From a7decb8a56ca9fcb4291ae2b25d928397888d6fd Mon Sep 17 00:00:00 2001 From: kt Date: Thu, 9 Apr 2020 20:13:40 -0700 Subject: [PATCH 1/3] azurerm_sql_server - support for connection policy --- .../tests/resource_arm_mssql_database_test.go | 32 +++++++++ .../internal/services/sql/client/client.go | 69 ++++++++++--------- .../services/sql/resource_arm_sql_database.go | 17 ++--- .../services/sql/resource_arm_sql_server.go | 30 ++++++-- 4 files changed, 101 insertions(+), 47 deletions(-) diff --git a/azurerm/internal/services/mssql/tests/resource_arm_mssql_database_test.go b/azurerm/internal/services/mssql/tests/resource_arm_mssql_database_test.go index 7b14ffe64a9c..b7d78724ed94 100644 --- a/azurerm/internal/services/mssql/tests/resource_arm_mssql_database_test.go +++ b/azurerm/internal/services/mssql/tests/resource_arm_mssql_database_test.go @@ -300,6 +300,38 @@ func TestAccAzureRMMsSqlDatabase_createSecondaryMode(t *testing.T) { }) } +func TestAccAzureRMMsSqlDatabase_threatDetectionPolicy(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_mssql_database", "test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acceptance.PreCheck(t) }, + Providers: acceptance.SupportedProviders, + CheckDestroy: testCheckAzureRMMsSqlDatabaseDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMMsSqlDatabase_threatDetectionPolicy(data, "Enabled"), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMMsSqlDatabaseExists(data.ResourceName), + resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.state", "Enabled"), + resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.retention_days", "15"), + resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.disabled_alerts.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.email_account_admins", "Enabled"), + ), + }, + data.ImportStep(), + { + Config: testAccAzureRMMsSqlDatabase_threatDetectionPolicy(data, "Disabled"), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMMsSqlDatabaseExists(data.ResourceName), + resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.state", "Disabled"), + ), + }, + }, + }) +} + func testCheckAzureRMMsSqlDatabaseExists(resourceName string) resource.TestCheckFunc { return func(s *terraform.State) error { client := acceptance.AzureProvider.Meta().(*clients.Client).MSSQL.DatabasesClient diff --git a/azurerm/internal/services/sql/client/client.go b/azurerm/internal/services/sql/client/client.go index 2570a3a58c46..dd821f33067e 100644 --- a/azurerm/internal/services/sql/client/client.go +++ b/azurerm/internal/services/sql/client/client.go @@ -9,57 +9,62 @@ type Client struct { DatabasesClient *sql.DatabasesClient DatabaseThreatDetectionPoliciesClient *sql.DatabaseThreatDetectionPoliciesClient ElasticPoolsClient *sql.ElasticPoolsClient + DatabaseExtendedBlobAuditingPoliciesClient *sql.ExtendedDatabaseBlobAuditingPoliciesClient FirewallRulesClient *sql.FirewallRulesClient FailoverGroupsClient *sql.FailoverGroupsClient ServersClient *sql.ServersClient + ServerExtendedBlobAuditingPoliciesClient *sql.ExtendedServerBlobAuditingPoliciesClient + ServerConnectionPoliciesClient *sql.ServerConnectionPoliciesClient ServerAzureADAdministratorsClient *sql.ServerAzureADAdministratorsClient VirtualNetworkRulesClient *sql.VirtualNetworkRulesClient - ExtendedDatabaseBlobAuditingPoliciesClient *sql.ExtendedDatabaseBlobAuditingPoliciesClient - ExtendedServerBlobAuditingPoliciesClient *sql.ExtendedServerBlobAuditingPoliciesClient } func NewClient(o *common.ClientOptions) *Client { // SQL Azure - DatabasesClient := sql.NewDatabasesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&DatabasesClient.Client, o.ResourceManagerAuthorizer) + databasesClient := sql.NewDatabasesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&databasesClient.Client, o.ResourceManagerAuthorizer) - DatabaseThreatDetectionPoliciesClient := sql.NewDatabaseThreatDetectionPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&DatabaseThreatDetectionPoliciesClient.Client, o.ResourceManagerAuthorizer) + databaseExtendedBlobAuditingPoliciesClient := sql.NewExtendedDatabaseBlobAuditingPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&databaseExtendedBlobAuditingPoliciesClient.Client, o.ResourceManagerAuthorizer) - ElasticPoolsClient := sql.NewElasticPoolsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&ElasticPoolsClient.Client, o.ResourceManagerAuthorizer) + databaseThreatDetectionPoliciesClient := sql.NewDatabaseThreatDetectionPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&databaseThreatDetectionPoliciesClient.Client, o.ResourceManagerAuthorizer) - FailoverGroupsClient := sql.NewFailoverGroupsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&FailoverGroupsClient.Client, o.ResourceManagerAuthorizer) + elasticPoolsClient := sql.NewElasticPoolsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&elasticPoolsClient.Client, o.ResourceManagerAuthorizer) - FirewallRulesClient := sql.NewFirewallRulesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&FirewallRulesClient.Client, o.ResourceManagerAuthorizer) + failoverGroupsClient := sql.NewFailoverGroupsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&failoverGroupsClient.Client, o.ResourceManagerAuthorizer) - ServersClient := sql.NewServersClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&ServersClient.Client, o.ResourceManagerAuthorizer) + firewallRulesClient := sql.NewFirewallRulesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&firewallRulesClient.Client, o.ResourceManagerAuthorizer) - ServerAzureADAdministratorsClient := sql.NewServerAzureADAdministratorsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&ServerAzureADAdministratorsClient.Client, o.ResourceManagerAuthorizer) + serversClient := sql.NewServersClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&serversClient.Client, o.ResourceManagerAuthorizer) - VirtualNetworkRulesClient := sql.NewVirtualNetworkRulesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&VirtualNetworkRulesClient.Client, o.ResourceManagerAuthorizer) + serverConnectionPoliciesClient := sql.NewServerConnectionPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&serverConnectionPoliciesClient.Client, o.ResourceManagerAuthorizer) - ExtendedDatabaseBlobAuditingPoliciesClient := sql.NewExtendedDatabaseBlobAuditingPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&ExtendedDatabaseBlobAuditingPoliciesClient.Client, o.ResourceManagerAuthorizer) + serverAzureADAdministratorsClient := sql.NewServerAzureADAdministratorsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&serverAzureADAdministratorsClient.Client, o.ResourceManagerAuthorizer) - ExtendedServerBlobAuditingPoliciesClient := sql.NewExtendedServerBlobAuditingPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) - o.ConfigureClient(&ExtendedServerBlobAuditingPoliciesClient.Client, o.ResourceManagerAuthorizer) + virtualNetworkRulesClient := sql.NewVirtualNetworkRulesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&virtualNetworkRulesClient.Client, o.ResourceManagerAuthorizer) + + serverExtendedBlobAuditingPoliciesClient := sql.NewExtendedServerBlobAuditingPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId) + o.ConfigureClient(&serverExtendedBlobAuditingPoliciesClient.Client, o.ResourceManagerAuthorizer) return &Client{ - DatabasesClient: &DatabasesClient, - DatabaseThreatDetectionPoliciesClient: &DatabaseThreatDetectionPoliciesClient, - ElasticPoolsClient: &ElasticPoolsClient, - FailoverGroupsClient: &FailoverGroupsClient, - FirewallRulesClient: &FirewallRulesClient, - ServersClient: &ServersClient, - ServerAzureADAdministratorsClient: &ServerAzureADAdministratorsClient, - VirtualNetworkRulesClient: &VirtualNetworkRulesClient, - ExtendedDatabaseBlobAuditingPoliciesClient: &ExtendedDatabaseBlobAuditingPoliciesClient, - ExtendedServerBlobAuditingPoliciesClient: &ExtendedServerBlobAuditingPoliciesClient, + DatabasesClient: &databasesClient, + DatabaseExtendedBlobAuditingPoliciesClient: &databaseExtendedBlobAuditingPoliciesClient, + DatabaseThreatDetectionPoliciesClient: &databaseThreatDetectionPoliciesClient, + ElasticPoolsClient: &elasticPoolsClient, + FailoverGroupsClient: &failoverGroupsClient, + FirewallRulesClient: &firewallRulesClient, + ServersClient: &serversClient, + ServerAzureADAdministratorsClient: &serverAzureADAdministratorsClient, + ServerConnectionPoliciesClient: &serverConnectionPoliciesClient, + ServerExtendedBlobAuditingPoliciesClient: &serverExtendedBlobAuditingPoliciesClient, + VirtualNetworkRulesClient: &virtualNetworkRulesClient, } } diff --git a/azurerm/internal/services/sql/resource_arm_sql_database.go b/azurerm/internal/services/sql/resource_arm_sql_database.go index 692811b1d2a3..bd86542e905b 100644 --- a/azurerm/internal/services/sql/resource_arm_sql_database.go +++ b/azurerm/internal/services/sql/resource_arm_sql_database.go @@ -356,6 +356,7 @@ func resourceArmSqlDatabase() *schema.Resource { func resourceArmSqlDatabaseCreateUpdate(d *schema.ResourceData, meta interface{}) error { client := meta.(*clients.Client).Sql.DatabasesClient + threatClient := meta.(*clients.Client).Sql.DatabaseThreatDetectionPoliciesClient ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d) defer cancel() @@ -380,8 +381,6 @@ func resourceArmSqlDatabaseCreateUpdate(d *schema.ResourceData, meta interface{} } } - threatDetection := expandArmSqlServerThreatDetectionPolicy(d, location) - properties := sql.Database{ Location: utils.String(location), DatabaseProperties: &sql.DatabaseProperties{ @@ -497,12 +496,11 @@ func resourceArmSqlDatabaseCreateUpdate(d *schema.ResourceData, meta interface{} d.SetId(*resp.ID) - threatDetectionClient := meta.(*clients.Client).Sql.DatabaseThreatDetectionPoliciesClient - if _, err = threatDetectionClient.CreateOrUpdate(ctx, resourceGroup, serverName, name, *threatDetection); err != nil { + if _, err = threatClient.CreateOrUpdate(ctx, resourceGroup, serverName, name, *expandArmSqlServerThreatDetectionPolicy(d, location)); err != nil { return fmt.Errorf("Error setting database threat detection policy: %+v", err) } - auditingClient := meta.(*clients.Client).Sql.ExtendedDatabaseBlobAuditingPoliciesClient + auditingClient := meta.(*clients.Client).Sql.DatabaseExtendedBlobAuditingPoliciesClient auditingProps := sql.ExtendedDatabaseBlobAuditingPolicy{ ExtendedDatabaseBlobAuditingPolicyProperties: helper.ExpandAzureRmSqlDBBlobAuditingPolicies(d.Get("extended_auditing_policy").([]interface{})), } @@ -538,11 +536,10 @@ func resourceArmSqlDatabaseRead(d *schema.ResourceData, meta interface{}) error return fmt.Errorf("Error making Read request on Sql Database %s: %+v", name, err) } - threatDetectionClient := meta.(*clients.Client).Sql.DatabaseThreatDetectionPoliciesClient - threatDetection, err := threatDetectionClient.Get(ctx, resourceGroup, serverName, name) + threatClient := meta.(*clients.Client).Sql.DatabaseThreatDetectionPoliciesClient + threat, err := threatClient.Get(ctx, resourceGroup, serverName, name) if err == nil { - flattenedThreatDetection := flattenArmSqlServerThreatDetectionPolicy(d, threatDetection) - if err := d.Set("threat_detection_policy", flattenedThreatDetection); err != nil { + if err := d.Set("threat_detection_policy", flattenArmSqlServerThreatDetectionPolicy(d, threat)); err != nil { return fmt.Errorf("Error setting `threat_detection_policy`: %+v", err) } } @@ -594,7 +591,7 @@ func resourceArmSqlDatabaseRead(d *schema.ResourceData, meta interface{}) error d.Set("zone_redundant", props.ZoneRedundant) } - auditingClient := meta.(*clients.Client).Sql.ExtendedDatabaseBlobAuditingPoliciesClient + auditingClient := meta.