azurerm_mssql_database / azurerm_mssql_server - Added fields for database-level TDE
#24412
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
`azurerm_mssql_server`
github-actions
bot
added
documentation
service/mssql
katbyte
requested changes
Jan 8, 2024
There was a problem hiding this comment.
Thanks for the PR @dkuzmenok - but it looks like we have a test failure
------- Stdout: -------
=== RUN TestAccMsSqlDatabase_complete
=== PAUSE TestAccMsSqlDatabase_complete
=== CONT TestAccMsSqlDatabase_complete
testcase.go:113: Step 3/4 error: Error running apply: exit status 1
Error: unable to parse key: "": cannot parse azure key vault child ID: parse "": empty url
with azurerm_mssql_database.test,
on terraform_plugin_test.tf line 37, in resource "azurerm_mssql_database" "test":
37: resource "azurerm_mssql_database" "test" {
--- FAIL: TestAccMsSqlDatabase_complete (564.94s)
FAIL
Please, make another run after my update to test cases. |
|
The two failures are due to API internal server errors and the other failure is in VM's so not related to this PR. 
|
katbyte
requested changes
Jan 10, 2024
There was a problem hiding this comment.
thanks for fixing the test @dkuzmenok - aside from one comment about a property name i think this looks good
…yption_key_automatic_rotation_enabled`
|
Both test fail with internal server errors, API issue... LGTM! 🚀 
|
WodansSon
added a commit
that referenced
this pull request
Jan 11, 2024
dduportal
pushed a commit
to jenkins-infra/azure
that referenced
this pull request
Jan 17, 2024
<Actions>
<action
id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8">
<h3>Bump Terraform `azurerm` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
<summary>Update Terraform lock file</summary>
<p>"hashicorp/azurerm" updated from "3.86.0" to
"3.87.0" in file ".terraform.lock.hcl"</p>
<details>
<summary>3.87.0</summary>
<pre>Changelog retrieved
from:
	https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.87.0
ENHANCEMENTS:

*
dependencies: updating to `v0.20240112.1095456` of
`github.com/hashicorp/go-azure-sdk` [GH-24477]
* dependencies:
updating to `v0.65.1` of `github.com/hashicorp/go-azure-helpers`
[GH-24479]
* `kusto`: updating to use the base layer from
`hashicorp/go-azure-sdk` rather than `Azure/go-autorest`
[GH-24477]
* `azurerm_container_group` - support for the `priority`
property [GH-24374]
* Data Source: `azurerm_application_gateway` -
support for the `trusted_client_certificate.data` property
[GH-24474]

## 3.87.0 (January 11,
2024)

FEATURES:

* New Data Source:
`azurerm_network_manager`
([#24398](hashicorp/terraform-provider-azurerm#24398
New Resource:
`azurerm_security_center_server_vulnerability_assessments_setting`
([#24299](https://github.com/hashicorp/terraform-provider-azurerm/issues/24299))

ENHANCEMENTS:

*
dependencies: updating to `v0.20240111.1094251` of
`github.com/hashicorp/go-azure-sdk`
([#24463](hashicorp/terraform-provider-azurerm#24463
Data Source: `azurerm_mssql_database` - support for `identity`,
`transparent_data_encryption_enabled`,
`transparent_data_encryption_key_vault_key_id` and
`transparent_data_encryption_key_automatic_rotation_enabled`
([#24412](hashicorp/terraform-provider-azurerm#24412
Data Source: `azurerm_mssql_server` - support for
`transparent_data_encryption_key_vault_key_id`
([#24412](hashicorp/terraform-provider-azurerm#24412
`machinelearning`: updating to API Version `2023-10-01`
([#24416](hashicorp/terraform-provider-azurerm#24416
`paloaltonetworks`: updating to API Version `2023-09-01`
([#24290](hashicorp/terraform-provider-azurerm#24290
`azurerm_container_app` - update create time validations for
`ingress.0.traffic_weight`
([#24042](hashicorp/terraform-provider-azurerm#24042
`azurerm_container_app`- support for the `ip_security_restriction` block
([#23870](hashicorp/terraform-provider-azurerm#23870
`azurerm_kubernetes_cluster` - properties in
`default_node_pool.linux_os_config.sysctl_config` are now updateable via
node pool cycling
([#24397](hashicorp/terraform-provider-azurerm#24397
`azurerm_linux_web_app` - support the `VS2022` value for the
`remote_debugging_version` property
([#24407](hashicorp/terraform-provider-azurerm#24407
`azurerm_mssql_database` - support for `identity`,
`transparent_data_encryption_key_vault_key_id` and
`transparent_data_encryption_key_automatic_rotation_enabled`
([#24412](hashicorp/terraform-provider-azurerm#24412
`azurerm_postgres_flexible_server` - the `sku_name` property now
supports being set to `MO_Standard_E96ds_v5`
([#24367](hashicorp/terraform-provider-azurerm#24367
`azurerm_role_assignment` - support for the `principal_type` property
([#24271](hashicorp/terraform-provider-azurerm#24271
`azurerm_windows_web_app` - support the `VS2022` value for the
`remote_debugging_version` property
([#24407](hashicorp/terraform-provider-azurerm#24407
`azurerm_cdn_frontdoor_firewall_policy` - support for
`request_body_check_enabled` property
([#24406](https://github.com/hashicorp/terraform-provider-azurerm/issues/24406))

