feat(tco): add resource_tc_organization_org_manage_policy_config

Author: WeiMengXS

tencentcloud/services/tco/resource_tc_organization_org_manage_policy.go

@@ -2,10 +2,13 @@ package tco
 
 import (
 	"context"
+	"fmt"
+	"log"
+	"strings"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	organization "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization/v20210331"
-	"log"
 
 	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
 	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
@@ -45,6 +48,12 @@ func ResourceTencentCloudOrganizationOrgManagePolicy() *schema.Resource {
 				Type:        schema.TypeString,
 				Description: "Policy description.",
 			},
+
+			"policy_id": {
+				Computed:    true,
+				Type:        schema.TypeString,
+				Description: "Policy Id.",
+			},
 		},
 	}
 }
@@ -56,8 +65,9 @@ func resourceTencentCloudOrganizationOrgManagePolicyCreate(d *schema.ResourceDat
 	logId := tccommon.GetLogId(tccommon.ContextNil)
 
 	var (
-		request  = organization.NewCreatePolicyRequest()
-		response = organization.NewCreatePolicyResponse()
+		policyType string
+		request    = organization.NewCreatePolicyRequest()
+		response   = organization.NewCreatePolicyResponse()
 	)
 	if v, ok := d.GetOk("name"); ok {
 		request.Name = helper.String(v.(string))
@@ -68,6 +78,7 @@ func resourceTencentCloudOrganizationOrgManagePolicyCreate(d *schema.ResourceDat
 	}
 
 	if v, ok := d.GetOk("type"); ok {
+		policyType = v.(string)
 		request.Type = helper.String(v.(string))
 	}
 
@@ -90,8 +101,7 @@ func resourceTencentCloudOrganizationOrgManagePolicyCreate(d *schema.ResourceDat
 		return err
 	}
 
-	d.SetId(helper.UInt64ToStr(*response.Response.PolicyId))
-
+	d.SetId(strings.Join([]string{helper.UInt64ToStr(*response.Response.PolicyId), policyType}, tccommon.FILED_SP))
 	return resourceTencentCloudOrganizationOrgManagePolicyRead(d, meta)
 }
 
@@ -105,11 +115,12 @@ func resourceTencentCloudOrganizationOrgManagePolicyRead(d *schema.ResourceData,
 
 	service := OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
 
-	policyId := d.Id()
-	var policyType string
-	if v, ok := d.GetOk("type"); ok {
-		policyType = v.(string)
+	idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
 	}
+	policyId := idSplit[0]
+	policyType := idSplit[1]
 
 	OrgManagePolicy, err := service.DescribeOrganizationOrgManagePolicyById(ctx, policyId, policyType)
 	if err != nil {
@@ -137,6 +148,8 @@ func resourceTencentCloudOrganizationOrgManagePolicyRead(d *schema.ResourceData,
 	if OrgManagePolicy.Description != nil {
 		_ = d.Set("description", OrgManagePolicy.Description)
 	}
+	_ = d.Set("policy_id", policyId)
+
 	return nil
 }
 
@@ -148,7 +161,11 @@ func resourceTencentCloudOrganizationOrgManagePolicyUpdate(d *schema.ResourceDat
 
 	request := organization.NewUpdatePolicyRequest()
 
-	policyId := d.Id()
+	idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
+	}
+	policyId := idSplit[0]
 
 	request.PolicyId = helper.StrToInt64Point(policyId)
 
@@ -201,11 +218,12 @@ func resourceTencentCloudOrganizationOrgManagePolicyDelete(d *schema.ResourceDat
 	ctx := context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
 
 	service := OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
-	policyId := d.Id()
-	var policyType string
-	if v, ok := d.GetOk("type"); ok {
-		policyType = v.(string)
+	idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
 	}
+	policyId := idSplit[0]
+	policyType := idSplit[1]
 
 	if err := service.DeleteOrganizationOrgManagePolicyById(ctx, policyId, policyType); err != nil {
 		return err

