new resource: azurerm_sentinel_data_connector_aws_cloud_trail

[magodo]

new resource: azurerm_sentinel_data_connector_aws_cloud_trail

Note that since azurerm_sentinel_data_connector_aws_cloud_trail needs additional setup to do the test, I provide following execution result to prove it works:

Test Result

    $ tf apply -var arn="arn:aws:iam::xxxx:role/magodo-sentinel"
    azurerm_resource_group.test: Refreshing state... [id=/subscriptions/xxxxxxxx/resourceGroups/acctestRG-sentinel-20210121]
    azurerm_log_analytics_workspace.test: Refreshing state... [id=/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationalInsights/workspaces/acctest-workspace-20210121]
    azurerm_log_analytics_solution.test: Refreshing state... [id=/subscriptions/xxxx/resourcegroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationsManagement/solutions/SecurityInsights(acctest-workspace-20210121)]
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # azurerm_sentinel_data_connector_aws_cloud_trail.test will be created
  + resource "azurerm_sentinel_data_connector_aws_cloud_trail" "test" {
      + aws_role_arn               = "arn:aws:iam::xxxx:role/magodo-sentinel"
      + id                         = (known after apply)
      + log_analytics_workspace_id = "/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationalInsights/workspaces/acctest-workspace-20210121"
      + name                       = "accTestDC-123"
      + tenant_id                  = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

azurerm_sentinel_data_connector_aws_cloud_trail.test: Creating...
azurerm_sentinel_data_connector_aws_cloud_trail.test: Creation complete after 6s [id=/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationalInsights/workspaces/acctest-workspace-20210

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

github/tf-config/sentinel_dc_sdk via M-p~_~RM-  default took 37s
M-p~_~RM-$ tf apply -var arn="arn:aws:iam::xxxx:role/magodo-sentinel2"
azurerm_resource_group.test: Refreshing state... [id=/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121]
azurerm_log_analytics_workspace.test: Refreshing state... [id=/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationalInsights/workspaces/acctest-workspace-20210121]
azurerm_sentinel_data_connector_aws_cloud_trail.test: Refreshing state... [id=/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationalInsights/workspaces/acctest-workspace-20210121/pro    azurerm_log_analytics_solution.test: Refreshing state... [id=/subscriptions/xxxx/resourcegroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationsManagement/solutions/SecurityInsights(acctest-workspace-20210121)]

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # azurerm_sentinel_data_connector_aws_cloud_trail.test will be updated in-place
  ~ resource "azurerm_sentinel_data_connector_aws_cloud_trail" "test" {
      ~ aws_role_arn               = "arn:aws:iam::xxxx:role/magodo-sentinel" -> "arn:aws:iam::xxxx:role/magodo-sentinel2"
        id                         = "/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationalInsights/workspaces/acctest-workspace-20210121/providers/Microsoft.SecurityInsights/dataCo            name                       = "accTestDC-123"
        # (1 unchanged attribute hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

azurerm_sentinel_data_connector_aws_cloud_trail.test: Modifying... [id=/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationalInsights/workspaces/acctest-workspace-20210121/providers/    azurerm_sentinel_data_connector_aws_cloud_trail.test: Modifications complete after 5s [id=/subscriptions/xxxx/resourceGroups/acctestRG-sentinel-20210121/providers/Microsoft.OperationalInsights/workspaces/acctest-workspace-

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

[katbyte]

@magodo - build is failing:

38]	[Step 4/5] # github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/sentinel
[20:49:38]	[Step 4/5] ./sentinel_data_connector_aws_cloud_trail.go:84:9: undefined: dataConnectorID

[magodo]

@katbyte I've fix the build error and some other minor changes commented on other DC PRs. Please take another review.

[magodo]

The etag related code can be removed once: Azure/azure-rest-api-specs#13203 is resolved.

[tombuildsstuff]

LGTM 👍

[ghost]

This has been released in version 2.50.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.50.0"
}
# ... other configuration ...

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!