feat/kms

.changelog/2222.txt

@@ -0,0 +1,19 @@
+```release-note:new-data-source
+tencentcloud_kms_white_box_decrypt_key
+```
+
+```release-note:new-data-source
+tencentcloud_kms_white_box_device_fingerprints
+```
+
+```release-note:new-data-source
+tencentcloud_kms_list_algorithms
+```
+
+```release-note:new-resource
+tencentcloud_kms_cloud_resource_attachment
+```
+
+```release-note:new-resource
+tencentcloud_kms_overwrite_white_box_device_fingerprints
+```

tencentcloud/data_source_tc_kms_list_algorithms.go

@@ -0,0 +1,180 @@
+/*
+Use this data source to query detailed information of kms list_algorithms
+
+Example Usage
+
+```hcl
+data "tencentcloud_kms_list_algorithms" "example" {}
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+	"strconv"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	kms "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms/v20190118"
+)
+
+func dataSourceTencentCloudKmsListAlgorithms() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceTencentCloudKmsListAlgorithmsRead,
+		Schema: map[string]*schema.Schema{
+			"symmetric_algorithms": {
+				Computed:    true,
+				Type:        schema.TypeList,
+				Description: "Symmetric encryption algorithms supported in this region.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"key_usage": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Key usage.",
+						},
+						"algorithm": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Algorithm.",
+						},
+					},
+				},
+			},
+			"asymmetric_algorithms": {
+				Computed:    true,
+				Type:        schema.TypeList,
+				Description: "Asymmetric encryption algorithms supported in this region.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"key_usage": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Key usage.",
+						},
+						"algorithm": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Algorithm.",
+						},
+					},
+				},
+			},
+			"asymmetric_sign_verify_algorithms": {
+				Computed:    true,
+				Type:        schema.TypeList,
+				Description: "Asymmetric signature verification algorithms supported in this region.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"key_usage": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Key usage.",
+						},
+						"algorithm": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Algorithm.",
+						},
+					},
+				},
+			},
+			"result_output_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Used to save results.",
+			},
+		},
+	}
+}
+
+func dataSourceTencentCloudKmsListAlgorithmsRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("data_source.tencentcloud_kms_list_algorithms.read")()
+	defer inconsistentCheck(d, meta)()
+
+	var (
+		logId          = getLogId(contextNil)
+		ctx            = context.WithValue(context.TODO(), logIdKey, logId)
+		service        = KmsService{client: meta.(*TencentCloudClient).apiV3Conn}
+		listAlgorithms *kms.ListAlgorithmsResponseParams
+	)
+
+	err := resource.Retry(readRetryTimeout, func() *resource.RetryError {
+		result, e := service.DescribeKmsListAlgorithmsByFilter(ctx)
+		if e != nil {
+			return retryError(e)
+		}
+
+		listAlgorithms = result
+		return nil
+	})
+
+	if err != nil {
+		return err
+	}
+
+	if listAlgorithms.SymmetricAlgorithms != nil {
+		tmpList := make([]map[string]interface{}, 0, len(listAlgorithms.SymmetricAlgorithms))
+		for _, item := range listAlgorithms.SymmetricAlgorithms {
+			itemMap := map[string]interface{}{}
+			if item.KeyUsage != nil {
+				itemMap["key_usage"] = item.KeyUsage
+			}
+
+			if item.Algorithm != nil {
+				itemMap["algorithm"] = item.Algorithm
+			}
+
+			tmpList = append(tmpList, itemMap)
+		}
+
+		_ = d.Set("symmetric_algorithms", tmpList)
+	}
+
+	if listAlgorithms.AsymmetricAlgorithms != nil {
+		tmpList := make([]map[string]interface{}, 0, len(listAlgorithms.AsymmetricAlgorithms))
+		for _, item := range listAlgorithms.AsymmetricAlgorithms {
+			itemMap := map[string]interface{}{}
+			if item.KeyUsage != nil {
+				itemMap["key_usage"] = item.KeyUsage
+			}
+
+			if item.Algorithm != nil {
+				itemMap["algorithm"] = item.Algorithm
+			}
+
+			tmpList = append(tmpList, itemMap)
+		}
+
+		_ = d.Set("asymmetric_algorithms", tmpList)
+	}
+
+	if listAlgorithms.AsymmetricSignVerifyAlgorithms != nil {
+		tmpList := make([]map[string]interface{}, 0, len(listAlgorithms.AsymmetricSignVerifyAlgorithms))
+		for _, item := range listAlgorithms.AsymmetricSignVerifyAlgorithms {
+			itemMap := map[string]interface{}{}
+			if item.KeyUsage != nil {
+				itemMap["key_usage"] = item.KeyUsage
+			}
+
+			if item.Algorithm != nil {
+				itemMap["algorithm"] = item.Algorithm
+			}
+
+			tmpList = append(tmpList, itemMap)
+		}
+
+		_ = d.Set("asymmetric_sign_verify_algorithms", tmpList)
+	}
+
+	d.SetId(strconv.FormatInt(time.Now().Unix(), 10))
+	output, ok := d.GetOk("result_output_file")
+	if ok && output.(string) != "" {
+		if e := writeToFile(output.(string), d); e != nil {
+			return e
+		}
+	}
+
+	return nil
+}

