add

Author: SevenEarth

tencentcloud/connectivity/client.go

@@ -253,6 +253,14 @@ func (me *TencentCloudClient) NewClientIntlProfile(timeout int) *intlProfile.Cli
 	return cpf
 }
 
+func (me *TencentCloudClient) UseCosClientNew(cdcId ...string) *s3.S3 {
+	if cdcId[0] == "" {
+		return me.UseCosClient()
+	} else {
+		return me.UseCosCdcClient(cdcId[0])
+	}
+}
+
 // UseCosClient returns cos client for service
 func (me *TencentCloudClient) UseCosClient() *s3.S3 {
 	if me.cosConn != nil {
@@ -279,6 +287,37 @@ func (me *TencentCloudClient) UseCosClient() *s3.S3 {
 	return s3.New(sess)
 }
 
+// UseCosClient returns cos client for service with CDC
+func (me *TencentCloudClient) UseCosCdcClient(cdcId string) *s3.S3 {
+	resolver := func(service, region string, optFns ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) {
+		if service == endpoints.S3ServiceID {
+			endpointUrl := fmt.Sprintf("https://%s.cos-cdc.%s.myqcloud.com", cdcId, region)
+			return endpoints.ResolvedEndpoint{
+				URL:           endpointUrl,
+				SigningRegion: region,
+			}, nil
+		}
+		return endpoints.DefaultResolver().EndpointFor(service, region, optFns...)
+	}
+
+	creds := credentials.NewStaticCredentials(me.Credential.SecretId, me.Credential.SecretKey, me.Credential.Token)
+	sess := session.Must(session.NewSession(&aws.Config{
+		Credentials:      creds,
+		Region:           aws.String(me.Region),
+		EndpointResolver: endpoints.ResolverFunc(resolver),
+	}))
+
+	return s3.New(sess)
+}
+
+func (me *TencentCloudClient) UseTencentCosClientNew(bucket string, cdcId ...string) *cos.Client {
+	if cdcId[0] == "" {
+		return me.UseTencentCosClient(bucket)
+	} else {
+		return me.UseTencentCosCdcClient(bucket, cdcId[0])
+	}
+}
+
 // UseTencentCosClient tencent cloud own client for service instead of aws
 func (me *TencentCloudClient) UseTencentCosClient(bucket string) *cos.Client {
 	u, _ := url.Parse(fmt.Sprintf("https://%s.cos.%s.myqcloud.com", bucket, me.Region))
@@ -303,6 +342,31 @@ func (me *TencentCloudClient) UseTencentCosClient(bucket string) *cos.Client {
 	return me.tencentCosConn
 }
 
+// UseTencentCosClient tencent cloud own client for service instead of aws with CDC
+func (me *TencentCloudClient) UseTencentCosCdcClient(bucket string, cdcId string) *cos.Client {
+	var u *url.URL
+	u, _ = url.Parse(fmt.Sprintf("https://%s.%s.cos-cdc.%s.myqcloud.com", bucket, cdcId, me.Region))
+
+	if me.tencentCosConn != nil && me.tencentCosConn.BaseURL.BucketURL == u {
+		return me.tencentCosConn
+	}
+
+	baseUrl := &cos.BaseURL{
+		BucketURL: u,
+	}
+
+	me.tencentCosConn = cos.NewClient(baseUrl, &http.Client{
+		Timeout: 100 * time.Second,
+		Transport: &cos.AuthorizationTransport{
+			SecretID:     me.Credential.SecretId,
+			SecretKey:    me.Credential.SecretKey,
+			SessionToken: me.Credential.Token,
+		},
+	})
+
+	return me.tencentCosConn
+}
+
 // UseMysqlClient returns mysql(cdb) client for service
 func (me *TencentCloudClient) UseMysqlClient(iacExtInfo ...IacExtInfo) *cdb.Client {
 	var logRoundTripper LogRoundTripper

tencentcloud/services/cos/data_source_tc_cos_buckets.go

@@ -362,7 +362,7 @@ func dataSourceTencentCloudCosBucketsRead(d *schema.ResourceData, meta interface
 			continue
 		}
 
-		respTags, err := cosService.GetBucketTags(ctx, *v.Name)
+		respTags, err := cosService.GetBucketTags(ctx, *v.Name, "")
 		if err != nil {
 			return err
 		}
@@ -382,7 +382,7 @@ func dataSourceTencentCloudCosBucketsRead(d *schema.ResourceData, meta interface
 
 		bucket["bucket"] = *v.Name
 
-		corsRules, err := cosService.GetBucketCors(ctx, *v.Name)
+		corsRules, err := cosService.GetBucketCors(ctx, *v.Name, "")
 		if err != nil {
 			return err
 		}
@@ -394,7 +394,7 @@ func dataSourceTencentCloudCosBucketsRead(d *schema.ResourceData, meta interface
 		}
 		bucket["lifecycle_rules"] = lifecycleRules
 
-		website, err := cosService.GetBucketWebsite(ctx, *v.Name)
+		website, err := cosService.GetBucketWebsite(ctx, *v.Name, "")
 		if err != nil {
 			return err
 		}
@@ -411,7 +411,7 @@ func dataSourceTencentCloudCosBucketsRead(d *schema.ResourceData, meta interface
 			bucket["origin_domain_rules"] = domainRules
 		}
 
