forked from hashicorp/terraform-provider-azurerm
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
azurerm_policy_virtual_machine_configuration_assignment
: Updated ex…
…ample HCL, add datasource (hashicorp#13311) Service team requested that we add the assignment_type = "ApplyAndMonitor" to the example usage. Added Datasource: azurerm_policy_virtual_machine_configuration_assignment
Showing
7 changed files
with
431 additions
and
38 deletions.
There are no files selected for viewing
143 changes: 143 additions & 0 deletions
143
internal/services/policy/policy_virtual_machine_configuration_assignment_data_source.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,143 @@ | ||
package policy | ||
|
||
import ( | ||
"fmt" | ||
"log" | ||
"time" | ||
|
||
"github.com/Azure/azure-sdk-for-go/services/guestconfiguration/mgmt/2020-06-25/guestconfiguration" | ||
"github.com/hashicorp/terraform-provider-azurerm/helpers/azure" | ||
"github.com/hashicorp/terraform-provider-azurerm/internal/clients" | ||
"github.com/hashicorp/terraform-provider-azurerm/internal/services/policy/parse" | ||
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" | ||
"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts" | ||
"github.com/hashicorp/terraform-provider-azurerm/utils" | ||
) | ||
|
||
func dataSourcePolicyVirtualMachineConfigurationAssignment() *pluginsdk.Resource { | ||
return &pluginsdk.Resource{ | ||
Read: dataSourcePolicyVirtualMachineConfigurationAssignmentRead, | ||
|
||
Timeouts: &pluginsdk.ResourceTimeout{ | ||
Read: pluginsdk.DefaultTimeout(5 * time.Minute), | ||
}, | ||
|
||
Schema: map[string]*pluginsdk.Schema{ | ||
"name": { | ||
Type: pluginsdk.TypeString, | ||
Required: true, | ||
}, | ||
|
||
"resource_group_name": azure.SchemaResourceGroupNameForDataSource(), | ||
|
||
"virtual_machine_name": { | ||
Type: pluginsdk.TypeString, | ||
Required: true, | ||
}, | ||
|
||
"content_hash": { | ||
Type: pluginsdk.TypeString, | ||
Computed: true, | ||
}, | ||
|
||
"content_uri": { | ||
Type: pluginsdk.TypeString, | ||
Computed: true, | ||
}, | ||
|
||
"assignment_hash": { | ||
Type: pluginsdk.TypeString, | ||
Computed: true, | ||
}, | ||
|
||
"compliance_status": { | ||
Type: pluginsdk.TypeString, | ||
Computed: true, | ||
}, | ||
|
||
"latest_report_id": { | ||
Type: pluginsdk.TypeString, | ||
Computed: true, | ||
}, | ||
|
||
"last_compliance_status_checked": { | ||
Type: pluginsdk.TypeString, | ||
Computed: true, | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
func dataSourcePolicyVirtualMachineConfigurationAssignmentRead(d *pluginsdk.ResourceData, meta interface{}) error { | ||
subscriptionId := meta.(*clients.Client).Account.SubscriptionId | ||
client := meta.(*clients.Client).Policy.GuestConfigurationAssignmentsClient | ||
ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d) | ||
defer cancel() | ||
|
||
resourceGroup := d.Get("resource_group_name").(string) | ||
vmName := d.Get("virtual_machine_name").(string) | ||
name := d.Get("name").(string) | ||
|
||
id := parse.NewVirtualMachineConfigurationAssignmentID(subscriptionId, resourceGroup, vmName, name) | ||
|
||
resp, err := client.Get(ctx, id.ResourceGroup, id.GuestConfigurationAssignmentName, id.VirtualMachineName) | ||
if err != nil { | ||
if utils.ResponseWasNotFound(resp.Response) { | ||
log.Printf("[INFO] guestConfiguration %q was not found", id.GuestConfigurationAssignmentName) | ||
return nil | ||
} | ||
return fmt.Errorf("retrieving %s: %+v", id, err) | ||
} | ||
|
||
d.SetId(id.ID()) | ||
|
||
d.Set("name", id.GuestConfigurationAssignmentName) | ||
d.Set("resource_group_name", resourceGroup) | ||
d.Set("virtual_machine_name", vmName) | ||
|
||
if props := resp.Properties; props != nil { | ||
if v := props.AssignmentHash; v != nil { | ||
d.Set("assignment_hash", v) | ||
} | ||
|
||
if v := string(props.ComplianceStatus); v != "" { | ||
d.Set("compliance_status", v) | ||
} | ||
|
||
if v := props.LatestReportID; v != nil { | ||
d.Set("latest_report_id", v) | ||
} | ||
|
||
if v := props.LastComplianceStatusChecked; v != nil { | ||
d.Set("last_compliance_status_checked", v.Format(time.RFC3339)) | ||
} | ||
|
||
contentHash, contentUri := dataSourceFlattenGuestConfigurationAssignment(props.GuestConfiguration) | ||
|
||
if contentHash != nil { | ||
d.Set("content_hash", contentHash) | ||
} | ||
|
||
if contentUri != nil { | ||
d.Set("content_uri", contentUri) | ||
} | ||
} | ||
return nil | ||
} | ||
|
||
func dataSourceFlattenGuestConfigurationAssignment(input *guestconfiguration.Navigation) (*string, *string) { | ||
if input == nil { | ||
return nil, nil | ||
} | ||
|
||
var contentHash *string | ||
if input.ContentHash != nil { | ||
contentHash = input.ContentHash | ||
} | ||
var contentUri *string | ||
if input.ContentURI != nil { | ||
contentUri = input.ContentURI | ||
} | ||
|
||
return contentHash, contentUri | ||
} |
159 changes: 159 additions & 0 deletions
159
internal/services/policy/policy_virtual_machine_configuration_assignment_data_source_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,159 @@ | ||
package policy_test | ||
|
||
import ( | ||
"fmt" | ||
"strings" | ||
"testing" | ||
|
||
"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" | ||
"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" | ||
) | ||
|
||
type PolicyVirtualMachineConfigurationAssignmentDataSource struct { | ||
} | ||
|
||
func TestAccPolicyVirtualMachineConfigurationAssignmentDataSource_basic(t *testing.T) { | ||
data := acceptance.BuildTestData(t, "data.azurerm_policy_virtual_machine_configuration_assignment", "test") | ||
r := PolicyVirtualMachineConfigurationAssignmentDataSource{} | ||
|
||
data.DataSourceTest(t, []acceptance.TestStep{ | ||
{ | ||
Config: r.basic(data), | ||
Check: acceptance.ComposeTestCheckFunc( | ||
check.That(data.ResourceName).Key("compliance_status").Exists(), | ||
), | ||
}, | ||
}) | ||
} | ||
|
||
func (r PolicyVirtualMachineConfigurationAssignmentDataSource) templateBase(data acceptance.TestData) string { | ||
return fmt.Sprintf(` | ||
provider "azurerm" { | ||
features {} | ||
} | ||
locals { | ||
vm_name = "acctestvm%s" | ||
} | ||
resource "azurerm_resource_group" "test" { | ||
name = "acctestRG-%d" | ||
location = "%s" | ||
} | ||
resource "azurerm_virtual_network" "test" { | ||
name = "acctestnw-%d" | ||
address_space = ["10.0.0.0/16"] | ||
location = azurerm_resource_group.test.location | ||
resource_group_name = azurerm_resource_group.test.name | ||
} | ||
resource "azurerm_subnet" "test" { | ||
name = "internal" | ||
resource_group_name = azurerm_resource_group.test.name | ||
virtual_network_name = azurerm_virtual_network.test.name | ||
address_prefix = "10.0.2.0/24" | ||
} | ||
resource "azurerm_network_interface" "test" { | ||
name = "acctestnic-%d" | ||
location = azurerm_resource_group.test.location | ||
resource_group_name = azurerm_resource_group.test.name | ||
ip_configuration { | ||
name = "internal" | ||
subnet_id = azurerm_subnet.test.id | ||
private_ip_address_allocation = "Dynamic" | ||
} | ||
} | ||
`, data.RandomString, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger) | ||
} | ||
|
||
func (r PolicyVirtualMachineConfigurationAssignmentDataSource) template(data acceptance.TestData) string { | ||
tags := "" | ||
if strings.HasPrefix(strings.ToLower(data.Client().SubscriptionID), "85b3dbca") { | ||
tags = ` | ||
tags = { | ||
"azsecpack" = "nonprod" | ||
"platformsettings.host_environment.service.platform_optedin_for_rootcerts" = "true" | ||
} | ||
` | ||
} | ||
return fmt.Sprintf(` | ||
%s | ||
resource "azurerm_windows_virtual_machine" "test" { | ||
name = local.vm_name | ||
resource_group_name = azurerm_resource_group.test.name | ||
location = azurerm_resource_group.test.location | ||
size = "Standard_F2" | ||
admin_username = "adminuser" | ||
admin_password = "P@$$w0rd1234!" | ||
network_interface_ids = [ | ||
azurerm_network_interface.test.id, | ||
] | ||
identity { | ||
type = "SystemAssigned" | ||
} | ||
os_disk { | ||
caching = "ReadWrite" | ||
