Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azurerm_eventhub_namespace_customer_managed_key - validating that the User Assigned Identity used for accessing the Key Vault is assigned to the EventHub Namespace #25809

Merged
merged 10 commits into from
May 31, 2024
Merged

azurerm_eventhub_namespace_customer_managed_key - validating that the User Assigned Identity used for accessing the Key Vault is assigned to the EventHub Namespace #25809

Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
709248e
parse resource ID before comparing
xiaxyi Apr 30, 2024
8209ccd
Merge remote-tracking branch 'upstream/main' into ehn-cmk/suppress-ca…
xiaxyi May 7, 2024
866353c
comparing the ID by segments
xiaxyi May 8, 2024
05c3796
sort imports
xiaxyi May 9, 2024
e13d55b
Merge remote-tracking branch 'upstream/main' into ehn-cmk/suppress-ca…
xiaxyi May 21, 2024
4095280
add empty string check for uai
xiaxyi May 21, 2024
0d3a688
Merge remote-tracking branch 'upstream/main' into ehn-cmk/suppress-ca…
xiaxyi May 23, 2024
12244f6
Merge remote-tracking branch 'upstream/main' into ehn-cmk/suppress-ca…
xiaxyi May 29, 2024
ac27f2e
change key vault naming in test cases
xiaxyi May 29, 2024
11580b5
add purge protection for key vault
xiaxyi May 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 5 additions & 1 deletion internal/services/eventhub/eventhub_namespace_customer_managed_key_resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,11 @@ func resourceEventHubNamespaceCustomerManagedKeyCreateUpdate(d *pluginsdk.Resour

isIdentityAssignedToParent := false
for item := range namespace.Identity.IdentityIds {
if item == userAssignedIdentity {
parentEhnUaiId, err := commonids.ParseUserAssignedIdentityIDInsensitively(item)
if err != nil {
return fmt.Errorf("parsing %q as a User Assigned Identity ID: %+v", item, err)
}
if parentEhnUaiId.ID() == userAssignedIdentity {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rather than comparing these two IDs by checking the results of .ID() match - can we compare the Resource ID values instead:

Suggested change
if parentEhnUaiId.ID() == userAssignedIdentity {
if resourceids.Match(parentEhnUaiId, userAssignedIdentity) {

The Match function is available in hashicorp/go-azure-helpers#234 fwiw

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#25873

isIdentityAssignedToParent = true
}
}
Expand Down