From a35b4958f27b562ca2c17277c813a692aea8a099 Mon Sep 17 00:00:00 2001
From: magodo <wztdyl@sina.com>
Date: Sat, 20 Feb 2021 10:39:21 +0800
Subject: [PATCH 1/7] new resource:
 `azurerm_sentinel_data_connector_aws_cloud_trail`

---
 .../services/sentinel/registration.go         |   1 +
 ...sentinel_data_connector_aws_cloud_trail.go | 178 ++++++++++++++++++
 website/azurerm.erb                           |   4 +
 ...ta_connector_aws_cloud_trail.html.markdown |  66 +++++++
 4 files changed, 249 insertions(+)
 create mode 100644 azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
 create mode 100644 website/docs/r/sentinel_data_connector_aws_cloud_trail.html.markdown

diff --git a/azurerm/internal/services/sentinel/registration.go b/azurerm/internal/services/sentinel/registration.go
index 33a54ae3b1ca..51a7724c6637 100644
--- a/azurerm/internal/services/sentinel/registration.go
+++ b/azurerm/internal/services/sentinel/registration.go
@@ -32,5 +32,6 @@ func (r Registration) SupportedResources() map[string]*schema.Resource {
 		"azurerm_sentinel_alert_rule_fusion":               resourceSentinelAlertRuleFusion(),
 		"azurerm_sentinel_alert_rule_ms_security_incident": resourceSentinelAlertRuleMsSecurityIncident(),
 		"azurerm_sentinel_alert_rule_scheduled":            resourceSentinelAlertRuleScheduled(),
+		"azurerm_sentinel_data_connector_aws_cloud_trail":  resourceSentinelDataConnectorAwsCloudTrail(),
 	}
 }
diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
new file mode 100644
index 000000000000..636292c6840c
--- /dev/null
+++ b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
@@ -0,0 +1,178 @@
+package sentinel
+
+import (
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	loganalyticsParse "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/loganalytics/parse"
+	loganalyticsValidate "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/loganalytics/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/sentinel/parse"
+	azSchema "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tf/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceSentinelDataConnectorAwsCloudTrail() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceSentinelDataConnectorAwsCloudTrailCreateUpdate,
+		Read:   resourceSentinelDataConnectorAwsCloudTrailRead,
+		Update: resourceSentinelDataConnectorAwsCloudTrailCreateUpdate,
+		Delete: resourceSentinelDataConnectorAwsCloudTrailDelete,
+
+		Importer: azSchema.ValidateResourceIDPriorToImportThen(func(id string) error {
+			_, err := parse.DataConnectorID(id)
+			return err
+		}, importSentinelDataConnector(securityinsight.DataConnectorKindAmazonWebServicesCloudTrail)),
+
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(30 * time.Minute),
+			Read:   schema.DefaultTimeout(5 * time.Minute),
+			Update: schema.DefaultTimeout(30 * time.Minute),
+			Delete: schema.DefaultTimeout(30 * time.Minute),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validation.StringIsNotEmpty,
+			},
+
+			"log_analytics_workspace_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: loganalyticsValidate.LogAnalyticsWorkspaceID,
+			},
+
+			"aws_role_arn": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validation.StringIsNotEmpty,
+			},
+		},
+	}
+}
+
+func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Sentinel.DataConnectorsClient
+	ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	workspaceId, err := loganalyticsParse.LogAnalyticsWorkspaceID(d.Get("log_analytics_workspace_id").(string))
+	if err != nil {
+		return err
+	}
+	name := d.Get("name").(string)
+	id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name)
+
+	if d.IsNewResource() {
+		resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name)
+		if err != nil {