-		aclBody, err := cosService.GetBucketACL(ctx, *v.Name)
+		aclBody, err := cosService.GetBucketACL(ctx, *v.Name, "")
 
 		if err != nil {
 			return err

tencentcloud/services/cos/resource_tc_cos_bucket.go

@@ -11,12 +11,30 @@ locals {
   app_id = data.tencentcloud_user_info.info.app_id
 }
 
-resource "tencentcloud_cos_bucket" "private_sbucket" {
+resource "tencentcloud_cos_bucket" "private_bucket" {
   bucket = "private-bucket-${local.app_id}"
   acl    = "private"
 }
 ```
 
+Private Bucket with CDC cluster
+
+```hcl
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "private_bucket" {
+  bucket            = "private-bucket-${local.app_id}"
+  cdc_id            = "cluster-262n63e8"
+  acl               = "private"
+  versioning_enable = true
+  force_clean       = true
+}
+```
+
 Creation of multiple available zone bucket
 
 ```hcl
@@ -27,9 +45,9 @@ locals {
 }
 
 resource "tencentcloud_cos_bucket" "multi_zone_bucket" {
-  bucket   = "multi-zone-bucket-${local.app_id}"
-  acl      = "private"
-  multi_az = true
+  bucket            = "multi-zone-bucket-${local.app_id}"
+  acl               = "private"
+  multi_az          = true
   versioning_enable = true
   force_clean       = true
 }
@@ -112,6 +130,46 @@ EOF
 }
 ```
 
+Using verbose acl with CDC
+
+```hcl
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "bucket_with_acl" {
+  bucket   = "bucketwith-acl-${local.app_id}"
+  cdc_id   = "cluster-262n63e8"
+  # NOTE: Specify the acl_body by the priority sequence of permission and user type with the following sequence: `CanonicalUser with READ`, `CanonicalUser with WRITE`, `CanonicalUser with FULL_CONTROL`, `CanonicalUser with WRITE_ACP`, `CanonicalUser with READ_ACP`, then specify the `Group` of permissions same as `CanonicalUser`.
+  acl_body = <<EOF
+<AccessControlPolicy
+    xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
+    <Owner>
+        <ID>qcs::cam::uin/100023201586:uin/100023201586</ID>
+    </Owner>
+    <AccessControlList>
+        <Grant>
+            <Grantee
+                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
+                <ID>qcs::cam::uin/100023201586:uin/100023201586</ID>
+            </Grantee>
+            <Permission>FULL_CONTROL</Permission>
+        </Grant>
+        <Grant>
+            <Grantee
+                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
+                <ID>100015006748</ID>
+            </Grantee>
+            <Permission>READ</Permission>
+        </Grant>
+    </AccessControlList>
+</AccessControlPolicy>
+EOF
+}
+```
+
 Static Website
 
 ```hcl
@@ -158,6 +216,29 @@ resource "tencentcloud_cos_bucket" "bucket_with_cors" {
 }
 ```
 
+Using CORS with CDC
+
+```hcl
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "bucket_with_cors" {
+  bucket = "bucket-with-cors-${local.app_id}"
+  cdc_id = "cluster-262n63e8"
+
+  cors_rules {
+    allowed_origins = ["http://*.abc.com"]
+    allowed_methods = ["PUT", "POST"]
+    allowed_headers = ["*"]
+    max_age_seconds = 300
+    expose_headers = ["Etag"]
+  }
+}
+```
+
 Using object lifecycle
 
 ```hcl
@@ -186,32 +267,57 @@ resource "tencentcloud_cos_bucket" "bucket_with_lifecycle" {
 }
 ```
 
-Using replication
+Using object lifecycle with CDC
+
 ```hcl
 data "tencentcloud_user_info" "info" {}
 
 locals {
   app_id = data.tencentcloud_user_info.info.app_id
-  uin = data.tencentcloud_user_info.info.uin
+}
+
+resource "tencentcloud_cos_bucket" "bucket_with_lifecycle" {
+  bucket = "bucket-with-lifecycle-${local.app_id}"
+  cdc_id = "cluster-262n63e8"
+  acl    = "private"
+
+  lifecycle_rules {
+    filter_prefix = "path1/"
+
+    expiration {
+      days = 90
+    }
+  }
+}
+```
+
+Using replication
+
+```hcl
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id    = data.tencentcloud_user_info.info.app_id
+  uin       = data.tencentcloud_user_info.info.uin
   owner_uin = data.tencentcloud_user_info.info.owner_uin
-  region = "ap-guangzhou"
+  region    = "ap-guangzhou"
 }
 
 resource "tencentcloud_cos_bucket" "bucket_replicate" {
-  bucket = "bucket-replicate-${local.app_id}"
-  acl    = "private"
+  bucket            = "bucket-replicate-${local.app_id}"
+  acl               = "private"
   versioning_enable = true
 }
 
