feat: update cam resource (#2220)

* feat: update cam resource

* feat: changelog

---------

Co-authored-by: WeiMengXS <[email protected]>

Author: WeiMengXS

.changelog/2220.txt

@@ -0,0 +1,11 @@
+```release-note:new-resource
+tencentcloud_cam_tag_role_attachment
+```
+
+```release-note:new-data-source
+tencentcloud_cam_list_attached_user_policy
+```
+
+```release-note:enhancement
+tencentcloud_ckafka_instance: Support api `UpdateRoleConsoleLogin`
+```

tencentcloud/data_source_tc_cam_list_attached_user_policy.go

@@ -0,0 +1,247 @@
+/*
+Use this data source to query detailed information of cam list_attached_user_policy
+
+Example Usage
+
+```hcl
+data "tencentcloud_cam_list_attached_user_policy" "list_attached_user_policy" {
+  target_uin = 100032767426
+  attach_type = 0
+    }
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	cam "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cam/v20190116"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func dataSourceTencentCloudCamListAttachedUserPolicy() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceTencentCloudCamListAttachedUserPolicyRead,
+		Schema: map[string]*schema.Schema{
+			"target_uin": {
+				Required:    true,
+				Type:        schema.TypeInt,
+				Description: "Target User ID.",
+			},
+
+			"attach_type": {
+				Required:    true,
+				Type:        schema.TypeInt,
+				Description: "0: Return direct association and group association policies, 1: Only return direct association policies, 2: Only return group association policies.",
+			},
+
+			"strategy_type": {
+				Optional:    true,
+				Type:        schema.TypeInt,
+				Description: "Policy type.",
+			},
+
+			"keyword": {
+				Optional:    true,
+				Type:        schema.TypeString,
+				Description: "Search Keywords.",
+			},
+
+			"policy_list": {
+				Computed:    true,
+				Type:        schema.TypeList,
+				Description: "Policy List Data.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"policy_id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Policy ID.",
+						},
+						"policy_name": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Policy Name.",
+						},
+						"description": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Policy Description.",
+						},
+						"add_time": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Creation time.",
+						},
+						"strategy_type": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Policy type (1 represents custom policy, 2 represents preset policy).",
+						},
+						"create_mode": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Creation mode (1 represents policies created by product or project permissions, others represent policies created by policy syntax).",
+						},
+						"groups": {
+							Type:        schema.TypeList,
+							Computed:    true,
+							Description: "Associated information with groupNote: This field may return null, indicating that a valid value cannot be obtained.",
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"group_id": {
+										Type:        schema.TypeInt,
+										Computed:    true,
+										Description: "Group ID.",
+									},
+									"group_name": {
+										Type:        schema.TypeString,
+										Computed:    true,
+										Description: "Group Name.",
+									},
+								},
+							},
+						},
+						"deactived": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "Has it been taken offline (0: No 1: Yes)Note: This field may return null, indicating that a valid value cannot be obtained.",
+						},
+						"deactived_detail": {
