Merge pull request #1242 from Threpio/issue/1216

Issue: 1216 - Updated documentation to include second example

docs/resources/authentication_strength_policy.md

@@ -1,5 +1,5 @@
 ---
-subcategory: "Conditional Access"
+subcategory: "Policies"
 ---
 
 # Resource: azuread_authentication_strength_policy
@@ -25,6 +25,34 @@ resource "azuread_authentication_strength_policy" "example" {
     "password",
   ]
 }
+
+resource "azuread_authentication_strength_policy" "example2" {
+  display_name = "Example Authentication Strength Policy"
+  description  = "Policy for demo purposes with all possible combinations"
+  allowed_combinations = [
+    "fido2",
+    "password",
+    "deviceBasedPush",
+    "temporaryAccessPassOneTime",
+    "federatedMultiFactor",
+    "federatedSingleFactor",
+    "hardwareOath,federatedSingleFactor",
+    "microsoftAuthenticatorPush,federatedSingleFactor",
+    "password,hardwareOath",
+    "password,microsoftAuthenticatorPush",
+    "password,sms",
+    "password,softwareOath",
+    "password,voice",
+    "sms",
+    "sms,federatedSingleFactor",
+    "softwareOath,federatedSingleFactor",
+    "temporaryAccessPassMultiUse",
+    "voice,federatedSingleFactor",
+    "windowsHelloForBusiness",
+    "x509CertificateMultiFactor",
+    "x509CertificateSingleFactor",
+  ]
+}
 ```
 
 ## Argument Reference

internal/services/conditionalaccess/client/client.go

@@ -9,9 +9,8 @@ import (
 )
 
 type Client struct {
-	NamedLocationsClient                 *msgraph.NamedLocationsClient
-	PoliciesClient                       *msgraph.ConditionalAccessPoliciesClient
-	AuthenticationStrengthPoliciesClient *msgraph.AuthenticationStrengthPoliciesClient
+	NamedLocationsClient *msgraph.NamedLocationsClient
+	PoliciesClient       *msgraph.ConditionalAccessPoliciesClient
 }
 
 func NewClient(o *common.ClientOptions) *Client {
@@ -21,12 +20,8 @@ func NewClient(o *common.ClientOptions) *Client {
 	policiesClient := msgraph.NewConditionalAccessPoliciesClient()
 	o.ConfigureClient(&policiesClient.BaseClient)
 
-	authenticationStrengthpoliciesClient := msgraph.NewAuthenticationStrengthPoliciesClient()
-	o.ConfigureClient(&authenticationStrengthpoliciesClient.BaseClient)
-
 	return &Client{
-		NamedLocationsClient:                 namedLocationsClient,
-		PoliciesClient:                       policiesClient,
-		AuthenticationStrengthPoliciesClient: authenticationStrengthpoliciesClient,
+		NamedLocationsClient: namedLocationsClient,
+		PoliciesClient:       policiesClient,
 	}
 }

internal/services/conditionalaccess/conditional_access_policy_resource_test.go

@@ -602,10 +602,16 @@ resource "azuread_conditional_access_policy" "test" {
 
 func (ConditionalAccessPolicyResource) authenticationStrengthPolicy(data acceptance.TestData) string {
 	return fmt.Sprintf(`
-%[1]s
+provider "azuread" {}
+
+resource "azuread_authentication_strength_policy" "test" {
+  display_name         = "acctestASP-%[1]d"
+  description          = "test"
+  allowed_combinations = ["password"]
+}
 
 resource "azuread_conditional_access_policy" "test" {
-  display_name = "acctest-CONPOLICY-%[2]d"
+  display_name = "acctest-CONPOLICY-%[1]d"
   state        = "disabled"
 
   conditions {
@@ -626,7 +632,7 @@ resource "azuread_conditional_access_policy" "test" {
     authentication_strength_policy_id = azuread_authentication_strength_policy.test.id
   }
 }
-`, AuthenticationStrengthPolicyResource{}.basic(data), data.RandomInteger)
+`, data.RandomInteger)
 }
 
 func (ConditionalAccessPolicyResource) guestsOrExternalUsersAllServiceProvidersIncluded(data acceptance.TestData) string {

internal/services/conditionalaccess/registration.go

@@ -3,7 +3,9 @@
 
 package conditionalaccess
 
-import "github.com/hashicorp/terraform-provider-azuread/internal/tf/pluginsdk"
+import (
+	"github.com/hashicorp/terraform-provider-azuread/internal/tf/pluginsdk"
+)
 
 type Registration struct{}
 
@@ -29,8 +31,7 @@ func (r Registration) SupportedDataSources() map[string]*pluginsdk.Resource {
 // SupportedResources returns the supported Resources supported by this Service
 func (r Registration) SupportedResources() map[string]*pluginsdk.Resource {
 	return map[string]*pluginsdk.Resource{
-		"azuread_authentication_strength_policy": authenticationStrengthPolicyResource(),
-		"azuread_named_location":                 namedLocationResource(),
-		"azuread_conditional_access_policy":      conditionalAccessPolicyResource(),
+		"azuread_named_location":            namedLocationResource(),
+		"azuread_conditional_access_policy": conditionalAccessPolicyResource(),
 	}
 }

internal/services/conditionalaccess/authentication_strength_policy_resource.go → internal/services/policies/authentication_strength_policy_resource.go

@@ -1,7 +1,7 @@
 // Copyright (c) HashiCorp, Inc.
 // SPDX-License-Identifier: MPL-2.0
 
-package conditionalaccess
