feat(tco): add resource_tc_organization_org_manage_policy_config

Author: WeiMengXS

.github/workflows/golangci-lint.yml

@@ -41,5 +41,5 @@ jobs:
 #          version: v1.45.2
           version: v1.57.2
           working-directory: ./tencentcloud
-          args: --new-from-rev=origin/master -v
+          args: --skip-dirs=vendor --concurrency=4 --new-from-rev=origin/master -v
           #args: --enable-all --max-same-issues=0 --max-issues-per-linter=0 --new-from-rev=origin/master -v

tencentcloud/services/tco/resource_tc_organization_org_manage_policy.go

@@ -0,0 +1,192 @@
+package tco
+
+import (
+	"context"
+	"log"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	organization "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization/v20210331"
+
+	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func ResourceTencentCloudOrganizationOrgManagePolicy() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudOrganizationOrgManagePolicyCreate,
+		Read:   resourceTencentCloudOrganizationOrgManagePolicyRead,
+		Update: resourceTencentCloudOrganizationOrgManagePolicyUpdate,
+		Delete: resourceTencentCloudOrganizationOrgManagePolicyDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Required:    true,
+				Type:        schema.TypeString,
+				Description: "Policy name.\nThe length is 1~128 characters, which can include Chinese characters, English letters, numbers, and underscores.",
+			},
+
+			"content": {
+				Required:    true,
+				Type:        schema.TypeString,
+				Description: "Policy content. Refer to the CAM policy syntax.",
+			},
+
+			"type": {
+				Required:    true,
+				Type:        schema.TypeString,
+				Description: "Policy type. Default value is SERVICE_CONTROL_POLICY.\nValid values:\n  - `SERVICE_CONTROL_POLICY`: Service control policy.\n  - `TAG_POLICY`: Tag policy.",
+			},
+
+			"description": {
+				Optional:    true,
+				Type:        schema.TypeString,
+				Description: "Policy description.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudOrganizationOrgManagePolicyCreate(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_organization_org_manage_policy.create")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	logId := tccommon.GetLogId(tccommon.ContextNil)
+
+	var (
+		request  = organization.NewCreatePolicyRequest()
+		response = organization.NewCreatePolicyResponse()
+	)
+	if v, ok := d.GetOk("name"); ok {
+		request.Name = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("content"); ok {
+		request.Content = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("type"); ok {
+		request.Type = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("description"); ok {
+		request.Description = helper.String(v.(string))
+	}
+
+	err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseOrganizationClient().CreatePolicy(request)
+		if e != nil {
+			return tccommon.RetryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+		response = result
+		return nil
+	})
+	if err != nil {
+		log.Printf("[CRITAL]%s create organization OrgManagePolicy failed, reason:%+v", logId, err)
+		return err
+	}
+
+	d.SetId(helper.UInt64ToStr(*response.Response.PolicyId))
+
+	return resourceTencentCloudOrganizationOrgManagePolicyRead(d, meta)
+}
+
+func resourceTencentCloudOrganizationOrgManagePolicyRead(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_organization_org_manage_policy.read")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	logId := tccommon.GetLogId(tccommon.ContextNil)
+
+	ctx := context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
+
+	service := OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+
+	policyId := d.Id()
+
+	OrgManagePolicy, err := service.DescribeOrganizationOrgManagePolicyById(ctx, policyId)
+	if err != nil {
+		return err
+	}
+
+	if OrgManagePolicy == nil {
+		d.SetId("")
+		log.Printf("[WARN]%s resource `OrganizationOrgManagePolicy` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		return nil
+	}
+
+	return nil
+}
+
+func resourceTencentCloudOrganizationOrgManagePolicyUpdate(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_organization_org_manage_policy.update")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	logId := tccommon.GetLogId(tccommon.ContextNil)
+
+	request := organization.NewUpdatePolicyRequest()
+
+	policyId := d.Id()
+
+	request.PolicyId = helper.StrToInt64Point(policyId)
+
+	needChange := false
+	mutableArgs := []string{"name", "content", "type", "description"}
+	for _, v := range mutableArgs {
+		if d.HasChange(v) {
+			needChange = true
+			break
+		}
+	}
+
+	if needChange {
+		if v, ok := d.GetOk("name"); ok {
+			request.Name = helper.String(v.(string))
+		}
+		if v, ok := d.GetOk("content"); ok {
+			request.Content = helper.String(v.(string))
+		}
+		if v, ok := d.GetOk("type"); ok {
+			request.Type = helper.String(v.(string))
+		}
+		if v, ok := d.GetOk("description"); ok {
+			request.Description = helper.String(v.(string))
+		}
+
+		err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+			result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseOrganizationClient().UpdatePolicy(request)
+			if e != nil {
+				return tccommon.RetryError(e)
+			} else {
+				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+			}
+			return nil
+		})
+		if err != nil {
+			log.Printf("[CRITAL]%s update organization OrgManagePolicy failed, reason:%+v", logId, err)
+			return err
+		}
+
+	}
+	return resourceTencentCloudOrganizationOrgManagePolicyRead(d, meta)
+}
+
+func resourceTencentCloudOrganizationOrgManagePolicyDelete(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_organization_org_manage_policy.delete")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	logId := tccommon.GetLogId(tccommon.ContextNil)
+	ctx := context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
+
+	service := OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+	policyId := d.Id()
+
+	if err := service.DeleteOrganizationOrgManagePolicyById(ctx, policyId); err != nil {
+		return err
+	}
+
+	return nil
+}

tencentcloud/services/tco/resource_tc_organization_org_manage_policy.md

@@ -0,0 +1,20 @@
+Provides a resource to create a organization org_manage_policy
+
+Example Usage
+
+```hcl
+resource "tencentcloud_organization_org_manage_policy" "org_manage_policy" {
+  name = "FullAccessPolicy"
+  content = "{"version":"2.0","statement":[{"effect":"allow","action":"*","resource":"*"}]}"
+  type = "SERVICE_CONTROL_POLICY"
+  description = "Full access policy"
+}
+```
+
+Import
+
+organization org_manage_policy can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_organization_org_manage_policy.org_manage_policy org_manage_policy_id
+```

tencentcloud/services/tco/resource_tc_organization_org_manage_policy_test.go

@@ -0,0 +1,41 @@
+package tco_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudOrganizationOrgManagePolicyResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			tcacctest.AccPreCheck(t)
+		},
+		Providers: tcacctest.AccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccOrganizationOrgManagePolicy,
+				Check:  resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_organization_org_manage_policy.org_manage_policy", "id")),
+			},
+			{
+				ResourceName:      "tencentcloud_organization_org_manage_policy.org_manage_policy",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+const testAccOrganizationOrgManagePolicy = `
+
+resource "tencentcloud_organization_org_manage_policy" "org_manage_policy" {
+  name = "FullAccessPolicy"
+  content = "{"version":"2.0","statement":[{"effect":"allow","action":"*","resource":"*"}]}"
+  type = "SERVICE_CONTROL_POLICY"
+  description = "Full access policy"
+}
+
+`

tencentcloud/services/tco/service_tencentcloud_organization.go

@@ -1010,3 +1010,51 @@ func (me *OrganizationService) DeleteOrganizationOrgManagePolicyConfigById(ctx c
 
 	return
 }
+
+func (me *OrganizationService) DescribeOrganizationOrgManagePolicyById(ctx context.Context, policyId string) (OrgManagePolicy *organization.ListPoliciesResponseParams, errRet error) {
+	logId := tccommon.GetLogId(ctx)
+
+	request := organization.NewListPoliciesRequest()
+
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+		}
+	}()
+
+	ratelimit.Check(request.GetAction())
+
+	response, err := me.client.UseOrganizationClient().ListPolicies(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+	OrgManagePolicy = response.Response
+	return
+}
+
+func (me *OrganizationService) DeleteOrganizationOrgManagePolicyById(ctx context.Context, policyId string) (errRet error) {
+	logId := tccommon.GetLogId(ctx)
+
+	request := organization.NewDeletePolicyRequest()
+	request.PolicyId = helper.StrToUint64Point(policyId)
+
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+		}
+	}()
+
+	ratelimit.Check(request.GetAction())
+
+	response, err := me.client.UseOrganizationClient().DeletePolicy(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+	return
+}