+							Type: schema.TypeSet,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+							Computed:    true,
+							Description: "List of offline productsNote: This field may return null, indicating that a valid value cannot be obtained.",
+						},
+					},
+				},
+			},
+
+			"result_output_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Used to save results.",
+			},
+		},
+	}
+}
+
+func dataSourceTencentCloudCamListAttachedUserPolicyRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("data_source.tencentcloud_cam_list_attached_user_policy.read")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	paramMap := make(map[string]interface{})
+	if v, _ := d.GetOk("target_uin"); v != nil {
+		paramMap["TargetUin"] = helper.IntUint64(v.(int))
+	}
+
+	if v, _ := d.GetOk("attach_type"); v != nil {
+		paramMap["AttachType"] = helper.IntUint64(v.(int))
+	}
+
+	if v, _ := d.GetOk("strategy_type"); v != nil {
+		paramMap["StrategyType"] = helper.IntUint64(v.(int))
+	}
+
+	if v, ok := d.GetOk("keyword"); ok {
+		paramMap["Keyword"] = helper.String(v.(string))
+	}
+
+	service := CamService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	var policyList []*cam.AttachedUserPolicy
+
+	err := resource.Retry(readRetryTimeout, func() *resource.RetryError {
+		result, e := service.DescribeCamListAttachedUserPolicyByFilter(ctx, paramMap)
+		if e != nil {
+			return retryError(e)
+		}
+		policyList = result
+		return nil
+	})
+	if err != nil {
+		return err
+	}
+
+	ids := make([]string, 0, len(policyList))
+	tmpList := make([]map[string]interface{}, 0, len(policyList))
+
+	if policyList != nil {
+		for _, attachedUserPolicy := range policyList {
+			attachedUserPolicyMap := map[string]interface{}{}
+
+			if attachedUserPolicy.PolicyId != nil {
+				attachedUserPolicyMap["policy_id"] = attachedUserPolicy.PolicyId
+			}
+
+			if attachedUserPolicy.PolicyName != nil {
+				attachedUserPolicyMap["policy_name"] = attachedUserPolicy.PolicyName
+			}
+
+			if attachedUserPolicy.Description != nil {
+				attachedUserPolicyMap["description"] = attachedUserPolicy.Description
+			}
+
+			if attachedUserPolicy.AddTime != nil {
+				attachedUserPolicyMap["add_time"] = attachedUserPolicy.AddTime
+			}
+
+			if attachedUserPolicy.StrategyType != nil {
+				attachedUserPolicyMap["strategy_type"] = attachedUserPolicy.StrategyType
+			}
+
+			if attachedUserPolicy.CreateMode != nil {
+				attachedUserPolicyMap["create_mode"] = attachedUserPolicy.CreateMode
+			}
+
+			if attachedUserPolicy.Groups != nil {
+				groupsList := []interface{}{}
+				for _, groups := range attachedUserPolicy.Groups {
+					groupsMap := map[string]interface{}{}
+
+					if groups.GroupId != nil {
+						groupsMap["group_id"] = groups.GroupId
+					}
+
+					if groups.GroupName != nil {
+						groupsMap["group_name"] = groups.GroupName
+					}
+
+					groupsList = append(groupsList, groupsMap)
+				}
+
+				attachedUserPolicyMap["groups"] = groupsList
+			}
+
+			if attachedUserPolicy.Deactived != nil {
+				attachedUserPolicyMap["deactived"] = attachedUserPolicy.Deactived
+			}
+
+			if attachedUserPolicy.DeactivedDetail != nil {
+				attachedUserPolicyMap["deactived_detail"] = attachedUserPolicy.DeactivedDetail
+			}
+
+			ids = append(ids, *attachedUserPolicy.PolicyId)
+			tmpList = append(tmpList, attachedUserPolicyMap)
+		}
+
+		_ = d.Set("policy_list", tmpList)
+	}
+
+	d.SetId(helper.DataResourceIdsHash(ids))
+	output, ok := d.GetOk("result_output_file")
+	if ok && output.(string) != "" {
+		if e := writeToFile(output.(string), tmpList); e != nil {
+			return e
+		}
+	}
+	return nil
+}

