Add virtual network support in API management service

GNUmakefile

@@ -3,9 +3,9 @@ WEBSITE_REPO=github.com/hashicorp/terraform-website
 PKG_NAME=azurerm
 
 #make sure we catch schema errors during testing
-TF_SCHEMA_PANIC_ON_ERROR=1
-GO111MODULE=on
-GOFLAGS=-mod=vendor
+export TF_SCHEMA_PANIC_ON_ERROR=1
+export GO111MODULE=on
+export GOFLAGS=-mod=vendor
 
 default: build
 

azurerm/config.go

@@ -10,7 +10,7 @@ import (
 	"time"
 
 	resourcesprofile "github.com/Azure/azure-sdk-for-go/profiles/2017-03-09/resources/mgmt/resources"
-	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 	appinsights "github.com/Azure/azure-sdk-for-go/services/appinsights/mgmt/2015-05-01/insights"
 	automationSvc "github.com/Azure/azure-sdk-for-go/services/automation/mgmt/2015-10-31/automation"
 	"github.com/Azure/azure-sdk-for-go/services/batch/mgmt/2018-12-01/batch"

azurerm/data_source_api_management.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"

azurerm/data_source_api_management_api.go

@@ -3,7 +3,7 @@ package azurerm
 import (
 	"fmt"
 
-	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"

azurerm/data_source_api_management_product.go

@@ -3,7 +3,7 @@ package azurerm
 import (
 	"fmt"
 
-	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"

azurerm/helpers/azure/api_management.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"

azurerm/internal/services/apimgmt/client.go

@@ -1,6 +1,6 @@
 package apimgmt
 
-import "github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+import "github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 
 type Client struct {
 	ApiClient                  apimanagement.APIClient

azurerm/resource_arm_api_management.go

@@ -6,7 +6,7 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/hashicorp/terraform/helper/validation"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
@@ -24,6 +24,8 @@ var apimFrontendProtocolTls10 = "Microsoft.WindowsAzure.ApiManagement.Gateway.Se
 var apimFrontendProtocolTls11 = "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11"
 var apimTripleDesCiphers = "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168"
 
+const apiManagementResourceName = "azurerm_api_management"
+
 func resourceArmApiManagementService() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceArmApiManagementServiceCreateUpdate,
@@ -343,6 +345,33 @@ func resourceArmApiManagementService() *schema.Resource {
 				},
 			},
 
+			"virtual_network_configuration": {
+				Type:     schema.TypeList,
+				Optional: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"type": {
+							Type:     schema.TypeString,
+							Required: true,
+							// ForceNew: true,
+							ValidateFunc: validation.StringInSlice([]string{
+								string(apimanagement.VirtualNetworkTypeExternal),
+								string(apimanagement.VirtualNetworkTypeInternal),
+								string(apimanagement.VirtualNetworkTypeNone),
+							}, false),
+						},
+
+						"subnet_id": {
+							Type:     schema.TypeString,
+							Required: true,
+							// ForceNew:     true,
+							ValidateFunc: azure.ValidateResourceID,
+						},
+					},
+				},
+			},
+
 			"tags": tagsSchema(),
 
 			"gateway_url": {
@@ -407,15 +436,32 @@ func resourceArmApiManagementServiceCreateUpdate(d *schema.ResourceData, meta in
 	customProperties := expandApiManagementCustomProperties(d)
 	certificates := expandAzureRmApiManagementCertificates(d)
 	hostnameConfigurations := expandAzureRmApiManagementHostnameConfigurations(d)
+	vnetConfig, vnetType := expandAzureRmApiManagementVirtualNetworkConfiguration(d)
+
+	subnetsToLock, vnetsToLock, err := expandApiManagementVirtualNetworkSubnetNames(d)
+	if err != nil {
+		return fmt.Errorf("Error extracting names of Subnet and Virtual Network: %+v", err)
+	}
+
+	azureRMLockByName(name, apiManagementResourceName)
+	defer azureRMUnlockByName(name, apiManagementResourceName)
+
+	azureRMLockMultipleByName(subnetsToLock, subnetResourceName)
+	defer azureRMUnlockMultipleByName(subnetsToLock, subnetResourceName)
+
+	azureRMLockMultipleByName(vnetsToLock, virtualNetworkResourceName)
+	defer azureRMUnlockMultipleByName(vnetsToLock, virtualNetworkResourceName)
 
