From d8091239a8cfb856ab13819cc6de9af4aa85275c Mon Sep 17 00:00:00 2001 From: neil-yechenwei Date: Wed, 24 Jan 2024 15:50:43 +0800 Subject: [PATCH] update code --- .../cosmos/cosmosdb_account_resource.go | 12 +- .../cosmos/cosmosdb_account_resource_test.go | 230 +++++++++++++++++- website/docs/r/cosmosdb_account.html.markdown | 2 +- 3 files changed, 233 insertions(+), 11 deletions(-) diff --git a/internal/services/cosmos/cosmosdb_account_resource.go b/internal/services/cosmos/cosmosdb_account_resource.go index 9c7eeef4ac98..7480e8c57036 100644 --- a/internal/services/cosmos/cosmosdb_account_resource.go +++ b/internal/services/cosmos/cosmosdb_account_resource.go @@ -482,7 +482,6 @@ func resourceCosmosDbAccount() *pluginsdk.Resource { "minimal_tls_version": { Type: pluginsdk.TypeString, Optional: true, - Default: string(cosmosdb.MinimalTlsVersionTlsOneTwo), ValidateFunc: validation.StringInSlice(cosmosdb.PossibleValuesForMinimalTlsVersion(), false), }, @@ -766,7 +765,6 @@ func resourceCosmosDbAccountCreate(d *pluginsdk.ResourceData, meta interface{}) partitionMergeEnabled := d.Get("partition_merge_enabled").(bool) enableAnalyticalStorage := d.Get("analytical_storage_enabled").(bool) disableLocalAuthentication := d.Get("local_authentication_disabled").(bool) - minimalTlsVersion := d.Get("minimal_tls_version").(string) r, err := databaseClient.CheckNameExists(ctx, id.DatabaseAccountName) if err != nil { @@ -824,11 +822,14 @@ func resourceCosmosDbAccountCreate(d *pluginsdk.ResourceData, meta interface{}) NetworkAclBypass: pointer.To(networkByPass), NetworkAclBypassResourceIds: utils.ExpandStringSlice(d.Get("network_acl_bypass_ids").([]interface{})), DisableLocalAuth: utils.Bool(disableLocalAuthentication), - MinimalTlsVersion: pointer.To(cosmosdb.MinimalTlsVersion(minimalTlsVersion)), }, Tags: tags.Expand(t), } + if v, ok := d.GetOk("minimal_tls_version"); ok { + account.Properties.MinimalTlsVersion = pointer.To(cosmosdb.MinimalTlsVersion(v.(string))) + } + // These values may not have changed but they need to be in the update params... if v, ok := d.GetOk("default_identity_type"); ok { account.Properties.DefaultIdentity = pointer.To(v.(string)) @@ -1062,11 +1063,14 @@ func resourceCosmosDbAccountUpdate(d *pluginsdk.ResourceData, meta interface{}) DisableLocalAuth: disableLocalAuthentication, BackupPolicy: backup, EnablePartitionMerge: pointer.To(d.Get("partition_merge_enabled").(bool)), - MinimalTlsVersion: pointer.To(cosmosdb.MinimalTlsVersion(d.Get("minimal_tls_version").(string))), }, Tags: t, } + if v, ok := d.GetOk("minimal_tls_version"); ok { + account.Properties.MinimalTlsVersion = pointer.To(cosmosdb.MinimalTlsVersion(v.(string))) + } + if keyVaultKeyIDRaw, ok := d.GetOk("key_vault_key_id"); ok { keyVaultKey, err := keyVaultParse.ParseOptionallyVersionedNestedItemID(keyVaultKeyIDRaw.(string)) if err != nil { diff --git a/internal/services/cosmos/cosmosdb_account_resource_test.go b/internal/services/cosmos/cosmosdb_account_resource_test.go index 7b925911b375..8d96bb22a1c2 100644 --- a/internal/services/cosmos/cosmosdb_account_resource_test.go +++ b/internal/services/cosmos/cosmosdb_account_resource_test.go @@ -1381,6 +1381,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -1415,6 +1419,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(consistency)) } @@ -1507,6 +1515,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(consistency), interval, staleness) } @@ -1602,6 +1614,10 @@ resource "azurerm_cosmosdb_account" "test" { access_key_metadata_writes_enabled = false network_acl_bypass_for_azure_services = true + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(kind), string(consistency), data.Locations.Secondary, data.Locations.Ternary) } @@ -1663,6 +1679,10 @@ resource "azurerm_cosmosdb_account" "test" { tags = { ENV = "Test" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(kind), string(consistency), data.Locations.Secondary, data.Locations.Ternary) } @@ -1725,6 +1745,10 @@ resource "azurerm_cosmosdb_account" "test" { access_key_metadata_writes_enabled = false network_acl_bypass_for_azure_services = true + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(consistency), data.Locations.Secondary, data.Locations.Ternary) } @@ -1765,6 +1789,10 @@ resource "azurerm_cosmosdb_account" "test" { failover_priority = 1 zone_redundant = true } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), data.Locations.Secondary) } @@ -1809,6 +1837,10 @@ resource "azurerm_cosmosdb_account" "test" { failover_priority = 1 zone_redundant = true } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.Locations.Secondary) } @@ -1878,6 +1910,10 @@ resource "azurerm_cosmosdb_account" "test" { } access_key_metadata_writes_enabled = true + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(kind), string(consistency), data.Locations.Secondary, data.Locations.Ternary) } @@ -1943,6 +1979,10 @@ resource "azurerm_cosmosdb_account" "test" { } access_key_metadata_writes_enabled = true + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(kind), string(consistency), data.Locations.Secondary, data.Locations.Ternary) } @@ -2019,6 +2059,10 @@ resource "azurerm_cosmosdb_account" "test" { max_age_in_seconds = 2147483647 } access_key_metadata_writes_enabled = true + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(consistency), data.Locations.Secondary, data.Locations.Ternary) } @@ -2091,6 +2135,10 @@ resource "azurerm_cosmosdb_account" "test" { max_age_in_seconds = 2147483647 } access_key_metadata_writes_enabled = true + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(consistency), data.Locations.Secondary, data.Locations.Ternary) } @@ -2126,6 +2174,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(kind), string(consistency)) } @@ -2169,6 +2221,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(consistency)) } @@ -2206,6 +2262,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), capeTf) } @@ -2241,6 +2301,10 @@ resource "azurerm_cosmosdb_account" "test" { location = "%s" failover_priority = 1 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency), data.Locations.Secondary) } @@ -2302,6 +2366,10 @@ resource "azurerm_cosmosdb_account" "test" { zone_redundant = geo_location.value.zone_redundant } } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.Locations.Primary, data.Locations.Secondary, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(consistency)) } @@ -2383,6 +2451,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.vNetFiltersPreReqs(data), data.RandomInteger) } @@ -2424,6 +2496,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.vNetFiltersPreReqs(data), data.RandomInteger) } @@ -2456,6 +2532,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -2488,6 +2568,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), enableAnalyticalStorage, string(consistency)) } @@ -2524,6 +2608,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(consistency)) } @@ -2586,6 +2674,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -2704,6 +2796,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomString, data.RandomString, data.RandomInteger, string(kind), string(consistency)) } @@ -2854,6 +2950,10 @@ resource "azurerm_cosmosdb_account" "test" { identity { type = "SystemAssigned" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomString, data.RandomString, data.RandomInteger, string(kind), string(consistency)) } @@ -3007,6 +3107,10 @@ resource "azurerm_cosmosdb_account" "test" { azurerm_user_assigned_identity.test.id ] } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomString, data.RandomString, data.RandomInteger, string(kind), string(consistency)) } @@ -3160,6 +3264,10 @@ resource "azurerm_cosmosdb_account" "test" { azurerm_user_assigned_identity.test.id ] } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomString, data.RandomString, data.RandomInteger, string(kind), string(consistency)) } @@ -3207,6 +3315,10 @@ resource "azurerm_cosmosdb_account" "test" { azurerm_user_assigned_identity.test.id ] } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(consistency)) } @@ -3262,6 +3374,10 @@ resource "azurerm_cosmosdb_account" "test" { type = "UserAssigned" identity_ids = [%[4]s] } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, identityResource) } @@ -3310,6 +3426,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger) } @@ -3347,6 +3467,10 @@ resource "azurerm_cosmosdb_account" "test" { retention_in_hours = 10 storage_redundancy = "Geo" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -3384,6 +3508,10 @@ resource "azurerm_cosmosdb_account" "test" { retention_in_hours = 8 storage_redundancy = "Local" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -3418,6 +3546,10 @@ resource "azurerm_cosmosdb_account" "test" { backup { type = "Continuous" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -3454,6 +3586,10 @@ resource "azurerm_cosmosdb_account" "test" { backup { type = "Continuous" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -3520,6 +3656,10 @@ resource "azurerm_cosmosdb_account" "test" { network_acl_bypass_for_azure_services = true network_acl_bypass_ids = [azurerm_synapse_workspace.test.id] + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.basicWithNetworkBypassTemplate(data), data.RandomInteger, string(kind), string(consistency)) } @@ -3544,6 +3684,9 @@ resource "azurerm_cosmosdb_account" "test" { failover_priority = 0 } + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.basicWithNetworkBypassTemplate(data), data.RandomInteger, string(kind), string(consistency)) } @@ -3578,7 +3721,8 @@ resource "azurerm_cosmosdb_account" "test" { lifecycle { ignore_changes = [ - capabilities + capabilities, + minimal_tls_version ] } } @@ -3620,6 +3764,10 @@ resource "azurerm_cosmosdb_account" "test" { capabilities { name = "EnableMongo16MBDocumentSupport" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(consistency)) } @@ -3654,10 +3802,10 @@ resource "azurerm_cosmosdb_account" "test" { lifecycle { ignore_changes = [ - capabilities + capabilities, + minimal_tls_version ] } - } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(consistency)) } @@ -3720,7 +3868,8 @@ resource "azurerm_cosmosdb_account" "test" { lifecycle { ignore_changes = [ - capabilities + capabilities, + minimal_tls_version ] } } @@ -3761,7 +3910,8 @@ resource "azurerm_cosmosdb_account" "test" { lifecycle { ignore_changes = [ - capabilities + capabilities, + minimal_tls_version ] } } @@ -3796,6 +3946,10 @@ resource "azurerm_cosmosdb_account" "test" { } local_authentication_disabled = true + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -3831,6 +3985,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(schemaType), string(consistency)) } @@ -3866,6 +4024,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), totalThroughputLimit, string(consistency)) } @@ -3897,6 +4059,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), defaultIdentity, string(consistency)) } @@ -3932,6 +4098,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), defaultIdentity, string(consistency)) } @@ -3974,6 +4144,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), defaultIdentity, identityType, string(consistency)) } @@ -4009,6 +4183,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, string(kind), string(consistency)) } @@ -4047,6 +4225,10 @@ resource "azurerm_cosmosdb_account" "test1" { backup { type = "Continuous" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } resource "azurerm_cosmosdb_mongo_database" "test" { @@ -4111,7 +4293,8 @@ resource "azurerm_cosmosdb_account" "test" { // As "restore_timestamp_in_utc" is retrieved dynamically, so it would cause diff when tf plan. So we have to ignore it here. lifecycle { ignore_changes = [ - restore.0.restore_timestamp_in_utc + restore.0.restore_timestamp_in_utc, + minimal_tls_version ] } } @@ -4155,6 +4338,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.vNetFiltersPreReqs(data), data.RandomInteger) } @@ -4196,6 +4383,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.vNetFiltersPreReqs(data), data.RandomInteger) } @@ -4237,6 +4428,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.vNetFiltersPreReqs(data), data.RandomInteger) } @@ -4278,6 +4473,10 @@ resource "azurerm_cosmosdb_account" "test" { location = azurerm_resource_group.test.location failover_priority = 0 } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.vNetFiltersPreReqs(data), data.RandomInteger) } @@ -4328,6 +4527,10 @@ resource "azurerm_cosmosdb_account" "test" { environment = "%[2]s", created_date = "2023-07-18" } + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, data.RandomInteger, tag) } @@ -4335,45 +4538,60 @@ resource "azurerm_cosmosdb_account" "test" { func (r CosmosDBAccountResource) withoutMaxAgeInSeconds(data acceptance.TestData, kind cosmosdb.DatabaseAccountKind, consistency cosmosdb.DefaultConsistencyLevel) string { return fmt.Sprintf(` %[1]s + resource "azurerm_cosmosdb_account" "test" { name = "acctest-ca-%[2]d" location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name offer_type = "Standard" kind = "%[3]s" + consistency_policy { consistency_level = "%[4]s" max_interval_in_seconds = 300 max_staleness_prefix = 170000 } + is_virtual_network_filter_enabled = true + virtual_network_rule { id = azurerm_subnet.subnet1.id } + virtual_network_rule { id = azurerm_subnet.subnet2.id } + enable_multiple_write_locations = true + geo_location { location = azurerm_resource_group.test.location failover_priority = 0 } + geo_location { location = "%[5]s" failover_priority = 1 } + geo_location { location = "%[6]s" failover_priority = 2 } + cors_rule { allowed_origins = ["http://www.example.com"] exposed_headers = ["x-tempo-*"] allowed_headers = ["x-tempo-*"] allowed_methods = ["GET", "PUT"] } + access_key_metadata_writes_enabled = false network_acl_bypass_for_azure_services = true + + lifecycle { + ignore_changes = [minimal_tls_version] + } } `, r.completePreReqs(data), data.RandomInteger, string(kind), string(consistency), data.Locations.Secondary, data.Locations.Ternary) } diff --git a/website/docs/r/cosmosdb_account.html.markdown b/website/docs/r/cosmosdb_account.html.markdown index 38f2de9def6d..17177cd3b52a 100644 --- a/website/docs/r/cosmosdb_account.html.markdown +++ b/website/docs/r/cosmosdb_account.html.markdown @@ -166,7 +166,7 @@ The following arguments are supported: * `access_key_metadata_writes_enabled` - (Optional) Is write operations on metadata resources (databases, containers, throughput) via account keys enabled? Defaults to `true`. -* `minimal_tls_version` - (Optional) The minimum allowed TLS version. Possible values are `Tls`, `Tls11`, and `Tls12`. Defaults to `Tls12`. +* `minimal_tls_version` - (Optional) The minimum allowed TLS version. Possible values are `Tls`, `Tls11`, and `Tls12`. * `mongo_server_version` - (Optional) The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.