storage_account_type = "Standard_LRS" | ||
} | ||
source_image_reference { | ||
publisher = "MicrosoftWindowsServer" | ||
offer = "WindowsServer" | ||
sku = "2016-Datacenter" | ||
version = "latest" | ||
} | ||
%s | ||
} | ||
`, r.templateBase(data), tags) | ||
} | ||
|
||
func (r PolicyVirtualMachineConfigurationAssignmentDataSource) basic(data acceptance.TestData) string { | ||
return fmt.Sprintf(` | ||
%s | ||
resource "azurerm_policy_virtual_machine_configuration_assignment" "test" { | ||
name = "AzureWindowsBaseline" | ||
location = azurerm_windows_virtual_machine.test.location | ||
virtual_machine_id = azurerm_windows_virtual_machine.test.id | ||
configuration { | ||
assignment_type = "ApplyAndMonitor" | ||
version = "1.*" | ||
parameter { | ||
name = "Minimum Password Length;ExpectedValue" | ||
value = "16" | ||
} | ||
parameter { | ||
name = "Minimum Password Age;ExpectedValue" | ||
value = "0" | ||
} | ||
parameter { | ||
name = "Maximum Password Age;ExpectedValue" | ||
value = "30,45" | ||
} | ||
parameter { | ||
name = "Enforce Password History;ExpectedValue" | ||
value = "10" | ||
} | ||
parameter { | ||
name = "Password Must Meet Complexity Requirements;ExpectedValue" | ||
value = "1" | ||
} | ||
} | ||
} | ||
data "azurerm_policy_virtual_machine_configuration_assignment" "test" { | ||
name = azurerm_policy_virtual_machine_configuration_assignment.test.name | ||
resource_group_name = azurerm_resource_group.test.name | ||
virtual_machine_name = azurerm_windows_virtual_machine.test.name | ||
} | ||
`, r.template(data)) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
55 changes: 55 additions & 0 deletions
55
website/docs/d/policy_virtual_machine_configuration_assignment.html.markdown
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
--- | ||
subcategory: "Policy" | ||
layout: "azurerm" | ||
page_title: "Azure Resource Manager: azurerm_policy_virtual_machine_configuration_assignment" | ||
description: |- | ||
Get information about a Guest Configuration Policy. | ||
--- | ||
|
||
# Data Source: azurerm_policy_virtual_machine_configuration_assignment | ||
|
||
Use this data source to access information about an existing Guest Configuration Policy. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "azurerm_policy_virtual_machine_configuration_assignment" "example" { | ||
name = "AzureWindowsBaseline" | ||
resource_group_name = "example-RG" | ||
virtual_machine_name = "example-vm" | ||
} | ||
output "compliance_status" { | ||
value = data.azurerm_policy_virtual_machine_configuration_assignment.example.compliance_status | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
* `name` - (Required) Specifies the name of the Guest Configuration Assignment. | ||
|
||
* `resource_group_name` - (Required) Specifies the Name of the Resource Group where the Guest Configuration Assignment exists. | ||
|
||
* `virtual_machine_name` - (Required) Only retrieve Policy Set Definitions from this Management Group. | ||
|
||
## Attributes Reference | ||
|
||
* `id` - The ID of the Guest Configuration Assignment. | ||
|
||
* `content_hash` - The content hash for the Guest Configuration package. | ||
|
||
* `content_uri` - The content URI where the Guest Configuration package is stored. | ||
|
||
* `assignment_hash` - Combined hash of the configuration package and parameters. | ||
|
||
* `compliance_status` - A value indicating compliance status of the machine for the assigned guest configuration. Possible return values are `Compliant`, `NonCompliant` and `Pending`. | ||
|
||
* `last_compliance_status_checked` - Date and time, in RFC3339 format, when the machines compliance status was last checked. | ||
|
||
* `latest_report_id` - The ID of the latest report for the guest configuration assignment. | ||
|
||
## Timeouts | ||
|
||
The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions: | ||
|
||
* `read` - (Defaults to 5 minutes) Used when retrieving the Guest Configuration Assignment. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters