Skip to content

Commit 84b3d38

Browse files
committed
add
1 parent a5ea549 commit 84b3d38

File tree

1 file changed

+38
-11
lines changed

1 file changed

+38
-11
lines changed

tencentcloud/provider.go

Lines changed: 38 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -2245,6 +2245,7 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
22452245
forbiddenAccountIds []string
22462246
needSecret = true
22472247
needAccountFilter = false
2248+
err error
22482249
)
22492250

22502251
if v, ok := d.GetOk("secret_id"); ok {
@@ -2325,7 +2326,7 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
23252326
// get auth from CAM role name
23262327
if camRoleName != "" {
23272328
needSecret = false
2328-
err := genClientWithCAM(&tcClient, camRoleName)
2329+
err = genClientWithCAM(&tcClient, camRoleName)
23292330
if err != nil {
23302331
return nil, fmt.Errorf("Get auth from CAM role name failed. Reason: %s", err.Error())
23312332
}
@@ -2350,7 +2351,10 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
23502351

23512352
if assumeRoleArn != "" && assumeRoleSessionName != "" {
23522353
assumeRoleSessionDuration = 7200
2353-
_ = genClientWithSTS(&tcClient, assumeRoleArn, assumeRoleSessionName, assumeRoleSessionDuration, assumeRolePolicy, assumeRoleExternalId)
2354+
err = genClientWithSTS(&tcClient, assumeRoleArn, assumeRoleSessionName, assumeRoleSessionDuration, assumeRolePolicy, assumeRoleExternalId)
2355+
if err != nil {
2356+
return nil, fmt.Errorf("Get auth from assume role by credential failed. Reason: %s", err.Error())
2357+
}
23542358
}
23552359

23562360
// get assume role from env
@@ -2379,19 +2383,30 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
23792383

23802384
if envSamlAssertion == "" && envPrincipalArn == "" && envWebIdentityToken == "" {
23812385
// use assume role
2382-
_ = genClientWithSTS(&tcClient, envRoleArn, envSessionName, assumeRoleSessionDuration, "", assumeRoleExternalId)
2386+
err = genClientWithSTS(&tcClient, envRoleArn, envSessionName, assumeRoleSessionDuration, "", assumeRoleExternalId)
2387+
if err != nil {
2388+
return nil, fmt.Errorf("Get auth from assume role by env failed. Reason: %s", err.Error())
2389+
}
23832390
} else if envSamlAssertion != "" && envPrincipalArn != "" && envWebIdentityToken != "" {
2384-
return nil, fmt.Errorf("can not set `TENCENTCLOUD_ASSUME_ROLE_SAML_ASSERTION`, `TENCENTCLOUD_ASSUME_ROLE_PRINCIPAL_ARN`, `TENCENTCLOUD_ASSUME_ROLE_WEB_IDENTITY_TOKEN` at the same time.\n")
2391+
return nil, fmt.Errorf("Can not set `TENCENTCLOUD_ASSUME_ROLE_SAML_ASSERTION`, `TENCENTCLOUD_ASSUME_ROLE_PRINCIPAL_ARN`, `TENCENTCLOUD_ASSUME_ROLE_WEB_IDENTITY_TOKEN` at the same time.\n")
23852392
} else if envSamlAssertion != "" && envPrincipalArn != "" {
23862393
// use assume role with saml
2387-
_ = genClientWithSamlSTS(&tcClient, envRoleArn, envSessionName, assumeRoleSessionDuration, envSamlAssertion, envPrincipalArn)
2394+
err = genClientWithSamlSTS(&tcClient, envRoleArn, envSessionName, assumeRoleSessionDuration, envSamlAssertion, envPrincipalArn)
2395+
if err != nil {
2396+
return nil, fmt.Errorf("Get auth from assume role with SAML by env failed. Reason: %s", err.Error())
2397+
}
2398+
23882399
needSecret = false
23892400
} else if envWebIdentityToken != "" {
23902401
// use assume role with oidc
2391-
_ = genClientWithOidcSTS(&tcClient, envRoleArn, envSessionName, assumeRoleSessionDuration, envWebIdentityToken)
2402+
err = genClientWithOidcSTS(&tcClient, envRoleArn, envSessionName, assumeRoleSessionDuration, envWebIdentityToken)
2403+
if err != nil {
2404+
return nil, fmt.Errorf("Get auth from assume role with OIDC by env failed. Reason: %s", err.Error())
2405+
}
2406+
23922407
needSecret = false
23932408
} else {
2394-
return nil, fmt.Errorf("get `assume_role` from env error.\n")
2409+
return nil, fmt.Errorf("Get `assume_role` from env error.\n")
23952410
}
23962411
}
23972412

