Merge pull request #1496 from hashicorp/bugfixes/group-role-managemen…

…t-policy bugfixes for `azuread_group_role_management_policy`, update to latest SDK
hashicorp · Sep 27, 2024 · c7c0f91 · c7c0f91
2 parents d86f8e5 + 0918f7a
commit c7c0f91
Show file tree

Hide file tree

Showing 281 changed files with 865 additions and 248 deletions.
diff --git a/go.mod b/go.mod
@@ -3,8 +3,8 @@ module github.com/hashicorp/terraform-provider-azuread
 require (
 	github.com/google/go-cmp v0.6.0
 	github.com/hashicorp/go-azure-helpers v0.71.0
-	github.com/hashicorp/go-azure-sdk/microsoft-graph v0.20240923.1151247
-	github.com/hashicorp/go-azure-sdk/sdk v0.20240923.1151247
+	github.com/hashicorp/go-azure-sdk/microsoft-graph v0.20240927.1005214
+	github.com/hashicorp/go-azure-sdk/sdk v0.20240927.1005214
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/hashicorp/go-uuid v1.0.3

diff --git a/go.sum b/go.sum
@@ -49,10 +49,10 @@ github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/go-azure-helpers v0.71.0 h1:ra3aIRzg01g6MLKQ+yABcb6WJtrqRUDDgyuPLmyZ9lY=
 github.com/hashicorp/go-azure-helpers v0.71.0/go.mod h1:BmbF4JDYXK5sEmFeU5hcn8Br21uElcqLfdQxjatwQKw=
-github.com/hashicorp/go-azure-sdk/microsoft-graph v0.20240923.1151247 h1:jxsVcDHnNhX+mQ0GTxk2Qd3unQKVToBfSL/7SxEd9CM=
-github.com/hashicorp/go-azure-sdk/microsoft-graph v0.20240923.1151247/go.mod h1:hhPwwY4iKyGI1HYZfkHtlXjMpsRP/iaHeJkZpO6o9Bw=
-github.com/hashicorp/go-azure-sdk/sdk v0.20240923.1151247 h1:kzNr/Oqfn72C+k9rL5/G/T3maNo1d87u1aAgjNsKOEQ=
-github.com/hashicorp/go-azure-sdk/sdk v0.20240923.1151247/go.mod h1:dMKF6bXrgGmy1d3pLzkmBpG2JIHgSAV2/OMSCEgyMwE=
+github.com/hashicorp/go-azure-sdk/microsoft-graph v0.20240927.1005214 h1:m6VCE8gYOJI3XtkVpxEtMp1HwtsYUrL8tvROINe1Q9A=
+github.com/hashicorp/go-azure-sdk/microsoft-graph v0.20240927.1005214/go.mod h1:O2eTEWXTgwu1AISomfd1JIv0r6uh3/fY5BA0yC0/tFA=
+github.com/hashicorp/go-azure-sdk/sdk v0.20240927.1005214 h1:nhYBErlMEkQIoG50GY2OZattC4+WBI/8xgZkwx/CsvY=
+github.com/hashicorp/go-azure-sdk/sdk v0.20240927.1005214/go.mod h1:dMKF6bXrgGmy1d3pLzkmBpG2JIHgSAV2/OMSCEgyMwE=
 github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU=
 github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg=
 github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=

diff --git a/internal/services/policies/group_role_management_policy_data_source.go b/internal/services/policies/group_role_management_policy_data_source.go
@@ -85,7 +85,13 @@ func (r GroupRoleManagementPolicyDataSource) Read() sdk.ResourceFunc {
 
 			id := stable.NewPolicyRoleManagementPolicyID(policyId.ID())
 