 	properties := apimanagement.ServiceResource{
 		Location: utils.String(location),
 		ServiceProperties: &apimanagement.ServiceProperties{
-			PublisherName:          utils.String(publisherName),
-			PublisherEmail:         utils.String(publisherEmail),
-			CustomProperties:       customProperties,
-			Certificates:           certificates,
-			HostnameConfigurations: hostnameConfigurations,
+			PublisherName:               utils.String(publisherName),
+			PublisherEmail:              utils.String(publisherEmail),
+			CustomProperties:            customProperties,
+			Certificates:                certificates,
+			HostnameConfigurations:      hostnameConfigurations,
+			VirtualNetworkConfiguration: vnetConfig,
+			VirtualNetworkType:          apimanagement.VirtualNetworkType(*vnetType),
 		},
 		Tags: expandTags(tags),
 		Sku:  sku,
@@ -456,14 +502,14 @@ func resourceArmApiManagementServiceCreateUpdate(d *schema.ResourceData, meta in
 	signInSettingsRaw := d.Get("sign_in").([]interface{})
 	signInSettings := expandApiManagementSignInSettings(signInSettingsRaw)
 	signInClient := meta.(*ArmClient).apimgmt.SignInClient
-	if _, err := signInClient.CreateOrUpdate(ctx, resourceGroup, name, signInSettings); err != nil {
+	if _, err := signInClient.CreateOrUpdate(ctx, resourceGroup, name, signInSettings, ""); err != nil {
 		return fmt.Errorf("Error setting Sign In settings for API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
 	}
 
 	signUpSettingsRaw := d.Get("sign_up").([]interface{})
 	signUpSettings := expandApiManagementSignUpSettings(signUpSettingsRaw)
 	signUpClient := meta.(*ArmClient).apimgmt.SignUpClient
-	if _, err := signUpClient.CreateOrUpdate(ctx, resourceGroup, name, signUpSettings); err != nil {
+	if _, err := signUpClient.CreateOrUpdate(ctx, resourceGroup, name, signUpSettings, ""); err != nil {
 		return fmt.Errorf("Error setting Sign Up settings for API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
 	}
 
@@ -484,7 +530,7 @@ func resourceArmApiManagementServiceCreateUpdate(d *schema.ResourceData, meta in
 
 		// then add the new one, if it exists
 		if policy != nil {
-			if _, err := policyClient.CreateOrUpdate(ctx, resourceGroup, name, *policy); err != nil {
+			if _, err := policyClient.CreateOrUpdate(ctx, resourceGroup, name, *policy, ""); err != nil {
 				return fmt.Errorf("Error setting Policies for API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
 			}
 		}
@@ -529,7 +575,7 @@ func resourceArmApiManagementServiceRead(d *schema.ResourceData, meta interface{
 	}
 
 	policyClient := meta.(*ArmClient).apimgmt.PolicyClient
-	policy, err := policyClient.Get(ctx, resourceGroup, name)
+	policy, err := policyClient.Get(ctx, resourceGroup, name, apimanagement.PolicyExportFormatXML)
 	if err != nil {
 		if !utils.ResponseWasNotFound(policy.Response) {
 			return fmt.Errorf("Error retrieving Policy for API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
@@ -568,6 +614,11 @@ func resourceArmApiManagementServiceRead(d *schema.ResourceData, meta interface{
 			return fmt.Errorf("Error setting `hostname_configuration`: %+v", err)
 		}
 
+		vnetConfig := flattenApiManagementVirtualNetworkConfiguration(props.VirtualNetworkType, props.VirtualNetworkConfiguration, d)
+		if err := d.Set("virtual_network_configuration", vnetConfig); err != nil {
+			return fmt.Errorf("Error setting `virtual_network_configuration`: %+v", err)
+		}
+
 		if err := d.Set("additional_location", flattenApiManagementAdditionalLocations(props.AdditionalLocations)); err != nil {
 			return fmt.Errorf("Error setting `additional_location`: %+v", err)
 		}
@@ -605,12 +656,29 @@ func resourceArmApiManagementServiceDelete(d *schema.ResourceData, meta interfac
 	resourceGroup := id.ResourceGroup
 	name := id.Path["service"]
 
+	subnetsToLock, vnetsToLock, err := expandApiManagementVirtualNetworkSubnetNames(d)
+	if err != nil {
+		return fmt.Errorf("Error extracting names of Subnet and Virtual Network: %+v", err)
+	}
+
+	azureRMLockByName(name, apiManagementResourceName)
+	defer azureRMUnlockByName(name, apiManagementResourceName)
+
+	azureRMLockMultipleByName(subnetsToLock, subnetResourceName)
+	defer azureRMUnlockMultipleByName(subnetsToLock, subnetResourceName)
+
+	azureRMLockMultipleByName(vnetsToLock, virtualNetworkResourceName)
+	defer azureRMUnlockMultipleByName(vnetsToLock, virtualNetworkResourceName)
+
 	log.Printf("[DEBUG] Deleting API Management Service %q (Resource Grouo %q)", name, resourceGroup)
-	resp, err := client.Delete(ctx, resourceGroup, name)
+	future, err := client.Delete(ctx, resourceGroup, name)
 	if err != nil {
-		if !utils.ResponseWasNotFound(resp) {
-			return fmt.Errorf("Error deleting API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
-		}
+		return fmt.Errorf("Error deleting API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
+	}
+
+	err = future.WaitForCompletionRef(ctx, client.Client)
+	if err != nil {
+		return fmt.Errorf("Error waiting for deletion of API Management Service %q (Resource Group %q): %+v", name, resourceGroup, err)
 	}
 
 	return nil
@@ -679,6 +747,70 @@ func expandApiManagementCommonHostnameConfiguration(input map[string]interface{}
 	return output
 }
 