 resource "tencentcloud_cos_bucket" "bucket_with_replication" {
-  bucket = "bucket-with-replication-${local.app_id}"
-  acl    = "private"
+  bucket            = "bucket-with-replication-${local.app_id}"
+  acl               = "private"
   versioning_enable = true
-  replica_role = "qcs::cam::uin/${local.owner_uin}:uin/${local.uin}"
+  replica_role      = "qcs::cam::uin/${local.owner_uin}:uin/${local.uin}"
   replica_rules {
-    id = "test-rep1"
-    status = "Enabled"
-    prefix = "dist"
+    id                 = "test-rep1"
+    status             = "Enabled"
+    prefix             = "dist"
     destination_bucket = "qcs::cos:${local.region}::${tencentcloud_cos_bucket.bucket_replicate.bucket}"
   }
 }

tencentcloud/services/cos/resource_tc_cos_bucket.md

@@ -22,12 +22,30 @@ locals {
   app_id = data.tencentcloud_user_info.info.app_id
 }
 
-resource "tencentcloud_cos_bucket" "private_sbucket" {
+resource "tencentcloud_cos_bucket" "private_bucket" {
   bucket = "private-bucket-${local.app_id}"
   acl    = "private"
 }
 ```
 
+### Private Bucket with CDC cluster
+
+```hcl
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "private_bucket" {
+  bucket            = "private-bucket-${local.app_id}"
+  cdc_id            = "cluster-262n63e8"
+  acl               = "private"
+  versioning_enable = true
+  force_clean       = true
+}
+```
+
 ### Creation of multiple available zone bucket
 
 ```hcl
@@ -123,6 +141,46 @@ EOF
 }
 ```
 
+### Using verbose acl with CDC
+
+```hcl
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "bucket_with_acl" {
+  bucket = "bucketwith-acl-${local.app_id}"
+  cdc_id = "cluster-262n63e8"
+  # NOTE: Specify the acl_body by the priority sequence of permission and user type with the following sequence: `CanonicalUser with READ`, `CanonicalUser with WRITE`, `CanonicalUser with FULL_CONTROL`, `CanonicalUser with WRITE_ACP`, `CanonicalUser with READ_ACP`, then specify the `Group` of permissions same as `CanonicalUser`.
+  acl_body = <<EOF
+<AccessControlPolicy
+    xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
+    <Owner>
+        <ID>qcs::cam::uin/100023201586:uin/100023201586</ID>
+    </Owner>
+    <AccessControlList>
+        <Grant>
+            <Grantee
+                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
+                <ID>qcs::cam::uin/100023201586:uin/100023201586</ID>
+            </Grantee>
+            <Permission>FULL_CONTROL</Permission>
+        </Grant>
+        <Grant>
+            <Grantee
+                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">
+                <ID>100015006748</ID>
+            </Grantee>
+            <Permission>READ</Permission>
+        </Grant>
+    </AccessControlList>
+</AccessControlPolicy>
+EOF
+}
+```
+
 ### Static Website
 
 ```hcl
@@ -169,6 +227,29 @@ resource "tencentcloud_cos_bucket" "bucket_with_cors" {
 }
 ```
 
+### Using CORS with CDC
+
+```hcl
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "bucket_with_cors" {
+  bucket = "bucket-with-cors-${local.app_id}"
+  cdc_id = "cluster-262n63e8"
+
+  cors_rules {
+    allowed_origins = ["http://*.abc.com"]
+    allowed_methods = ["PUT", "POST"]
+    allowed_headers = ["*"]
+    max_age_seconds = 300
+    expose_headers  = ["Etag"]
+  }
+}
+```
+
 ### Using object lifecycle
 
 ```hcl
@@ -197,6 +278,30 @@ resource "tencentcloud_cos_bucket" "bucket_with_lifecycle" {
 }
 ```
 
+### Using object lifecycle with CDC
+
+```hcl
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "bucket_with_lifecycle" {
+  bucket = "bucket-with-lifecycle-${local.app_id}"
+  cdc_id = "cluster-262n63e8"
+  acl    = "private"
+
+  lifecycle_rules {
+    filter_prefix = "path1/"
+
+    expiration {
+      days = 90
+    }
+  }
+}
+```
+
 ### Using replication
 
 ```hcl
@@ -237,6 +342,7 @@ The following arguments are supported:
 * `acceleration_enable` - (Optional, Bool) Enable bucket acceleration.
 * `acl_body` - (Optional, String) ACL XML body for multiple grant info. NOTE: this argument will overwrite `acl`. Check https://intl.cloud.tencent.com/document/product/436/7737 for more detail.
 * `acl` - (Optional, String) The canned ACL to apply. Valid values: private, public-read, and public-read-write. Defaults to private.
+* `cdc_id` - (Optional, String, ForceNew) CDC cluster ID.
 * `cors_rules` - (Optional, List) A rule of Cross-Origin Resource Sharing (documented below).
 * `enable_intelligent_tiering` - (Optional, Bool) Enable intelligent tiering. NOTE: When intelligent tiering configuration is enabled, it cannot be turned off or modified.
 * `encryption_algorithm` - (Optional, String) The server-side encryption algorithm to use. Valid value is `AES256`.