New Resource: azurerm_security_center_contact #2045
Conversation
katbyte
force-pushed
the
r-security-contact
branch
from
012bd4a
to
4e33d2f
Compare
|
#2043 should be merged first |
There was a problem hiding this comment.
hey @katbyte
This mostly LGTM (aside from the missing documentation) but as discussed on Slack I'm wondering if this'd be better as a combined resource for all of the Security Center items we've got so far, with blocks per item. Whilst that'd be a little more complex of a resource - IMO it'd provide a better UX?
Thanks!
azurerm/provider.go
Outdated
| @@ -244,6 +244,7 @@ func Provider() terraform.ResourceProvider { | |||
| "azurerm_route_table": resourceArmRouteTable(), | |||
| "azurerm_search_service": resourceArmSearchService(), | |||
| "azurerm_securitycenter_subscription_pricing": resourceArmSecurityCenterSubscriptionPricing(), | |||
| "azurerm_securitycenter_contact": resourceArmSecurityCenterContact(), | |||
There was a problem hiding this comment.
(as in the other PR) I think this'd be better as security_center?
| "phone": { | ||
| Type: schema.TypeString, | ||
| Required: true, | ||
| DiffSuppressFunc: suppress.CaseDifference, |
There was a problem hiding this comment.
I don't think this is necessary for a phone number?
| "email": { | ||
| Type: schema.TypeString, | ||
| Required: true, | ||
| DiffSuppressFunc: suppress.CaseDifference, |
There was a problem hiding this comment.
is there a reason to do this?
| // Invalid security contact name 'default0' was provided. Expected 'default1' | ||
| // Message="Invalid security contact name 'default2' was provided. Expected 'default1'" | ||
|
|
||
| func resourceArmSecurityCenterContact() *schema.Resource { |
There was a problem hiding this comment.
as discussed on Slack - I think it'd be worth combining these into an azurerm_security_center resource with blocks for each thing?
| // Invalid security contact name 'default0' was provided. Expected 'default1' | ||
| // Message="Invalid security contact name 'default2' was provided. Expected 'default1'" | ||
|
|
||
| func resourceArmSecurityCenterContact() *schema.Resource { |
There was a problem hiding this comment.
as discussed on Slack - I think it'd be worth combining these into an azurerm_security_center resource with blocks for each thing?
There was a problem hiding this comment.
can we document this resource too?
| ctx := meta.(*ArmClient).StopContext | ||
|
|
||
| //id is in format of `/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/john` | ||
| //parseAzureResourceID doesn't support id without a resource group |
There was a problem hiding this comment.
we should probably think about creating an overload which doesn't require it - there's a few instances of this now (key vault)
| Check: resource.ComposeTestCheckFunc( | ||
| testCheckAzureRMSecurityCenterContactExists(resourceName), | ||
| resource.TestCheckResourceAttr(resourceName, "email", "email2@example.com"), | ||
| resource.TestCheckResourceAttr(resourceName, "phone", "+1-555-678-6789"), |
There was a problem hiding this comment.
could we make this an international number to ensure that works too? +44 1234 567890 should work as an example
There was a problem hiding this comment.
Oddly enough international numbers do not seem to work, for that and some other variations i tried:
* azurerm_security_center_contact.test: Error updating Security Center Contact: security.ContactsClient#Update: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="InvalidInputJson" Message="Invalid security contact phone was provided."
|
Tests pass: |
| // Invalid security contact name was provided - only 'defaultX' is allowed where X is an index | ||
| // Invalid security contact name 'default0' was provided. Expected 'default1' | ||
| // Message="Invalid security contact name 'default2' was provided. Expected 'default1'" | ||
| const resourceArmSecurityCenterContactName = "default1" |
There was a problem hiding this comment.
minor can we ditch resourceArm at the start of this
| } | ||
|
|
||
| func resourceArmSecurityCenterSubscriptionPricingDelete(_ *schema.ResourceData, _ interface{}) error { | ||
| return nil //cannot be deleted. |
There was a problem hiding this comment.
IMO we should probably log this?
| The contact can be imported using the `resource id`, e.g. | ||
|
|
||
| ```shell | ||
| terraform import azurerm_securitycenter_contact.example /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Security/securityContacts/default1 |
There was a problem hiding this comment.
securitycenter -> security_center
| <a href="/docs/providers/azurerm/r/security_center_contact.html">azurerm_security_center_contact</a> | ||
| </li> | ||
| </ul> | ||
| </li> |
There was a problem hiding this comment.
minor it'd be good to sort these alphabetically
katbyte
changed the title
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks! |
ghost
locked and limited conversation to collaborators
No description provided.