New Resource: azurerm_application_load_balancer_security_policy

[teowa]

Community Note

• Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for PR followers and do not help prioritize for review

Description

Swagger: https://github.com/Azure/azure-rest-api-specs/blob/a36e0cfbbbdde5019c401f26bec53cca9d6d2dda/specification/servicenetworking/resource-manager/Microsoft.ServiceNetworking/stable/2025-01-01/TrafficController.json#L1086

PR Checklist

• I have followed the guidelines in our Contributing Documentation.
• I have checked to ensure there aren't other open Pull Requests for the same update/change.
• I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
• I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
• I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
  For example: “resource_name_here - description of change e.g. adding property new_property_name_here”

Changes to existing Resource / Data Source

• I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
• I have written new tests for my resource or datasource changes & updated any relevant documentation.
• I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
• (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

• My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

• new resource azurerm_application_load_balancer_security_policy [GH-00000]

This is a (please select all that apply):

• Bug Fix
• New Feature (ie adding a service, resource, or data source)
• Enhancement
• Breaking Change

Related Issue(s)

Fixes #0000

Rollback Plan

If a change needs to be reverted, we will publish an updated version of the provider.

Changes to Security Controls

Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.

Note

If this PR changes meaningfully during the course of review please update the title and description as required.

[ms-zhenhua]

Hi @teowa ,

Thanks for this PR - I've taken a look through and left some comments inline. If we can fix those up, this should be good to go 👍

[ms-zhenhua]

Suggested change

	return nil, fmt.Errorf("retrieving %q: %+v", *id, err)
	return nil, fmt.Errorf("retrieving %s: %+v", *id, err)

[teowa]

fixed

[ms-zhenhua]

Suggested change

	ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9]([a-zA-Z0-9_.-]{0,62}[a-zA-Z0-9])?$`), "`name` must begin with a letter or number, end with a letter and number, and must be between 1 and 64 characters long and can only contain letters, numbers, underscores(_), periods(.), and hyphens(-)."),
	ValidateFunc: validation.StringMatch(
	regexp.MustCompile(`^[a-zA-Z0-9]([a-zA-Z0-9_.-]{0,62}[a-zA-Z0-9])?$`),
	"`name` must begin with a letter or number, end with a letter and number, and must be between 1 and 64 characters long and can only contain letters, numbers, underscores(_), periods(.), and hyphens(-).",
	),

[teowa]

fixed

[ms-zhenhua]

wafPolicy.Id from API response should be parsed insensitively before assigned to the state. please refer to

terraform-provider-azurerm/internal/services/appservice/linux_web_app_resource.go

Line 657 in e829013

hostingEnvId, err := parse.AppServiceEnvironmentIDInsensitively(*hostingEnv.Id)

[teowa]

fixed

[teowa]

Hi @ms-zhenhua , thanks for reviewing this, I have updated the code, please kindly take another look!

[ms-zhenhua]

Hi @teowa ,

Thanks for your updates. LGTM~

[catriona-m]

HI @teowa thanks for adding this. I left a few comments inline but once these are addressed I can take another look. Thanks!

[catriona-m]

Suggested change

	name = "acct-albsp-%d"
	name = "acctest-albsp-%d"

[teowa]

fixed

[catriona-m]

Suggested change

	name = "acct-albsp-%d"
	name = "acctest-albsp-%d"

[teowa]

fixed

[catriona-m]

Suggested change

	name = "acct-albsp-%d"
	name = "acctest-albsp-%d"

[teowa]

fixed

[catriona-m]

nit, but could we space this out?

Suggested change

	}
	resource "azurerm_application_load_balancer_security_policy" "example" {
	}
	resource "azurerm_application_load_balancer_security_policy" "example" {

[teowa]

fixed

[catriona-m]

Suggested change

	Manages an Application Gateway for Containers Security Policy.
	Manages an Application Load Balancer Security Policy.

[teowa]

fixed

[catriona-m]

Suggested change

	* `location` - (Required) The Azure Region where the Application Gateway for Containers Security Policy should exist. Changing this forces a new resource to be created.
	* `location` - (Required) The Azure Region where the Application Load Balancer Security Policy should exist. Changing this forces a new resource to be created.

[teowa]

fixed

[catriona-m]

Suggested change

	* `tags` - (Optional) A mapping of tags which should be assigned to the Application Gateway for Containers Security Policy.
	* `tags` - (Optional) A mapping of tags which should be assigned to the Application Load Balancer Security Policy.

[teowa]

fixed

[catriona-m]

Suggested change

	* `id` - The ID of the Application Gateway for Containers Security Policy.
	* `id` - The ID of the Application Load Balancer Security Policy.

[teowa]

fixed

[catriona-m]

Suggested change

	* `create` - (Defaults to 30 minutes) Used when creating the Application Gateway for Containers Security Policy.
	* `read` - (Defaults to 5 minutes) Used when retrieving the Application Gateway for Containers Security Policy.
	* `delete` - (Defaults to 30 minutes) Used when deleting the Application Gateway for Containers Security Policy.
	* `create` - (Defaults to 30 minutes) Used when creating the Application Load Balancer Security Policy.
	* `read` - (Defaults to 5 minutes) Used when retrieving the Application Load Balancer Security Policy
	* `delete` - (Defaults to 30 minutes) Used when deleting the Application Load Balancer Security Policy.

[teowa]

fixed

[catriona-m]

Suggested change

	Application Gateway for Containers Security Policy can be imported using the `resource id`, e.g.
	Application Load Balancer Security Policy can be imported using the `resource id`, e.g.

[teowa]

fixed

[catriona-m]

Thanks @teowa LGTM!

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.