azurerm_mssql_database/azurerm_mssql_elasticpool - add support for enclave_type field
#24054
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WodansSon
changed the title
azurerm_mssql_database - add support for enclave_typeazurerm_mssql_database - add support for enclave_type field
tombuildsstuff
suggested changes
Nov 29, 2023
github-actions
bot
added
dependencies
size/XL
waiting-response
and removed
waiting-response
size/L
labels
WodansSon
changed the title
azurerm_mssql_database - add support for enclave_type fieldazurerm_mssql_database/azurerm_mssql_elasticpool - add support for enclave_type field
|
There was a problem hiding this comment.
hey @WodansSon
Thanks for pushing those changes - I've taken a look through and left some comments inline, but on the whole this is looking pretty good - if we can fix those up (and the tests pass) then this should otherwise be good to go 👍
Thanks!
| @@ -138,6 +143,12 @@ func dataSourceMsSqlDatabaseRead(d *pluginsdk.ResourceData, meta interface{}) er | |||
| } | |||
| d.Set("read_scale", readScale == databases.DatabaseReadScaleEnabled) | |||
|
|
|||
| enclaveType := "" | |||
| if props.PreferredEnclaveType != nil && *props.PreferredEnclaveType != databases.AlwaysEncryptedEnclaveTypeDefault { | |||
| enclaveType = string(databases.AlwaysEncryptedEnclaveTypeVBS) | |||
There was a problem hiding this comment.
Rather than hard-coding this to VBS, presumably we should be using the API response here?
Suggested change
| enclaveType = string(databases.AlwaysEncryptedEnclaveTypeVBS) | |
| enclaveType = string(*props.PreferredEnclaveType) |
| @@ -34,6 +34,7 @@ resource "azurerm_mssql_elasticpool" "example" { | |||
| server_name = azurerm_mssql_server.example.name | |||
| license_type = "LicenseIncluded" | |||
| max_size_gb = 756 | |||
| enclave_type = "VBS" | |||
There was a problem hiding this comment.
We probably should omit this one from the example usage, since it's not required in most configurations?
Suggested change
| enclave_type = "VBS" |
Comment on lines
241
to
244
| enclaveType := elasticpools.AlwaysEncryptedEnclaveTypeDefault | ||
| if _, ok := d.GetOk("enclave_type"); ok { | ||
| enclaveType = elasticpools.AlwaysEncryptedEnclaveTypeVBS | ||
| } |
There was a problem hiding this comment.
since we're setting the value from the API into the state, could we explicitly load the value from the config here? Else if we added another value for this field in the future (in the Schema) we'd miss we're hard-coding this at review time:
Suggested change
| enclaveType := elasticpools.AlwaysEncryptedEnclaveTypeDefault | |
| if _, ok := d.GetOk("enclave_type"); ok { | |
| enclaveType = elasticpools.AlwaysEncryptedEnclaveTypeVBS | |
| } | |
| enclaveType := elasticpools.AlwaysEncryptedEnclaveTypeDefault | |
| if v, ok := d.GetOk("enclave_type"); ok { | |
| enclaveType = elasticpools.AlwaysEncryptedEnclaveType(v.(string)) | |
| } |
|
WodansSon
added a commit
that referenced
this pull request
Dec 7, 2023
This was referenced Dec 9, 2023
dduportal
added a commit
to jenkins-infra/azure
that referenced
this pull request
Dec 12, 2023
<Actions>
<action
id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8">
<h3>Bump Terraform `azurerm` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
<summary>Update Terraform lock file</summary>
<p>"hashicorp/azurerm" updated from "3.82.0" to
"3.83.0" in file ".terraform.lock.hcl"</p>
<details>
<summary>3.83.0</summary>
<pre>Changelog retrieved
from:
	https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.83.0
UPGRADE
NOTES

* Key Vaults are now loaded using [the
`ListBySubscription` API within the Key Vault Resource
Provider](https://learn.microsoft.com/en-us/rest/api/keyvault/keyvault/vaults/list-by-subscription?view=rest-keyvault-keyvault-2022-07-01&tabs=HTTP)
rather than [the Resources
API](https://learn.microsoft.com/en-us/rest/api/keyvault/keyvault/vaults/list?view=rest-keyvault-keyvault-2022-07-01&tabs=HTTP).
This change means that the Provider now caches the list of Key Vaults
available within a Subscription, rather than loading these piecemeal to
workaround stale data returned from the Resources API
([#24019](https://github.com/hashicorp/terraform-provider-azurerm/issues/24019))

FEATURES:

*
New Data Source: `azurerm_stack_hci_cluster`
([#24032](https://github.com/hashicorp/terraform-provider-azurerm/issues/24032))

ENHANCEMENTS:

