Add support for Azure Blob Storage protection (#204)

Author: johan3141592

docs/data-sources/azure_permissions.md

@@ -10,6 +10,7 @@ description: |-
     * AZURE_SQL_MI_PROTECTION
     * CLOUD_NATIVE_ARCHIVAL
     * CLOUD_NATIVE_ARCHIVAL_ENCRYPTION
+    * CLOUD_NATIVE_BLOB_PROTECTION
     * CLOUD_NATIVE_PROTECTION
     * EXOCOMPUTE
   See the subscription ../resources/azure_subscription resource for more information
@@ -40,6 +41,7 @@ supported for Azure subscriptions are:
   * `AZURE_SQL_MI_PROTECTION`
   * `CLOUD_NATIVE_ARCHIVAL`
   * `CLOUD_NATIVE_ARCHIVAL_ENCRYPTION`
+  * `CLOUD_NATIVE_BLOB_PROTECTION`
   * `CLOUD_NATIVE_PROTECTION`
   * `EXOCOMPUTE`
 
@@ -99,8 +101,8 @@ resource "polaris_azure_subscription" "subscription" {
 
 ### Optional
 
-- `feature` (String) RSC feature. Note that the feature name must be given in the `EXAMPLE_FEATURE_NAME` style. Possible values are `AZURE_SQL_DB_PROTECTION`, `AZURE_SQL_MI_PROTECTION`,  `CLOUD_NATIVE_ARCHIVAL`, `CLOUD_NATIVE_ARCHIVAL_ENCRYPTION`, `CLOUD_NATIVE_PROTECTION` and `EXOCOMPUTE`.
-- `features` (Set of String, Deprecated) RSC features. Possible values are `AZURE_SQL_DB_PROTECTION`, `AZURE_SQL_MI_PROTECTION`, `CLOUD_NATIVE_ARCHIVAL`, `CLOUD_NATIVE_ARCHIVAL_ENCRYPTION`, `CLOUD_NATIVE_PROTECTION` and `EXOCOMPUTE`. **Deprecated:** use `feature` instead.
+- `feature` (String) RSC feature. Note that the feature name must be given in the `EXAMPLE_FEATURE_NAME` style. Possible values are `AZURE_SQL_DB_PROTECTION`, `AZURE_SQL_MI_PROTECTION`,  `CLOUD_NATIVE_ARCHIVAL`, `CLOUD_NATIVE_ARCHIVAL_ENCRYPTION`, `CLOUD_NATIVE_BLOB_PROTECTION`, `CLOUD_NATIVE_PROTECTION` and `EXOCOMPUTE`.
+- `features` (Set of String, Deprecated) RSC features. Possible values are `AZURE_SQL_DB_PROTECTION`, `AZURE_SQL_MI_PROTECTION`, `CLOUD_NATIVE_ARCHIVAL`, `CLOUD_NATIVE_ARCHIVAL_ENCRYPTION`, `CLOUD_NATIVE_BLOB_PROTECTION`, `CLOUD_NATIVE_PROTECTION` and `EXOCOMPUTE`. **Deprecated:** use `feature` instead.
 
 ### Read-Only
 

docs/resources/azure_subscription.md

@@ -152,6 +152,7 @@ resource "polaris_azure_subscription" "default" {
 
 - `cloud_native_archival` (Block List, Max: 1) Enable the RSC Cloud Native Archival feature for the Azure subscription. (see [below for nested schema](#nestedblock--cloud_native_archival))
 - `cloud_native_archival_encryption` (Block List, Max: 1) Enable the RSC Cloud Native Archival Encryption feature for the Azure subscription. (see [below for nested schema](#nestedblock--cloud_native_archival_encryption))
+- `cloud_native_blob_protection` (Block List, Max: 1) Enable the RSC Cloud Native Protection feature for Azure Blob Storage. (see [below for nested schema](#nestedblock--cloud_native_blob_protection))
 - `cloud_native_protection` (Block List, Max: 1) Enable the RSC Cloud Native Protection feature for the Azure subscription. (see [below for nested schema](#nestedblock--cloud_native_protection))
 - `delete_snapshots_on_destroy` (Boolean) Should snapshots be deleted when the resource is destroyed. Default value is `false`.
 - `exocompute` (Block List, Max: 1) Enable the RSC Exocompute feature for the Azure subscription. (see [below for nested schema](#nestedblock--exocompute))
@@ -205,6 +206,22 @@ Read-Only:
 - `status` (String) Status of the Cloud Native Archival Encryption feature.
 
