New Resource - azurerm_monitor_aad_diagnostic_setting

[magodo]

This PR implements a new resource: azurerm_monitor_aad_diagnostic_setting.

This is the same as the azurerm_monitor_diagnostic_setting in most parts, except it is using a different API endpoint: /providers/microsoft.aadiam/diagnosticSettings/{name}. I've verified this endpoint is not a wrapper API (at least from the API level) for the monitor one - /providers/microsoft.aadiam/diagnosticSettings/providers/microsoft.insights/diagnosticSettings/{name}, hence decided to create this separate resource.

Another point worth mentioning is that the data source to query the available log categories for AAD (which is analogous to the azuerm_monitor_diagnostic_catagories) is currently blocked due to Azure/azure-rest-api-specs#14355.

Fixes: #11565

Test

The test below was running via the user account in my local. This is because the SP seems has no permission to read the AAD's diagnostic setting. Please let me know whether it makes sense to skip the acctest for now until there is a way to run these tests via the SP.

💤 TF_ACC=1 go test -v -timeout=2h ./azurerm/internal/services/monitor -run="TestAccMonitorAADDiagnosticSetting_"
2021/05/11 21:08:13 [DEBUG] not using binary driver name, it's no longer needed
2021/05/11 21:08:14 [DEBUG] not using binary driver name, it's no longer needed
=== RUN   TestAccMonitorAADDiagnosticSetting_eventhubDefault
=== PAUSE TestAccMonitorAADDiagnosticSetting_eventhubDefault
=== RUN   TestAccMonitorAADDiagnosticSetting_eventhub
=== PAUSE TestAccMonitorAADDiagnosticSetting_eventhub
=== RUN   TestAccMonitorAADDiagnosticSetting_requiresImport
=== PAUSE TestAccMonitorAADDiagnosticSetting_requiresImport
=== RUN   TestAccMonitorAADDiagnosticSetting_logAnalyticsWorkspace
=== PAUSE TestAccMonitorAADDiagnosticSetting_logAnalyticsWorkspace
=== RUN   TestAccMonitorAADDiagnosticSetting_storageAccount
=== PAUSE TestAccMonitorAADDiagnosticSetting_storageAccount
=== CONT  TestAccMonitorAADDiagnosticSetting_eventhubDefault
=== CONT  TestAccMonitorAADDiagnosticSetting_logAnalyticsWorkspace
=== CONT  TestAccMonitorAADDiagnosticSetting_requiresImport
=== CONT  TestAccMonitorAADDiagnosticSetting_storageAccount
=== CONT  TestAccMonitorAADDiagnosticSetting_eventhub
--- PASS: TestAccMonitorAADDiagnosticSetting_storageAccount (366.39s)
--- PASS: TestAccMonitorAADDiagnosticSetting_logAnalyticsWorkspace (367.52s)
--- PASS: TestAccMonitorAADDiagnosticSetting_eventhub (455.61s)
--- PASS: TestAccMonitorAADDiagnosticSetting_requiresImport (482.31s)
--- PASS: TestAccMonitorAADDiagnosticSetting_eventhubDefault (484.99s)
PASS
ok      github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/monitor     485.162s

[manicminer]

Hi @magodo, thanks for this PR! I've taken a look through and tried it out, it mostly LGTM and the tests are passing.

I noticed one filename azurerm/internal/services/monitor/parse/monitor_aad_diagnositc_setting_test.go has a typo in it. Are you able to generate ID parsers/formatters for this resource?

I've also left a few suggestions inline, if you can take a look at those then this should be good to merge. Thanks!

[magodo]

@manicminer Thank you for the review! I've updated most of the comments, but leave some for open discussion. Please take another look.

[manicminer]

Thanks @magodo! This LGTM and tests still passing

[ghost]

This has been released in version 2.59.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.59.0"
}
# ... other configuration ...

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.