Support for additional properties in azurerm_api_connection

kaplik commented 2 years ago

Is there an existing issue for this?

[X] I have searched the existing issues

Community Note

Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

azurerm_api_connection doesn't support some properties which are supported by Azure resource manager and which are required for deploying connection with managed identity support, see: https://docs.microsoft.com/en-us/azure/logic-apps/create-managed-service-identity?tabs=consumption#arm-template-for-api-connections-and-managed-identities

Unsupported properties:

kind (https://github.com/hashicorp/terraform-provider-azurerm/issues/16195)
parameterValueType
parameterValueSet

This is probably caused by the unavailability of the up to date swagger for this Azure resource and the unavailability of these parameters in Azure SDK for go: https://github.com/Azure/azure-sdk-for-go/issues/9393

New or Affected Resource(s)/Data Source(s)

azurerm_api_connection

Potential Terraform Configuration

No response

References

derbl4ck commented 1 year ago

@tombuildsstuff Is there any word on when this issue will be worked on? Our company encounters the same problem

orgads commented 10 months ago

ping?

jakubigla commented 5 months ago

This is crazy. Now officially Logic App is the worst Azure service of all.

michvllni commented 5 months ago

Workaround for the time being is to use the azapi provider:

data "azurerm_managed_api" "keyvault" {
  name     = "keyvault"
  location = azurerm_resource_group.example.location
}

resource "azapi_resource" "example" {
  type                      = "Microsoft.Web/connections@2018-07-01-preview"
  name                      = "api-${local.project}-${var.stage_name}-example-keyvault"
  location                  = azurerm_resource_group.example.location
  parent_id                 = azurerm_resource_group.example.id
  schema_validation_enabled = false

  response_export_values = [
    "id",
    "name"
  ]
  body = jsonencode({
    properties = {
      parameterValueSet = {
        name = "oauthMI"
        values = {
          vaultName = {
            value = azurerm_key_vault.example.name
          }
        }
      }
      api = {
        id = data.azurerm_managed_api.keyvault.id
      }
    }
  })
}

resource "azurerm_logic_app_workflow" "example" {
  name                = "logic-${local.project}-${var.stage_name}-example"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  identity {
    type = "SystemAssigned"
  }
  parameters = {
    "$connections" = jsonencode({
      visualstudioteamservices = {
        connectionId         = azurerm_api_connection.tt_api_vsts.id
        connectionName       = azurerm_api_connection.tt_api_vsts.name
        connectionProperties = {}
        id                   = data.azurerm_managed_api.vsts.id
      }
      keyvault = {
        connectionId   = jsondecode(azapi_resource.example.output).id
        connectionName = jsondecode(azapi_resource.example.output).name
        connectionProperties = {
          authentication = {
            type = "ManagedServiceIdentity"
          }
        }
        id = data.azurerm_managed_api.keyvault.id
      }
    })
  }
  workflow_parameters = {
    "$connections" = jsonencode({
      defaultValue = {}
      type         = "Object"
    })
  }
}

hashicorp / terraform-provider-azurerm