-			policyResp, err := policyClient.GetRoleManagementPolicy(ctx, id, rolemanagementpolicy.DefaultGetRoleManagementPolicyOperationOptions())
+			policyOptions := rolemanagementpolicy.GetRoleManagementPolicyOperationOptions{
+				Expand: &odata.Expand{
+					Relationship: "*",
+				},
+			}
+
+			policyResp, err := policyClient.GetRoleManagementPolicy(ctx, id, policyOptions)
 			if err != nil {
 				return fmt.Errorf("retrieving %s: %v", id, err)
 			}

diff --git a/internal/services/policies/group_role_management_policy_resource.go b/internal/services/policies/group_role_management_policy_resource.go
diff --git a/internal/services/policies/group_role_management_policy_resource_test.go b/internal/services/policies/group_role_management_policy_resource_test.go
@@ -11,6 +11,7 @@ import (
 	"github.com/hashicorp/go-azure-helpers/lang/pointer"
 	"github.com/hashicorp/go-azure-sdk/microsoft-graph/common-types/stable"
 	"github.com/hashicorp/go-azure-sdk/microsoft-graph/policies/stable/rolemanagementpolicy"
+	"github.com/hashicorp/go-azure-sdk/sdk/odata"
 	"github.com/hashicorp/terraform-plugin-testing/terraform"
 	"github.com/hashicorp/terraform-provider-azuread/internal/acceptance"
 	"github.com/hashicorp/terraform-provider-azuread/internal/acceptance/check"
@@ -66,7 +67,13 @@ func (GroupRoleManagementPolicyResource) Exists(ctx context.Context, clients *cl
 
 	id := stable.NewPolicyRoleManagementPolicyID(policyId.ID())
 
-	policyResp, err := client.GetRoleManagementPolicy(ctx, id, rolemanagementpolicy.DefaultGetRoleManagementPolicyOperationOptions())
+	policyOptions := rolemanagementpolicy.GetRoleManagementPolicyOperationOptions{
+		Expand: &odata.Expand{
+			Relationship: "*",
+		},
+	}
+
+	policyResp, err := client.GetRoleManagementPolicy(ctx, id, policyOptions)
 	if err != nil {
 		return nil, fmt.Errorf("retrieving %s: %v", id, err)
 	}
@@ -90,32 +97,17 @@ resource "azuread_group" "pam" {
 }
 
 resource "azuread_group_role_management_policy" "test" {
-  group_id = azuread_group.pam.id
+  group_id = azuread_group.pam.object_id
   role_id  = "member"
 
   eligible_assignment_rules {
-    expiration_required = false
+    expiration_required = true
+    expire_after        = "P365D"
   }
 
   active_assignment_rules {
-    expire_after = "P365D"
-  }
-
-  notification_rules {
-    eligible_assignments {
-      approver_notifications {
-        notification_level    = "Critical"
-        default_recipients    = false
-        additional_recipients = ["[email protected]"]
-      }
-    }
-    eligible_activations {
-      assignee_notifications {
-        notification_level    = "All"
-        default_recipients    = true
-        additional_recipients = ["[email protected]"]
-      }
-    }
+    expiration_required = true
+    expire_after        = "P180D"
   }
 }
 `, data.RandomString)
@@ -142,15 +134,17 @@ resource "azuread_group" "pam" {
 }
 
 resource "azuread_group_role_management_policy" "test" {
-  group_id = azuread_group.pam.id
+  group_id = azuread_group.pam.object_id
   role_id  = "owner"
 
   eligible_assignment_rules {
-    expiration_required = false
+    expiration_required = true
+    expire_after        = "P365D"
   }
 
   active_assignment_rules {
-    expire_after = "P90D"
+    expiration_required = true
+    expire_after        = "P90D"
   }
 
   activation_rules {

diff --git a/...soft-graph/administrativeunits/beta/administrativeunit/method_createadministrativeunit.go b/...soft-graph/administrativeunits/beta/administrativeunit/method_createadministrativeunit.go
diff --git a/...oft-graph/administrativeunits/beta/administrativeunit/method_creategetsuserownedobject.go b/...oft-graph/administrativeunits/beta/administrativeunit/method_creategetsuserownedobject.go
diff --git a/...osoft-graph/administrativeunits/beta/administrativeunit/method_createvalidatesproperty.go b/...osoft-graph/administrativeunits/beta/administrativeunit/method_createvalidatesproperty.go
diff --git a/...soft-graph/administrativeunits/beta/administrativeunit/method_deleteadministrativeunit.go b/...soft-graph/administrativeunits/beta/administrativeunit/method_deleteadministrativeunit.go
diff --git a/...o-azure-sdk/microsoft-graph/administrativeunits/beta/administrativeunit/method_restore.go b/...o-azure-sdk/microsoft-graph/administrativeunits/beta/administrativeunit/method_restore.go
diff --git a/...soft-graph/administrativeunits/beta/administrativeunit/method_updateadministrativeunit.go b/...soft-graph/administrativeunits/beta/administrativeunit/method_updateadministrativeunit.go
diff --git a/...com/hashicorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_addkey.go b/...com/hashicorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_addkey.go
diff --git a/...ashicorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_addpassword.go b/...ashicorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_addpassword.go
diff --git a/...rp/go-azure-sdk/microsoft-graph/applications/beta/application/method_createapplication.go b/...rp/go-azure-sdk/microsoft-graph/applications/beta/application/method_createapplication.go
diff --git a/...ure-sdk/microsoft-graph/applications/beta/application/method_creategetsuserownedobject.go b/...ure-sdk/microsoft-graph/applications/beta/application/method_creategetsuserownedobject.go
diff --git a/...azure-sdk/microsoft-graph/applications/beta/application/method_createvalidatesproperty.go b/...azure-sdk/microsoft-graph/applications/beta/application/method_createvalidatesproperty.go
diff --git a/...rp/go-azure-sdk/microsoft-graph/applications/beta/application/method_deleteapplication.go b/...rp/go-azure-sdk/microsoft-graph/applications/beta/application/method_deleteapplication.go
diff --git a/.../hashicorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_removekey.go b/.../hashicorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_removekey.go
diff --git a/...icorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_removepassword.go b/...icorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_removepassword.go
diff --git a/...om/hashicorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_restore.go b/...om/hashicorp/go-azure-sdk/microsoft-graph/applications/beta/application/method_restore.go
diff --git a/...go-azure-sdk/microsoft-graph/applications/beta/application/method_setverifiedpublisher.go b/...go-azure-sdk/microsoft-graph/applications/beta/application/method_setverifiedpublisher.go
diff --git a/...-azure-sdk/microsoft-graph/applications/beta/application/method_unsetverifiedpublisher.go b/...-azure-sdk/microsoft-graph/applications/beta/application/method_unsetverifiedpublisher.go
diff --git a/...rp/go-azure-sdk/microsoft-graph/applications/beta/application/method_updateapplication.go b/...rp/go-azure-sdk/microsoft-graph/applications/beta/application/method_updateapplication.go
diff --git a/...m/hashicorp/go-azure-sdk/microsoft-graph/applications/stable/application/method_addkey.go b/...m/hashicorp/go-azure-sdk/microsoft-graph/applications/stable/application/method_addkey.go
diff --git a/...hicorp/go-azure-sdk/microsoft-graph/applications/stable/application/method_addpassword.go b/...hicorp/go-azure-sdk/microsoft-graph/applications/stable/application/method_addpassword.go
diff --git a/.../go-azure-sdk/microsoft-graph/applications/stable/application/method_createapplication.go b/.../go-azure-sdk/microsoft-graph/applications/stable/application/method_createapplication.go
diff --git a/...ure-sdk/microsoft-graph/applications/stable/application/method_createvalidatesproperty.go b/...ure-sdk/microsoft-graph/applications/stable/application/method_createvalidatesproperty.go
diff --git a/.../go-azure-sdk/microsoft-graph/applications/stable/application/method_deleteapplication.go b/.../go-azure-sdk/microsoft-graph/applications/stable/application/method_deleteapplication.go
diff --git a/...ashicorp/go-azure-sdk/microsoft-graph/applications/stable/application/method_removekey.go b/...ashicorp/go-azure-sdk/microsoft-graph/applications/stable/application/method_removekey.go
diff --git a/...orp/go-azure-sdk/microsoft-graph/applications/stable/application/method_removepassword.go b/...orp/go-azure-sdk/microsoft-graph/applications/stable/application/method_removepassword.go
diff --git a/.../hashicorp/go-azure-sdk/microsoft-graph/applications/stable/application/method_restore.go b/.../hashicorp/go-azure-sdk/microsoft-graph/applications/stable/application/method_restore.go
diff --git a/...-azure-sdk/microsoft-graph/applications/stable/application/method_setverifiedpublisher.go b/...-azure-sdk/microsoft-graph/applications/stable/application/method_setverifiedpublisher.go