+func expandAzureRmApiManagementVirtualNetworkConfiguration(d *schema.ResourceData) (*apimanagement.VirtualNetworkConfiguration, *string) {
+	vnetRawConfigs := d.Get("virtual_network_configuration").([]interface{})
+
+	if len(vnetRawConfigs) < 1 {
+		return nil, nil
+	}
+
+	vnetRawConfig := vnetRawConfigs[0].(map[string]interface{})
+	vnetType := vnetRawConfig["type"].(string)
+	vnetSubnetID := vnetRawConfig["subnet_id"].(string)
+	vnetConfig := apimanagement.VirtualNetworkConfiguration{
+		SubnetResourceID: &vnetSubnetID,
+	}
+
+	return &vnetConfig, &vnetType
+}
+
+func flattenApiManagementVirtualNetworkConfiguration(vnetType apimanagement.VirtualNetworkType, vnetConfig *apimanagement.VirtualNetworkConfiguration, d *schema.ResourceData) []interface{} {
+	if vnetConfig == nil {
+		return []interface{}{}
+	}
+
+	vnet := make(map[string]interface{})
+	vnet["type"] = string(vnetType)
+	if vnetConfig != nil {
+		vnet["subnet_id"] = vnetConfig.SubnetResourceID
+	}
+
+	return []interface{}{
+		vnet,
+	}
+}
+
+func expandApiManagementVirtualNetworkSubnetNames(d *schema.ResourceData) (*[]string, *[]string, error) {
+	vnetRawConfigs := d.Get("virtual_network_configuration").([]interface{})
+
+	if len(vnetRawConfigs) < 1 {
+		return nil, nil, nil
+	}
+
+	vnetRawConfig := vnetRawConfigs[0].(map[string]interface{})
+	subnetID := vnetRawConfig["subnet_id"].(string)
+	subnetNames := make([]string, 0)
+	vnetNames := make([]string, 0)
+
+	subnetResourceID, err := parseAzureResourceID(subnetID)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	subnetName := subnetResourceID.Path["subnets"]
+	vnetName := subnetResourceID.Path["virtualNetworks"]
+
+	if !sliceContainsValue(subnetNames, subnetName) {
+		subnetNames = append(subnetNames, subnetName)
+	}
+
+	if !sliceContainsValue(vnetNames, vnetName) {
+		vnetNames = append(vnetNames, vnetName)
+	}
+
+	return &subnetNames, &vnetNames, nil
+}
+
 func flattenApiManagementHostnameConfigurations(input *[]apimanagement.HostnameConfiguration, d *schema.ResourceData) []interface{} {
 	results := make([]interface{}, 0)
 	if input == nil {
@@ -1136,17 +1268,17 @@ func expandApiManagementPolicies(input []interface{}) (*apimanagement.PolicyCont
 	if xmlContent != "" {
 		return &apimanagement.PolicyContract{
 			PolicyContractProperties: &apimanagement.PolicyContractProperties{
-				ContentFormat: apimanagement.XML,
-				PolicyContent: utils.String(xmlContent),
+				Format: apimanagement.XML,
+				Value:  utils.String(xmlContent),
 			},
 		}, nil
 	}
 
 	if xmlLink != "" {
 		return &apimanagement.PolicyContract{
 			PolicyContractProperties: &apimanagement.PolicyContractProperties{
-				ContentFormat: apimanagement.XMLLink,
-				PolicyContent: utils.String(xmlLink),
+				Format: apimanagement.XMLLink,
+				Value:  utils.String(xmlLink),
 			},
 		}, nil
 	}
@@ -1157,8 +1289,8 @@ func expandApiManagementPolicies(input []interface{}) (*apimanagement.PolicyCont
 func flattenApiManagementPolicies(d *schema.ResourceData, input apimanagement.PolicyContract) []interface{} {
 	xmlContent := ""
 	if props := input.PolicyContractProperties; props != nil {
-		if props.PolicyContent != nil {
-			xmlContent = *props.PolicyContent
+		if props.Value != nil {
+			xmlContent = *props.Value
 		}
 	}
 

azurerm/resource_arm_api_management_api.go

@@ -5,7 +5,7 @@ import (
 	"log"
 	"strings"
 
-	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/hashicorp/terraform/helper/validation"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
@@ -214,9 +214,9 @@ func resourceArmApiManagementApiCreateUpdate(d *schema.ResourceData, meta interf
 		log.Printf("[DEBUG] Importing API Management API %q of type %q", name, contentFormat)
 		apiParams := apimanagement.APICreateOrUpdateParameter{
 			APICreateOrUpdateProperties: &apimanagement.APICreateOrUpdateProperties{
-				ContentFormat: apimanagement.ContentFormat(contentFormat),
-				ContentValue:  utils.String(contentValue),
-				Path:          utils.String(path),
+				Format: apimanagement.ContentFormat(contentFormat),
+				Value:  utils.String(contentValue),
+				Path:   utils.String(path),
 			},
 		}
 		wsdlSelectorVs := importV["wsdl_selector"].([]interface{})

azurerm/resource_arm_api_management_api_operation.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"log"
 
-	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2019-01-01/apimanagement"
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"