azurerm_databricks_access_connector - add support for UserManaged identity.
#21069
Conversation
WodansSon
changed the title
azurerm_databricks_access_connector - add support for user_managed_identity fieldazurerm_databricks_access_connector - add support for UserManaged in type for identity code block
WodansSon
changed the title
azurerm_databricks_access_connector - add support for UserManaged in type for identity code blockazurerm_databricks_access_connector - add support for UserManaged in type field in the identity code block
WodansSon
changed the title
azurerm_databricks_access_connector - add support for UserManaged in type field in the identity code blockazurerm_databricks_access_connector - add support for UserManaged in the type field of the identity code block
WodansSon
changed the title
azurerm_databricks_access_connector - add support for UserManaged in the type field of the identity code blockazurerm_databricks_access_connector - add support for UserManaged and SystemManaged, UserManaged in identity code block.
WodansSon
changed the title
azurerm_databricks_access_connector - add support for UserManaged and SystemManaged, UserManaged in identity code block.azurerm_databricks_access_connector - add support for UserManaged identity.
|
|
|
|
…r-azurerm into e_databricks_user_assigned_identity
There was a problem hiding this comment.
hey @WodansSon
Thanks for this PR.
Taking a look through here whilst this is mostly looking good, we'll want to add a new type to the commonschema (and identity) packages here - we're intentionally no longer defining identity blocks within the Provider to ensure behavioural consistency across the provider. As such would you mind moving this logic there, introducing:
- The
SystemOrUserAssignedIdentityschema method incommonschema. - A typed model for
SystemOrUserAssignedIdentity, as per the other types of Managed Identities in theidentitypackage. - An
ExpandandFlattenfunction forSystemOrUserAssignedIdentityso that we can ensure these are handled consistently.
Since it's taken a lot of coordination to make the identity types consistent, we're being particularly cautious with these - as such we'll need these types to exist within the commonschema and identity types to move forward here, but once those are present we can switch over to using those and this should otherwise be good to go :)
Thanks!
| } | ||
| } | ||
|
|
||
| func (r AccessConnectorResource) Update() sdk.ResourceFunc { | ||
| return sdk.ResourceFunc{ | ||
| Timeout: 5 * time.Minute, |
There was a problem hiding this comment.
if we're rate limited we'll hit this, we should make this 30m
| @@ -66,97 +107,125 @@ func (r AccessConnectorResource) IDValidationFunc() pluginsdk.SchemaValidateFunc | |||
|
|
|||
| func (r AccessConnectorResource) Create() sdk.ResourceFunc { | |||
| return sdk.ResourceFunc{ | |||
| Timeout: 5 * time.Minute, | |||
There was a problem hiding this comment.
if we're rate limited we'll hit this, we should make this 30m
| // UserAssigned Identity is supported for an Access Connector | ||
| // resource, not both together.') and only allows for a single 'identity_ids' | ||
| // to be passed... | ||
| "identity": { |
There was a problem hiding this comment.
rather than doing this, let's introduce a new commonschema type to support this, commonschema.SystemAssignedOrUserAssignedIdentity - identity is intentionally standardised across the provider now
There was a problem hiding this comment.
I have opened PR #164 to address this comment...
| if identityValue.Type == identity.TypeUserAssigned && len(identityValue.IdentityIds) == 0 { | ||
| return fmt.Errorf("`identity_ids` must be specified when `type` is set to %q", string(identity.TypeUserAssigned)) | ||
| } |
There was a problem hiding this comment.
if we add an Expand and Flatten function to the identity package, then this logic can be made contained within the identity package, which'll ensure we keep this consistent - can we update this?
There was a problem hiding this comment.
I have opened PR #164 to address this comment...
| func TestAccDatabricksAccessConnector_identityMissingIdentityIDsError(t *testing.T) { | ||
| data := acceptance.BuildTestData(t, "azurerm_databricks_access_connector", "test") | ||
| r := DatabricksAccessConnectorResource{} | ||
| data.ResourceTest(t, r, []acceptance.TestStep{ | ||
| { | ||
| Config: r.identityUserAssignedMissingIdentityIDs(data), | ||
| Check: acceptance.ComposeTestCheckFunc(), | ||
| ExpectError: regexp.MustCompile(`must be specified when`), | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func TestAccDatabricksAccessConnector_identityUserAssignedTooManyError(t *testing.T) { | ||
| data := acceptance.BuildTestData(t, "azurerm_databricks_access_connector", "test") | ||
| r := DatabricksAccessConnectorResource{} | ||
| data.ResourceTest(t, r, []acceptance.TestStep{ | ||
| { | ||
| Config: r.identityUserAssignedTooManyError(data), | ||
| Check: acceptance.ComposeTestCheckFunc(), | ||
| ExpectError: regexp.MustCompile(`Too many list items`), | ||
| }, | ||
| }) |
There was a problem hiding this comment.
fwiw this logic should be handled by the identity package, so we should be able to remove these?
|
|
||
| ## Attributes Reference | ||
|
|
||
| The following attributes are exported: | ||
| The following Attributes are exported in addition to the Arguments listed above: |
There was a problem hiding this comment.
(minor) looks like we use this phrasing in other resources, we should probably make this consistent:
| The following Attributes are exported in addition to the Arguments listed above: | |
| In addition to the Arguments listed above - the following Attributes are exported: |
|
hey @WodansSon Thanks for pushing those changes. Apologies for the late notice here, but I've just spotted that this is a duplicate of #21059 and as such I hope you don't mind but I'm going to close this in favour of #21059. I've confirmed that whilst the Swagger defines Whilst the Swagger does allow for As such I hope you don't mind but since #21059 was opened before this I'm going to close this PR in favour of #21059, but once that's merged we should be good to go here 👍 Thanks! |
|
This functionality has been released in v3.50.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
azurerm_databricks_access_connectorAPI version from2022-04-01-previewto2022-10-01-previewwhich exposesUserManagedidentities.