fix(kms): [123689078] kms support hsm_cluster_id (#3327)

* add

* add

* add

* add

Author: SevenEarth

.changelog/3327.txt

@@ -0,0 +1,15 @@
+```release-note:new-data-source
+tencentcloud_kms_service_status
+```
+
+```release-note:enhancement
+resource/tencentcloud_kms_key: support `hsm_cluster_id`
+```
+
+```release-note:enhancement
+resource/tencentcloud_kms_external_key: support `hsm_cluster_id`
+```
+
+```release-note:enhancement
+datasource/tencentcloud_kms_keys: support `hsm_cluster_id`
+```

go.mod

@@ -62,7 +62,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/emr v1.0.1115
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.777
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.970
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.563
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.1145
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/lighthouse v1.0.729
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live v1.0.777
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/mariadb v1.0.672

go.sum

@@ -942,6 +942,7 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1133/go.mod
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1135 h1:NAu4sH5c+kGTZQ0rwhnuYjIXbentw3Np+TbwimH22uc=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1135/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1136/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1142/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1145 h1:DETyir/MtG+GLOD0OatzjrQTTXRguFSJo1ZtPXtbIQw=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1145/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993 h1:WlPgXldQCxt7qi5Xrc6j6zTrsXWzN5BcOGs7Irq7fwQ=
@@ -984,6 +985,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gwlb v1.0.1127 h1:1ZhrN
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gwlb v1.0.1127/go.mod h1:HSfd/mm8VyXn7VTe3tOvPgsumbsfeYcG5QgaCI1vsRk=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.563 h1:FoX+MK4vHThvPO6FbP5q98zD8S3n+d5+DbtK7skl++c=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.563/go.mod h1:uom4Nvi9W+Qkom0exYiJ9VWJjXwyxtPYTkKkaLMlfE0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.1145 h1:/wV6YoCqDU1XXci7kxt/k+RTwx2xLzcxH4NYbC1UT6k=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.1145/go.mod h1:tUblC9MYww0ZRScBkLYINJ7F1fxAv/Ymmpbjn05RTPY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/lighthouse v1.0.729 h1:WQpzm3x27Jo/5uh6/Yqe/gbJ7r2ui9hc9ST7Ml2eP9Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/lighthouse v1.0.729/go.mod h1:lLoyD7Z6OQQDFxDGGTe8wmirhUFZ36l5OaxzP75853Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live v1.0.777 h1:8nSy6GAXc4lHj7jpSimcM2eM1wE1r7PQJM9WVzY82+U=

tencentcloud/provider.go

@@ -890,6 +890,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_kms_white_box_decrypt_key":                    kms.DataSourceTencentCloudKmsWhiteBoxDecryptKey(),
 			"tencentcloud_kms_white_box_device_fingerprints":            kms.DataSourceTencentCloudKmsWhiteBoxDeviceFingerprints(),
 			"tencentcloud_kms_list_algorithms":                          kms.DataSourceTencentCloudKmsListAlgorithms(),
+			"tencentcloud_kms_service_status":                           kms.DataSourceTencentCloudKmsServiceStatus(),
 			"tencentcloud_ssm_products":                                 ssm.DataSourceTencentCloudSsmProducts(),
 			"tencentcloud_ssm_secrets":                                  ssm.DataSourceTencentCloudSsmSecrets(),
 			"tencentcloud_ssm_secret_versions":                          ssm.DataSourceTencentCloudSsmSecretVersions(),

tencentcloud/provider.md

@@ -664,6 +664,7 @@ tencentcloud_kms_list_keys
 tencentcloud_kms_white_box_decrypt_key
 tencentcloud_kms_white_box_device_fingerprints
 tencentcloud_kms_list_algorithms
+tencentcloud_kms_service_status
 
 Resource
 tencentcloud_kms_key

tencentcloud/services/kms/data_source_tc_kms_keys.go

@@ -57,6 +57,11 @@ func DataSourceTencentCloudKmsKeys() *schema.Resource {
 				Optional:    true,
 				Description: "Tags to filter CMK.",
 			},
+			"hsm_cluster_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "The HSM cluster ID corresponding to KMS Advanced Edition (only valid for KMS Exclusive/Managed Edition service instances).",
+			},
 			"result_output_file": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -133,6 +138,11 @@ func DataSourceTencentCloudKmsKeys() *schema.Resource {
 							Computed:    true,
 							Description: "Valid when origin is `EXTERNAL`, it means the effective date of the key material.",
 						},
+						"hsm_cluster_id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The HSM cluster ID corresponding to KMS Advanced Edition (only valid for KMS Exclusive/Managed Edition service instances).",
+						},
 					},
 				},
 			},
@@ -169,6 +179,9 @@ func dataSourceTencentCloudKmsKeysRead(d *schema.ResourceData, meta interface{})
 	if tags := helper.GetTags(d, "tags"); len(tags) > 0 {
 		param["tag_filter"] = tags
 	}
+	if v, ok := d.GetOk("hsm_cluster_id"); ok {
+		param["hsm_cluster_id"] = v.(string)
+	}
 
 	kmsService := KmsService{
 		client: meta.(tccommon.ProviderMeta).GetAPIV3Conn(),
@@ -203,6 +216,7 @@ func dataSourceTencentCloudKmsKeysRead(d *schema.ResourceData, meta interface{})
 			"deletion_date":        key.DeletionDate,
 			"origin":               key.Origin,
 			"valid_to":             key.ValidTo,
+			"hsm_cluster_id":       key.HsmClusterId,
 		}
 
 		keyList = append(keyList, mapping)

tencentcloud/services/kms/data_source_tc_kms_keys.md

@@ -8,5 +8,6 @@ data "tencentcloud_kms_keys" "example" {
   key_state        = 0
   origin           = "TENCENT_KMS"
   key_usage        = "ALL"
+  hsm_cluster_id   = "cls-hsm-mwpd9cjm"
 }
 ```

tencentcloud/services/kms/data_source_tc_kms_service_status.go

@@ -0,0 +1,210 @@
+package kms
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	kms "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms/v20190118"
+
+	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func DataSourceTencentCloudKmsServiceStatus() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceTencentCloudKmsServiceStatusRead,
+		Schema: map[string]*schema.Schema{
+			"service_enabled": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Whether the KMS service has been activated. true: activated.",
+			},
+
+			"invalid_type": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Service unavailability type. 0: not purchased; 1: normal; 2: suspended due to arrears; 3: resource released.",
+			},
+
+			"user_level": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "0: Basic Edition, 1: Ultimate Edition.",
+			},
+
+			"pro_expire_time": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Expiration time of the KMS Ultimate edition. It's represented in a Unix Epoch timestamp.\nNote: This field may return null, indicating that no valid values can be obtained.",
+			},
+
+			"pro_renew_flag": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Whether to automatically renew Ultimate Edition. 0: no, 1: yes\nNote: this field may return null, indicating that no valid values can be obtained.",
+			},
+
+			"pro_resource_id": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Unique ID of the Ultimate Edition purchase record. If the Ultimate Edition is not activated, the returned value will be null.\nNote: this field may return null, indicating that no valid values can be obtained.",
+			},
+
+			"exclusive_vsm_enabled": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Whether to activate Managed KMS\nNote: This field may return `null`, indicating that no valid value can be obtained.",
+			},
+
+			"exclusive_hsm_enabled": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Whether to activate Exclusive KMS\nNote: This field may return `null`, indicating that no valid value can be obtained.",
+			},
+
+			"subscription_info": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "KMS subscription information.\nNote: This field may return null, indicating that no valid values can be obtained.",
+			},
+
+			"cmk_user_count": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Return the number of KMS user key usage.",
+			},
+
+			"cmk_limit": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Return KMS user key specification quantity.",
+			},
+
+			"exclusive_hsm_list": {
+				Type:        schema.TypeList,
+				Computed:    true,
+				Description: "Return to Exclusive Cluster Group.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"hsm_cluster_id": {
+							Type:        schema.TypeString,
+							Required:    true,
+							Description: "Exclusive cluster ID.",
+						},
+						"hsm_cluster_name": {
+							Type:        schema.TypeString,
+							Required:    true,
+							Description: "Exclusive cluster name.",
+						},
+					},
+				},
+			},
+
+			"result_output_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Used to save results.",
+			},
+		},
+	}
+}
+
+func dataSourceTencentCloudKmsServiceStatusRead(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("data_source.tencentcloud_kms_service_status.read")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	var (
+		logId   = tccommon.GetLogId(nil)
+		ctx     = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+		service = KmsService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+	)
+
+	paramMap := make(map[string]interface{})
+	var respData *kms.GetServiceStatusResponseParams
+	reqErr := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+		result, e := service.DescribeKmsServiceStatusByFilter(ctx, paramMap)
+		if e != nil {
+			return tccommon.RetryError(e)
+		}
+
+		respData = result
+		return nil
+	})
+
+	if reqErr != nil {
+		return reqErr
+	}
+
+	if respData.ServiceEnabled != nil {
+		_ = d.Set("service_enabled", respData.ServiceEnabled)
+	}
+
+	if respData.InvalidType != nil {
+		_ = d.Set("invalid_type", respData.InvalidType)
+	}
+
+	if respData.UserLevel != nil {
+		_ = d.Set("user_level", respData.UserLevel)
+	}
+
+	if respData.ProExpireTime != nil {
+		_ = d.Set("pro_expire_time", respData.ProExpireTime)
+	}
+
+	if respData.ProRenewFlag != nil {
+		_ = d.Set("pro_renew_flag", respData.ProRenewFlag)
+	}
+
+	if respData.ProResourceId != nil {
+		_ = d.Set("pro_resource_id", respData.ProResourceId)
+	}
+
+	if respData.ExclusiveVSMEnabled != nil {
+		_ = d.Set("exclusive_vsm_enabled", respData.ExclusiveVSMEnabled)
+	}
+
+	if respData.ExclusiveHSMEnabled != nil {
+		_ = d.Set("exclusive_hsm_enabled", respData.ExclusiveHSMEnabled)
+	}
+
+	if respData.SubscriptionInfo != nil {
+		_ = d.Set("subscription_info", respData.SubscriptionInfo)
+	}
+
+	if respData.CmkUserCount != nil {
+		_ = d.Set("cmk_user_count", respData.CmkUserCount)
+	}
+
+	if respData.CmkLimit != nil {
+		_ = d.Set("cmk_limit", respData.CmkLimit)
+	}
+
+	if respData.ExclusiveHSMList != nil {
+		tmpList := make([]map[string]interface{}, 0, len(respData.ExclusiveHSMList))
+		for _, item := range respData.ExclusiveHSMList {
+			dMap := make(map[string]interface{})
+			if item.HsmClusterId != nil {
+				dMap["hsm_cluster_id"] = item.HsmClusterId
+			}
+
+			if item.HsmClusterName != nil {
+				dMap["hsm_cluster_name"] = item.HsmClusterName
+			}
+
+			tmpList = append(tmpList, dMap)
+		}
+
+		_ = d.Set("exclusive_hsm_list", tmpList)
+	}
+
+	d.SetId(helper.BuildToken())
+	output, ok := d.GetOk("result_output_file")
+	if ok && output.(string) != "" {
+		if e := tccommon.WriteToFile(output.(string), d); e != nil {
+			return e
+		}
+	}
+
+	return nil
+}

tencentcloud/services/kms/data_source_tc_kms_service_status.md

@@ -0,0 +1,7 @@
+Use this data source to query detailed information of KMS service_status
+
+Example Usage
+
+```hcl
+data "tencentcloud_kms_service_status" "example" {}
+```

tencentcloud/services/kms/data_source_tc_kms_service_status_test.go

@@ -0,0 +1,29 @@
+package kms_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudKmsServiceStatusDataSource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			tcacctest.AccPreCheck(t)
+		},
+		Providers: tcacctest.AccProviders,
+		Steps: []resource.TestStep{{
+			Config: testAccKmsServiceStatusDataSource,
+			Check: resource.ComposeTestCheckFunc(
+				tcacctest.AccCheckTencentCloudDataSourceID("data.tencentcloud_kms_service_status.example"),
+			),
+		}},
+	})
+}
+
+const testAccKmsServiceStatusDataSource = `
+data "tencentcloud_kms_service_status" "example" {}
+`