*
dependencies: updating to `v0.20231129.1103252` of
`github.com/hashicorp/go-azure-sdk`
([#24063](hashicorp/terraform-provider-azurerm#24063
`automation`: updating to API Version `2023-11-01`
([#24017](hashicorp/terraform-provider-azurerm#24017
`keyvault`: the cache is now populated using the `ListBySubscription`
endpoint on the KeyVault Resource Provider rather than via the
`Resources` API
([#24019](hashicorp/terraform-provider-azurerm#24019
`keyvault`: updating the cache to populate all Key Vaults available
within the Subscription to reduce the number of API calls
([#24019](hashicorp/terraform-provider-azurerm#24019
Data Source `azurerm_private_dns_zone`: refactoring to use the
`ListBySubscription` API rather than the Resources API when
`resource_group_name` is omitted
([#24024](hashicorp/terraform-provider-azurerm#24024
`azurerm_dashboard_grafana` - support for `grafana_major_version`
([#24014](hashicorp/terraform-provider-azurerm#24014
`azurerm_linux_web_app` - add support for dotnet 8
([#23893](hashicorp/terraform-provider-azurerm#23893
`azurerm_linux_web_app_slot` - add support for dotnet 8
([#23893](hashicorp/terraform-provider-azurerm#23893
`azurerm_media_transform` - deprecate `face_detector_preset` and
`video_analyzer_preset`
([#24002](hashicorp/terraform-provider-azurerm#24002
`azurerm_postgresql_database` - update the validation of `collation` to
include `Norwegian_Norway.1252`
([#24070](hashicorp/terraform-provider-azurerm#24070
`azurerm_postgresql_flexible_server` - updating to API Version
`2023-06-01-preview`
([#24016](hashicorp/terraform-provider-azurerm#24016
`azurerm_redis_cache` - support for the
`active_directory_authentication_enabled` property
([#23976](hashicorp/terraform-provider-azurerm#23976
`azurerm_windows_web_app` - add support for dotnet 8
([#23893](hashicorp/terraform-provider-azurerm#23893
`azurerm_windows_web_app_slot` - add support for dotnet 8
([#23893](hashicorp/terraform-provider-azurerm#23893
`azurerm_storage_account` - add `name` validation in custom diff
([#23799](https://github.com/hashicorp/terraform-provider-azurerm/issues/23799))

BUG
FIXES:

* authentication: fix a bug where auxiliary tenants were
not correctly authorized
([#24063](hashicorp/terraform-provider-azurerm#24063
`azurerm_app_configuration` - normalize location in `replica` block
([#24074](hashicorp/terraform-provider-azurerm#24074
`azurerm_cosmosdb_account` - cosmosdb version and capabilities can now
be updated at the same time
([#24029](hashicorp/terraform-provider-azurerm#24029
`azurerm_data_factory_flowlet_data_flow` - `source` and `sink`
properties are now optional
([#23987](hashicorp/terraform-provider-azurerm#23987
`azurerm_datadog_monitor_tag_rule` - correctly handle default rule
([#22806](hashicorp/terraform-provider-azurerm#22806
`azurerm_ip_group`: fixing a crash when `firewall_ids` and
`firewall_policy_ids` weren't parsed correctly from the API Response
([#24031](hashicorp/terraform-provider-azurerm#24031
`azurerm_nginx_deployment` - add default value of `20` for `capacity`
([#24033](https://github.com/hashicorp/terraform-provider-azurerm/issues/24033))


</pre>
</details>
<details>
<summary>3.84.0</summary>
<pre>Changelog retrieved
from:
	https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.84.0
FEATURES:

*
**New Data Source:** `azurerm_storage_containers`
([#24061](hashicorp/terraform-provider-azurerm#24061
**New Resource:** `azurerm_elastic_san`
([#23619](hashicorp/terraform-provider-azurerm#23619
**New Resource:**
`azurerm_key_vault_managed_hardware_security_module_role_assignment`
([#22332](hashicorp/terraform-provider-azurerm#22332
**New Resource:**
`azurerm_key_vault_managed_hardware_security_module_role_definition`
([#22332](https://github.com/hashicorp/terraform-provider-azurerm/issues/22332))

ENHANCEMENTS:

*
dependencies: updating mssql elasticpools from `v5.0` to
`2023-05-01-preview`
* dependencies: updating to
`v0.20231207.1122031` of `github.com/hashicorp/go-azure-sdk`
([#24149](hashicorp/terraform-provider-azurerm#24149
Data Source: `azurerm_storage_account` - export the primary and
secondary internet and microsoft hostnames for blobs, dfs, files,
queues, tables and web
([#23517](hashicorp/terraform-provider-azurerm#23517
Data Source: `azurerm_cosmosdb_account` - export the
`connection_strings`, `primary_sql_connection_string`,
`secondary_sql_connection_string`,
`primary_readonly_sql_connection_string`,
`secondary_readonly_sql_connection_string`,
`primary_mongodb_connection_string`,
`secondary_mongodb_connection_string`,
`primary_readonly_mongodb_connection_string`, and
`secondary_readonly_mongodb_connection_string` attributes
([#24129](hashicorp/terraform-provider-azurerm#24129
`azurerm_bot_service_azure_bot` - support for the
`public_network_access_enabled` property
([#24125](hashicorp/terraform-provider-azurerm#24125
`azurerm_container_app_environment` - support for the `workload_profile`
property
([#23478](hashicorp/terraform-provider-azurerm#23478
`azurerm_cosmosdb_cassandra_datacenter` - support for the
`seed_node_ip_addresses` property
([#24076](hashicorp/terraform-provider-azurerm#24076
`azurerm_firewall` - support for the `dns_proxy_enabled` property
([#20519](hashicorp/terraform-provider-azurerm#20519
`azurerm_kubernetes_cluster` - support for the `support_plan` property
and the `sku_tier` `Premium`
([#23970](hashicorp/terraform-provider-azurerm#23970
`azurerm_mssql_database` - support for `enclave_type` field
([#24054](hashicorp/terraform-provider-azurerm#24054
`azurerm_mssql_elasticpool` - support for `enclave_type` field
([#24054](hashicorp/terraform-provider-azurerm#24054
`azurerm_mssql_managed_instance` - support for more `vcores`: `6`, `10`,
`12`, `20`, `48`, `56`, `96`, `128`
([#24085](hashicorp/terraform-provider-azurerm#24085
`azurerm_redis_linked_server` - support for the property
`geo_replicated_primary_host_name`
([#23984](hashicorp/terraform-provider-azurerm#23984
`azurerm_storage_account` - expose the primary and secondary internet
and microsoft hostnames for blobs, dfs, files, queues, tables and web
([#23517](hashicorp/terraform-provider-azurerm#23517
`azurerm_synapse_role_assignment` - support for the `principal_type`
property
([#24089](hashicorp/terraform-provider-azurerm#24089
`azurerm_spring_cloud_build_deployment` - support for the
`application_performance_monitoring_ids` property
([#23969](hashicorp/terraform-provider-azurerm#23969
`azurerm_virtual_network_gateway` - support for the
`bgp_route_translation_for_nat_enabled`, `dns_forwarding_enabled`,
`ip_sec_replay_protection_enabled`, `remote_vnet_traffic_enabled`,
`virtual_wan_traffic_enabled`, `radius_server`,
`virtual_network_gateway_client_connection`, `policy_group`, and
`ipsec_policy` property
([#23220](https://github.com/hashicorp/terraform-provider-azurerm/issues/23220))

BUG
FIXES:

* `azurerm_application_insights_api_key` - prevent a bug
where multiple keys couldn't be created for an Application Insights
instance
([#23463](hashicorp/terraform-provider-azurerm#23463
`azurerm_container_registry` - the `network_rule_set.virtual_network`
property has been deprecated
([#24140](hashicorp/terraform-provider-azurerm#24140
`azurerm_hdinsight_hadoop_cluster` - set
`roles.edge_node.install_script_action.parameters` into state by
retrieving the value provided in the user config since this property
isn't returned by the API
([#23971](hashicorp/terraform-provider-azurerm#23971
`azurerm_kubernetes_cluster` - prevent a bug where maintenance window
start date was always recalculated and sent to the API
([#23985](hashicorp/terraform-provider-azurerm#23985
`azurerm_mssql_database` - will no longer send all long retention values
in payload unless set
([#24124](hashicorp/terraform-provider-azurerm#24124
`azurerm_mssql_managed_database` - will no longer send all long
retention values in payload unless set
([#24124](hashicorp/terraform-provider-azurerm#24124
`azurerm_mssql_server_microsoft_support_auditing_policy` - only include
storage endpoint in payload if set
([#24122](hashicorp/terraform-provider-azurerm#24122
`azurerm_mobile_network_packet_core_control_plane` - prevent a panic if
the HTTP Response is nil
([#24083](hashicorp/terraform-provider-azurerm#24083
`azurerm_storage_account` - revert plan time name validation `(#23799)`
([#24142](hashicorp/terraform-provider-azurerm#24142
`azurerm_web_application_firewall_policy` - split create and update
function to fix lifecycle - ignore changes
([#23412](https://github.com/hashicorp/terraform-provider-azurerm/issues/23412))


</pre>
</details>
</details>
<a
href="https://infra.ci.jenkins.io/job/terraform-jobs/job/azure/job/main/931/">Jenkins
pipeline link</a>
</action>
</Actions>
---
<table>
<tr>
<td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
</td>
<td>
<p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
</p>
<details><summary>Options:</summary>
<br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
<ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
</ul>
<p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
</p>
</details>
</td>
</tr>
</table>
---------
Co-authored-by: Jenkins Infra Bot (updatecli) <60776566+jenkins-infra-bot@users.noreply.github.com>
Co-authored-by: Damien Duportal <damien.duportal@gmail.com>
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding support to
azurerm_mssql_databaseandazurerm_mssql_elasticpoolfor the newly exposedenclave_typefield.Dependencies: Upgrade elasticpools API from
v5.0to2023-05-01-preview