tencentcloud/services/tco/resource_tc_organization_org_manage_policy.md

@@ -5,7 +5,7 @@ Example Usage
 ```hcl
 resource "tencentcloud_organization_org_manage_policy" "org_manage_policy" {
   name = "FullAccessPolicy"
-  content = "{"version":"2.0","statement":[{"effect":"allow","action":"*","resource":"*"}]}"
+  content = "{\"version\":\"2.0\",\"statement\":[{\"effect\":\"allow\",\"action\":\"*\",\"resource\":\"*\"}]}"
   type = "SERVICE_CONTROL_POLICY"
   description = "Full access policy"
 }

tencentcloud/services/tco/resource_tc_organization_org_manage_policy_target_test.go

@@ -12,13 +12,17 @@ func TestAccTencentCloudOrganizationOrgManagePolicyTargetResource_basic(t *testi
 	t.Parallel()
 	resource.Test(t, resource.TestCase{
 		PreCheck: func() {
-			tcacctest.AccPreCheck(t)
+			tcacctest.AccPreCheckCommon(t, tcacctest.ACCOUNT_TYPE_ORGANIZATION)
 		},
 		Providers: tcacctest.AccProviders,
 		Steps: []resource.TestStep{
 			{
 				Config: testAccOrganizationOrgManagePolicyTarget,
-				Check:  resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_organization_org_manage_policy_target.org_manage_policy_target", "id")),
+				Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_organization_org_manage_policy_target.org_manage_policy_target", "id"),
+					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy_target.org_manage_policy_target", "target_id", "100034649025"),
+					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy_target.org_manage_policy_target", "target_type", "MEMBER"),
+					resource.TestCheckResourceAttrSet("tencentcloud_organization_org_manage_policy_target.org_manage_policy_target", "policy_id"),
+					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy_target.org_manage_policy_target", "policy_type", "SERVICE_CONTROL_POLICY")),
 			},
 			{
 				ResourceName:      "tencentcloud_organization_org_manage_policy_target.org_manage_policy_target",
@@ -30,23 +34,22 @@ func TestAccTencentCloudOrganizationOrgManagePolicyTargetResource_basic(t *testi
 }
 
 const testAccOrganizationOrgManagePolicyTarget = `
-
 resource "tencentcloud_organization_org_manage_policy" "org_manage_policy" {
-  name = "FullAccessPolicy2"
-  content = "{\"tags\":{\"Region\":{\"tag_value\":{\"@@assign\":[\"ap-guangzhou\",\"ap-beijing\"]},\"tag_key\":{\"@@assign\":\"Region\"}}}}"
-  type = "TAG_POLICY"
+  name = "example-service"
+  content = "{\"version\":\"2.0\",\"statement\":[{\"effect\":\"allow\",\"action\":\"*\",\"resource\":\"*\"}]}"
+  type = "SERVICE_CONTROL_POLICY"
   description = "Full access policy"
   depends_on = [tencentcloud_organization_org_manage_policy_config.org_manage_policy_config]
 }
 resource "tencentcloud_organization_org_manage_policy_config" "org_manage_policy_config" {
-  organization_id = 201408
-  policy_type = "TAG_POLICY"
+  organization_id = 45155
+  policy_type = "SERVICE_CONTROL_POLICY"
 }
 resource "tencentcloud_organization_org_manage_policy_target" "org_manage_policy_target" {
-  target_id = 100020337821
+  target_id = 100034649025
   target_type = "MEMBER"
-  policy_id = tencentcloud_organization_org_manage_policy.org_manage_policy.id
-  policy_type = "TAG_POLICY"
+  policy_id = tencentcloud_organization_org_manage_policy.org_manage_policy.policy_id
+  policy_type = "SERVICE_CONTROL_POLICY"
 }
 
 `

tencentcloud/services/tco/resource_tc_organization_org_manage_policy_test.go

@@ -12,14 +12,14 @@ func TestAccTencentCloudOrganizationOrgManagePolicyResource_basic(t *testing.T)
 	t.Parallel()
 	resource.Test(t, resource.TestCase{
 		PreCheck: func() {
-			tcacctest.AccPreCheck(t)
+			tcacctest.AccPreCheckCommon(t, tcacctest.ACCOUNT_TYPE_ORGANIZATION)
 		},
 		Providers: tcacctest.AccProviders,
 		Steps: []resource.TestStep{
 			{
 				Config: testAccOrganizationOrgManagePolicy,
 				Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_organization_org_manage_policy.org_manage_policy", "id"),
-					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy.org_manage_policy", "name", "iac-example"),
+					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy.org_manage_policy", "name", "iac-example-svc"),
 					resource.TestCheckResourceAttrSet("tencentcloud_organization_org_manage_policy.org_manage_policy", "content"),
 					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy.org_manage_policy", "type", "SERVICE_CONTROL_POLICY"),
 					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy.org_manage_policy", "description", "Full access policy"),
@@ -28,7 +28,7 @@ func TestAccTencentCloudOrganizationOrgManagePolicyResource_basic(t *testing.T)
 			{
 				Config: testAccOrganizationOrgManagePolicyUpdate,
 				Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_organization_org_manage_policy.org_manage_policy", "id"),
-					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy.org_manage_policy", "name", "iac-example-1"),
+					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy.org_manage_policy", "name", "iac-example-svc1"),
 					resource.TestCheckResourceAttrSet("tencentcloud_organization_org_manage_policy.org_manage_policy", "content"),
 					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy.org_manage_policy", "type", "SERVICE_CONTROL_POLICY"),
 					resource.TestCheckResourceAttr("tencentcloud_organization_org_manage_policy.org_manage_policy", "description", "Full access policy"),
@@ -46,7 +46,7 @@ func TestAccTencentCloudOrganizationOrgManagePolicyResource_basic(t *testing.T)
 const testAccOrganizationOrgManagePolicy = `
 
 resource "tencentcloud_organization_org_manage_policy" "org_manage_policy" {
-  name = "iac-example"
+  name = "iac-example-svc"
   content = "{\"version\":\"2.0\",\"statement\":[{\"effect\":\"allow\",\"action\":\"*\",\"resource\":\"*\"}]}"
   type = "SERVICE_CONTROL_POLICY"
   description = "Full access policy"
@@ -56,7 +56,7 @@ resource "tencentcloud_organization_org_manage_policy" "org_manage_policy" {
 const testAccOrganizationOrgManagePolicyUpdate = `
 
 resource "tencentcloud_organization_org_manage_policy" "org_manage_policy" {
-  name = "iac-example-1"
+  name = "iac-example-svc1"
   content = "{\"version\":\"2.0\",\"statement\":[{\"effect\":\"allow\",\"action\":\"*\",\"resource\":\"*\"}]}"
   type = "SERVICE_CONTROL_POLICY"
   description = "Full access policy"

tencentcloud/services/tco/service_tencentcloud_organization.go

@@ -1097,7 +1097,12 @@ func (me *OrganizationService) DescribeOrganizationOrgManagePolicyTargetById(ctx
 	request := organization.NewListTargetsForPolicyRequest()
 	request.PolicyType = &policyType
 	request.PolicyId = helper.StrToUint64Point(policyId)
-	request.TargetType = &targetType
+	switch targetType {
+	case "NODE":
+		request.TargetType = helper.String("Node")
+	case "MEMBER":
+		request.TargetType = helper.String("User")
+	}
 
 	defer func() {
 		if errRet != nil {