tencentcloud/data_source_tc_cam_list_attached_user_policy_test.go

@@ -0,0 +1,36 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccTencentCloudCamListAttachedUserPolicyDataSource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCamListAttachedUserPolicyDataSource,
+				Check: resource.ComposeTestCheckFunc(testAccCheckTencentCloudDataSourceID("data.tencentcloud_cam_list_attached_user_policy.list_attached_user_policy"),
+					resource.TestCheckResourceAttrSet("data.tencentcloud_cam_list_attached_user_policy.list_attached_user_policy", "policy_list.#"),
+					resource.TestCheckResourceAttr("data.tencentcloud_cam_list_attached_user_policy.list_attached_user_policy", "target_uin", "100032767426"),
+					resource.TestCheckResourceAttr("data.tencentcloud_cam_list_attached_user_policy.list_attached_user_policy", "attach_type", "0"),
+				),
+			},
+		},
+	})
+}
+
+const testAccCamListAttachedUserPolicyDataSource = `
+
+data "tencentcloud_cam_list_attached_user_policy" "list_attached_user_policy" {
+  target_uin = 100032767426
+  attach_type = 0
+    }
+
+`

tencentcloud/provider.go

@@ -244,6 +244,7 @@ Cloud Access Management(CAM)
 	tencentcloud_cam_mfa_flag
     tencentcloud_cam_access_key
 	tencentcloud_cam_user_saml_config
+    tencentcloud_cam_tag_role_attachment
 	tencentcloud_cam_policy_version
 	tencentcloud_cam_user_permission_boundary_attachment
 
@@ -2585,6 +2586,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_organization_org_financial_by_product":       dataSourceTencentCloudOrganizationOrgFinancialByProduct(),
 			"tencentcloud_organization_org_auth_node":                  dataSourceTencentCloudOrganizationOrgAuthNode(),
 			"tencentcloud_pts_scenario_with_jobs":                      dataSourceTencentCloudPtsScenarioWithJobs(),
+			"tencentcloud_cam_list_attached_user_policy":               dataSourceTencentCloudCamListAttachedUserPolicy(),
 		},
 
 		ResourcesMap: map[string]*schema.Resource{
@@ -2843,6 +2845,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_cam_mfa_flag":                                        resourceTencentCloudCamMfaFlag(),
 			"tencentcloud_cam_access_key":                                      resourceTencentCloudCamAccessKey(),
 			"tencentcloud_cam_user_saml_config":                                resourceTencentCloudCamUserSamlConfig(),
+			"tencentcloud_cam_tag_role_attachment":                             resourceTencentCloudCamTagRoleAttachment(),
 			"tencentcloud_cam_policy_version":                                  resourceTencentCloudCamPolicyVersion(),
 			"tencentcloud_cam_user_permission_boundary_attachment":             resourceTencentCloudCamUserPermissionBoundaryAttachment(),
 			"tencentcloud_ciam_user_group":                                     resourceTencentCloudCiamUserGroup(),

tencentcloud/resource_tc_cam_role.go

@@ -149,7 +149,6 @@ func resourceTencentCloudCamRole() *schema.Resource {
 			"console_login": {
 				Type:        schema.TypeBool,
 				Optional:    true,
-				ForceNew:    true,
 				Description: "Indicates whether the CAM role can login or not.",
 			},
 			"create_time": {
@@ -409,6 +408,39 @@ func resourceTencentCloudCamRoleUpdate(d *schema.ResourceData, meta interface{})
 
 	}
 
+	if d.HasChange("console_login") {
+		consoleLoginRequest := cam.NewUpdateRoleConsoleLoginRequest()
+
+		if v, ok := d.GetOkExists("console_login"); ok {
+			loginBool := v.(bool)
+			loginInt := int64(1)
+			if !loginBool {
+				loginInt = int64(0)
+			}
+			consoleLoginRequest.ConsoleLogin = &loginInt
+		}
+
+		consoleLoginRequest.RoleId = helper.StrToInt64Point(roleId)
+
+		err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+			response, e := meta.(*TencentCloudClient).apiV3Conn.UseCamClient().UpdateRoleConsoleLogin(consoleLoginRequest)
+
+			if e != nil {
+				log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n",
+					logId, consoleLoginRequest.GetAction(), consoleLoginRequest.ToJsonString(), e.Error())
+				return retryError(e)
+			} else {
+				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n",
+					logId, consoleLoginRequest.GetAction(), consoleLoginRequest.ToJsonString(), response.ToJsonString())
+			}
+			return nil
+		})
+
+		if err != nil {
+			log.Printf("[CRITAL]%s update CAM role console login failed, reason:%s\n", logId, err.Error())
+			return err
+		}
+	}
 	return resourceTencentCloudCamRoleRead(d, meta)
 }