 
+<a id="nestedblock--cloud_native_blob_protection"></a>
+### Nested Schema for `cloud_native_blob_protection`
+
+Required:
+
+- `regions` (Set of String) Azure regions that RSC will monitor for resources to protect according to SLA Domains. Should be specified in the standard Azure style, e.g. `eastus`.
+
+Optional:
+
+- `permissions` (String) Permissions updated signal. When this field changes, the provider will notify RSC that the permissions for the feature has been updated. Use this field with the `polaris_azure_permissions` data source.
+
+Read-Only:
+
+- `status` (String) Status of the Cloud Native Blob Protection feature.
+
+
 <a id="nestedblock--cloud_native_protection"></a>
 ### Nested Schema for `cloud_native_protection`
 

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/terraform-plugin-docs v0.16.0
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0
-	github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.6
+	github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.7
 )
 
 require (

go.sum

@@ -270,8 +270,8 @@ github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSg
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.6 h1:7tIuXO7wf/zLBmYtd3HXevp733UeHRY5VzrLSzgA57g=
-github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.6/go.mod h1:ryJGDKlbaCvozY3Wvt+TPSN2OZRChQedHUNsnVfCbXE=
+github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.7 h1:n3tfrj61TLoKKkywcboFjEb/sd+G53vJV13dfV14k3Q=
+github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.7/go.mod h1:ryJGDKlbaCvozY3Wvt+TPSN2OZRChQedHUNsnVfCbXE=
 github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww=
 github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=

internal/provider/data_source_azure_permissions.go

@@ -41,6 +41,7 @@ supported for Azure subscriptions are:
   * ´AZURE_SQL_MI_PROTECTION´
   * ´CLOUD_NATIVE_ARCHIVAL´
   * ´CLOUD_NATIVE_ARCHIVAL_ENCRYPTION´
+  * ´CLOUD_NATIVE_BLOB_PROTECTION´
   * ´CLOUD_NATIVE_PROTECTION´
   * ´EXOCOMPUTE´
 
@@ -105,11 +106,12 @@ func dataSourceAzurePermissions() *schema.Resource {
 				ExactlyOneOf: []string{keyFeature, keyFeatures},
 				Description: "RSC feature. Note that the feature name must be given in the `EXAMPLE_FEATURE_NAME` " +
 					"style. Possible values are `AZURE_SQL_DB_PROTECTION`, `AZURE_SQL_MI_PROTECTION`,  " +
-					"`CLOUD_NATIVE_ARCHIVAL`, `CLOUD_NATIVE_ARCHIVAL_ENCRYPTION`, `CLOUD_NATIVE_PROTECTION` and " +
-					"`EXOCOMPUTE`.",
+					"`CLOUD_NATIVE_ARCHIVAL`, `CLOUD_NATIVE_ARCHIVAL_ENCRYPTION`, `CLOUD_NATIVE_BLOB_PROTECTION`, " +
+					"`CLOUD_NATIVE_PROTECTION` and `EXOCOMPUTE`.",
 				ValidateFunc: validation.StringInSlice([]string{
 					"AZURE_SQL_DB_PROTECTION", "AZURE_SQL_MI_PROTECTION", "CLOUD_NATIVE_ARCHIVAL",
-					"CLOUD_NATIVE_ARCHIVAL_ENCRYPTION", "CLOUD_NATIVE_PROTECTION", "EXOCOMPUTE",
+					"CLOUD_NATIVE_ARCHIVAL_ENCRYPTION", "CLOUD_NATIVE_BLOB_PROTECTION", "CLOUD_NATIVE_PROTECTION",
+					"EXOCOMPUTE",
 				}, false),
 			},
 			keyFeatures: {
@@ -118,14 +120,16 @@ func dataSourceAzurePermissions() *schema.Resource {
 					Type: schema.TypeString,
 					ValidateFunc: validation.StringInSlice([]string{
 						"AZURE_SQL_DB_PROTECTION", "AZURE_SQL_MI_PROTECTION", "CLOUD_NATIVE_ARCHIVAL",
-						"CLOUD_NATIVE_ARCHIVAL_ENCRYPTION", "CLOUD_NATIVE_PROTECTION", "EXOCOMPUTE",
+						"CLOUD_NATIVE_ARCHIVAL_ENCRYPTION", "CLOUD_NATIVE_BLOB_PROTECTION", "CLOUD_NATIVE_PROTECTION",
+						"EXOCOMPUTE",
 					}, false),
 				},
 				MinItems: 1,
 				Optional: true,
 				Description: "RSC features. Possible values are `AZURE_SQL_DB_PROTECTION`, " +
 					"`AZURE_SQL_MI_PROTECTION`, `CLOUD_NATIVE_ARCHIVAL`, `CLOUD_NATIVE_ARCHIVAL_ENCRYPTION`, " +
-					"`CLOUD_NATIVE_PROTECTION` and `EXOCOMPUTE`. **Deprecated:** use `feature` instead.",
+					"`CLOUD_NATIVE_BLOB_PROTECTION`, `CLOUD_NATIVE_PROTECTION` and `EXOCOMPUTE`. **Deprecated:** " +
+					"use `feature` instead.",
 				Deprecated: "use `feature` instead",
 			},
 			keyHash: {

internal/provider/names.go

@@ -42,6 +42,7 @@ const (
 	keyCloudComputeSettings                         = "cloud_compute_settings"
 	keyCloudNativeArchival                          = "cloud_native_archival"
 	keyCloudNativeArchivalEncryption                = "cloud_native_archival_encryption"
+	keyCloudNativeBlobProtection                    = "cloud_native_blob_protection"
 	keyCloudNativeProtection                        = "cloud_native_protection"
 	keyClusterID                                    = "cluster_id"
 	keyClusterName                                  = "cluster_name"

internal/provider/resource_azure_subscription.go

@@ -157,7 +157,7 @@ func resourceAzureSubscription() *schema.Resource {
 				MaxItems: 1,
 				Optional: true,
 				AtLeastOneOf: []string{
-					keyCloudNativeArchival,
+					keyCloudNativeBlobProtection,
 					keyCloudNativeProtection,
 					keyExocompute,
 					keySQLDBProtection,
@@ -261,6 +261,46 @@ func resourceAzureSubscription() *schema.Resource {
 				},
 				Description: "Enable the RSC Cloud Native Archival Encryption feature for the Azure subscription.",
 			},
+			keyCloudNativeBlobProtection: {
+				Type: schema.TypeList,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						keyPermissions: {
+							Type:     schema.TypeString,
+							Optional: true,
+							Description: "Permissions updated signal. When this field changes, the provider will notify " +
+								"RSC that the permissions for the feature has been updated. Use this field with the " +
+								"`polaris_azure_permissions` data source.",
+							ValidateFunc: validation.StringIsNotWhiteSpace,
+						},
+						keyRegions: {
+							Type: schema.TypeSet,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+							MinItems: 1,
+							Required: true,
+							Description: "Azure regions that RSC will monitor for resources to protect according to " +
+								"SLA Domains. Should be specified in the standard Azure style, e.g. `eastus`.",
+						},
+						keyStatus: {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Status of the Cloud Native Blob Protection feature.",
+						},
+					},
+				},
+				MaxItems: 1,
+				Optional: true,
+				AtLeastOneOf: []string{
+					keyCloudNativeArchival,
+					keyCloudNativeProtection,
+					keyExocompute,
+					keySQLDBProtection,
+					keySQLMIProtection,
+				},
+				Description: "Enable the RSC Cloud Native Protection feature for Azure Blob Storage.",
+			},
 			keyCloudNativeProtection: {
 				Type: schema.TypeList,
 				Elem: &schema.Resource{
@@ -328,7 +368,7 @@ func resourceAzureSubscription() *schema.Resource {
 				Optional: true,
 				AtLeastOneOf: []string{
 					keyCloudNativeArchival,
-					keyCloudNativeProtection,
+					keyCloudNativeBlobProtection,
 					keyExocompute,
 					keySQLDBProtection,
 					keySQLMIProtection,
@@ -408,8 +448,8 @@ func resourceAzureSubscription() *schema.Resource {
 				Optional: true,
 				AtLeastOneOf: []string{
 					keyCloudNativeArchival,
+					keyCloudNativeBlobProtection,
 					keyCloudNativeProtection,
-					keyExocompute,
 					keySQLDBProtection,
 					keySQLMIProtection,
 				},
@@ -448,9 +488,9 @@ func resourceAzureSubscription() *schema.Resource {
 				Optional: true,
 				AtLeastOneOf: []string{
 					keyCloudNativeArchival,
+					keyCloudNativeBlobProtection,
 					keyCloudNativeProtection,
 					keyExocompute,
-					keySQLDBProtection,
 					keySQLMIProtection,
 				},
 				Description: "Enable the RSC SQL DB Protection feature for the Azure subscription.",
@@ -488,10 +528,10 @@ func resourceAzureSubscription() *schema.Resource {
 				Optional: true,
 				AtLeastOneOf: []string{
 					keyCloudNativeArchival,
+					keyCloudNativeBlobProtection,
 					keyCloudNativeProtection,
 					keyExocompute,
 					keySQLDBProtection,
-					keySQLMIProtection,
 				},
 				Description: "Enable the RSC SQL MI Protection feature for the Azure subscription.",
 			},
@@ -841,34 +881,41 @@ var azureKeyFeatureMap = map[string]orderedFeature{
 		orderSplitAdd:    203,
 		orderSplitRemove: 200,
 	},
-	keyCloudNativeProtection: {
-		feature:          core.FeatureCloudNativeProtection,
+	keyCloudNativeBlobProtection: {
+		feature:          core.FeatureCloudNativeBlobProtection,
 		orderAdd:         102,
 		orderRemove:      302,
 		orderSplitAdd:    205,
 		orderSplitRemove: 204,
 	},
-	keyExocompute: {
-		feature:          core.FeatureExocompute,
+	keyCloudNativeProtection: {
+		feature:          core.FeatureCloudNativeProtection,
 		orderAdd:         103,
 		orderRemove:      303,
 		orderSplitAdd:    207,
 		orderSplitRemove: 206,
 	},
-	keySQLDBProtection: {
-		feature:          core.FeatureAzureSQLDBProtection,
+	keyExocompute: {
+		feature:          core.FeatureExocompute,
 		orderAdd:         104,
 		orderRemove:      304,
 		orderSplitAdd:    209,
 		orderSplitRemove: 208,
 	},
-	keySQLMIProtection: {
-		feature:          core.FeatureAzureSQLMIProtection,
+	keySQLDBProtection: {
+		feature:          core.FeatureAzureSQLDBProtection,
 		orderAdd:         105,
 		orderRemove:      305,
 		orderSplitAdd:    211,
 		orderSplitRemove: 210,
 	},
+	keySQLMIProtection: {
+		feature:          core.FeatureAzureSQLMIProtection,
+		orderAdd:         106,
+		orderRemove:      306,
+		orderSplitAdd:    213,
+		orderSplitRemove: 212,
+	},
 }
 
 // addAzureFeature onboards the RSC feature for the Azure subscription.