diff --git a/builtin/providers/azurerm/config.go b/builtin/providers/azurerm/config.go index 6ac1292527..983505a7ca 100644 --- a/builtin/providers/azurerm/config.go +++ b/builtin/providers/azurerm/config.go @@ -138,18 +138,31 @@ func (c *Config) getArmClient() (*ArmClient, error) { subscriptionId: c.SubscriptionID, } + // detect cloud from environment + env, envErr := azure.EnvironmentFromName(c.Environment) + if envErr != nil { + // try again with wrapped value to support readable values like german instead of AZUREGERMANCLOUD + wrapped := fmt.Sprintf("AZURE%sCLOUD", c.Environment) + var innerErr error + if env, innerErr = azure.EnvironmentFromName(wrapped); innerErr != nil { + return nil, envErr + } + } + rivieraClient, err := riviera.NewClient(&riviera.AzureResourceManagerCredentials{ - ClientID: c.ClientID, - ClientSecret: c.ClientSecret, - TenantID: c.TenantID, - SubscriptionID: c.SubscriptionID, + ClientID: c.ClientID, + ClientSecret: c.ClientSecret, + TenantID: c.TenantID, + SubscriptionID: c.SubscriptionID, + ResourceManagerEndpoint: env.ResourceManagerEndpoint, + ActiveDirectoryEndpoint: env.ActiveDirectoryEndpoint, }) if err != nil { return nil, fmt.Errorf("Error creating Riviera client: %s", err) } client.rivieraClient = rivieraClient - oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(c.TenantID) + oauthConfig, err := env.OAuthConfigForTenant(c.TenantID) if err != nil { return nil, err } @@ -159,267 +172,268 @@ func (c *Config) getArmClient() (*ArmClient, error) { return nil, fmt.Errorf("Unable to configure OAuthConfig for tenant %s", c.TenantID) } - spt, err := azure.NewServicePrincipalToken(*oauthConfig, c.ClientID, c.ClientSecret, - azure.PublicCloud.ResourceManagerEndpoint) + spt, err := azure.NewServicePrincipalToken(*oauthConfig, c.ClientID, c.ClientSecret, env.ResourceManagerEndpoint) if err != nil { return nil, err } + endpoint := env.ResourceManagerEndpoint + // NOTE: these declarations should be left separate for clarity should the // clients be wished to be configured with custom Responders/PollingModess etc... - asc := compute.NewAvailabilitySetsClient(c.SubscriptionID) + asc := compute.NewAvailabilitySetsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&asc.Client) asc.Authorizer = spt asc.Sender = autorest.CreateSender(withRequestLogging()) client.availSetClient = asc - uoc := compute.NewUsageOperationsClient(c.SubscriptionID) + uoc := compute.NewUsageOperationsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&uoc.Client) uoc.Authorizer = spt uoc.Sender = autorest.CreateSender(withRequestLogging()) client.usageOpsClient = uoc - vmeic := compute.NewVirtualMachineExtensionImagesClient(c.SubscriptionID) + vmeic := compute.NewVirtualMachineExtensionImagesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmeic.Client) vmeic.Authorizer = spt vmeic.Sender = autorest.CreateSender(withRequestLogging()) client.vmExtensionImageClient = vmeic - vmec := compute.NewVirtualMachineExtensionsClient(c.SubscriptionID) + vmec := compute.NewVirtualMachineExtensionsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmec.Client) vmec.Authorizer = spt vmec.Sender = autorest.CreateSender(withRequestLogging()) client.vmExtensionClient = vmec - vmic := compute.NewVirtualMachineImagesClient(c.SubscriptionID) + vmic := compute.NewVirtualMachineImagesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmic.Client) vmic.Authorizer = spt vmic.Sender = autorest.CreateSender(withRequestLogging()) client.vmImageClient = vmic - vmssc := compute.NewVirtualMachineScaleSetsClient(c.SubscriptionID) + vmssc := compute.NewVirtualMachineScaleSetsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmssc.Client) vmssc.Authorizer = spt vmssc.Sender = autorest.CreateSender(withRequestLogging()) client.vmScaleSetClient = vmssc - vmc := compute.NewVirtualMachinesClient(c.SubscriptionID) + vmc := compute.NewVirtualMachinesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmc.Client) vmc.Authorizer = spt vmc.Sender = autorest.CreateSender(withRequestLogging()) client.vmClient = vmc - agc := network.NewApplicationGatewaysClient(c.SubscriptionID) + agc := network.NewApplicationGatewaysClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&agc.Client) agc.Authorizer = spt agc.Sender = autorest.CreateSender(withRequestLogging()) client.appGatewayClient = agc - crc := containerregistry.NewRegistriesClient(c.SubscriptionID) + crc := containerregistry.NewRegistriesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&crc.Client) crc.Authorizer = spt crc.Sender = autorest.CreateSender(withRequestLogging()) client.containerRegistryClient = crc - ehc := eventhub.NewEventHubsClient(c.SubscriptionID) + ehc := eventhub.NewEventHubsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&ehc.Client) ehc.Authorizer = spt ehc.Sender = autorest.CreateSender(withRequestLogging()) client.eventHubClient = ehc - chcgc := eventhub.NewConsumerGroupsClient(c.SubscriptionID) + chcgc := eventhub.NewConsumerGroupsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&chcgc.Client) chcgc.Authorizer = spt chcgc.Sender = autorest.CreateSender(withRequestLogging()) client.eventHubConsumerGroupClient = chcgc - ehnc := eventhub.NewNamespacesClient(c.SubscriptionID) + ehnc := eventhub.NewNamespacesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&ehnc.Client) ehnc.Authorizer = spt ehnc.Sender = autorest.CreateSender(withRequestLogging()) client.eventHubNamespacesClient = ehnc - ifc := network.NewInterfacesClient(c.SubscriptionID) + ifc := network.NewInterfacesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&ifc.Client) ifc.Authorizer = spt ifc.Sender = autorest.CreateSender(withRequestLogging()) client.ifaceClient = ifc - lbc := network.NewLoadBalancersClient(c.SubscriptionID) + lbc := network.NewLoadBalancersClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&lbc.Client) lbc.Authorizer = spt lbc.Sender = autorest.CreateSender(withRequestLogging()) client.loadBalancerClient = lbc - lgc := network.NewLocalNetworkGatewaysClient(c.SubscriptionID) + lgc := network.NewLocalNetworkGatewaysClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&lgc.Client) lgc.Authorizer = spt lgc.Sender = autorest.CreateSender(withRequestLogging()) client.localNetConnClient = lgc - pipc := network.NewPublicIPAddressesClient(c.SubscriptionID) + pipc := network.NewPublicIPAddressesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&pipc.Client) pipc.Authorizer = spt pipc.Sender = autorest.CreateSender(withRequestLogging()) client.publicIPClient = pipc - sgc := network.NewSecurityGroupsClient(c.SubscriptionID) + sgc := network.NewSecurityGroupsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&sgc.Client) sgc.Authorizer = spt sgc.Sender = autorest.CreateSender(withRequestLogging()) client.secGroupClient = sgc - src := network.NewSecurityRulesClient(c.SubscriptionID) + src := network.NewSecurityRulesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&src.Client) src.Authorizer = spt src.Sender = autorest.CreateSender(withRequestLogging()) client.secRuleClient = src - snc := network.NewSubnetsClient(c.SubscriptionID) + snc := network.NewSubnetsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&snc.Client) snc.Authorizer = spt snc.Sender = autorest.CreateSender(withRequestLogging()) client.subnetClient = snc - vgcc := network.NewVirtualNetworkGatewayConnectionsClient(c.SubscriptionID) + vgcc := network.NewVirtualNetworkGatewayConnectionsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vgcc.Client) vgcc.Authorizer = spt vgcc.Sender = autorest.CreateSender(withRequestLogging()) client.vnetGatewayConnectionsClient = vgcc - vgc := network.NewVirtualNetworkGatewaysClient(c.SubscriptionID) + vgc := network.NewVirtualNetworkGatewaysClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vgc.Client) vgc.Authorizer = spt vgc.Sender = autorest.CreateSender(withRequestLogging()) client.vnetGatewayClient = vgc - vnc := network.NewVirtualNetworksClient(c.SubscriptionID) + vnc := network.NewVirtualNetworksClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vnc.Client) vnc.Authorizer = spt vnc.Sender = autorest.CreateSender(withRequestLogging()) client.vnetClient = vnc - vnpc := network.NewVirtualNetworkPeeringsClient(c.SubscriptionID) + vnpc := network.NewVirtualNetworkPeeringsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vnpc.Client) vnpc.Authorizer = spt vnpc.Sender = autorest.CreateSender(withRequestLogging()) client.vnetPeeringsClient = vnpc - rtc := network.NewRouteTablesClient(c.SubscriptionID) + rtc := network.NewRouteTablesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rtc.Client) rtc.Authorizer = spt rtc.Sender = autorest.CreateSender(withRequestLogging()) client.routeTablesClient = rtc - rc := network.NewRoutesClient(c.SubscriptionID) + rc := network.NewRoutesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rc.Client) rc.Authorizer = spt rc.Sender = autorest.CreateSender(withRequestLogging()) client.routesClient = rc - rgc := resources.NewGroupsClient(c.SubscriptionID) + rgc := resources.NewGroupsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rgc.Client) rgc.Authorizer = spt rgc.Sender = autorest.CreateSender(withRequestLogging()) client.resourceGroupClient = rgc - pc := resources.NewProvidersClient(c.SubscriptionID) + pc := resources.NewProvidersClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&pc.Client) pc.Authorizer = spt pc.Sender = autorest.CreateSender(withRequestLogging()) client.providers = pc - tc := resources.NewTagsClient(c.SubscriptionID) + tc := resources.NewTagsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&tc.Client) tc.Authorizer = spt tc.Sender = autorest.CreateSender(withRequestLogging()) client.tagsClient = tc - rf := resources.NewClient(c.SubscriptionID) + rf := resources.NewClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rf.Client) rf.Authorizer = spt rf.Sender = autorest.CreateSender(withRequestLogging()) client.resourceFindClient = rf - jc := scheduler.NewJobsClient(c.SubscriptionID) + jc := scheduler.NewJobsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&jc.Client) jc.Authorizer = spt jc.Sender = autorest.CreateSender(withRequestLogging()) client.jobsClient = jc - jcc := scheduler.NewJobCollectionsClient(c.SubscriptionID) + jcc := scheduler.NewJobCollectionsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&jcc.Client) jcc.Authorizer = spt jcc.Sender = autorest.CreateSender(withRequestLogging()) client.jobsCollectionsClient = jcc - ssc := storage.NewAccountsClient(c.SubscriptionID) + ssc := storage.NewAccountsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&ssc.Client) ssc.Authorizer = spt ssc.Sender = autorest.CreateSender(withRequestLogging()) client.storageServiceClient = ssc - suc := storage.NewUsageOperationsClient(c.SubscriptionID) + suc := storage.NewUsageOperationsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&suc.Client) suc.Authorizer = spt suc.Sender = autorest.CreateSender(withRequestLogging()) client.storageUsageClient = suc - cpc := cdn.NewProfilesClient(c.SubscriptionID) + cpc := cdn.NewProfilesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&cpc.Client) cpc.Authorizer = spt cpc.Sender = autorest.CreateSender(withRequestLogging()) client.cdnProfilesClient = cpc - cec := cdn.NewEndpointsClient(c.SubscriptionID) + cec := cdn.NewEndpointsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&cec.Client) cec.Authorizer = spt cec.Sender = autorest.CreateSender(withRequestLogging()) client.cdnEndpointsClient = cec - dc := resources.NewDeploymentsClient(c.SubscriptionID) + dc := resources.NewDeploymentsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&dc.Client) dc.Authorizer = spt dc.Sender = autorest.CreateSender(withRequestLogging()) client.deploymentsClient = dc - tmpc := trafficmanager.NewProfilesClient(c.SubscriptionID) + tmpc := trafficmanager.NewProfilesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&tmpc.Client) tmpc.Authorizer = spt tmpc.Sender = autorest.CreateSender(withRequestLogging()) client.trafficManagerProfilesClient = tmpc - tmec := trafficmanager.NewEndpointsClient(c.SubscriptionID) + tmec := trafficmanager.NewEndpointsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&tmec.Client) tmec.Authorizer = spt tmec.Sender = autorest.CreateSender(withRequestLogging()) client.trafficManagerEndpointsClient = tmec - rdc := redis.NewClient(c.SubscriptionID) + rdc := redis.NewClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rdc.Client) rdc.Authorizer = spt rdc.Sender = autorest.CreateSender(withRequestLogging()) client.redisClient = rdc - sbnc := servicebus.NewNamespacesClient(c.SubscriptionID) + sbnc := servicebus.NewNamespacesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&sbnc.Client) sbnc.Authorizer = spt sbnc.Sender = autorest.CreateSender(withRequestLogging()) client.serviceBusNamespacesClient = sbnc - sbtc := servicebus.NewTopicsClient(c.SubscriptionID) + sbtc := servicebus.NewTopicsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&sbtc.Client) sbtc.Authorizer = spt sbtc.Sender = autorest.CreateSender(withRequestLogging()) client.serviceBusTopicsClient = sbtc - sbsc := servicebus.NewSubscriptionsClient(c.SubscriptionID) + sbsc := servicebus.NewSubscriptionsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&sbsc.Client) sbsc.Authorizer = spt sbsc.Sender = autorest.CreateSender(withRequestLogging()) client.serviceBusSubscriptionsClient = sbsc - kvc := keyvault.NewVaultsClient(c.SubscriptionID) + kvc := keyvault.NewVaultsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&kvc.Client) kvc.Authorizer = spt kvc.Sender = autorest.CreateSender(withRequestLogging()) diff --git a/builtin/providers/azurerm/provider.go b/builtin/providers/azurerm/provider.go index 9b4be30dde..62d060a39f 100644 --- a/builtin/providers/azurerm/provider.go +++ b/builtin/providers/azurerm/provider.go @@ -45,6 +45,12 @@ func Provider() terraform.ResourceProvider { DefaultFunc: schema.EnvDefaultFunc("ARM_TENANT_ID", ""), }, + "environment": { + Type: schema.TypeString, + Required: true, + DefaultFunc: schema.EnvDefaultFunc("ARM_ENVIRONMENT", "public"), + }, + "skip_provider_registration": { Type: schema.TypeBool, Optional: true, @@ -134,6 +140,7 @@ type Config struct { ClientID string ClientSecret string TenantID string + Environment string SkipProviderRegistration bool validateCredentialsOnce sync.Once @@ -154,6 +161,9 @@ func (c *Config) validate() error { if c.TenantID == "" { err = multierror.Append(err, fmt.Errorf("Tenant ID must be configured for the AzureRM provider")) } + if c.Environment == "" { + err = multierror.Append(err, fmt.Errorf("Environment must be configured for the AzureRM provider")) + } return err.ErrorOrNil() } @@ -165,6 +175,7 @@ func providerConfigure(p *schema.Provider) schema.ConfigureFunc { ClientID: d.Get("client_id").(string), ClientSecret: d.Get("client_secret").(string), TenantID: d.Get("tenant_id").(string), + Environment: d.Get("environment").(string), SkipProviderRegistration: d.Get("skip_provider_registration").