r\digital_twins_instance: support identity (#17076)

hashicorp · Jun 27, 2022 · c0ddf4a · c0ddf4a
1 parent 2515d53
commit c0ddf4a
Show file tree

Hide file tree

Showing 3 changed files with 110 additions and 0 deletions.
diff --git a/internal/services/digitaltwins/digital_twins_instance_resource.go b/internal/services/digitaltwins/digital_twins_instance_resource.go
@@ -6,6 +6,8 @@ import (
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/services/digitaltwins/mgmt/2020-12-01/digitaltwins"
+	"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
+	"github.com/hashicorp/go-azure-helpers/resourcemanager/identity"
 	"github.com/hashicorp/go-azure-helpers/resourcemanager/location"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/azure"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
@@ -54,6 +56,8 @@ func resourceDigitalTwinsInstance() *pluginsdk.Resource {
 				Computed: true,
 			},
 
+			"identity": commonschema.SystemAssignedIdentityOptional(),
+
 			"tags": tags.Schema(),
 		},
 	}
@@ -80,8 +84,14 @@ func resourceDigitalTwinsInstanceCreate(d *pluginsdk.ResourceData, meta interfac
 		return tf.ImportAsExistsError("azurerm_digital_twins_instance", id)
 	}
 
+	expandedIdentity, err := expandDigitalTwinsInstanceIdentity(d.Get("identity").([]interface{}))
+	if err != nil {
+		return fmt.Errorf("expanding `identity`: %+v", err)
+	}
+
 	properties := digitaltwins.Description{
 		Location: utils.String(location.Normalize(d.Get("location").(string))),
+		Identity: expandedIdentity,
 		Tags:     tags.Expand(d.Get("tags").(map[string]interface{})),
 	}
 
@@ -130,6 +140,10 @@ func resourceDigitalTwinsInstanceRead(d *pluginsdk.ResourceData, meta interface{
 		d.Set("host_name", props.HostName)
 	}
 
+	if err := d.Set("identity", flattenDigitalTwinsInstanceIdentity(resp.Identity)); err != nil {
+		return fmt.Errorf("setting `identity`: %+v", err)
+	}
+
 	return tags.FlattenAndSet(d, resp.Tags)
 }
 
@@ -145,6 +159,14 @@ func resourceDigitalTwinsInstanceUpdate(d *pluginsdk.ResourceData, meta interfac
 
 	props := digitaltwins.PatchDescription{}
 
+	if d.HasChange("identity") {
+		expandedIdentity, err := expandDigitalTwinsInstanceIdentity(d.Get("identity").([]interface{}))
+		if err != nil {
+			return fmt.Errorf("expanding `identity`: %+v", err)
+		}
+		props.Identity = expandedIdentity
+	}
+
 	if d.HasChange("tags") {
 		props.Tags = tags.Expand(d.Get("tags").(map[string]interface{}))
 	}
@@ -182,3 +204,34 @@ func resourceDigitalTwinsInstanceDelete(d *pluginsdk.ResourceData, meta interfac
 
 	return nil
 }
+
+func expandDigitalTwinsInstanceIdentity(input []interface{}) (*digitaltwins.Identity, error) {
+	expanded, err := identity.ExpandSystemAssigned(input)
+	if err != nil {
+		return nil, err
+	}
+
+	result := digitaltwins.Identity{
+		Type: digitaltwins.IdentityType(expanded.Type),
+	}
+
+	return &result, nil
+}
+
+func flattenDigitalTwinsInstanceIdentity(input *digitaltwins.Identity) []interface{} {
+	var transform *identity.SystemAssigned
+
+	if input != nil {
+		transform = &identity.SystemAssigned{
+			Type: identity.Type(string(input.Type)),
+		}
+		if input.PrincipalID != nil {
+			transform.PrincipalId = *input.PrincipalID
+		}
+		if input.TenantID != nil {
+			transform.TenantId = *input.TenantID
+		}
+	}
+
+	return identity.FlattenSystemAssigned(transform)
+}
diff --git a/internal/services/digitaltwins/digital_twins_instance_resource_test.go b/internal/services/digitaltwins/digital_twins_instance_resource_test.go
@@ -99,6 +99,40 @@ func TestAccDigitalTwinsInstance_update(t *testing.T) {
 	})
 }
 
+func TestAccDigitalTwinsInstance_identity(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_digital_twins_instance", "test")
+	r := DigitalTwinsInstanceResource{}
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.basicWithIdentity(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("identity.0.principal_id").IsUUID(),
+				check.That(data.ResourceName).Key("identity.0.tenant_id").IsUUID(),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.basic(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("identity.0.principal_id").DoesNotExist(),
+				check.That(data.ResourceName).Key("identity.0.tenant_id").DoesNotExist(),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.basicWithIdentity(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("identity.0.principal_id").IsUUID(),
+				check.That(data.ResourceName).Key("identity.0.tenant_id").IsUUID(),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
 func (DigitalTwinsInstanceResource) Exists(ctx context.Context, clients *clients.Client, state *pluginsdk.InstanceState) (*bool, error) {
 	id, err := parse.DigitalTwinsInstanceID(state.ID)
 	if err != nil {
@@ -181,3 +215,18 @@ resource "azurerm_digital_twins_instance" "test" {
 }
 `, r.template(data), data.RandomInteger)
 }
+
+func (r DigitalTwinsInstanceResource) basicWithIdentity(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+resource "azurerm_digital_twins_instance" "test" {
+  name                = "acctest-DT-%d"
+  resource_group_name = azurerm_resource_group.test.name
+  location            = azurerm_resource_group.test.location
+  identity {
+    type = "SystemAssigned"
+  }
+}
+`, r.template(data), data.RandomInteger)
+}
diff --git a/website/docs/r/digital_twins_instance.html.markdown b/website/docs/r/digital_twins_instance.html.markdown
@@ -42,9 +42,17 @@ The following arguments are supported:
 * `resource_group_name` - (Required) The name of the Resource Group where the Digital Twins instance should exist. Changing this forces a new Digital Twins instance to be created.
 
 * `location` - (Required) The Azure Region where the Digital Twins instance should exist. Changing this forces a new Digital Twins instance to be created.
+* 
+* `identity` - (Optional) An `identity` block as defined below.
 
 * `tags` - (Optional) A mapping of tags which should be assigned to the Digital Twins instance.
 
+---
+
+An `identity` block supports the following:
+
+* `type` - (Required) The type of Managed Service Identity that is configured on this Digital Twins instance. The only possible value is `SystemAssigned`.
+
 ## Attributes Reference
 
 In addition to the Arguments listed above - the following Attributes are exported: