azure_rm_virtualmachine: better support for User Assigned and System Assigned identities #1177
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ties First version, still not complete. Working: * change UserAssigned for SystemAssigned * add UserAssigned to SystemAssigned * Remove SystemAssigned and leave UserAssigned
* Tested None vm_identity (remove identity) * Checks pressence of 'user_assigned_identities' when UserAssigned 'type' is used
* user_assigned_identities has two fields: id (list) and append (bool) * you can append new managed identities to existing with append=True * you can add SystemAssigned without removing current appended UserAssigned
Tasks to do * Review and clean up * Add comments * Leave test main.yaml as it was * Modify inventory to use a custom subnet
* Commented code * Removed self.log sentences * Set options defaults * hosts of tests of azure_rm_virtualmachine changed back to 'all'
|
I have found out that the user managed identities can be created during the tests using |
Fred-sun
reviewed
Jun 6, 2023
|
@cpiment Please! Thanks you very much! |
Fred-sun
added
medium_priority
Co-authored-by: Fred-sun <37327967+Fred-sun@users.noreply.github.com>
|
@Fred-sun I have just commited your changes, thank you so much! |
Fred-sun
reviewed
Jun 6, 2023
| elif 'UserAssigned' in self.vm_identity.get('type') and len(self.vm_identity.get('user_assigned_identities',{}).get('id',[])) == 0: | ||
| # Fail if append is False | ||
| if vm_identity_user_assigned_append is False: | ||
| self.fail("UserAssigned specified but no User Assigned IDs provided and no UserAssigned identities are currently assigned to the VM") |
There was a problem hiding this comment.
Too long (165 characters)
Suggested change
| self.fail("UserAssigned specified but no User Assigned IDs provided and no UserAssigned identities are currently assigned to the VM") | |
| self.fail("UserAssigned specified but no User Assigned IDs provided and no UserAssigned identities are currently assigned to the VM") |
There was a problem hiding this comment.
I have divided this line in two. Do you need me to rephrase the error message? If code reaches this point, the module arguments specify that a User Assigned Managed Identity has to be appended to the VM, but there aren't identities in the module arguments nor in the current VM configuration
| # Fail if append is False | ||
| if vm_identity_user_assigned_append is False: | ||
| self.fail("UserAssigned specified but no User Assigned IDs provided and no UserAssigned identities are currently assigned to the VM") | ||
| # If append is true, user is changing from 'UserAssigned' to 'SystemAssigned, UserAssigned' and wants to keep current UserAssigned identities |
There was a problem hiding this comment.
Too long (169 characters)
Suggested change
| # If append is true, user is changing from 'UserAssigned' to 'SystemAssigned, UserAssigned' and wants to keep current UserAssigned identities | |
| # If append is true, user is changing from 'UserAssigned' to 'SystemAssigned, UserAssigned' and wants to keep current UserAssigned identities |
There was a problem hiding this comment.
I have divided this line in two
Code style changes Co-authored-by: Fred-sun <37327967+Fred-sun@users.noreply.github.com>
Fred-sun
reviewed
Jun 7, 2023
| @@ -1813,6 +1897,49 @@ def exec_module(self, **kwargs): | |||
| if self.license_type is not None: | |||
| vm_resource.license_type = self.license_type | |||
|
|
|||
| if self.vm_identity is not None: | |||
| # If 'append' is set to True save current user assigned managed identities to use later | |||
| if self.vm_identity.get('user_assigned_identities', {}) is not None and self.vm_identity.get('user_assigned_identities', {}).get('append', False) is True: | |||
There was a problem hiding this comment.
line too long (178 > 160 characters)
Suggested change
| if self.vm_identity.get('user_assigned_identities', {}) is not None and self.vm_identity.get('user_assigned_identities', {}).get('append', False) is True: | |
| if self.vm_identity.get('user_assigned_identities', {}) is not None and self.vm_identity.get('user_assigned_identities', {}).get('append', False) is True: |
There was a problem hiding this comment.
I have splitted this line in two
Fred-sun
reviewed
Jun 7, 2023
Co-authored-by: Fred-sun <37327967+Fred-sun@users.noreply.github.com>
|
Hi @Fred-sun Is there anything else to review? Thanks! |
|
@cpiment Perfact! I will push for merged! Thank you very much! |
Fred-sun
added
the
ready_for_review
xuzhang3
approved these changes
Jun 15, 2023
|
@cpiment LGTM |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
Allows to set/unset User and System managed identities to Virtual Machines
Fixes #1173
ISSUE TYPE
COMPONENT NAME
azure_rm_virtualmachine
ADDITIONAL INFORMATION
Before
Now