diff --git a/internal/services/machinelearning/machine_learning_workspace_resource.go b/internal/services/machinelearning/machine_learning_workspace_resource.go index 07aeee85d9af..ea1f759e723a 100644 --- a/internal/services/machinelearning/machine_learning_workspace_resource.go +++ b/internal/services/machinelearning/machine_learning_workspace_resource.go @@ -189,6 +189,23 @@ func resourceMachineLearningWorkspace() *pluginsdk.Resource { }, }, + "managed_network": { + Type: pluginsdk.TypeList, + Optional: true, + Computed: true, + MaxItems: 1, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "isolation_mode": { + Type: pluginsdk.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validation.StringInSlice(workspaces.PossibleValuesForIsolationMode(), false), + }, + }, + }, + }, + "friendly_name": { Type: pluginsdk.TypeString, Optional: true, @@ -288,12 +305,13 @@ func resourceMachineLearningWorkspaceCreateOrUpdate(d *pluginsdk.ResourceData, m Identity: expandedIdentity, Properties: &workspaces.WorkspaceProperties{ - V1LegacyMode: pointer.To(d.Get("v1_legacy_mode_enabled").(bool)), - Encryption: expandedEncryption, - StorageAccount: pointer.To(d.Get("storage_account_id").(string)), ApplicationInsights: pointer.To(d.Get("application_insights_id").(string)), + Encryption: expandedEncryption, KeyVault: pointer.To(d.Get("key_vault_id").(string)), + ManagedNetwork: expandMachineLearningWorkspaceManagedNetwork(d.Get("managed_network").([]interface{})), PublicNetworkAccess: pointer.To(workspaces.PublicNetworkAccessDisabled), + StorageAccount: pointer.To(d.Get("storage_account_id").(string)), + V1LegacyMode: pointer.To(d.Get("v1_legacy_mode_enabled").(bool)), }, } @@ -395,6 +413,7 @@ func resourceMachineLearningWorkspaceRead(d *pluginsdk.ResourceData, meta interf d.Set("public_network_access_enabled", *props.PublicNetworkAccess == workspaces.PublicNetworkAccessEnabled) d.Set("v1_legacy_mode_enabled", props.V1LegacyMode) d.Set("workspace_id", props.WorkspaceId) + d.Set("managed_network", flattenMachineLearningWorkspaceManagedNetwork(props.ManagedNetwork)) kvId, err := commonids.ParseKeyVaultIDInsensitively(*props.KeyVault) if err != nil { @@ -618,3 +637,29 @@ func flattenMachineLearningWorkspaceFeatureStore(input *workspaces.FeatureStoreS }, } } + +func expandMachineLearningWorkspaceManagedNetwork(i []interface{}) *workspaces.ManagedNetworkSettings { + if len(i) == 0 || i[0] == nil { + return nil + } + + v := i[0].(map[string]interface{}) + + return &workspaces.ManagedNetworkSettings{ + IsolationMode: pointer.To(workspaces.IsolationMode(v["isolation_mode"].(string))), + } +} + +func flattenMachineLearningWorkspaceManagedNetwork(i *workspaces.ManagedNetworkSettings) *[]interface{} { + if i == nil { + return &[]interface{}{} + } + + out := map[string]interface{}{} + + if i.IsolationMode != nil { + out["isolation_mode"] = *i.IsolationMode + } + + return &[]interface{}{out} +} diff --git a/internal/services/machinelearning/machine_learning_workspace_resource_test.go b/internal/services/machinelearning/machine_learning_workspace_resource_test.go index 53feebf9b992..32f7f9b04246 100644 --- a/internal/services/machinelearning/machine_learning_workspace_resource_test.go +++ b/internal/services/machinelearning/machine_learning_workspace_resource_test.go @@ -407,7 +407,7 @@ resource "azurerm_container_registry" "test" { name = "acctestacr%[2]d" resource_group_name = azurerm_resource_group.test.name location = azurerm_resource_group.test.location - sku = "Standard" + sku = "Premium" admin_enabled = true } @@ -454,6 +454,10 @@ resource "azurerm_machine_learning_workspace" "test" { key_id = azurerm_key_vault_key.test.id } + managed_network { + isolation_mode = "AllowInternetOutbound" + } + tags = { ENV = "Test" } @@ -470,7 +474,7 @@ resource "azurerm_container_registry" "test" { name = "acctestacr%[2]d" resource_group_name = azurerm_resource_group.test.name location = azurerm_resource_group.test.location - sku = "Standard" + sku = "Premium" admin_enabled = true } diff --git a/website/docs/r/machine_learning_workspace.html.markdown b/website/docs/r/machine_learning_workspace.html.markdown index 3fae221ffeb7..b71b13a3c37a 100644 --- a/website/docs/r/machine_learning_workspace.html.markdown +++ b/website/docs/r/machine_learning_workspace.html.markdown @@ -376,6 +376,8 @@ The following arguments are supported: * `encryption` - (Optional) An `encryption` block as defined below. Changing this forces a new resource to be created. +* `managed_network` - (Optional) A `managed_network` block as defined below. + * `feature_store` - (Optional) A `feature_store` block as defined below. * `friendly_name` - (Optional) Display name for this Machine Learning Workspace. @@ -386,7 +388,7 @@ The following arguments are supported: * `v1_legacy_mode_enabled` - (Optional) Enable V1 API features, enabling `v1_legacy_mode` may prevent you from using features provided by the v2 API. Defaults to `false`. -* `sku_name` - (Optional) SKU/edition of the Machine Learning Workspace, possible values are `Basic`. Defaults to `Basic`. +* `sku_name` - (Optional) SKU/edition of the Machine Learning Workspace, possible values are `Free`, `Basic`, `Standard` and `Premium`. Defaults to `Basic`. * `tags` - (Optional) A mapping of tags to assign to the resource. @@ -414,6 +416,12 @@ An `encryption` block supports the following: --- +An `managed_network` block supports the following: + +* `isolation_mode` - (Optional) The isolation mode of the Machine Learning Workspace. Possible values are `Disabled`, `AllowOnlyApprovedOutbound`, and `AllowInternetOutbound` + +--- + An `feature_store` block supports the following: * `computer_spark_runtime_version` - (Optional) The version of Spark runtime.