From 320b709f3ac57304c442096c8bcf3acfa4c0a1a6 Mon Sep 17 00:00:00 2001 From: WeiMengXS Date: Mon, 23 Oct 2023 15:05:10 +0800 Subject: [PATCH 1/4] feat: member policy --- tencentcloud/provider.go | 1 + ...ource_tc_organization_org_member_policy.go | 209 ++++++++++++++++++ ..._tc_organization_org_member_policy_test.go | 38 ++++ .../service_tencentcloud_organization.go | 68 ++++++ 4 files changed, 316 insertions(+) create mode 100644 tencentcloud/resource_tc_organization_org_member_policy.go create mode 100644 tencentcloud/resource_tc_organization_org_member_policy_test.go diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go index 513c292933..1d8fbfc59f 100644 --- a/tencentcloud/provider.go +++ b/tencentcloud/provider.go @@ -3513,6 +3513,7 @@ func Provider() *schema.Provider { "tencentcloud_ssl_update_certificate_record_retry_operation": resourceTencentCloudSslUpdateCertificateRecordRetryOperation(), "tencentcloud_ssl_update_certificate_record_rollback_operation": resourceTencentCloudSslUpdateCertificateRecordRollbackOperation(), "tencentcloud_ssl_upload_revoke_letter_operation": resourceTencentCloudSslUploadRevokeLetterOperation(), + "tencentcloud_organization_org_member_policy": resourceTencentCloudOrganizationOrgMemberPolicy(), }, ConfigureFunc: providerConfigure, diff --git a/tencentcloud/resource_tc_organization_org_member_policy.go b/tencentcloud/resource_tc_organization_org_member_policy.go new file mode 100644 index 0000000000..54453aeb59 --- /dev/null +++ b/tencentcloud/resource_tc_organization_org_member_policy.go @@ -0,0 +1,209 @@ +/* +Provides a resource to create a organization org_member_policy + +Example Usage + +```hcl +resource "tencentcloud_organization_org_member_policy" "org_member_policy" { + member_uins = <nil> + policy_name = <nil> + identity_id = <nil> + description = <nil> +} +``` + +Import + +organization org_member_policy can be imported using the id, e.g. + +``` +terraform import tencentcloud_organization_org_member_policy.org_member_policy org_member_policy_id +``` +*/ +package tencentcloud + +import ( + "context" + "fmt" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + organization "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization/v20210331" + "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper" + "log" +) + +func resourceTencentCloudOrganizationOrgMemberPolicy() *schema.Resource { + return &schema.Resource{ + Create: resourceTencentCloudOrganizationOrgMemberPolicyCreate, + Read: resourceTencentCloudOrganizationOrgMemberPolicyRead, + Update: resourceTencentCloudOrganizationOrgMemberPolicyUpdate, + Delete: resourceTencentCloudOrganizationOrgMemberPolicyDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + Schema: map[string]*schema.Schema{ + "member_uins": { + Required: true, + Type: schema.TypeSet, + Elem: &schema.Schema{ + Type: schema.TypeInt, + }, + Description: "Member Uin list. Up to 10.", + }, + + "policy_name": { + Required: true, + Type: schema.TypeString, + Description: "Policy name.The maximum length is 128 characters, supporting English letters, numbers, and symbols +=,.@_-.", + }, + + "identity_id": { + Required: true, + Type: schema.TypeInt, + Description: "Organization identity ID.", + }, + + "description": { + Optional: true, + Type: schema.TypeString, + Description: "Notes.The maximum length is 128 characters.", + }, + }, + } +} + +func resourceTencentCloudOrganizationOrgMemberPolicyCreate(d *schema.ResourceData, meta interface{}) error { + defer logElapsed("resource.tencentcloud_organization_org_member_policy.create")() + defer inconsistentCheck(d, meta)() + + logId := getLogId(contextNil) + + var ( + request = organization.NewCreateOrganizationMembersPolicyRequest() + response = organization.NewCreateOrganizationMembersPolicyResponse() + ) + if v, ok := d.GetOk("member_uins"); ok { + memberUinsSet := v.(*schema.Set).List() + for i := range memberUinsSet { + memberUins := memberUinsSet[i].(int) + request.MemberUins = append(request.MemberUins, helper.IntInt64(memberUins)) + } + } + + if v, ok := d.GetOk("policy_name"); ok { + request.PolicyName = helper.String(v.(string)) + } + + if v, ok := d.GetOkExists("identity_id"); ok { + request.IdentityId = helper.IntInt64(v.(int)) + } + + if v, ok := d.GetOk("description"); ok { + request.Description = helper.String(v.(string)) + } + + err := resource.Retry(writeRetryTimeout, func() *resource.RetryError { + result, e := meta.