add

Author: SevenEarth

tencentcloud/services/cos/resource_tc_cos_bucket.md

@@ -20,6 +20,16 @@ resource "tencentcloud_cos_bucket" "private_bucket" {
 Private Bucket with CDC cluster
 
 ```hcl
+provider "tencentcloud" {
+  cos_domain = "https://${local.cdc_id}.cos-cdc.${local.region}.myqcloud.com/"
+  region     = local.region
+}
+
+locals {
+  region = "ap-guangzhou"
+  cdc_id = "cluster-262n63e8"
+}
+
 data "tencentcloud_user_info" "info" {}
 
 locals {
@@ -28,7 +38,6 @@ locals {
 
 resource "tencentcloud_cos_bucket" "private_bucket" {
   bucket            = "private-bucket-${local.app_id}"
-  cdc_id            = "cluster-262n63e8"
   acl               = "private"
   versioning_enable = true
   force_clean       = true
@@ -161,6 +170,55 @@ EOF
 }
 ```
 
+Using verbose acl with CDC cluster
+
+```hcl
+provider "tencentcloud" {
+  cos_domain = "https://${local.cdc_id}.cos-cdc.${local.region}.myqcloud.com/"
+  region     = local.region
+}
+
+locals {
+  region = "ap-guangzhou"
+  cdc_id = "cluster-262n63e8"
+}
+
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "bucket_with_acl" {
+  bucket   = "private-bucket-${local.app_id}"
+  acl      = "private"
+  acl_body = <<EOF
+<AccessControlPolicy>
+    <Owner>
+        <ID>qcs::cam::uin/100023201586:uin/100023201586</ID>
+        <DisplayName>qcs::cam::uin/100023201586:uin/100023201586</DisplayName>
+    </Owner>
+    <AccessControlList>
+        <Grant>
+            <Grantee type="CanonicalUser">
+                <ID>qcs::cam::uin/100015006748:uin/100015006748</ID>
+                <DisplayName>qcs::cam::uin/100015006748:uin/100015006748</DisplayName>
+            </Grantee>
+            <Permission>WRITE</Permission>
+        </Grant>
+        <Grant>
+            <Grantee type="CanonicalUser">
+                <ID>qcs::cam::uin/100023201586:uin/100023201586</ID>
+                <DisplayName>qcs::cam::uin/100023201586:uin/100023201586</DisplayName>
+            </Grantee>
+            <Permission>FULL_CONTROL</Permission>
+        </Grant>
+    </AccessControlList>
+</AccessControlPolicy>
+EOF
+}
+```
+
 Static Website
 
 ```hcl
@@ -210,6 +268,16 @@ resource "tencentcloud_cos_bucket" "bucket_with_cors" {
 Using CORS with CDC
 
 ```hcl
+provider "tencentcloud" {
+  cos_domain = "https://${local.cdc_id}.cos-cdc.${local.region}.myqcloud.com/"
+  region     = local.region
+}
+
+locals {
+  region = "ap-guangzhou"
+  cdc_id = "cluster-262n63e8"
+}
+
 data "tencentcloud_user_info" "info" {}
 
 locals {
@@ -218,7 +286,6 @@ locals {
 
 resource "tencentcloud_cos_bucket" "bucket_with_cors" {
   bucket = "bucket-with-cors-${local.app_id}"
-  cdc_id = "cluster-262n63e8"
 
   cors_rules {
     allowed_origins = ["http://*.abc.com"]
@@ -261,6 +328,16 @@ resource "tencentcloud_cos_bucket" "bucket_with_lifecycle" {
 Using object lifecycle with CDC
 
 ```hcl
+provider "tencentcloud" {
+  cos_domain = "https://${local.cdc_id}.cos-cdc.${local.region}.myqcloud.com/"
+  region     = local.region
+}
+
+locals {
+  region = "ap-guangzhou"
+  cdc_id = "cluster-262n63e8"
+}
+
 data "tencentcloud_user_info" "info" {}
 
 locals {
@@ -269,7 +346,6 @@ locals {
 
 resource "tencentcloud_cos_bucket" "bucket_with_lifecycle" {
   bucket = "bucket-with-lifecycle-${local.app_id}"
-  cdc_id = "cluster-262n63e8"
   acl    = "private"
 
   lifecycle_rules {

tencentcloud/services/cos/service_tencentcloud_cos.go

@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"log"
 	"net/http"
+	"regexp"
 	"strings"
 
 	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
@@ -214,21 +215,72 @@ func (me *CosService) TencentCosPutBucketACLBody(
 	cdcId string,
 ) (errRet error) {
 	logId := tccommon.GetLogId(ctx)
-
 	acl := &cos.ACLXml{}
-
 	opt := &cos.BucketPutACLOptions{}
-	if reqBody != "" {
-		err := xml.Unmarshal([]byte(reqBody), acl)
+	if cdcId == "" && me.client.CosDomain == "" {
+		if reqBody != "" {
+			err := xml.Unmarshal([]byte(reqBody), acl)
+			if err != nil {
+				errRet = fmt.Errorf("cos [PutBucketACLBody] XML Unmarshal error: %s, bucket: %s", err.Error(), bucket)
+				return
+			}
 
+			opt.Body = acl
+		} else if header != "" {
+			opt.Header = &cos.ACLHeaderOptions{
+				XCosACL: header,
+			}
+		}
+	} else {
+		err := xml.Unmarshal([]byte(reqBody), acl)
 		if err != nil {
 			errRet = fmt.Errorf("cos [PutBucketACLBody] XML Unmarshal error: %s, bucket: %s", err.Error(), bucket)
 			return
 		}
-		opt.Body = acl
-	} else if header != "" {
+
+		var (
+			uin         string
+			fullControl string
+			read        string
+			write       string
+			readAcp     string
+			writeAcp    string
+		)
+
+		for _, v := range acl.AccessControlList {
+			tmpList := regexp.MustCompile(`\d+`).FindAllString(v.Grantee.ID, 1)
+			if len(tmpList) > 0 {
+				uin = tmpList[0]
+			}
+
+			if v.Permission == "FULL_CONTROL" {
+				fullControl = fmt.Sprintf("id=\"%s\"", uin)
+			}
+
+			if v.Permission == "READ" {
+				read = fmt.Sprintf("id=\"%s\"", uin)
+			}
+
+			if v.Permission == "WRITE" {
+				write = fmt.Sprintf("id=\"%s\"", uin)
+			}
+
+			if v.Permission == "READ_ACP" {
+				readAcp = fmt.Sprintf("id=\"%s\"", uin)
+			}
+
+			if v.Permission == "WRITE_ACP" {
+				writeAcp = fmt.Sprintf("id=\"%s\"", uin)
+			}
+		}
+
 		opt.Header = &cos.ACLHeaderOptions{
-			XCosACL: header,
+			XCosACL:              header,
+			XCosGrantFullControl: fullControl,
+			XCosGrantRead:        read,
+			XCosGrantWrite:       write,
+			XCosGrantReadACP:     readAcp,
+			XCosGrantWriteACP:    writeAcp,
 		}
 	}
 

website/docs/r/cos_bucket.html.markdown

@@ -31,6 +31,16 @@ resource "tencentcloud_cos_bucket" "private_bucket" {
 ### Private Bucket with CDC cluster
 
 ```hcl
+provider "tencentcloud" {
+  cos_domain = "https://${local.cdc_id}.cos-cdc.${local.region}.myqcloud.com/"
+  region     = local.region
+}
+
+locals {
+  region = "ap-guangzhou"
+  cdc_id = "cluster-262n63e8"
+}
+
 data "tencentcloud_user_info" "info" {}
 
 locals {
@@ -39,7 +49,6 @@ locals {
 
 resource "tencentcloud_cos_bucket" "private_bucket" {
   bucket            = "private-bucket-${local.app_id}"
-  cdc_id            = "cluster-262n63e8"
   acl               = "private"
   versioning_enable = true
   force_clean       = true
@@ -172,6 +181,55 @@ EOF
 }
 ```
 
+### Using verbose acl with CDC cluster
+
+```hcl
+provider "tencentcloud" {
+  cos_domain = "https://${local.cdc_id}.cos-cdc.${local.region}.myqcloud.com/"
+  region     = local.region
+}
+
+locals {
+  region = "ap-guangzhou"
+  cdc_id = "cluster-262n63e8"
+}
+
+data "tencentcloud_user_info" "info" {}
+
+locals {
+  app_id = data.tencentcloud_user_info.info.app_id
+}
+
+resource "tencentcloud_cos_bucket" "bucket_with_acl" {
+  bucket   = "private-bucket-${local.app_id}"
+  acl      = "private"
+  acl_body = <<EOF
+<AccessControlPolicy>
+    <Owner>
+        <ID>qcs::cam::uin/100023201586:uin/100023201586</ID>
+        <DisplayName>qcs::cam::uin/100023201586:uin/100023201586</DisplayName>
+    </Owner>
+    <AccessControlList>
+        <Grant>
+            <Grantee type="CanonicalUser">
+                <ID>qcs::cam::uin/100015006748:uin/100015006748</ID>
+                <DisplayName>qcs::cam::uin/100015006748:uin/100015006748</DisplayName>
+            </Grantee>
+            <Permission>WRITE</Permission>
+        </Grant>
+        <Grant>
+            <Grantee type="CanonicalUser">
+                <ID>qcs::cam::uin/100023201586:uin/100023201586</ID>
+                <DisplayName>qcs::cam::uin/100023201586:uin/100023201586</DisplayName>
+            </Grantee>
+            <Permission>FULL_CONTROL</Permission>
+        </Grant>
+    </AccessControlList>
+</AccessControlPolicy>
+EOF
+}
+```
+
 ### Static Website
 
 ```hcl
@@ -221,6 +279,16 @@ resource "tencentcloud_cos_bucket" "bucket_with_cors" {
 ### Using CORS with CDC
 
 ```hcl
+provider "tencentcloud" {
+  cos_domain = "https://${local.cdc_id}.cos-cdc.${local.region}.myqcloud.com/"
+  region     = local.region
+}
+
+locals {
+  region = "ap-guangzhou"
+  cdc_id = "cluster-262n63e8"
+}
+
 data "tencentcloud_user_info" "info" {}
 
 locals {
@@ -229,7 +297,6 @@ locals {
 
 resource "tencentcloud_cos_bucket" "bucket_with_cors" {
   bucket = "bucket-with-cors-${local.app_id}"
-  cdc_id = "cluster-262n63e8"
 
   cors_rules {
     allowed_origins = ["http://*.abc.com"]
@@ -272,6 +339,16 @@ resource "tencentcloud_cos_bucket" "bucket_with_lifecycle" {
 ### Using object lifecycle with CDC
 
 ```hcl
+provider "tencentcloud" {
+  cos_domain = "https://${local.cdc_id}.cos-cdc.${local.region}.myqcloud.com/"
+  region     = local.region
+}
+
+locals {
+  region = "ap-guangzhou"
+  cdc_id = "cluster-262n63e8"
+}
+
 data "tencentcloud_user_info" "info" {}
 
 locals {
@@ -280,7 +357,6 @@ locals {
 
 resource "tencentcloud_cos_bucket" "bucket_with_lifecycle" {
   bucket = "bucket-with-lifecycle-${local.app_id}"
-  cdc_id = "cluster-262n63e8"
   acl    = "private"
 
   lifecycle_rules {