BUG
FIXES:

* Data Source: `azurerm_role_definition` - fix
`role_definition_id`
([#24418](hashicorp/terraform-provider-azurerm#24418
`azurerm_api_management` - the `sku_name` property can now be updated
([#24431](hashicorp/terraform-provider-azurerm#24431
`azurerm_arc_kubernetes_flux_configuration` - prevent a bug where
certain sensitive properties for `bucket` and `git_repository` were
being overwritten after an update to the resource is made
([#24066](hashicorp/terraform-provider-azurerm#24066
`azurerm_kubernetes_flux_configuration` - prevent a bug where certain
sensitive properties for `bucket` and `git_repository` were being
overwritten after an update to the resource is made
([#24066](hashicorp/terraform-provider-azurerm#24066
`azure_linux_web_app` - prevent a bug in App Service processing of
`application_stack` in updates to `site_config`
([#24424](hashicorp/terraform-provider-azurerm#24424
`azure_linux_web_app_slot` - Fix bug in App Service processing of
`application_stack` in updates to `site_config`
([#24424](hashicorp/terraform-provider-azurerm#24424
`azurerm_network_manager_deployment` - update creation wait logic to
better tolerate the api returning not found
([#24330](hashicorp/terraform-provider-azurerm#24330
`azurerm_virtual_machine_data_disk_attachment` - do not update
applications profile with disks
([#24145](hashicorp/terraform-provider-azurerm#24145
`azure_windows_web_app` - prevent a bug in App Service processing of
`application_stack` in updates to `site_config`
([#24424](hashicorp/terraform-provider-azurerm#24424
`azure_windows_web_app_slot` - prevent a bug in App Service processing
of `application_stack` in updates to `site_config`
([#24424](hashicorp/terraform-provider-azurerm#24424
`azurerm_maintenance_configuration` - set the `reboot` property in
flatten from `AlwaysReboot` to `Always`
([#24376](hashicorp/terraform-provider-azurerm#24376
`azurerm_container_app_environment` - the `workload_profile` property
can now be updated
([#24409](https://github.com/hashicorp/terraform-provider-azurerm/issues/24409))


</pre>
</details>
</details>
<a
href="https://infra.ci.jenkins.io/job/terraform-jobs/job/azure/job/main/1004/">Jenkins
pipeline link</a>
</action>
</Actions>
---
<table>
<tr>
<td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
</td>
<td>
<p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
</p>
<details><summary>Options:</summary>
<br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
<ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
</ul>
<p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
</p>
</details>
</td>
</tr>
</table>
Co-authored-by: Jenkins Infra Bot (updatecli) <60776566+jenkins-infra-bot@users.noreply.github.com>
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes
transparent_data_encryption_enabled, when it is already set to same value. It was causing policy failures (looks like SettingEnabledto alreadyEnabledwas causingDisable -> Enablechain in new API, so added a check to prevent it).azurerm_mssql_databasenew fields:identity,transparent_data_encryption_enabled,transparent_data_encryption_key_vault_key_id,auto_key_rotation_enabledazurerm_mssql_servernew fields:transparent_data_encryption_key_vault_key_idazurerm_mssql_databasenew fields:identity,transparent_data_encryption_key_vault_key_id,auto_key_rotation_enabledBasically we add support for setting TDE on a database level, that is supported with a newer API we now use.
Tests passed on my side.
Fixes #24316
Fixes #24253