From 836d75eba6000969732a746d22ee04c87ef452f7 Mon Sep 17 00:00:00 2001
From: Jerome Brown <Jerome@SoliDeoGloria.tech>
Date: Wed, 1 May 2024 22:49:49 +1200
Subject: [PATCH 1/4] Add `kerberos_enabled` property to `azurerm_bastion_host`

---
 internal/services/network/bastion_host_resource.go  | 13 +++++++++++++
 .../services/network/bastion_host_resource_test.go  |  1 +
 website/docs/r/bastion_host.html.markdown           |  4 ++++
 3 files changed, 18 insertions(+)

diff --git a/internal/services/network/bastion_host_resource.go b/internal/services/network/bastion_host_resource.go
index 4cec9f23cc87..569a24f7917a 100644
--- a/internal/services/network/bastion_host_resource.go
+++ b/internal/services/network/bastion_host_resource.go
@@ -107,6 +107,12 @@ func resourceBastionHost() *pluginsdk.Resource {
 				Default:  false,
 			},
 
+			"kerberos_enabled": {
+				Type:     pluginsdk.TypeBool,
+				Optional: true,
+				Default:  false,
+			},
+
 			"scale_units": {
 				Type:         pluginsdk.TypeInt,
 				Optional:     true,
@@ -171,6 +177,7 @@ func resourceBastionHostCreateUpdate(d *pluginsdk.ResourceData, meta interface{}
 	sku := d.Get("sku").(string)
 	fileCopyEnabled := d.Get("file_copy_enabled").(bool)
 	ipConnectEnabled := d.Get("ip_connect_enabled").(bool)
+	kerberosEnabled := d.Get("kerberos_enabled").(bool)
 	shareableLinkEnabled := d.Get("shareable_link_enabled").(bool)
 	tunnelingEnabled := d.Get("tunneling_enabled").(bool)
 
@@ -186,6 +193,10 @@ func resourceBastionHostCreateUpdate(d *pluginsdk.ResourceData, meta interface{}
 		return fmt.Errorf("`ip_connect_enabled` is only supported when `sku` is `Standard`")
 	}
 
+	if kerberosEnabled && sku == string(bastionhosts.BastionHostSkuNameBasic) {
+		return fmt.Errorf("`kerberos_enabled` is only supported when `sku` is `Standard`")
+	}
+
 	if shareableLinkEnabled && sku == string(bastionhosts.BastionHostSkuNameBasic) {
 		return fmt.Errorf("`shareable_link_enabled` is only supported when `sku` is `Standard`")
 	}
@@ -213,6 +224,7 @@ func resourceBastionHostCreateUpdate(d *pluginsdk.ResourceData, meta interface{}
 			DisableCopyPaste:    utils.Bool(!d.Get("copy_paste_enabled").(bool)),
 			EnableFileCopy:      utils.Bool(fileCopyEnabled),
 			EnableIPConnect:     utils.Bool(ipConnectEnabled),
+			EnableKerberos:      utils.Bool(kerberosEnabled),
 			EnableShareableLink: utils.Bool(shareableLinkEnabled),
 			EnableTunneling:     utils.Bool(tunnelingEnabled),
 			IPConfigurations:    expandBastionHostIPConfiguration(d.Get("ip_configuration").([]interface{})),
@@ -270,6 +282,7 @@ func resourceBastionHostRead(d *pluginsdk.ResourceData, meta interface{}) error
 			d.Set("scale_units", props.ScaleUnits)
 			d.Set("file_copy_enabled", props.EnableFileCopy)
 			d.Set("ip_connect_enabled", props.EnableIPConnect)
+			d.Set("kerberos_enabled", props.EnableKerberos)
 			d.Set("shareable_link_enabled", props.EnableShareableLink)
 			d.Set("tunneling_enabled", props.EnableTunneling)
 
diff --git a/internal/services/network/bastion_host_resource_test.go b/internal/services/network/bastion_host_resource_test.go
index 7ed5c033cf67..c7741fee3555 100644
--- a/internal/services/network/bastion_host_resource_test.go
+++ b/internal/services/network/bastion_host_resource_test.go
@@ -224,6 +224,7 @@ resource "azurerm_bastion_host" "test" {
   sku                    = "Standard"
   file_copy_enabled      = true
   ip_connect_enabled     = true
+  kerberos_enabled       = true
   shareable_link_enabled = true
   tunneling_enabled      = true
 
diff --git a/website/docs/r/bastion_host.html.markdown b/website/docs/r/bastion_host.html.markdown
index 9adf221155b1..fcb0a0eeb951 100644
--- a/website/docs/r/bastion_host.html.markdown
+++ b/website/docs/r/bastion_host.html.markdown
@@ -82,6 +82,10 @@ The following arguments are supported:
 
 ~> **Note:** `ip_connect_enabled` is only supported when `sku` is `Standard`.
 
+* `kerberos_enabled` - (Optional) Is Kerberos authentication feature enabled for the Bastion Host. Defaults to `false`.
+
+~> **Note:** `kerberos_enabled` is only supported when `sku` is `Standard`.
+
 * `scale_units` - (Optional) The number of scale units with which to provision the Bastion Host. Possible values are between `2` and `50`. Defaults to `2`.
 
 ~> **Note:** `scale_units` only can be changed when `sku` is `Standard`. `scale_units` is always `2` when `sku` is `Basic`.

From fe41afe21ccde08a441eb0e455334c94a28ce95d Mon Sep 17 00:00:00 2001
From: kt <kt@katbyte.me>
Date: Mon, 6 May 2024 11:29:11 -0700
Subject: [PATCH 2/4] Update internal/services/network/bastion_host_resource.go

---
 internal/services/network/bastion_host_resource.go | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/internal/services/network/bastion_host_resource.go b/internal/services/network/bastion_host_resource.go
index d9a627e6c76d..5be50fe14417 100644
--- a/internal/services/network/bastion_host_resource.go
+++ b/internal/services/network/bastion_host_resource.go
@@ -217,12 +217,12 @@ func resourceBastionHostCreate(d *pluginsdk.ResourceData, meta interface{}) erro
 	parameters := bastionhosts.BastionHost{
 		Location: pointer.To(location.Normalize(d.Get("location").(string))),
 		Properties: &bastionhosts.BastionHostPropertiesFormat{
-			DisableCopyPaste:    utils.Bool(!d.Get("copy_paste_enabled").(bool)),
-			EnableFileCopy:      utils.Bool(fileCopyEnabled),
-			EnableIPConnect:     utils.Bool(ipConnectEnabled),
-			EnableKerberos:      utils.Bool(kerberosEnabled),
-			EnableShareableLink: utils.Bool(shareableLinkEnabled),
-			EnableTunneling:     utils.Bool(tunnelingEnabled),
+			DisableCopyPaste:    pointer.To(!d.Get("copy_paste_enabled").(bool)),
+			EnableFileCopy:      pointer.To(fileCopyEnabled),
+			EnableIPConnect:     pointer.To(ipConnectEnabled),
+			EnableKerberos:      pointer.To(kerberosEnabled),
+			EnableShareableLink: pointer.To(shareableLinkEnabled),
+			EnableTunneling:     pointer.To(tunnelingEnabled),
 			IPConfigurations:    expandBastionHostIPConfiguration(d.Get("ip_configuration").([]interface{})),
 			ScaleUnits:          pointer.To(int64(d.Get("scale_units").(int))),
 		},

From 0353d91b371eb32c13254158a559b8a88566b462 Mon Sep 17 00:00:00 2001
From: kt <kt@katbyte.me>
Date: Mon, 6 May 2024 11:36:27 -0700
Subject: [PATCH 3/4] fix comparision

---
 internal/services/compute/linux_virtual_machine_resource.go | 2 +-
 internal/services/network/bastion_host_resource.go          | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/internal/services/compute/linux_virtual_machine_resource.go b/internal/services/compute/linux_virtual_machine_resource.go
index 18857dca5220..f4ca2d464aa0 100644
--- a/internal/services/compute/linux_virtual_machine_resource.go
+++ b/internal/services/compute/linux_virtual_machine_resource.go
@@ -36,7 +36,7 @@ import (
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
 )
 
-func resourceLinuxVirtualMachine() *pluginsdk.Resource {
+func xresourceLinuxVirtualMachine() *pluginsdk.Resource {
 	return &pluginsdk.Resource{
 		Create: resourceLinuxVirtualMachineCreate,
 		Read:   resourceLinuxVirtualMachineRead,
diff --git a/internal/services/network/bastion_host_resource.go b/internal/services/network/bastion_host_resource.go
index 5be50fe14417..cc81eed1df88 100644
--- a/internal/services/network/bastion_host_resource.go
+++ b/internal/services/network/bastion_host_resource.go
@@ -191,11 +191,11 @@ func resourceBastionHostCreate(d *pluginsdk.ResourceData, meta interface{}) erro
 		return fmt.Errorf("`ip_connect_enabled` is only supported when `sku` is `Standard`")
 	}
 
-	if kerberosEnabled && sku == string(bastionhosts.BastionHostSkuNameBasic) {
+	if kerberosEnabled && sku == bastionhosts.BastionHostSkuNameBasic {
 		return fmt.Errorf("`kerberos_enabled` is only supported when `sku` is `Standard`")
 	}
 
-	if shareableLinkEnabled && sku == string(bastionhosts.BastionHostSkuNameBasic) {
+	if shareableLinkEnabled && sku == bastionhosts.BastionHostSkuNameBasic {
 		return fmt.Errorf("`shareable_link_enabled` is only supported when `sku` is `Standard`")
 	}
 

From 0dc36b6503c2948f48ac399f217440b16eceabf2 Mon Sep 17 00:00:00 2001
From: kt <kt@katbyte.me>
Date: Mon, 6 May 2024 11:44:28 -0700
Subject: [PATCH 4/4] Update
 internal/services/compute/linux_virtual_machine_resource.go

---
 internal/services/compute/linux_virtual_machine_resource.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/services/compute/linux_virtual_machine_resource.go b/internal/services/compute/linux_virtual_machine_resource.go
index f4ca2d464aa0..18857dca5220 100644
--- a/internal/services/compute/linux_virtual_machine_resource.go
+++ b/internal/services/compute/linux_virtual_machine_resource.go
@@ -36,7 +36,7 @@ import (
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
 )
 
-func xresourceLinuxVirtualMachine() *pluginsdk.Resource {
+func resourceLinuxVirtualMachine() *pluginsdk.Resource {
 	return &pluginsdk.Resource{
 		Create: resourceLinuxVirtualMachineCreate,
 		Read:   resourceLinuxVirtualMachineRead,