Merge pull request #4785 from dowlingw/feature/3881-azurerm_automatio…

…n_certificate Implement azurerm_automation_certificate
hashicorp · Dec 18, 2019 · 2ddeb9a · 2ddeb9a
2 parents 0434c09 + 86d0f36
commit 2ddeb9a
Show file tree

Hide file tree

Showing 11 changed files with 634 additions and 0 deletions.
diff --git a/azurerm/internal/services/automation/client/client.go b/azurerm/internal/services/automation/client/client.go
@@ -8,6 +8,7 @@ import (
 type Client struct {
 	AccountClient               *automation.AccountClient
 	AgentRegistrationInfoClient *automation.AgentRegistrationInformationClient
+	CertificateClient           *automation.CertificateClient
 	CredentialClient            *automation.CredentialClient
 	DscConfigurationClient      *automation.DscConfigurationClient
 	DscNodeConfigurationClient  *automation.DscNodeConfigurationClient
@@ -26,6 +27,9 @@ func NewClient(o *common.ClientOptions) *Client {
 	agentRegistrationInfoClient := automation.NewAgentRegistrationInformationClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&agentRegistrationInfoClient.Client, o.ResourceManagerAuthorizer)
 
+	certificateClient := automation.NewCertificateClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
+	o.ConfigureClient(&certificateClient.Client, o.ResourceManagerAuthorizer)
+
 	credentialClient := automation.NewCredentialClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&credentialClient.Client, o.ResourceManagerAuthorizer)
 
@@ -56,6 +60,7 @@ func NewClient(o *common.ClientOptions) *Client {
 	return &Client{
 		AccountClient:               &accountClient,
 		AgentRegistrationInfoClient: &agentRegistrationInfoClient,
+		CertificateClient:           &certificateClient,
 		CredentialClient:            &credentialClient,
 		DscConfigurationClient:      &dscConfigurationClient,
 		DscNodeConfigurationClient:  &dscNodeConfigurationClient,

diff --git a/azurerm/provider.go b/azurerm/provider.go
@@ -198,6 +198,7 @@ func Provider() terraform.ResourceProvider {
 		"azurerm_application_insights_web_test":                         resourceArmApplicationInsightsWebTests(),
 		"azurerm_application_security_group":                            resourceArmApplicationSecurityGroup(),
 		"azurerm_automation_account":                                    resourceArmAutomationAccount(),
+		"azurerm_automation_certificate":                                resourceArmAutomationCertificate(),
 		"azurerm_automation_credential":                                 resourceArmAutomationCredential(),
 		"azurerm_automation_dsc_configuration":                          resourceArmAutomationDscConfiguration(),
 		"azurerm_automation_dsc_nodeconfiguration":                      resourceArmAutomationDscNodeConfiguration(),

diff --git a/azurerm/resource_arm_automation_certificate.go b/azurerm/resource_arm_automation_certificate.go
@@ -0,0 +1,192 @@
+package azurerm
+
+import (
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/services/automation/mgmt/2015-10-31/automation"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/features"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmAutomationCertificate() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmAutomationCertificateCreateUpdate,
+		Read:   resourceArmAutomationCertificateRead,
+		Update: resourceArmAutomationCertificateCreateUpdate,
+		Delete: resourceArmAutomationCertificateDelete,
+
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(30 * time.Minute),
+			Read:   schema.DefaultTimeout(5 * time.Minute),
+			Update: schema.DefaultTimeout(30 * time.Minute),
+			Delete: schema.DefaultTimeout(30 * time.Minute),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.NoEmptyStrings,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupName(),
+
+			"automation_account_name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.NoEmptyStrings,
+			},
+
+			"description": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
+
+			"base64": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				Sensitive:    true,
+				ValidateFunc: validate.Base64String(),
+			},
+
+			"exportable": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+
+			"thumbprint": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func resourceArmAutomationCertificateCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).Automation.CertificateClient
+	ctx, cancel := timeouts.ForCreateUpdate(meta.(*ArmClient).StopContext, d)
+	defer cancel()
+
+	log.Printf("[INFO] preparing arguments for AzureRM Automation Certificate creation.")
+
+	name := d.Get("name").(string)
+	resourceGroup := d.Get("resource_group_name").(string)
+	accountName := d.Get("automation_account_name").(string)
+
+	if features.ShouldResourcesBeImported() && d.IsNewResource() {
+		existing, err := client.Get(ctx, resourceGroup, accountName, name)
+		if err != nil {
+			if !utils.ResponseWasNotFound(existing.Response) {
+				return fmt.Errorf("Error checking for presence of existing Automation Certificate %q (Account %q / Resource Group %q): %s", name, accountName, resourceGroup, err)
+			}
+		}
+
+		if existing.ID != nil && *existing.ID != "" {
+			return tf.ImportAsExistsError("azurerm_automation_certificate", *existing.ID)
+		}
+	}
+
+	description := d.Get("description").(string)
+
+	parameters := automation.CertificateCreateOrUpdateParameters{
+		Name: &name,
+		CertificateCreateOrUpdateProperties: &automation.CertificateCreateOrUpdateProperties{
+			Description: &description,
+		},
+	}
+
+	if v, ok := d.GetOk("base64"); ok {
+		base64 := v.(string)
+		parameters.CertificateCreateOrUpdateProperties.Base64Value = &base64
+	}
+
+	if _, err := client.CreateOrUpdate(ctx, resourceGroup, accountName, name, parameters); err != nil {
+		return fmt.Errorf("Error creating/updating Certificate %q (Automation Account %q / Resource Group %q): %+v", name, accountName, resourceGroup, err)
+	}
+
+	read, err := client.Get(ctx, resourceGroup, accountName, name)
+	if err != nil {
+		return fmt.Errorf("Error retrieving Certificate %q (Automation Account %q / Resource Group %q): %+v", name, accountName, resourceGroup, err)
+	}
+
+	if read.ID == nil {
+		return fmt.Errorf("ID was nil for Automation Certificate %q (Automation Account %q / Resource Group %q)", name, accountName, resourceGroup)
+	}
+
+	d.SetId(*read.ID)
+
+	return resourceArmAutomationCertificateRead(d, meta)
+}
+
+func resourceArmAutomationCertificateRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).Automation.CertificateClient
+	ctx, cancel := timeouts.ForRead(meta.(*ArmClient).StopContext, d)
+	defer cancel()
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	accountName := id.Path["automationAccounts"]
+	name := id.Path["certificates"]
+
+	resp, err := client.Get(ctx, resourceGroup, accountName, name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			d.SetId("")
+			return nil
+		}
+
+		return fmt.Errorf("Error retrieving Certificate %q (Automation Account %q / Resource Group %q): %+v", name, accountName, resourceGroup, err)
+	}
+
+	d.Set("name", resp.Name)
+	d.Set("resource_group_name", resourceGroup)
+	d.Set("automation_account_name", accountName)
+
+	if props := resp.CertificateProperties; props != nil {
+		d.Set("exportable", props.IsExportable)
+		d.Set("thumbprint", props.Thumbprint)
+		d.Set("description", props.Description)
+	}
+
+	return nil
+}
+
+func resourceArmAutomationCertificateDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).Automation.CertificateClient
+	ctx, cancel := timeouts.ForDelete(meta.(*ArmClient).StopContext, d)
+	defer cancel()
+
+	id, err := azure.ParseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	accountName := id.Path["automationAccounts"]
+	name := id.Path["certificates"]
+
+	resp, err := client.Delete(ctx, resourceGroup, accountName, name)
+	if err != nil {
+		if !utils.ResponseWasNotFound(resp) {
+			return fmt.Errorf("Error deleting Certificate %q (Automation Account %q / Resource Group %q): %+v", name, accountName, resourceGroup, err)
+		}
+	}
+
+	return nil
+}