ resource "azurerm_machine_learning_workspace" "test" { } } +resource "azurerm_private_dns_zone" "test" { + name = "privatelink.api.azureml.ms" + resource_group_name = azurerm_resource_group.test.name +} + +resource "azurerm_private_dns_zone_virtual_network_link" "test" { + name = "test-vlink" + resource_group_name = azurerm_resource_group.test.name + private_dns_zone_name = azurerm_private_dns_zone.test.name + virtual_network_id = azurerm_virtual_network.test.id +} + +resource "azurerm_private_endpoint" "test" { + name = "test-pe-%[6]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + subnet_id = azurerm_subnet.test.id + + private_service_connection { + name = "test-mlworkspace-%[7]d" + private_connection_resource_id = azurerm_machine_learning_workspace.test.id + subresource_names = ["amlworkspace"] + is_manual_connection = false + } + + private_dns_zone_group { + name = "test" + private_dns_zone_ids = [azurerm_private_dns_zone.test.id] + } +} + resource "azurerm_virtual_network" "test" { name = "acctestvirtnet%[6]d" address_space = ["10.1.0.0/16"] @@ -515,5 +556,6 @@ resource "azurerm_subnet_network_security_group_association" "test" { } `, data.RandomInteger, data.Locations.Primary, data.RandomIntOfLength(12), data.RandomIntOfLength(15), data.RandomIntOfLength(16), - data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger) + data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, + data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger) } diff --git a/internal/services/machinelearning/machine_learning_compute_instance_resource_test.go b/internal/services/machinelearning/machine_learning_compute_instance_resource_test.go index 0f7676612fb7..cdf51b99d427 100644 --- a/internal/services/machinelearning/machine_learning_compute_instance_resource_test.go +++ b/internal/services/machinelearning/machine_learning_compute_instance_resource_test.go @@ -195,7 +195,7 @@ resource "azurerm_machine_learning_compute_instance" "test" { Label1 = "Value1" } depends_on = [ - azurerm_subnet_network_security_group_association.test + azurerm_subnet_network_security_group_association.test, ] } `, template, data.RandomIntOfLength(8), data.RandomIntOfLength(8), data.RandomIntOfLength(8)) @@ -287,7 +287,11 @@ resource "azurerm_machine_learning_compute_instance" "test" { func (r ComputeInstanceResource) template(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } data "azurerm_client_config" "current" {} @@ -338,5 +342,6 @@ resource "azurerm_machine_learning_workspace" "test" { } `, data.RandomInteger, data.Locations.Primary, data.RandomIntOfLength(12), data.RandomIntOfLength(15), data.RandomIntOfLength(16), - data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger) + data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, + data.RandomInteger, data.RandomInteger) } diff --git a/internal/services/machinelearning/machine_learning_inference_cluster_resource_test.go b/internal/services/machinelearning/machine_learning_inference_cluster_resource_test.go index 2274c724b61b..a66eefae7de2 100644 --- a/internal/services/machinelearning/machine_learning_inference_cluster_resource_test.go +++ b/internal/services/machinelearning/machine_learning_inference_cluster_resource_test.go @@ -376,7 +376,11 @@ resource "azurerm_machine_learning_inference_cluster" "test" { func (r InferenceClusterResource) template(data acceptance.TestData, vmSize string, nodeCount int) string { return fmt.Sprintf(` provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } data "azurerm_client_config" "current" {} @@ -468,7 +472,11 @@ resource "azurerm_kubernetes_cluster" "test" { func (r InferenceClusterResource) privateTemplate(data acceptance.TestData, vmSize string, nodeCount int) string { return fmt.Sprintf(` provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } data "azurerm_client_config" "current" {} diff --git a/internal/services/machinelearning/machine_learning_synapse_spark_resource_test.go b/internal/services/machinelearning/machine_learning_synapse_spark_resource_test.go index a0a0d646e693..8201601aeb7c 100644 --- a/internal/services/machinelearning/machine_learning_synapse_spark_resource_test.go +++ b/internal/services/machinelearning/machine_learning_synapse_spark_resource_test.go @@ -239,7 +239,11 @@ resource "azurerm_machine_learning_synapse_spark" "test" { func (r SynapseSparkResource) template(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } data "azurerm_client_config" "current" {} diff --git a/website/docs/r/machine_learning_compute_cluster.html.markdown b/website/docs/r/machine_learning_compute_cluster.html.markdown index f0727da42679..0f92e4801cea 100644 --- a/website/docs/r/machine_learning_compute_cluster.html.markdown +++ b/website/docs/r/machine_learning_compute_cluster.html.markdown @@ -123,6 +123,8 @@ The following arguments are supported: * `local_auth_enabled` - (Optional) Whether local authentication methods is enabled. Defaults to `true`. Changing this forces a new Machine Learning Compute Cluster to be created. +* `node_public_ip_enabled` - (Optional) Whether the compute cluster will have a public ip. To set this to false a `subnet_resource_id` needs to be set. Defaults to `true`. Changing this forces a new Machine Learning Compute Cluster to be created. + * `ssh_public_access_enabled` - (Optional) A boolean value indicating whether enable the public SSH port. Changing this forces a new Machine Learning Compute Cluster to be created. * `subnet_resource_id` - (Optional) The ID of the Subnet that the Compute Cluster should reside in. Changing this forces a new Machine Learning Compute Cluster to be created.