(bool), } diff --git a/vendor/github.com/jen20/riviera/azure/client.go b/vendor/github.com/jen20/riviera/azure/client.go index f7d2c885a3..3de8571877 100644 --- a/vendor/github.com/jen20/riviera/azure/client.go +++ b/vendor/github.com/jen20/riviera/azure/client.go @@ -12,7 +12,8 @@ import ( type Client struct { logger *log.Logger - subscriptionID string + subscriptionID string + resourceManagerEndpoint string tokenRequester *tokenRequester httpClient *retryablehttp.Client @@ -24,13 +25,21 @@ func NewClient(creds *AzureResourceManagerCredentials) (*Client, error) { httpClient := retryablehttp.NewClient() httpClient.Logger = defaultLogger - tr := newTokenRequester(httpClient, creds.ClientID, creds.ClientSecret, creds.TenantID) + if creds.ResourceManagerEndpoint == "" { + creds.ResourceManagerEndpoint = defaultResourceManagerEndpoint + } + if creds.ActiveDirectoryEndpoint == "" { + creds.ActiveDirectoryEndpoint = defaultActiveDirectoryEndpoint + } + + tr := newTokenRequester(httpClient, creds) return &Client{ - subscriptionID: creds.SubscriptionID, - httpClient: httpClient, - tokenRequester: tr, - logger: defaultLogger, + subscriptionID: creds.SubscriptionID, + resourceManagerEndpoint: creds.ResourceManagerEndpoint, + httpClient: httpClient, + tokenRequester: tr, + logger: defaultLogger, }, nil } diff --git a/vendor/github.com/jen20/riviera/azure/credentials.go b/vendor/github.com/jen20/riviera/azure/credentials.go index 7b3c8543b1..4a595a6dcb 100644 --- a/vendor/github.com/jen20/riviera/azure/credentials.go +++ b/vendor/github.com/jen20/riviera/azure/credentials.go @@ -1,8 +1,17 @@ package azure +const ( + defaultResourceManagerEndpoint = "https://management.azure.com" + defaultActiveDirectoryEndpoint = "https://login.microsoftonline.com" +) + type AzureResourceManagerCredentials struct { ClientID string ClientSecret string TenantID string SubscriptionID string + + // can be overridden for non public clouds + ResourceManagerEndpoint string + ActiveDirectoryEndpoint string } diff --git a/vendor/github.com/jen20/riviera/azure/endpoints.go b/vendor/github.com/jen20/riviera/azure/endpoints.go deleted file mode 100644 index e88eb66c3a..0000000000 --- a/vendor/github.com/jen20/riviera/azure/endpoints.go +++ /dev/null @@ -1,43 +0,0 @@ -package azure - -import ( - "reflect" - "strings" -) - -type Endpoints struct { - resourceManagerEndpointUrl string - activeDirectoryEndpointUrl string -} - -var ( - ChineseEndpoints = Endpoints{"https://management.chinacloudapi.cn", "https://login.chinacloudapi.cn"} - DefaultEndpoints = Endpoints{"https://management.azure.com", "https://login.microsoftonline.com"} - GermanEndpoints = Endpoints{"https://management.microsoftazure.de", "https://login.microsoftonline.de"} - USGovEndpoints = Endpoints{"https://management.usgovcloudapi.net", "https://login.microsoftonline.com"} -) - -func GetEndpointsForLocation(location string) Endpoints { - location = strings.Replace(strings.ToLower(location), " ", "", -1) - - switch location { - case GermanyCentral, GermanyEast: - return GermanEndpoints - case ChinaEast, ChinaNorth: - return ChineseEndpoints - case USGovIowa, USGovVirginia: - return USGovEndpoints - default: - return DefaultEndpoints - } -} - -func GetEndpointsForCommand(command APICall) Endpoints { - locationField := reflect.Indirect(reflect.ValueOf(command)).FieldByName("Location") - if locationField.IsValid() { - location := locationField.Interface().(string) - return GetEndpointsForLocation(location) - } - - return DefaultEndpoints -} diff --git a/vendor/github.com/jen20/riviera/azure/get_resource_provider.go b/vendor/github.com/jen20/riviera/azure/get_resource_provider.go new file mode 100644 index 0000000000..cbce3d13fa --- /dev/null +++ b/vendor/github.com/jen20/riviera/azure/get_resource_provider.go @@ -0,0 +1,26 @@ +package azure + +import "fmt" + +type GetResourceProviderResponse struct { + ID *string `mapstructure:"id"` + Namespace *string `mapstructure:"namespace"` + RegistrationState *string `mapstructure:"registrationState"` +} + +type GetResourceProvider struct { + Namespace string `json:"-"` +} + +func (command GetResourceProvider) APIInfo() APIInfo { + return APIInfo{ + APIVersion: resourceGroupAPIVersion, + Method: "GET", + URLPathFunc: func() string { + return fmt.Sprintf("providers/%s", command.Namespace) + }, + ResponseTypeFunc: func() interface{} { + return &GetResourceProviderResponse{} + }, + } +} diff --git a/vendor/github.com/jen20/riviera/azure/register_resource_provider.go b/vendor/github.com/jen20/riviera/azure/register_resource_provider.go index 857bce0518..f1862842b8 100644 --- a/vendor/github.com/jen20/riviera/azure/register_resource_provider.go +++ b/vendor/github.com/jen20/riviera/azure/register_resource_provider.go @@ -9,7 +9,6 @@ type RegisterResourceProviderResponse struct { ApplicationID *string `mapstructure:"applicationId"` } -// TODO: Investigate RegistrationState response polling type RegisterResourceProvider struct { Namespace string `json:"-"` } diff --git a/vendor/github.com/jen20/riviera/azure/request.go b/vendor/github.com/jen20/riviera/azure/request.go index 0bf4124772..345bb7564c 100644 --- a/vendor/github.com/jen20/riviera/azure/request.go +++ b/vendor/github.com/jen20/riviera/azure/request.go @@ -75,8 +75,7 @@ func (request *Request) pollForAsynchronousResponse(acceptedResponse *http.Respo return nil, err } - endpoints := GetEndpointsForCommand(request.Command) - err = request.client.tokenRequester.addAuthorizationToRequest(req, endpoints) + err = request.client.tokenRequester.addAuthorizationToRequest(req) if err != nil { return nil, err } @@ -116,11 +115,9 @@ func defaultARMRequestSerialize(body interface{}) (io.ReadSeeker, error) { func (request *Request) Execute() (*Response, error) { apiInfo := request.Command.APIInfo() - endpoints := GetEndpointsForCommand(request.Command) - var urlString string - urlObj, _ := url.Parse(endpoints.resourceManagerEndpointUrl) + urlObj, _ := url.Parse(request.client.resourceManagerEndpoint) // Determine whether to use the URLPathFunc or the URI explicitly set in the request if request.URI == nil { @@ -166,7 +163,7 @@ func (request *Request) Execute() (*Response, error) { req.Header.Add("Content-Type", "application/json") } - err = request.client.tokenRequester.addAuthorizationToRequest(req, endpoints) + err = request.client.tokenRequester.addAuthorizationToRequest(req) if err != nil { return nil, err } diff --git a/vendor/github.com/jen20/riviera/azure/token.go b/vendor/github.com/jen20/riviera/azure/token.go index e608fc1c5c..aa7160b9fb 100644 --- a/vendor/github.com/jen20/riviera/azure/token.go +++ b/vendor/github.com/jen20/riviera/azure/token.go @@ -19,6 +19,9 @@ func init() { } type tokenRequester struct { + activeDirectoryEndpoint string + resourceManagerEndpoint string + clientID string clientSecret string tenantID string @@ -31,21 +34,23 @@ type tokenRequester struct { currentToken *token } -func newTokenRequester(client *retryablehttp.Client, clientID, clientSecret, tenantID string) *tokenRequester { +func newTokenRequester(client *retryablehttp.Client, creds *AzureResourceManagerCredentials) *tokenRequester { return &tokenRequester{ - clientID: clientID, - clientSecret: clientSecret, - tenantID: tenantID, - refreshWithin: 5 * time.Minute, - httpClient: client, + activeDirectoryEndpoint: creds.ActiveDirectoryEndpoint, + resourceManagerEndpoint: creds.ResourceManagerEndpoint, + clientID: creds.ClientID, + clientSecret: creds.ClientSecret, + tenantID: creds.TenantID, + refreshWithin: 5 * time.Minute, + httpClient: client, } } // addAuthorizationToRequest adds an Authorization header to an http.Request, having ensured // that the token is sufficiently fresh. This may invoke network calls, so should not be // relied on to return quickly. -func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Request, endpoints Endpoints) error { - token, err := tr.getUsableToken(endpoints) +func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Request) error { + token, err := tr.getUsableToken() if err != nil { return fmt.Errorf("Error obtaining authorization token: %s", err) } @@ -54,7 +59,7 @@ func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Reque return nil } -func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) { +func (tr *tokenRequester) getUsableToken() (*token, error) { tr.l.Lock() defer tr.l.Unlock() @@ -62,7 +67,7 @@ func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) { return tr.currentToken, nil } - newToken, err := tr.refreshToken(endpoints) + newToken, err := tr.refreshToken() if err != nil { return nil, fmt.Errorf("Error refreshing token: %s", err) } @@ -71,14 +76,14 @@ func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) { return newToken, nil } -func (tr *tokenRequester) refreshToken(endpoints Endpoints) (*token, error) { - oauthURL := fmt.Sprintf("%s/%s/oauth2/%s?api-version=1.0", endpoints.activeDirectoryEndpointUrl, tr.tenantID, "token") +func (tr *tokenRequester) refreshToken() (*token, error) { + oauthURL := fmt.Sprintf("%s/%s/oauth2/%s?api-version=1.0", tr.activeDirectoryEndpoint, tr.tenantID, "token") v := url.Values{} v.Set("client_id", tr.clientID) v.Set("client_secret", tr.clientSecret) v.Set("grant_type", "client_credentials") - v.Set("resource", strings.TrimSuffix(endpoints.resourceManagerEndpointUrl, "/")+"/") + v.Set("resource", strings.TrimSuffix(tr.resourceManagerEndpoint, "/")+"/") var newToken token response, err := tr.httpClient.PostForm(oauthURL, v) diff --git a/vendor/vendor.json b/vendor/vendor.json index eb27d57e56..91b5a7ed79 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -1863,34 +1863,34 @@ "revisionTime": "2017-01-03T19:23:32Z" }, { - "checksumSHA1": "tRK0n/cIjBCYjnumPiP9cCS2CnA=", + "checksumSHA1": "hD8LA+lIAv6MB82Db29L71c2Jjc=", "path": "github.com/jen20/riviera/azure", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "checksumSHA1": "ncdT+1PFEF5ly0niXuQc9/pKzT0=", "path": "github.com/jen20/riviera/dns", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "checksumSHA1": "zVXx6ha3bt0N4ukRbRHXjSl91S4=", "path": "github.com/jen20/riviera/search", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "checksumSHA1": "mD+brnqSfkLheYdGzTUqUi6VWgw=", "path": "github.com/jen20/riviera/sql", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "checksumSHA1": "nKUCquNpJ9ifHgkXoT4K3Xar6R8=", "path": "github.com/jen20/riviera/storage", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "comment": "0.2.2-2-gc01cf91", diff --git a/website/source/docs/providers/azurerm/index.html.markdown b/website/source/docs/providers/azurerm/index.html.markdown index f6d9bc2afd..9c5f0ee07c 100644 --- a/website/source/docs/providers/azurerm/index.html.markdown +++ b/website/source/docs/providers/azurerm/index.html.markdown @@ -76,6 +76,13 @@ The following arguments are supported: * `tenant_id` - (Optional) The tenant ID to use. It can also be sourced from the `ARM_TENANT_ID` environment variable. +* `environment` - (Optional) The cloud environment to use. It can also be sourced + from the `ARM_ENVIRONMENT` environment variable. Supported values are: + * `public` (default) + * `usgovernment` + * `german` + * `china` + * `skip_provider_registration` - (Optional) Prevents the provier from registering the ARM provider namespaces, this can be used if you don't wish to give the Active Directory Application permission to register resource providers. It can also be