@@ -2406,7 +2421,11 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
24062421
assumeRolePolicy = assumeRole["policy"].(string)
24072422
assumeRoleExternalId = assumeRole["external_id"].(string)
24082423

2409-
_ = genClientWithSTS(&tcClient, assumeRoleArn, assumeRoleSessionName, assumeRoleSessionDuration, assumeRolePolicy, assumeRoleExternalId)
2424+
err = genClientWithSTS(&tcClient, assumeRoleArn, assumeRoleSessionName, assumeRoleSessionDuration, assumeRolePolicy, assumeRoleExternalId)
2425+
if err != nil {
2426+
return nil, fmt.Errorf("Get auth from assume role failed. Reason: %s", err.Error())
2427+
}
2428+
24102429
if camRoleName != "" {
24112430
needSecret = false
24122431
} else {
@@ -2432,7 +2451,11 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
24322451
assumeRoleSessionName = assumeRoleWithSaml["session_name"].(string)
24332452
assumeRoleSessionDuration = assumeRoleWithSaml["session_duration"].(int)
24342453

2435-
_ = genClientWithSamlSTS(&tcClient, assumeRoleArn, assumeRoleSessionName, assumeRoleSessionDuration, assumeRoleSamlAssertion, assumeRolePrincipalArn)
2454+
err = genClientWithSamlSTS(&tcClient, assumeRoleArn, assumeRoleSessionName, assumeRoleSessionDuration, assumeRoleSamlAssertion, assumeRolePrincipalArn)
2455+
if err != nil {
2456+
return nil, fmt.Errorf("Get auth from assume role with SAML failed. Reason: %s", err.Error())
2457+
}
2458+
24362459
needSecret = false
24372460
}
24382461
}
@@ -2447,7 +2470,11 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
24472470
assumeRoleSessionName = assumeRoleWithWebIdentity["session_name"].(string)
24482471
assumeRoleSessionDuration = assumeRoleWithWebIdentity["session_duration"].(int)
24492472

2450-
_ = genClientWithOidcSTS(&tcClient, assumeRoleArn, assumeRoleSessionName, assumeRoleSessionDuration, assumeRoleWebIdentityToken)
2473+
err = genClientWithOidcSTS(&tcClient, assumeRoleArn, assumeRoleSessionName, assumeRoleSessionDuration, assumeRoleWebIdentityToken)
2474+
if err != nil {
2475+
return nil, fmt.Errorf("Get auth from assume role with OIDC failed. Reason: %s", err.Error())
2476+
}
2477+
24512478
needSecret = false
24522479
}
24532480
}
@@ -2710,7 +2737,7 @@ func getCallerIdentity(tcClient *TencentCloudClient) (indentity *sdksts.GetCalle
27102737
}
27112738

27122739
if response == nil || response.Response == nil {
2713-
return nil, fmt.Errorf("get GetCallerIdentity failed")
2740+
return nil, fmt.Errorf("get GetCallerIdentity failed.")
27142741
}
27152742

27162743
indentity = response.Response

0 commit comments

Comments
 (0)