+			if !utils.ResponseWasNotFound(resp.Response) {
+				return fmt.Errorf("checking for existing Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+			}
+		}
+
+		id := dataConnectorID(resp.Value)
+		if id != nil && *id != "" {
+			return tf.ImportAsExistsError("azurerm_sentinel_data_connector_aws_cloud_trail", *id)
+		}
+	}
+
+	param := securityinsight.AwsCloudTrailDataConnector{
+		Name: &name,
+		AwsCloudTrailDataConnectorProperties: &securityinsight.AwsCloudTrailDataConnectorProperties{
+			AwsRoleArn: utils.String(d.Get("aws_role_arn").(string)),
+			DataTypes: &securityinsight.AwsCloudTrailDataConnectorDataTypes{
+				Logs: &securityinsight.AwsCloudTrailDataConnectorDataTypesLogs{
+					State: securityinsight.Enabled,
+				},
+			},
+		},
+		Kind: securityinsight.KindAmazonWebServicesCloudTrail,
+	}
+
+	// Service avoid concurrent updates of this resource via checking the "etag" to guarantee it is the same value as last Read.
+	if !d.IsNewResource() {
+		resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name)
+		if err != nil {
+			return fmt.Errorf("retrieving Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+		}
+
+		if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAmazonWebServicesCloudTrail); err != nil {
+			return fmt.Errorf("asserting Sentinel Data Connector of %q: %+v", id, err)
+		}
+		param.Etag = resp.Value.(securityinsight.AwsCloudTrailDataConnector).Etag
+	}
+
+	_, err = client.CreateOrUpdate(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name, param)
+	if err != nil {
+		return fmt.Errorf("creating Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+	}
+
+	d.SetId(id.ID())
+
+	return resourceSentinelDataConnectorAwsCloudTrailRead(d, meta)
+}
+
+func resourceSentinelDataConnectorAwsCloudTrailRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Sentinel.DataConnectorsClient
+	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.DataConnectorID(d.Id())
+	if err != nil {
+		return err
+	}
+	workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName)
+
+	resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			log.Printf("[DEBUG] Sentinel Data Connector AWS Cloud Trail %q was not found - removing from state!", id)
+			d.SetId("")
+			return nil
+		}
+
+		return fmt.Errorf("retrieving Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+	}
+
+	if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAmazonWebServicesCloudTrail); err != nil {
+		return fmt.Errorf("asserting Sentinel Data Connector AWS Cloud Trail of %q: %+v", id, err)
+	}
+	dc := resp.Value.(securityinsight.AwsCloudTrailDataConnector)
+
+	d.Set("name", id.Name)
+	d.Set("log_analytics_workspace_id", workspaceId.ID())
+	if prop := dc.AwsCloudTrailDataConnectorProperties; prop != nil {
+		d.Set("aws_role_arn", prop.AwsRoleArn)
+	}
+
+	return nil
+}
+
+func resourceSentinelDataConnectorAwsCloudTrailDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Sentinel.DataConnectorsClient
+	ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.DataConnectorID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name)
+	if err != nil {
+		return fmt.Errorf("deleting Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+	}
+
+	return nil
+}
diff --git a/website/azurerm.erb b/website/azurerm.erb
index ef53cb8dafc0..86a74cadb2bc 100644
--- a/website/azurerm.erb
+++ b/website/azurerm.erb
@@ -2850,6 +2850,10 @@
                 <li>
                   <a href="/docs/providers/azurerm/r/sentinel_alert_rule_scheduled.html">azurerm_sentinel_alert_rule_scheduled</a>
                 </li>
+
+                <li>
+                  <a href="/docs/providers/azurerm/r/sentinel_data_connector_aws_cloud_trail.html">azurerm_sentinel_data_connector_aws_cloud_trail</a>
+                </li>
               </ul>
             </li>
 