+package policies
 
 import (
 	"context"
@@ -71,7 +71,7 @@ func authenticationStrengthPolicyResource() *pluginsdk.Resource {
 }
 
 func authenticationStrengthPolicyCreate(ctx context.Context, d *pluginsdk.ResourceData, meta interface{}) diag.Diagnostics {
-	client := meta.(*clients.Client).ConditionalAccess.AuthenticationStrengthPoliciesClient
+	client := meta.(*clients.Client).Policies.AuthenticationStrengthPoliciesClient
 
 	properties := msgraph.AuthenticationStrengthPolicy{
 		DisplayName:         pointer.To(d.Get("display_name").(string)),
@@ -90,13 +90,12 @@ func authenticationStrengthPolicyCreate(ctx context.Context, d *pluginsdk.Resour
 }
 
 func authenticationStrengthPolicyUpdate(ctx context.Context, d *pluginsdk.ResourceData, meta interface{}) diag.Diagnostics {
-	client := meta.(*clients.Client).ConditionalAccess.AuthenticationStrengthPoliciesClient
+	client := meta.(*clients.Client).Policies.AuthenticationStrengthPoliciesClient
 
 	properties := msgraph.AuthenticationStrengthPolicy{
 		ID:          pointer.To(d.Id()),
 		DisplayName: pointer.To(d.Get("display_name").(string)),
 		Description: pointer.To(d.Get("description").(string)),
-		// AllowedCombinations: tf.ExpandStringSlicePtr(d.Get("allowed_combinations").(*pluginsdk.Set).List()),
 	}
 
 	_, err := client.Update(ctx, properties)
@@ -116,7 +115,7 @@ func authenticationStrengthPolicyUpdate(ctx context.Context, d *pluginsdk.Resour
 }
 
 func authenticationStrengthPolicyRead(ctx context.Context, d *pluginsdk.ResourceData, meta interface{}) diag.Diagnostics {
-	client := meta.(*clients.Client).ConditionalAccess.AuthenticationStrengthPoliciesClient
+	client := meta.(*clients.Client).Policies.AuthenticationStrengthPoliciesClient
 
 	authenticationStrengthPolicy, status, err := client.Get(ctx, d.Id(), odata.Query{})
 	if err != nil {
@@ -139,7 +138,7 @@ func authenticationStrengthPolicyRead(ctx context.Context, d *pluginsdk.Resource
 }
 
 func authenticationStrengthPolicyDelete(ctx context.Context, d *pluginsdk.ResourceData, meta interface{}) diag.Diagnostics {
-	client := meta.(*clients.Client).ConditionalAccess.AuthenticationStrengthPoliciesClient
+	client := meta.(*clients.Client).Policies.AuthenticationStrengthPoliciesClient
 	authenticationStrengthPolicyId := d.Id()
 
 	if _, status, err := client.Get(ctx, authenticationStrengthPolicyId, odata.Query{}); err != nil {

internal/services/conditionalaccess/authentication_strength_policy_resource_test.go → internal/services/policies/authentication_strength_policy_resource_test.go

@@ -1,7 +1,7 @@
 // Copyright (c) HashiCorp, Inc.
 // SPDX-License-Identifier: MPL-2.0
 
-package conditionalaccess_test
+package policies_test
 
 import (
 	"context"
@@ -81,7 +81,7 @@ func TestAccAuthenticationStrengthPolicy_update(t *testing.T) {
 func (r AuthenticationStrengthPolicyResource) Exists(ctx context.Context, client *clients.Client, state *pluginsdk.InstanceState) (*bool, error) {
 	var id *string
 
-	authstrengthpolicy, status, err := client.ConditionalAccess.AuthenticationStrengthPoliciesClient.Get(ctx, state.ID, odata.Query{})
+	authstrengthpolicy, status, err := client.Policies.AuthenticationStrengthPoliciesClient.Get(ctx, state.ID, odata.Query{})
 	if err != nil {
 		if status == http.StatusNotFound {
 			return nil, fmt.Errorf("Authentication Strength Policy with ID %q does not exist", state.ID)

internal/services/policies/client/client.go

@@ -9,14 +9,19 @@ import (
 )
 
 type Client struct {
-	ClaimsMappingPolicyClient *msgraph.ClaimsMappingPolicyClient
+	AuthenticationStrengthPoliciesClient *msgraph.AuthenticationStrengthPoliciesClient
+	ClaimsMappingPolicyClient            *msgraph.ClaimsMappingPolicyClient
 }
 
 func NewClient(o *common.ClientOptions) *Client {
+	authenticationStrengthpoliciesClient := msgraph.NewAuthenticationStrengthPoliciesClient()
+	o.ConfigureClient(&authenticationStrengthpoliciesClient.BaseClient)
+
 	claimsMappingPolicyClient := msgraph.NewClaimsMappingPolicyClient()
 	o.ConfigureClient(&claimsMappingPolicyClient.BaseClient)
 
 	return &Client{
-		ClaimsMappingPolicyClient: claimsMappingPolicyClient,
+		AuthenticationStrengthPoliciesClient: authenticationStrengthpoliciesClient,
+		ClaimsMappingPolicyClient:            claimsMappingPolicyClient,
 	}
 }

internal/services/policies/registration.go

@@ -27,6 +27,7 @@ func (r Registration) SupportedDataSources() map[string]*pluginsdk.Resource {
 // SupportedResources returns the supported Resources supported by this Service
 func (r Registration) SupportedResources() map[string]*pluginsdk.Resource {
 	return map[string]*pluginsdk.Resource{
-		"azuread_claims_mapping_policy": claimsMappingPolicyResource(),
+		"azuread_authentication_strength_policy": authenticationStrengthPolicyResource(),
+		"azuread_claims_mapping_policy":          claimsMappingPolicyResource(),
 	}
 }