diff --git a/internal/services/keyvault/key_vault_certificates_data_source.go b/internal/services/keyvault/key_vault_certificates_data_source.go index 72ee46f7cf5d..d010a8c56c3e 100644 --- a/internal/services/keyvault/key_vault_certificates_data_source.go +++ b/internal/services/keyvault/key_vault_certificates_data_source.go @@ -4,6 +4,8 @@ import ( "fmt" "time" + "github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse" keyVaultValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/validate" @@ -40,6 +42,29 @@ func dataSourceKeyVaultCertificates() *pluginsdk.Resource { Optional: true, Default: true, }, + + "certificates": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "name": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + }, + }, + }, }, } } @@ -70,6 +95,7 @@ func dataSourceKeyVaultCertificatesRead(d *pluginsdk.ResourceData, meta interfac d.SetId(keyVaultId.ID()) var names []string + var certs []map[string]interface{} if certificateList.Response().Value != nil { for certificateList.NotDone() { for _, v := range *certificateList.Response().Value { @@ -78,6 +104,7 @@ func dataSourceKeyVaultCertificatesRead(d *pluginsdk.ResourceData, meta interfac return err } names = append(names, nestedItem.Name) + certs = append(certs, expandCertificate(nestedItem.Name, v)) err = certificateList.NextWithContext(ctx) if err != nil { return fmt.Errorf("retrieving next page of Certificates from %s: %+v", *keyVaultId, err) @@ -87,7 +114,19 @@ func dataSourceKeyVaultCertificatesRead(d *pluginsdk.ResourceData, meta interfac } d.Set("names", names) + d.Set("certificates", certs) d.Set("key_vault_id", keyVaultId.ID()) return nil } + +func expandCertificate(name string, item keyvault.CertificateItem) map[string]interface{} { + var cert = map[string]interface{}{ + "name": name, + "id": *item.ID, + } + if item.Attributes != nil && item.Attributes.Enabled != nil { + cert["enabled"] = *item.Attributes.Enabled + } + return cert +} diff --git a/internal/services/keyvault/key_vault_certificates_data_source_test.go b/internal/services/keyvault/key_vault_certificates_data_source_test.go index ff8654739241..ea5ab65eff1e 100644 --- a/internal/services/keyvault/key_vault_certificates_data_source_test.go +++ b/internal/services/keyvault/key_vault_certificates_data_source_test.go @@ -19,6 +19,7 @@ func TestAccDataSourceKeyVaultCertificates_basic(t *testing.T) { Config: r.basic(data), Check: acceptance.ComposeTestCheckFunc( check.That(data.ResourceName).Key("names.#").HasValue("31"), + check.That(data.ResourceName).Key("certificates.#").HasValue("31"), ), }, }) diff --git a/internal/services/keyvault/key_vault_secrets_data_source.go b/internal/services/keyvault/key_vault_secrets_data_source.go index a70def53b3a1..92a6d8648306 100644 --- a/internal/services/keyvault/key_vault_secrets_data_source.go +++ b/internal/services/keyvault/key_vault_secrets_data_source.go @@ -6,6 +6,8 @@ import ( "strings" "time" + "github.com/Azure/azure-sdk-for-go/services/keyvault/v7.1/keyvault" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse" keyVaultValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/validate" @@ -36,6 +38,29 @@ func dataSourceKeyVaultSecrets() *pluginsdk.Resource { Type: pluginsdk.TypeString, }, }, + + "secrets": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "name": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + }, + }, + }, }, } } @@ -64,6 +89,7 @@ func dataSourceKeyVaultSecretsRead(d *pluginsdk.ResourceData, meta interface{}) d.SetId(keyVaultId.ID()) var names []string + var secrets []map[string]interface{} if secretList.Response().Value != nil { for secretList.NotDone() { @@ -73,6 +99,7 @@ func dataSourceKeyVaultSecretsRead(d *pluginsdk.ResourceData, meta interface{}) return err } names = append(names, *name) + secrets = append(secrets, expandSecrets(*name, v)) err = secretList.NextWithContext(ctx) if err != nil { return fmt.Errorf("listing secrets on Azure KeyVault %q: %+v", *keyVaultId, err) @@ -82,6 +109,7 @@ func dataSourceKeyVaultSecretsRead(d *pluginsdk.ResourceData, meta interface{}) } d.Set("names", names) + d.Set("secrets", secrets) d.Set("key_vault_id", keyVaultId.ID()) return nil @@ -99,3 +127,14 @@ func parseNameFromSecretUrl(input string) (*string, error) { } return &segments[2], nil } + +func expandSecrets(name string, item keyvault.SecretItem) map[string]interface{} { + res := map[string]interface{}{ + "id": *item.ID, + "name": name, + } + if item.Attributes != nil && item.Attributes.Enabled != nil { + res["enabled"] = *item.Attributes.Enabled + } + return res +} diff --git a/internal/services/keyvault/key_vault_secrets_data_source_test.go b/internal/services/keyvault/key_vault_secrets_data_source_test.go index 856c4dc151bd..19bd264f1296 100644 --- a/internal/services/keyvault/key_vault_secrets_data_source_test.go +++ b/internal/services/keyvault/key_vault_secrets_data_source_test.go @@ -19,6 +19,7 @@ func TestAccDataSourceKeyVaultSecrets_basic(t *testing.T) { Config: r.basic(data), Check: acceptance.ComposeTestCheckFunc( check.That(data.ResourceName).Key("names.#").HasValue("31"), + check.That(data.ResourceName).Key("secrets.#").HasValue("31"), ), }, }) diff --git a/website/docs/d/key_vault_certificates.html.markdown b/website/docs/d/key_vault_certificates.html.markdown index 679381443792..5762f308a7fe 100644 --- a/website/docs/d/key_vault_certificates.html.markdown +++ b/website/docs/d/key_vault_certificates.html.markdown @@ -42,6 +42,16 @@ In addition to the arguments above, the following attributes are exported: * `names` - List containing names of certificates that exist in this Key Vault. * `key_vault_id` - The Key Vault ID. + +* `certificates` - One or more `certificates` blocks as defined below. + +--- + +A `certificates` block supports following: + +* `name` - The name of secret. + +* `enabled` - Whether this secret is enabled. ## Timeouts diff --git a/website/docs/d/key_vault_secrets.html.markdown b/website/docs/d/key_vault_secrets.html.markdown index bdef8fa82dae..ab9d89b8407a 100644 --- a/website/docs/d/key_vault_secrets.html.markdown +++ b/website/docs/d/key_vault_secrets.html.markdown @@ -39,6 +39,18 @@ In addition to the Argument listed above - the following Attributes are exported * `names` - List containing names of secrets that exist in this Key Vault. +* `secrets` - One or more `secrets` blocks as defined below. + +--- + +A `secrets` block supports following: + +* `name` - The name of secret. + +* `enabled` - Whether this secret is enabled. + +* `id` - The ID of this secret. + ## Timeouts The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: