azurerm_iot_dps missing ability to provide AuthorizationPolicies

[jackbatzner]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The current azurerm_iot_dps is missing the ability to provide AuthorizationPolicies. The current Azure GO SDK supports providing this, link.

New or Affected Resource(s)

• azurerm_iot_dps

Potential Terraform Configuration

resource "azurerm_iot_dps" "device-provisioning-service" {
  name                = "iot-device-provisioning-service"
  resource_group_name = "resource-group-name"
    location          = "location"

  linked_hub {
    connection_string = "blah"
    location          = "location"
  }

  sku {
    name     = "S"
    tier     = "Basic"
    capacity = "1"
  }

  authorization_policy {
    name = "test_policy"
    permissions = "DeviceConnect,EnrollmentRead"
  }
}

References

• IoT Device Provisioning Resource #1712 - IoT Device Provisioning Resource

[jackbatzner]

I plan on working on this, will have a PR shortly for this addition.

[kraihn]

Is there anything preventing this from becoming a new resource definition? I think it makes sense to follow the patterns used for IoT Hubs and Event Hubs. Each of the permissions would then become an argument on the resource.

https://www.terraform.io/docs/providers/azurerm/r/eventhub_authorization_rule.html

https://www.terraform.io/docs/providers/azurerm/r/iothub_shared_access_policy.html

[jackbatzner]

The main reason was because it was a property under the iothub_dps resource in the Azure API. Another leading factor was the fact that the linked hubs were defined under the resource as well.

I can pull this out if we want to, I'm all for consistency where it is needed

[jackbatzner]

After thinking about this further, I'm going to go ahead with the approach recommended by@krain as this seems to be the recommended approach elsewhere in the provider.

[maxbog]

@Brunhil Do you have any ETA on the PR? I also have a need to define the shared access policies in my project.

[jackbatzner]

Hi @maxbog , I started working on this late last week. I’ll try to wrap this up quickly then!

[ghost]

This has been released in version 1.40.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 1.40.0"
}
# ... other configuration ...

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!