Merge pull request hashicorp#9478 from BedeGaming/azurerm-keyvault

provider/azurerm: key_vault resource and client_config datasource

Author: stack72

builtin/providers/azurerm/config.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/Azure/azure-sdk-for-go/arm/cdn"
 	"github.com/Azure/azure-sdk-for-go/arm/compute"
+	"github.com/Azure/azure-sdk-for-go/arm/keyvault"
 	"github.com/Azure/azure-sdk-for-go/arm/network"
 	"github.com/Azure/azure-sdk-for-go/arm/resources/resources"
 	"github.com/Azure/azure-sdk-for-go/arm/scheduler"
@@ -24,6 +25,10 @@ import (
 // ArmClient contains the handles to all the specific Azure Resource Manager
 // resource classes' respective clients.
 type ArmClient struct {
+	clientId       string
+	tenantId       string
+	subscriptionId string
+
 	rivieraClient *riviera.Client
 
 	availSetClient         compute.AvailabilitySetsClient
@@ -71,6 +76,8 @@ type ArmClient struct {
 	serviceBusNamespacesClient    servicebus.NamespacesClient
 	serviceBusTopicsClient        servicebus.TopicsClient
 	serviceBusSubscriptionsClient servicebus.SubscriptionsClient
+
+	keyVaultClient keyvault.VaultsClient
 }
 
 func withRequestLogging() autorest.SendDecorator {
@@ -110,7 +117,11 @@ func setUserAgent(client *autorest.Client) {
 // *ArmClient based on the Config's current settings.
 func (c *Config) getArmClient() (*ArmClient, error) {
 	// client declarations:
-	client := ArmClient{}
+	client := ArmClient{
+		clientId:       c.ClientID,
+		tenantId:       c.TenantID,
+		subscriptionId: c.SubscriptionID,
+	}
 
 	rivieraClient, err := riviera.NewClient(&riviera.AzureResourceManagerCredentials{
 		ClientID:       c.ClientID,
@@ -366,6 +377,12 @@ func (c *Config) getArmClient() (*ArmClient, error) {
 	sbsc.Sender = autorest.CreateSender(withRequestLogging())
 	client.serviceBusSubscriptionsClient = sbsc
 
+	kvc := keyvault.NewVaultsClient(c.SubscriptionID)
+	setUserAgent(&kvc.Client)
+	kvc.Authorizer = spt
+	kvc.Sender = autorest.CreateSender(withRequestLogging())
+	client.keyVaultClient = kvc
+
 	return &client, nil
 }
 

builtin/providers/azurerm/data_source_arm_client_config.go

@@ -0,0 +1,39 @@
+package azurerm
+
+import (
+	"time"
+
+	"github.com/hashicorp/terraform/helper/schema"
+)
+
+func dataSourceArmClientConfig() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceArmClientConfigRead,
+
+		Schema: map[string]*schema.Schema{
+			"client_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"tenant_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"subscription_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceArmClientConfigRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient)
+
+	d.SetId(time.Now().UTC().String())
+	d.Set("client_id", client.clientId)
+	d.Set("tenant_id", client.tenantId)
+	d.Set("subscription_id", client.subscriptionId)
+
+	return nil
+}

builtin/providers/azurerm/data_source_arm_client_config_test.go

@@ -0,0 +1,48 @@
+package azurerm
+
+import (
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAzureRMClientConfig_basic(t *testing.T) {
+	clientId := os.Getenv("ARM_CLIENT_ID")
+	tenantId := os.Getenv("ARM_TENANT_ID")
+	subscriptionId := os.Getenv("ARM_SUBSCRIPTION_ID")
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCheckArmClientConfig_basic,
+				Check: resource.ComposeTestCheckFunc(
+					testAzureRMClientConfigAttr("data.azurerm_client_config.current", "client_id", clientId),
+					testAzureRMClientConfigAttr("data.azurerm_client_config.current", "tenant_id", tenantId),
+					testAzureRMClientConfigAttr("data.azurerm_client_config.current", "subscription_id", subscriptionId),
+				),
+			},
+		},
+	})
+}
+
+// Wraps resource.TestCheckResourceAttr to prevent leaking values to console
+// in case of mismatch
+func testAzureRMClientConfigAttr(name, key, value string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		err := resource.TestCheckResourceAttr(name, key, value)(s)
+		if err != nil {
+			// return fmt.Errorf("%s: Attribute '%s', failed check (values hidden)", name, key)
+			return err
+		}
+
+		return nil
+	}
+}
+
+const testAccCheckArmClientConfig_basic = `
+data "azurerm_client_config" "current" { }
+`

builtin/providers/azurerm/import_arm_key_vault_test.go

@@ -0,0 +1,33 @@
+package azurerm
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/acctest"
+	"github.com/hashicorp/terraform/helper/resource"
+)
+
+func TestAccAzureRMKeyVault_importBasic(t *testing.T) {
+	resourceName := "azurerm_key_vault.test"
+
+	ri := acctest.RandInt()
+	config := fmt.Sprintf(testAccAzureRMKeyVault_basic, ri, ri)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testCheckAzureRMKeyVaultDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: config,
+			},
+
+			resource.TestStep{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}

builtin/providers/azurerm/provider.go

@@ -44,6 +44,10 @@ func Provider() terraform.ResourceProvider {
 			},
 		},
 
+		DataSourcesMap: map[string]*schema.Resource{
+			"azurerm_client_config": dataSourceArmClientConfig(),
+		},
+
 		ResourcesMap: map[string]*schema.Resource{
 			// These resources use the Azure ARM SDK
 			"azurerm_availability_set": resourceArmAvailabilitySet(),
@@ -57,6 +61,7 @@ func Provider() terraform.ResourceProvider {
 			"azurerm_lb_probe":                resourceArmLoadBalancerProbe(),
 			"azurerm_lb_rule":                 resourceArmLoadBalancerRule(),
 
+			"azurerm_key_vault":                 resourceArmKeyVault(),
 			"azurerm_local_network_gateway":     resourceArmLocalNetworkGateway(),
 			"azurerm_network_interface":         resourceArmNetworkInterface(),
 			"azurerm_network_security_group":    resourceArmNetworkSecurityGroup(),
@@ -187,7 +192,7 @@ func registerAzureResourceProvidersWithSubscription(client *riviera.Client) erro
 	var err error
 	providerRegistrationOnce.Do(func() {
 		// We register Microsoft.Compute during client initialization
-		providers := []string{"Microsoft.Network", "Microsoft.Cdn", "Microsoft.Storage", "Microsoft.Sql", "Microsoft.Search", "Microsoft.Resources", "Microsoft.ServiceBus"}
+		providers := []string{"Microsoft.Network", "Microsoft.Cdn", "Microsoft.Storage", "Microsoft.Sql", "Microsoft.Search", "Microsoft.Resources", "Microsoft.ServiceBus", "Microsoft.KeyVault"}
 
 		var wg sync.WaitGroup
 		wg.Add(len(providers))