tencentcloud/data_source_tc_kms_list_algorithms_test.go

@@ -0,0 +1,30 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+// go test -i; go test -test.run TestAccTencentCloudKmsListAlgorithmsDataSource_basic -v
+func TestAccTencentCloudKmsListAlgorithmsDataSource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccKmsListAlgorithmsDataSource,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckTencentCloudDataSourceID("data.tencentcloud_kms_list_algorithms.example"),
+				),
+			},
+		},
+	})
+}
+
+const testAccKmsListAlgorithmsDataSource = `
+data "tencentcloud_kms_list_algorithms" "example" {}
+`

tencentcloud/data_source_tc_kms_white_box_decrypt_key.go

@@ -0,0 +1,91 @@
+/*
+Use this data source to query detailed information of kms white_box_decrypt_key
+
+Example Usage
+
+```hcl
+data "tencentcloud_kms_white_box_decrypt_key" "example" {
+  key_id = "244dab8c-6dad-11ea-80c6-5254006d0810"
+}
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	kms "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms/v20190118"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func dataSourceTencentCloudKmsWhiteBoxDecryptKey() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceTencentCloudKmsWhiteBoxDecryptKeyRead,
+		Schema: map[string]*schema.Schema{
+			"key_id": {
+				Required:    true,
+				Type:        schema.TypeString,
+				Description: "Globally unique identifier for the white box key.",
+			},
+			"decrypt_key": {
+				Computed:    true,
+				Type:        schema.TypeString,
+				Description: "White box decryption key, base64 encoded.",
+			},
+			"result_output_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Used to save results.",
+			},
+		},
+	}
+}
+
+func dataSourceTencentCloudKmsWhiteBoxDecryptKeyRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("data_source.tencentcloud_kms_white_box_decrypt_key.read")()
+	defer inconsistentCheck(d, meta)()
+
+	var (
+		logId              = getLogId(contextNil)
+		ctx                = context.WithValue(context.TODO(), logIdKey, logId)
+		service            = KmsService{client: meta.(*TencentCloudClient).apiV3Conn}
+		whiteBoxDecryptKey *kms.DescribeWhiteBoxDecryptKeyResponseParams
+		keyId              string
+	)
+
+	paramMap := make(map[string]interface{})
+	if v, ok := d.GetOk("key_id"); ok {
+		paramMap["KeyId"] = helper.String(v.(string))
+		keyId = v.(string)
+	}
+
+	err := resource.Retry(readRetryTimeout, func() *resource.RetryError {
+		result, e := service.DescribeKmsWhiteBoxDecryptKeyByFilter(ctx, paramMap)
+		if e != nil {
+			return retryError(e)
+		}
+
+		whiteBoxDecryptKey = result
+		return nil
+	})
+
+	if err != nil {
+		return err
+	}
+
+	if whiteBoxDecryptKey.DecryptKey != nil {
+		_ = d.Set("decrypt_key", whiteBoxDecryptKey.DecryptKey)
+	}
+
+	d.SetId(keyId)
+	output, ok := d.GetOk("result_output_file")
+	if ok && output.(string) != "" {
+		if e := writeToFile(output.(string), d); e != nil {
+			return e
+		}
+	}
+
+	return nil
+}

tencentcloud/data_source_tc_kms_white_box_decrypt_key_test.go

@@ -0,0 +1,33 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+// go test -i; go test -test.run TestAccTencentCloudKmsWhiteBoxDecryptKeyDataSource_basic -v
+func TestAccTencentCloudKmsWhiteBoxDecryptKeyDataSource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccKmsWhiteBoxDecryptKeyDataSource,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckTencentCloudDataSourceID("data.tencentcloud_kms_white_box_decrypt_key.example"),
+					resource.TestCheckResourceAttrSet("data.tencentcloud_kms_white_box_decrypt_key.example", "key_id"),
+				),
+			},
+		},
+	})
+}
+
+const testAccKmsWhiteBoxDecryptKeyDataSource = `
+data "tencentcloud_kms_white_box_decrypt_key" "example" {
+  key_id = "8731f440-66c1-11ee-beb0-52540036aed2"
+}
+`