diff --git a/internal/services/cdn/cdn_endpoint_custom_domain_resource.go b/internal/services/cdn/cdn_endpoint_custom_domain_resource.go index 2723b9cd6753..e44f6b3ce1d9 100644 --- a/internal/services/cdn/cdn_endpoint_custom_domain_resource.go +++ b/internal/services/cdn/cdn_endpoint_custom_domain_resource.go @@ -14,6 +14,7 @@ import ( "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" + "github.com/hashicorp/terraform-provider-azurerm/internal/features" "github.com/hashicorp/terraform-provider-azurerm/internal/services/cdn/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/services/cdn/validate" keyvaultClient "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/client" @@ -74,9 +75,7 @@ func resourceArmCdnEndpointCustomDomain() *pluginsdk.Resource { Type: pluginsdk.TypeString, Optional: true, ValidateFunc: validation.StringInSlice([]string{ - string(cdn.MinimumTLSVersionTLS10), string(cdn.MinimumTLSVersionTLS12), - string(cdn.MinimumTLSVersionNone), }, false), Default: string(cdn.MinimumTLSVersionTLS12), }, @@ -96,9 +95,7 @@ func resourceArmCdnEndpointCustomDomain() *pluginsdk.Resource { Type: pluginsdk.TypeString, Optional: true, ValidateFunc: validation.StringInSlice([]string{ - string(cdn.MinimumTLSVersionTLS10), string(cdn.MinimumTLSVersionTLS12), - string(cdn.MinimumTLSVersionNone), }, false), Default: string(cdn.MinimumTLSVersionTLS12), }, @@ -114,6 +111,28 @@ func resourceArmCdnEndpointCustomDomain() *pluginsdk.Resource { ValidateFunc: keyvaultValidate.NestedItemIdWithOptionalVersion, } + if !features.FivePointOhBeta() { + schema["cdn_managed_https"].Elem.(*pluginsdk.Resource).Schema["tls_version"] = &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: validation.StringInSlice([]string{ + string(cdn.MinimumTLSVersionNone), + string(cdn.MinimumTLSVersionTLS10), + string(cdn.MinimumTLSVersionTLS12), + }, false), + Default: string(cdn.MinimumTLSVersionTLS12), + } + schema["user_managed_https"].Elem.(*pluginsdk.Resource).Schema["tls_version"] = &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: validation.StringInSlice([]string{ + string(cdn.MinimumTLSVersionNone), + string(cdn.MinimumTLSVersionTLS10), + string(cdn.MinimumTLSVersionTLS12), + }, false), + Default: string(cdn.MinimumTLSVersionTLS12), + } + } return &pluginsdk.Resource{ Create: resourceArmCdnEndpointCustomDomainCreate, Read: resourceArmCdnEndpointCustomDomainRead, diff --git a/website/docs/5.0-upgrade-guide.html.markdown b/website/docs/5.0-upgrade-guide.html.markdown index c0a95d04096d..a78b7da48b05 100644 --- a/website/docs/5.0-upgrade-guide.html.markdown +++ b/website/docs/5.0-upgrade-guide.html.markdown @@ -64,6 +64,11 @@ Please follow the format in the example below for listing breaking changes in re * The `example_property_with_changed_default` property now defaults to `NewDefault`. ``` +### `azurerm_cdn_endpoint_custom_domain` + +* The `cdn_managed_https.tls_version` property no langer accepts `None` or `TLS10` as a value. +* The `user_managed_https.tls_version` property no langer accepts `None` or `TLS10` as a value. + ### `azurerm_cdn_frontdoor_custom_domain` * The `tls.minimum_tls_version` property no longer accepts `TLS10` as a value.