(*clients.Client).Sql.DatabaseExtendedBlobAuditingPoliciesClient auditingResp, err := auditingClient.Get(ctx, resourceGroup, serverName, name) if err != nil { return fmt.Errorf("Error reading SQL Database %q: %v Blob Auditing Policies", name, err) diff --git a/azurerm/internal/services/sql/resource_arm_sql_server.go b/azurerm/internal/services/sql/resource_arm_sql_server.go index 93ba4d02b7ef..44285daaff59 100644 --- a/azurerm/internal/services/sql/resource_arm_sql_server.go +++ b/azurerm/internal/services/sql/resource_arm_sql_server.go @@ -71,9 +71,14 @@ func resourceArmSqlServer() *schema.Resource { Sensitive: true, }, - "fully_qualified_domain_name": { - Type: schema.TypeString, - Computed: true, + "connection_policy": { + Type: schema.TypeString, + Optional: true, + ValidateFunc:validation.StringInSlice([]string{ + string(sql.ServerConnectionTypeDefault), + string(sql.ServerConnectionTypeProxy), + string(sql.ServerConnectionTypeRedirect), + }, false), }, "identity": { @@ -103,6 +108,11 @@ func resourceArmSqlServer() *schema.Resource { "extended_auditing_policy": helper.ExtendedAuditingSchema(), + "fully_qualified_domain_name": { + Type: schema.TypeString, + Computed: true, + }, + "tags": tags.Schema(), }, } @@ -110,6 +120,8 @@ func resourceArmSqlServer() *schema.Resource { func resourceArmSqlServerCreateUpdate(d *schema.ResourceData, meta interface{}) error { client := meta.(*clients.Client).Sql.ServersClient + auditingClient := meta.(*clients.Client).Sql.ServerExtendedBlobAuditingPoliciesClient + connectionClient := meta.(*clients.Client).Sql.ServerConnectionPoliciesClient ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d) defer cancel() @@ -174,7 +186,15 @@ func resourceArmSqlServerCreateUpdate(d *schema.ResourceData, meta interface{}) d.SetId(*resp.ID) - auditingClient := meta.(*clients.Client).Sql.ExtendedServerBlobAuditingPoliciesClient + connectionClient := sql.ServerConnectionPolicy{ + ServerConnectionPolicyProperties: &sql.ServerConnectionPolicyProperties{ + ConnectionType: sql.ServerConnectionType(d.Get("connection_type").(string)) + }, + } + if _, err = connectionClient.CreateOrUpdate(ctx, resGroup, name, auditingProps); err != nil { + return fmt.Errorf("Error issuing create/update request for SQL Server %q Blob Auditing Policies(Resource Group %q): %+v", name, resGroup, err) + } + auditingProps := sql.ExtendedServerBlobAuditingPolicy{ ExtendedServerBlobAuditingPolicyProperties: helper.ExpandAzureRmSqlServerBlobAuditingPolicies(d.Get("extended_auditing_policy").([]interface{})), } @@ -225,7 +245,7 @@ func resourceArmSqlServerRead(d *schema.ResourceData, meta interface{}) error { d.Set("fully_qualified_domain_name", serverProperties.FullyQualifiedDomainName) } - auditingClient := meta.(*clients.Client).Sql.ExtendedServerBlobAuditingPoliciesClient + auditingClient := meta.(*clients.Client).Sql.ServerExtendedBlobAuditingPoliciesClient auditingResp, err := auditingClient.Get(ctx, resGroup, name) if err != nil { return fmt.Errorf("Error reading SQL Server %s Blob Auditing Policies: %v ", name, err) From 40b5482268c821db38643d53ec5081a734d22659 Mon Sep 17 00:00:00 2001 From: kt Date: Thu, 9 Apr 2020 22:33:23 -0700 Subject: [PATCH 2/3] azurerm_sql_server - support the connection_policy property --- .../internal/services/sql/client/client.go | 4 +-- ...edAuditing.go => sql_extended_auditing.go} | 0 .../services/sql/resource_arm_sql_server.go | 30 ++++++++++++------- website/docs/r/sql_server.html.markdown | 2 ++ 4 files changed, 24 insertions(+), 12 deletions(-) rename azurerm/internal/services/sql/helper/{sqlExtendedAuditing.go => sql_extended_auditing.go} (100%) diff --git a/azurerm/internal/services/sql/client/client.go b/azurerm/internal/services/sql/client/client.go index dd821f33067e..0db88266ae74 100644 --- a/azurerm/internal/services/sql/client/client.go +++ b/azurerm/internal/services/sql/client/client.go @@ -55,7 +55,7 @@ func NewClient(o *common.ClientOptions) *Client { o.ConfigureClient(&serverExtendedBlobAuditingPoliciesClient.Client, o.ResourceManagerAuthorizer) return &Client{ - DatabasesClient: &databasesClient, + DatabasesClient: &databasesClient, DatabaseExtendedBlobAuditingPoliciesClient: &databaseExtendedBlobAuditingPoliciesClient, DatabaseThreatDetectionPoliciesClient: &databaseThreatDetectionPoliciesClient, ElasticPoolsClient: &elasticPoolsClient, @@ -63,7 +63,7 @@ func NewClient(o *common.ClientOptions) *Client { FirewallRulesClient: &firewallRulesClient, ServersClient: &serversClient, ServerAzureADAdministratorsClient: &serverAzureADAdministratorsClient, - ServerConnectionPoliciesClient: &serverConnectionPoliciesClient, + ServerConnectionPoliciesClient: &serverConnectionPoliciesClient, ServerExtendedBlobAuditingPoliciesClient: &serverExtendedBlobAuditingPoliciesClient, VirtualNetworkRulesClient: &virtualNetworkRulesClient, } diff --git a/azurerm/internal/services/sql/helper/sqlExtendedAuditing.go b/azurerm/internal/services/sql/helper/sql_extended_auditing.go similarity index 100% rename from azurerm/internal/services/sql/helper/sqlExtendedAuditing.go rename to azurerm/internal/services/sql/helper/sql_extended_auditing.go diff --git a/azurerm/internal/services/sql/resource_arm_sql_server.go b/azurerm/internal/services/sql/resource_arm_sql_server.go index 44285daaff59..d72a3412a07f 100644 --- a/azurerm/internal/services/sql/resource_arm_sql_server.go +++ b/azurerm/internal/services/sql/resource_arm_sql_server.go @@ -72,9 +72,10 @@ func resourceArmSqlServer() *schema.Resource { }, "connection_policy": { - Type: schema.TypeString, - Optional: true, - ValidateFunc:validation.StringInSlice([]string{ + Type: schema.TypeString, + Optional: true, + Default: string(sql.ServerConnectionTypeDefault), + ValidateFunc: validation.StringInSlice([]string{ string(sql.ServerConnectionTypeDefault), string(sql.ServerConnectionTypeProxy), string(sql.ServerConnectionTypeRedirect), @@ -186,13 +187,13 @@ func resourceArmSqlServerCreateUpdate(d *schema.ResourceData, meta interface{}) d.SetId(*resp.ID) - connectionClient := sql.ServerConnectionPolicy{ + connection := sql.ServerConnectionPolicy{ ServerConnectionPolicyProperties: &sql.ServerConnectionPolicyProperties{ - ConnectionType: sql.ServerConnectionType(d.Get("connection_type").(string)) + ConnectionType: sql.ServerConnectionType(d.Get("connection_policy").(string)), }, } - if _, err = connectionClient.CreateOrUpdate(ctx, resGroup, name, auditingProps); err != nil { - return fmt.Errorf("Error issuing create/update request for SQL Server %q Blob Auditing Policies(Resource Group %q): %+v", name, resGroup, err) + if _, err = connectionClient.CreateOrUpdate(ctx, resGroup, name, connection); err != nil { + return fmt.Errorf("Error issuing create/update request for SQL Server %q Connection Policy (Resource Group %q): %+v", name, resGroup, err) } auditingProps := sql.ExtendedServerBlobAuditingPolicy{ @@ -207,6 +208,8 @@ func resourceArmSqlServerCreateUpdate(d *schema.ResourceData, meta interface{}) func resourceArmSqlServerRead(d *schema.ResourceData, meta interface{}) error { client := meta.(*clients.Client).Sql.ServersClient + auditingClient := meta.(*clients.Client).Sql.ServerExtendedBlobAuditingPoliciesClient + connectionClient := meta.(*clients.Client).Sql.ServerConnectionPoliciesClient ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d) defer cancel() @@ -245,14 +248,21 @@ func resourceArmSqlServerRead(d *schema.ResourceData, meta interface{}) error { d.Set("fully_qualified_domain_name", serverProperties.FullyQualifiedDomainName) } - auditingClient := meta.(*clients.Client).Sql.ServerExtendedBlobAuditingPoliciesClient + connection, err := connectionClient.Get(ctx, resGroup, name) + if err != nil { + return fmt.Errorf("Error reading SQL Server %s Blob Connection Policy: %v ", name, err) + } + + if props := connection.ServerConnectionPolicyProperties; props != nil { + d.Set("connection_policy", string(props.ConnectionType)) + } + auditingResp, err := auditingClient.Get(ctx, resGroup, name) if err != nil { return fmt.Errorf("Error reading SQL Server %s Blob Auditing Policies: %v ", name, err) } - flattenBlobAuditing := helper.FlattenAzureRmSqlServerBlobAuditingPolicies(&auditingResp, d) - if err := d.Set("extended_auditing_policy", flattenBlobAuditing); err != nil { + if err := d.Set("extended_auditing_policy", helper.FlattenAzureRmSqlServerBlobAuditingPolicies(&auditingResp, d)); err != nil { return fmt.Errorf("Error setting `extended_auditing_policy`: %+v", err) } diff --git a/website/docs/r/sql_server.html.markdown b/website/docs/r/sql_server.html.markdown index 3e41f9cbdc69..e3e37b5906bb 100644 --- a/website/docs/r/sql_server.html.markdown +++ b/website/docs/r/sql_server.html.markdown @@ -66,6 +66,8 @@ The following arguments are supported: * `administrator_login_password` - (Required) The password associated with the `administrator_login` user. Needs to comply with Azure's [Password Policy](https://msdn.microsoft.com/library/ms161959.aspx) +* `connection_policy` - (Optional) The connection policy the server will use. Possible values are `Default`, `Proxy`, and `Redirect`. Defaults to `Default`. + * `identity` - (Optional) An `identity` block as defined below. * `extended_auditing_policy` - (Optional) A `extended_auditing_policy` block as defined below. From e49ae3c537ebc44d93875914ad02fe590bfa0d82 Mon Sep 17 00:00:00 2001 From: kt Date: Fri, 10 Apr 2020 10:28:05 -0700 Subject: [PATCH 3/3] remove accidental inclusion of a test from a nother pr --- .../tests/resource_arm_mssql_database_test.go | 32 ------------------- 1 file changed, 32 deletions(-) diff --git a/azurerm/internal/services/mssql/tests/resource_arm_mssql_database_test.go b/azurerm/internal/services/mssql/tests/resource_arm_mssql_database_test.go index b7d78724ed94..7b14ffe64a9c 100644 --- a/azurerm/internal/services/mssql/tests/resource_arm_mssql_database_test.go +++ b/azurerm/internal/services/mssql/tests/resource_arm_mssql_database_test.go @@ -300,38 +300,6 @@ func TestAccAzureRMMsSqlDatabase_createSecondaryMode(t *testing.T) { }) } -func TestAccAzureRMMsSqlDatabase_threatDetectionPolicy(t *testing.T) { - data := acceptance.BuildTestData(t, "azurerm_mssql_database", "test") - - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { acceptance.PreCheck(t) }, - Providers: acceptance.SupportedProviders, - CheckDestroy: testCheckAzureRMMsSqlDatabaseDestroy, - Steps: []resource.TestStep{ - { - Config: testAccAzureRMMsSqlDatabase_threatDetectionPolicy(data, "Enabled"), - Check: resource.ComposeTestCheckFunc( - testCheckAzureRMMsSqlDatabaseExists(data.ResourceName), - resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.#", "1"), - resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.state", "Enabled"), - resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.retention_days", "15"), - resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.disabled_alerts.#", "1"), - resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.email_account_admins", "Enabled"), - ), - }, - data.ImportStep(), - { - Config: testAccAzureRMMsSqlDatabase_threatDetectionPolicy(data, "Disabled"), - Check: resource.ComposeTestCheckFunc( - testCheckAzureRMMsSqlDatabaseExists(data.ResourceName), - resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.#", "1"), - resource.TestCheckResourceAttr(data.ResourceName, "threat_detection_policy.0.state", "Disabled"), - ), - }, - }, - }) -} - func testCheckAzureRMMsSqlDatabaseExists(resourceName string) resource.TestCheckFunc { return func(s *terraform.State) error { client := acceptance.AzureProvider.Meta().(*clients.Client).MSSQL.DatabasesClient