#24317: Support preferred_data_persistence_auth_method for azurerm_re…

…dis_cache resource (#24370) * #24317: Support preferred_data_persistence_auth_method for azurerm_redis_cache resource * #24317: Changes as per review comments * #24317: Fix tests * #24317: renaming preferred_data_persistence_auth_method to data_persistence_authentication_method as per review * #24317: Fix azurerm_redis_cache data source
hashicorp · Feb 16, 2024 · 2d58bd3 · 2d58bd3
1 parent 0b2f723
commit 2d58bd3
Show file tree

Hide file tree

Showing 4 changed files with 71 additions and 0 deletions.
diff --git a/internal/services/redis/redis_cache_data_source.go b/internal/services/redis/redis_cache_data_source.go
@@ -162,6 +162,10 @@ func dataSourceRedisCache() *pluginsdk.Resource {
 							Type:     pluginsdk.TypeString,
 							Computed: true,
 						},
+						"data_persistence_authentication_method": {
+							Type:     pluginsdk.TypeString,
+							Computed: true,
+						},
 					},
 				},
 			},

diff --git a/internal/services/redis/redis_cache_resource.go b/internal/services/redis/redis_cache_resource.go
@@ -179,6 +179,16 @@ func resourceRedisCache() *pluginsdk.Resource {
 							Computed: true,
 						},
 
+						"data_persistence_authentication_method": {
+							Type:     pluginsdk.TypeString,
+							Optional: true,
+							Default:  "SAS",
+							ValidateFunc: validation.StringInSlice([]string{
+								"SAS",
+								"ManagedIdentity",
+							}, false),
+						},
+
 						"rdb_backup_enabled": {
 							Type:     pluginsdk.TypeBool,
 							Optional: true,
@@ -830,6 +840,10 @@ func expandRedisConfiguration(d *pluginsdk.ResourceData) (*redis.RedisCommonProp
 		output.MaxmemoryPolicy = utils.String(v)
 	}
 
+	if v := raw["data_persistence_authentication_method"].(string); v != "" {
+		output.PreferredDataPersistenceAuthMethod = utils.String(v)
+	}
+
 	// AAD/Entra support
 	// nolint : staticcheck
 	v, valExists := d.GetOkExists("redis_configuration.0.active_directory_authentication_enabled")
@@ -1000,6 +1014,10 @@ func flattenRedisConfiguration(input *redis.RedisCommonPropertiesRedisConfigurat
 		outputs["maxmemory_policy"] = *input.MaxmemoryPolicy
 	}
 
+	if input.PreferredDataPersistenceAuthMethod != nil {
+		outputs["data_persistence_authentication_method"] = *input.PreferredDataPersistenceAuthMethod
+	}
+
 	if input.MaxfragmentationmemoryReserved != nil {
 		i, err := strconv.Atoi(*input.MaxfragmentationmemoryReserved)
 		if err != nil {

diff --git a/internal/services/redis/redis_cache_resource_test.go b/internal/services/redis/redis_cache_resource_test.go
@@ -36,6 +36,25 @@ func TestAccRedisCache_basic(t *testing.T) {
 	})
 }
 
+func TestAccRedisCache_managedIdentityAuth(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_redis_cache", "test")
+	r := RedisCacheResource{}
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.managedIdentityAuth(data, true),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("minimum_tls_version").Exists(),
+				check.That(data.ResourceName).Key("primary_connection_string").Exists(),
+				check.That(data.ResourceName).Key("secondary_connection_string").Exists(),
+				check.That(data.ResourceName).Key("redis_configuration.0.data_persistence_authentication_method").HasValue("ManagedIdentity"),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
 func TestAccRedisCache_withoutSSL(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_redis_cache", "test")
 	r := RedisCacheResource{}
@@ -583,6 +602,34 @@ resource "azurerm_redis_cache" "test" {
 `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, !requireSSL)
 }
 
+func (RedisCacheResource) managedIdentityAuth(data acceptance.TestData, requireSSL bool) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-%d"
+  location = "%s"
+}
+
+resource "azurerm_redis_cache" "test" {
+  name                = "acctestRedis-%d"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+  capacity            = 1
+  family              = "C"
+  sku_name            = "Basic"
+  enable_non_ssl_port = %t
+  minimum_tls_version = "1.2"
+
+  redis_configuration {
+    data_persistence_authentication_method = "ManagedIdentity"
+  }
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, !requireSSL)
+}
+
 func (RedisCacheResource) requiresImport(data acceptance.TestData) string {
 	template := RedisCacheResource{}.basic(data, true)
 	return fmt.Sprintf(`

diff --git a/website/docs/r/redis_cache.html.markdown b/website/docs/r/redis_cache.html.markdown
@@ -146,6 +146,8 @@ redis_configuration {
 * `maxmemory_delta` - (Optional) The max-memory delta for this Redis instance. Defaults are shown below.
 * `maxmemory_policy` - (Optional) How Redis will select what to remove when `maxmemory` is reached. Defaults to `volatile-lru`.
 
+* `data_persistence_authentication_method` - (Optional) Preferred auth method to communicate to storage account used for data persistence. Possible values are `SAS` and `ManagedIdentity`. Defaults to `SAS`.
+
 * `maxfragmentationmemory_reserved` - (Optional) Value in megabytes reserved to accommodate for memory fragmentation. Defaults are shown below.
 
 * `rdb_backup_enabled` - (Optional) Is Backup Enabled? Only supported on Premium SKUs. Defaults to `false`.