diff --git a/website/docs/r/sentinel_data_connector_aws_cloud_trail.html.markdown b/website/docs/r/sentinel_data_connector_aws_cloud_trail.html.markdown
new file mode 100644
index 000000000000..d1625b5323c4
--- /dev/null
+++ b/website/docs/r/sentinel_data_connector_aws_cloud_trail.html.markdown
@@ -0,0 +1,66 @@
+---
+subcategory: "Sentinel"
+layout: "azurerm"
+page_title: "Azure Resource Manager: azurerm_sentinel_data_connector_aws_cloud_trail"
+description: |-
+  Manages a AWS CloudTrail Data Connector.
+---
+
+# azurerm_sentinel_data_connector_aws_cloud_trail
+
+Manages a AWS CloudTrail Data Connector.
+
+## Example Usage
+
+```hcl
+resource "azurerm_resource_group" "example" {
+  name     = "example-rg"
+  location = "west europe"
+}
+
+resource "azurerm_log_analytics_workspace" "example" {
+  name                = "example-workspace"
+  location            = azurerm_resource_group.example.location
+  resource_group_name = azurerm_resource_group.example.name
+  sku                 = "PerGB2018"
+}
+
+resource "azurerm_sentinel_data_connector_aws_cloud_trail" "example" {
+  name                       = "example"
+  log_analytics_workspace_id = azurerm_log_analytics_workspace.example.id
+  aws_role_arn               = "arn:aws:iam::000000000000:role/role1"
+}
+```
+
+## Arguments Reference
+
+The following arguments are supported:
+
+- `aws_role_arn` - (Required) The ARN of the AWS CloudTrail role, which is connected to this AWS CloudTrail Data Connector.
+
+- `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace that this AWS CloudTrail Data Connector resides in. Changing this forces a new AWS CloudTrail Data Connector to be created.
+
+- `name` - (Required) The name which should be used for this AWS CloudTrail Data Connector. Changing this forces a new AWS CloudTrail Data Connector to be created.
+
+## Attributes Reference
+
+In addition to the Arguments listed above - the following Attributes are exported:
+
+- `id` - The ID of the AWS CloudTrail Data Connector.
+
+## Timeouts
+
+The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
+
+- `create` - (Defaults to 30 minutes) Used when creating the AWS CloudTrail Data Connector.
+- `read` - (Defaults to 5 minutes) Used when retrieving the AWS CloudTrail Data Connector.
+- `update` - (Defaults to 30 minutes) Used when updating the AWS CloudTrail Data Connector.
+- `delete` - (Defaults to 30 minutes) Used when deleting the AWS CloudTrail Data Connector.
+
+## Import
+
+AWS CloudTrail Data Connectors can be imported using the `resource id`, e.g.
+
+```shell
+terraform import azurerm_sentinel_data_connector_aws_cloud_trail.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/dataConnectors/dc1
+```

From 08722d241f8d8651e7ab03311940cf25bca92eaa Mon Sep 17 00:00:00 2001
From: magodo <wztdyl@sina.com>
Date: Tue, 23 Feb 2021 10:18:50 +0800
Subject: [PATCH 2/7] resolve some comments from other DC reviews

---
 ...sentinel_data_connector_aws_cloud_trail.go | 21 ++++++++-----------
 ...ta_connector_aws_cloud_trail.html.markdown | 16 +++++++-------
 2 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
index 636292c6840c..e40dda49ec61 100644
--- a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
+++ b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
@@ -77,14 +77,11 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceDa
 		resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name)
 		if err != nil {
 			if !utils.ResponseWasNotFound(resp.Response) {
-				return fmt.Errorf("checking for existing Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+				return fmt.Errorf("checking for existing %s: %+v", id, err)
 			}
 		}
 
-		id := dataConnectorID(resp.Value)
-		if id != nil && *id != "" {
-			return tf.ImportAsExistsError("azurerm_sentinel_data_connector_aws_cloud_trail", *id)
-		}
+		return tf.ImportAsExistsError("azurerm_sentinel_data_connector_aws_cloud_trail", id.ID())
 	}
 
 	param := securityinsight.AwsCloudTrailDataConnector{
@@ -104,18 +101,18 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceDa
 	if !d.IsNewResource() {
 		resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name)
 		if err != nil {
-			return fmt.Errorf("retrieving Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+			return fmt.Errorf("retrieving %s: %+v", id, err)
 		}
 
 		if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAmazonWebServicesCloudTrail); err != nil {
-			return fmt.Errorf("asserting Sentinel Data Connector of %q: %+v", id, err)
+			return fmt.Errorf("asserting %s: %+v", id, err)
 		}
 		param.Etag = resp.Value.(securityinsight.AwsCloudTrailDataConnector).Etag
 	}
 
 	_, err = client.CreateOrUpdate(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name, param)
 	if err != nil {
-		return fmt.Errorf("creating Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+		return fmt.Errorf("creating %s: %+v", id, err)
 	}
 
 	d.SetId(id.ID())
@@ -137,16 +134,16 @@ func resourceSentinelDataConnectorAwsCloudTrailRead(d *schema.ResourceData, meta
 	resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name)
 	if err != nil {
 		if utils.ResponseWasNotFound(resp.Response) {
-			log.Printf("[DEBUG] Sentinel Data Connector AWS Cloud Trail %q was not found - removing from state!", id)
+			log.Printf("[DEBUG] %s was not found - removing from state!", id)
 			d.SetId("")
 			return nil
 		}
 
-		return fmt.Errorf("retrieving Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+		return fmt.Errorf("retrieving %s: %+v", id, err)
 	}
 
 	if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAmazonWebServicesCloudTrail); err != nil {
-		return fmt.Errorf("asserting Sentinel Data Connector AWS Cloud Trail of %q: %+v", id, err)
+		return fmt.Errorf("asserting %s: %+v", id, err)
 	}
 	dc := resp.Value.(securityinsight.AwsCloudTrailDataConnector)
 
@@ -171,7 +168,7 @@ func resourceSentinelDataConnectorAwsCloudTrailDelete(d *schema.ResourceData, me
 
 	_, err = client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name)
 	if err != nil {
-		return fmt.Errorf("deleting Sentinel Data Connector AWS Cloud Trail %q: %+v", id, err)
+		return fmt.Errorf("deleting %s: %+v", id, err)
 	}
 
 	return nil
diff --git a/website/docs/r/sentinel_data_connector_aws_cloud_trail.html.markdown b/website/docs/r/sentinel_data_connector_aws_cloud_trail.html.markdown
index d1625b5323c4..dbf717cd1194 100644
--- a/website/docs/r/sentinel_data_connector_aws_cloud_trail.html.markdown
+++ b/website/docs/r/sentinel_data_connector_aws_cloud_trail.html.markdown
@@ -36,26 +36,26 @@ resource "azurerm_sentinel_data_connector_aws_cloud_trail" "example" {
 
 The following arguments are supported:
 
-- `aws_role_arn` - (Required) The ARN of the AWS CloudTrail role, which is connected to this AWS CloudTrail Data Connector.
+* `aws_role_arn` - (Required) The ARN of the AWS CloudTrail role, which is connected to this AWS CloudTrail Data Connector.
 
-- `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace that this AWS CloudTrail Data Connector resides in. Changing this forces a new AWS CloudTrail Data Connector to be created.
+* `log_analytics_workspace_id` - (Required) The ID of the Log Analytics Workspace that this AWS CloudTrail Data Connector resides in. Changing this forces a new AWS CloudTrail Data Connector to be created.
 
-- `name` - (Required) The name which should be used for this AWS CloudTrail Data Connector. Changing this forces a new AWS CloudTrail Data Connector to be created.
+* `name` - (Required) The name which should be used for this AWS CloudTrail Data Connector. Changing this forces a new AWS CloudTrail Data Connector to be created.
 
 ## Attributes Reference
 
 In addition to the Arguments listed above - the following Attributes are exported:
 
-- `id` - The ID of the AWS CloudTrail Data Connector.
+* `id` - The ID of the AWS CloudTrail Data Connector.
 
 ## Timeouts
 
 The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
 
-- `create` - (Defaults to 30 minutes) Used when creating the AWS CloudTrail Data Connector.
-- `read` - (Defaults to 5 minutes) Used when retrieving the AWS CloudTrail Data Connector.
-- `update` - (Defaults to 30 minutes) Used when updating the AWS CloudTrail Data Connector.
-- `delete` - (Defaults to 30 minutes) Used when deleting the AWS CloudTrail Data Connector.
+* `create` - (Defaults to 30 minutes) Used when creating the AWS CloudTrail Data Connector.
+* `read` - (Defaults to 5 minutes) Used when retrieving the AWS CloudTrail Data Connector.
+* `update` - (Defaults to 30 minutes) Used when updating the AWS CloudTrail Data Connector.
+* `delete` - (Defaults to 30 minutes) Used when deleting the AWS CloudTrail Data Connector.
 
 ## Import
 

From ed344da3816f47a2a7dd1dc70a94a3b42b6ac5df Mon Sep 17 00:00:00 2001
From: magodo <wztdyl@sina.com>
Date: Wed, 24 Feb 2021 10:24:44 +0800
Subject: [PATCH 3/7] use type assertion rather than artificial asert function

---
 .../internal/services/sentinel/sentinel_data_connector.go   | 4 ----
 .../sentinel/sentinel_data_connector_aws_cloud_trail.go     | 6 +++---
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector.go b/azurerm/internal/services/sentinel/sentinel_data_connector.go
index 66e35d235cb5..7ff252a3901e 100644
--- a/azurerm/internal/services/sentinel/sentinel_data_connector.go
+++ b/azurerm/internal/services/sentinel/sentinel_data_connector.go
@@ -10,10 +10,6 @@ import (
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
 )
 
-// TODO: remove once one of the PR's has been merged
-var _ = importSentinelDataConnector(securityinsight.DataConnectorKindAmazonWebServicesCloudTrail)
-var _ = assertDataConnectorKind(securityinsight.AADDataConnector{}, securityinsight.DataConnectorKindAmazonWebServicesCloudTrail)
-
 func importSentinelDataConnector(expectKind securityinsight.DataConnectorKind) func(d *schema.ResourceData, meta interface{}) (data []*schema.ResourceData, err error) {
 	return func(d *schema.ResourceData, meta interface{}) (data []*schema.ResourceData, err error) {
 		id, err := parse.DataConnectorID(d.Id())
diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
index e40dda49ec61..7b4ac58bffe0 100644
--- a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
+++ b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
@@ -142,10 +142,10 @@ func resourceSentinelDataConnectorAwsCloudTrailRead(d *schema.ResourceData, meta
 		return fmt.Errorf("retrieving %s: %+v", id, err)
 	}
 
-	if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAmazonWebServicesCloudTrail); err != nil {
-		return fmt.Errorf("asserting %s: %+v", id, err)
+	dc, ok := resp.Value.(securityinsight.AwsCloudTrailDataConnector)
+	if !ok {
+		return fmt.Errorf("%s was not an AWS Cloud Trail Data Connector", id)
 	}
-	dc := resp.Value.(securityinsight.AwsCloudTrailDataConnector)
 
 	d.Set("name", id.Name)
 	d.Set("log_analytics_workspace_id", workspaceId.ID())

From b2dc194c1b4c6ed470701b227c639ccee77c1a4a Mon Sep 17 00:00:00 2001
From: magodo <wztdyl@sina.com>
Date: Fri, 26 Feb 2021 10:51:19 +0800
Subject: [PATCH 4/7] fix new resource check bug

---
 .../sentinel/sentinel_data_connector_aws_cloud_trail.go       | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
index 7b4ac58bffe0..53b51e9ff63d 100644
--- a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
+++ b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
@@ -81,7 +81,9 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceDa
 			}
 		}
 
-		return tf.ImportAsExistsError("azurerm_sentinel_data_connector_aws_cloud_trail", id.ID())
+		if !utils.ResponseWasNotFound(resp.Response) {
+			return tf.ImportAsExistsError("azurerm_sentinel_data_connector_aws_cloud_trail", id.ID())
+		}
 	}
 
 	param := securityinsight.AwsCloudTrailDataConnector{

From 70856e71b4f31f2bb4d22a16a8323ce72234651d Mon Sep 17 00:00:00 2001
From: magodo <wztdyl@sina.com>
Date: Mon, 1 Mar 2021 10:02:48 +0800
Subject: [PATCH 5/7] merge lines and use type assertion

---
 .../sentinel_data_connector_aws_cloud_trail.go      | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
index 53b51e9ff63d..b650757ba932 100644
--- a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
+++ b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
@@ -106,14 +106,14 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceDa
 			return fmt.Errorf("retrieving %s: %+v", id, err)
 		}
 
-		if err := assertDataConnectorKind(resp.Value, securityinsight.DataConnectorKindAmazonWebServicesCloudTrail); err != nil {
-			return fmt.Errorf("asserting %s: %+v", id, err)
+		dc, ok := resp.Value.(securityinsight.AwsCloudTrailDataConnector)
+		if !ok {
+			return fmt.Errorf("%s was not an AWS Cloud Trail Data Connector", id)
 		}
-		param.Etag = resp.Value.(securityinsight.AwsCloudTrailDataConnector).Etag
+		param.Etag = dc.Etag
 	}
 
-	_, err = client.CreateOrUpdate(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name, param)
-	if err != nil {
+	if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil {
 		return fmt.Errorf("creating %s: %+v", id, err)
 	}
 
@@ -168,8 +168,7 @@ func resourceSentinelDataConnectorAwsCloudTrailDelete(d *schema.ResourceData, me
 		return err
 	}
 
-	_, err = client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name)
-	if err != nil {
+	if _, err = client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil {
 		return fmt.Errorf("deleting %s: %+v", id, err)
 	}
 

From 3c639c2d206fd7ee0eec26ce2ca4c7c685abf028 Mon Sep 17 00:00:00 2001
From: magodo <wztdyl@sina.com>
Date: Mon, 1 Mar 2021 15:17:36 +0800
Subject: [PATCH 6/7] add clarification about etag

---
 .../sentinel/sentinel_data_connector_aws_cloud_trail.go         | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
index b650757ba932..400ad0505a59 100644
--- a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
+++ b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
@@ -100,6 +100,8 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceDa
 	}
 
 	// Service avoid concurrent updates of this resource via checking the "etag" to guarantee it is the same value as last Read.
+	// TODO: following code can be removed once the issue below is fixed:
+	// https://github.com/Azure/azure-rest-api-specs/issues/13203
 	if !d.IsNewResource() {
 		resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name)
 		if err != nil {

From 96053ed8701b509cc733301240ce2f9163c3cb93 Mon Sep 17 00:00:00 2001
From: magodo <wztdyl@sina.com>
Date: Mon, 1 Mar 2021 15:29:45 +0800
Subject: [PATCH 7/7] fix build error

---
 .../sentinel_data_connector_aws_cloud_trail.go         | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
index 400ad0505a59..1200a6c22ee8 100644
--- a/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
+++ b/azurerm/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go
@@ -74,7 +74,7 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceDa
 	id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name)
 
 	if d.IsNewResource() {
-		resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name)
+		resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name)
 		if err != nil {
 			if !utils.ResponseWasNotFound(resp.Response) {
 				return fmt.Errorf("checking for existing %s: %+v", id, err)
@@ -103,7 +103,7 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceDa
 	// TODO: following code can be removed once the issue below is fixed:
 	// https://github.com/Azure/azure-rest-api-specs/issues/13203
 	if !d.IsNewResource() {
-		resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, name)
+		resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name)
 		if err != nil {
 			return fmt.Errorf("retrieving %s: %+v", id, err)
 		}
@@ -115,7 +115,7 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *schema.ResourceDa
 		param.Etag = dc.Etag
 	}
 
-	if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil {
+	if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil {
 		return fmt.Errorf("creating %s: %+v", id, err)
 	}
 
@@ -135,7 +135,7 @@ func resourceSentinelDataConnectorAwsCloudTrailRead(d *schema.ResourceData, meta
 	}
 	workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName)
 
-	resp, err := client.Get(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name)
+	resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name)
 	if err != nil {
 		if utils.ResponseWasNotFound(resp.Response) {
 			log.Printf("[DEBUG] %s was not found - removing from state!", id)
@@ -170,7 +170,7 @@ func resourceSentinelDataConnectorAwsCloudTrailDelete(d *schema.ResourceData, me
 		return err
 	}
 
-	if _, err = client.Delete(ctx, id.ResourceGroup, operationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil {
+	if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil {
 		return fmt.Errorf("deleting %s: %+v", id, err)
 	}