(*TencentCloudClient).apiV3Conn.UseOrganizationClient().CreateOrganizationMembersPolicy(request) + if e != nil { + return retryError(e) + } else { + log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString()) + } + response = result + return nil + }) + if err != nil { + log.Printf("[CRITAL]%s create organization orgMemberPolicy failed, reason:%+v", logId, err) + return err + } + + if response == nil || response.Response == nil || response.Response.PolicyId == nil { + return fmt.Errorf("policy id is null") + } + + d.SetId(helper.Int64ToStr(*response.Response.PolicyId)) + + return resourceTencentCloudOrganizationOrgMemberPolicyRead(d, meta) +} + +func resourceTencentCloudOrganizationOrgMemberPolicyRead(d *schema.ResourceData, meta interface{}) error { + defer logElapsed("resource.tencentcloud_organization_org_member_policy.read")() + defer inconsistentCheck(d, meta)() + + logId := getLogId(contextNil) + + ctx := context.WithValue(context.TODO(), logIdKey, logId) + + service := OrganizationService{client: meta.(*TencentCloudClient).apiV3Conn} + + orgMemberPolicyId := d.Id() + var uins []*int64 + if v, ok := d.GetOk("member_uins"); ok { + memberUinsSet := v.(*schema.Set).List() + for i := range memberUinsSet { + memberUins := memberUinsSet[i].(int) + uins = append(uins, helper.IntInt64(memberUins)) + } + } + orgMemberPolicy, err := service.DescribeOrganizationOrgMemberPolicyById(ctx, orgMemberPolicyId, uins) + if err != nil { + return err + } + + if orgMemberPolicy == nil { + d.SetId("") + log.Printf("[WARN]%s resource `OrganizationOrgMemberPolicy` [%s] not found, please check if it has been deleted.\n", logId, d.Id()) + return nil + } + + if orgMemberPolicy.MemberUins != nil { + _ = d.Set("member_uins", orgMemberPolicy.MemberUins) + } + + if orgMemberPolicy.PolicyName != nil { + _ = d.Set("policy_name", orgMemberPolicy.PolicyName) + } + + if orgMemberPolicy.IdentityId != nil { + _ = d.Set("identity_id", orgMemberPolicy.IdentityId) + } + + if orgMemberPolicy.Description != nil { + _ = d.Set("description", orgMemberPolicy.Description) + } + + return nil +} + +func resourceTencentCloudOrganizationOrgMemberPolicyUpdate(d *schema.ResourceData, meta interface{}) error { + defer logElapsed("resource.tencentcloud_organization_org_member_policy.update")() + defer inconsistentCheck(d, meta)() + + logId := getLogId(contextNil) + + immutableArgs := []string{"member_uins", "policy_name", "identity_id", "description"} + + for _, v := range immutableArgs { + if d.HasChange(v) { + return fmt.Errorf("argument `%s` cannot be changed", v) + } + } + return resourceTencentCloudOrganizationOrgMemberPolicyRead(d, meta) +} + +func resourceTencentCloudOrganizationOrgMemberPolicyDelete(d *schema.ResourceData, meta interface{}) error { + defer logElapsed("resource.tencentcloud_organization_org_member_policy.delete")() + defer inconsistentCheck(d, meta)() + + logId := getLogId(contextNil) + ctx := context.WithValue(context.TODO(), logIdKey, logId) + + service := OrganizationService{client: meta.(*TencentCloudClient).apiV3Conn} + orgMemberPolicyId := d.Id() + + if err := service.DeleteOrganizationOrgMemberPolicyById(ctx, policyId); err != nil { + return err + } + + return nil +} diff --git a/tencentcloud/resource_tc_organization_org_member_policy_test.go b/tencentcloud/resource_tc_organization_org_member_policy_test.go new file mode 100644 index 0000000000..0bbcf5fe37 --- /dev/null +++ b/tencentcloud/resource_tc_organization_org_member_policy_test.go @@ -0,0 +1,38 @@ +package tencentcloud + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "testing" +) + +func TestAccTencentCloudOrganizationOrgMemberPolicyResource_basic(t *testing.T) { + t.Parallel() + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccOrganizationOrgMemberPolicy, + Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_organization_org_member_policy.org_member_policy", "id")), + }, + { + ResourceName: "tencentcloud_organization_org_member_policy.org_member_policy", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +const testAccOrganizationOrgMemberPolicy = ` + +resource "tencentcloud_organization_org_member_policy" "org_member_policy" { + member_uins = <nil> + policy_name = <nil> + identity_id = <nil> + description = <nil> +} + +` diff --git a/tencentcloud/service_tencentcloud_organization.go b/tencentcloud/service_tencentcloud_organization.go index 906bfdf21f..a671a59285 100644 --- a/tencentcloud/service_tencentcloud_organization.go +++ b/tencentcloud/service_tencentcloud_organization.go @@ -685,3 +685,71 @@ func (me *OrganizationService) DeleteOrganizationOrgIdentityById(ctx context.Con return } + +func (me *OrganizationService) DescribeOrganizationOrgMemberPolicyById(ctx context.Context, policyId string, uins []int64) (orgMemberPolicy *organization.OrgMemberPolicy, errRet error) { + logId := getLogId(ctx) + + request := organization.NewDescribeOrganizationMemberPoliciesRequest() + request.MemberUin = + + defer func() { + if errRet != nil { + log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error()) + } + }() + + ratelimit.Check(request.GetAction()) + var ( + offset int64 = 0 + limit int64 = 20 + ) + var tmp []*organization.OrgMemberPolicy + for { + request.Offset = &offset + request.Limit = &limit + response, err := me.client.UseOrganizationClient().DescribeOrganizationMemberPolicies(request) + if err != nil { + errRet = err + return + } + log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString()) + + if response == nil || len(response.Response.Items) < 1 { + break + } + tmp = append(tmp, response.Response.Items...) + if len(response.Response.Items) < int(limit) { + break + } + } + for _, item := range tmp { + if *item.IdentityId == helper.StrToInt64(identityId) { + orgIdentity = item + } + } + return +} + +func (me *OrganizationService) DeleteOrganizationOrgMemberPolicyById(ctx context.Context, policyId string) (errRet error) { + logId := getLogId(ctx) + + request := organization.NewDeleteOrganizationMembersPolicyRequest() + request.PolicyId = &policyId + + defer func() { + if errRet != nil { + log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error()) + } + }() + + ratelimit.Check(request.GetAction()) + + response, err := me.client.UseOrganizationClient().DeleteOrganizationMembersPolicy(request) + if err != nil { + errRet = err + return + } + log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString()) + + return +} From 3b4b4ba9176cf60a5d8cb8af3fba00babc2c76b7 Mon Sep 17 00:00:00 2001 From: WeiMengXS Date: Mon, 23 Oct 2023 17:05:44 +0800 Subject: [PATCH 2/4] feat: doc --- tencentcloud/provider.go | 3 +- ...ource_tc_organization_org_member_policy.go | 209 ------------------ ...ganization_org_member_policy_attachment.go | 154 +++++++++++++ ...ation_org_member_policy_attachment_test.go | 36 +++ ..._tc_organization_org_member_policy_test.go | 38 ---- .../service_tencentcloud_organization.go | 48 +--- ...org_member_policy_attachment.html.markdown | 48 ++++ website/tencentcloud.erb | 3 + 8 files changed, 245 insertions(+), 294 deletions(-) delete mode 100644 tencentcloud/resource_tc_organization_org_member_policy.go create mode 100644 tencentcloud/resource_tc_organization_org_member_policy_attachment.go create mode 100644 tencentcloud/resource_tc_organization_org_member_policy_attachment_test.go delete mode 100644 tencentcloud/resource_tc_organization_org_member_policy_test.go create mode 100644 website/docs/r/organization_org_member_policy_attachment.html.markdown diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go index 1d8fbfc59f..552c423075 100644 --- a/tencentcloud/provider.go +++ b/tencentcloud/provider.go @@ -1515,6 +1515,7 @@ Tencent Cloud Organization (TCO) tencentcloud_organization_org_member_email tencentcloud_organization_org_member_auth_identity_attachment tencentcloud_organization_policy_sub_account_attachment + tencentcloud_organization_org_member_policy_attachment tencentcloud_organization_quit_organization_operation TDSQL-C for PostgreSQL(TDCPG) @@ -3278,6 +3279,7 @@ func Provider() *schema.Provider { "tencentcloud_organization_instance": resourceTencentCloudOrganizationOrganization(), "tencentcloud_organization_policy_sub_account_attachment": resourceTencentCloudOrganizationPolicySubAccountAttachment(), "tencentcloud_organization_org_member_auth_identity_attachment": resourceTencentCloudOrganizationOrgMemberAuthIdentityAttachment(), + "tencentcloud_organization_org_member_policy_attachment": resourceTencentCloudOrganizationOrgMemberPolicyAttachment(), "tencentcloud_dbbrain_sql_filter": resourceTencentCloudDbbrainSqlFilter(), "tencentcloud_dbbrain_security_audit_log_export_task": resourceTencentCloudDbbrainSecurityAuditLogExportTask(), "tencentcloud_dbbrain_db_diag_report_task": resourceTencentCloudDbbrainDbDiagReportTask(), @@ -3513,7 +3515,6 @@ func Provider() *schema.Provider { "tencentcloud_ssl_update_certificate_record_retry_operation": resourceTencentCloudSslUpdateCertificateRecordRetryOperation(), "tencentcloud_ssl_update_certificate_record_rollback_operation": resourceTencentCloudSslUpdateCertificateRecordRollbackOperation(), "tencentcloud_ssl_upload_revoke_letter_operation": resourceTencentCloudSslUploadRevokeLetterOperation(), - "tencentcloud_organization_org_member_policy": resourceTencentCloudOrganizationOrgMemberPolicy(), }, ConfigureFunc: providerConfigure, diff --git a/tencentcloud/resource_tc_organization_org_member_policy.go b/tencentcloud/resource_tc_organization_org_member_policy.go deleted file mode 100644 index 54453aeb59..0000000000 --- a/tencentcloud/resource_tc_organization_org_member_policy.go +++ /dev/null @@ -1,209 +0,0 @@ -/* -Provides a resource to create a organization org_member_policy - -Example Usage - -```hcl -resource "tencentcloud_organization_org_member_policy" "org_member_policy" { - member_uins = <nil> - policy_name = <nil> - identity_id = <nil> - description = <nil> -} -``` - -Import - -organization org_member_policy can be imported using the id, e.g. - -``` -terraform import tencentcloud_organization_org_member_policy.org_member_policy org_member_policy_id -``` -*/ -package tencentcloud - -import ( - "context" - "fmt" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - organization "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization/v20210331" - "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper" - "log" -) - -func resourceTencentCloudOrganizationOrgMemberPolicy() *schema.Resource { - return &schema.Resource{ - Create: resourceTencentCloudOrganizationOrgMemberPolicyCreate, - Read: resourceTencentCloudOrganizationOrgMemberPolicyRead, - Update: resourceTencentCloudOrganizationOrgMemberPolicyUpdate, - Delete: resourceTencentCloudOrganizationOrgMemberPolicyDelete, - Importer: &schema.ResourceImporter{ - State: schema.ImportStatePassthrough, - }, - Schema: map[string]*schema.Schema{ - "member_uins": { - Required: true, - Type: schema.TypeSet, - Elem: &schema.Schema{ - Type: schema.TypeInt, - }, - Description: "Member Uin list. Up to 10.", - }, - - "policy_name": { - Required: true, - Type: schema.TypeString, - Description: "Policy name.The maximum length is 128 characters, supporting English letters, numbers, and symbols +=,.@_-.", - }, - - "identity_id": { - Required: true, - Type: schema.TypeInt, - Description: "Organization identity ID.", - }, - - "description": { - Optional: true, - Type: schema.TypeString, - Description: "Notes.The maximum length is 128 characters.", - }, - }, - } -} - -func resourceTencentCloudOrganizationOrgMemberPolicyCreate(d *schema.ResourceData, meta interface{}) error { - defer logElapsed("resource.tencentcloud_organization_org_member_policy.create")() - defer inconsistentCheck(d, meta)() - - logId := getLogId(contextNil) - - var ( - request = organization.NewCreateOrganizationMembersPolicyRequest() - response = organization.NewCreateOrganizationMembersPolicyResponse() - ) - if v, ok := d.GetOk("member_uins"); ok { - memberUinsSet := v.(*schema.Set).List() - for i := range memberUinsSet { - memberUins := memberUinsSet[i].(int) - request.MemberUins = append(request.MemberUins, helper.IntInt64(memberUins)) - } - } - - if v, ok := d.GetOk("policy_name"); ok { - request.PolicyName = helper.String(v.(string)) - } - - if v, ok := d.GetOkExists("identity_id"); ok { - request.IdentityId = helper.IntInt64(v.(int)) - } - - if v, ok := d.GetOk("description"); ok { - request.Description = helper.String(v.(string)) - } - - err := resource.Retry(writeRetryTimeout, func() *resource.RetryError { - result, e := meta.(*TencentCloudClient).apiV3Conn.UseOrganizationClient().CreateOrganizationMembersPolicy(request) - if e != nil { - return retryError(e) - } else { - log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString()) - } - response = result - return nil - }) - if err != nil { - log.Printf("[CRITAL]%s create organization orgMemberPolicy failed, reason:%+v", logId, err) - return err - } - - if response == nil || response.Response == nil || response.Response.PolicyId == nil { - return fmt.Errorf("policy id is null") - } - - d.SetId(helper.Int64ToStr(*response.Response.PolicyId)) - - return resourceTencentCloudOrganizationOrgMemberPolicyRead(d, meta) -} - -func resourceTencentCloudOrganizationOrgMemberPolicyRead(d *schema.ResourceData, meta interface{}) error { - defer logElapsed("resource.tencentcloud_organization_org_member_policy.read")() - defer inconsistentCheck(d, meta)() - - logId := getLogId(contextNil) - - ctx := context.WithValue(context.TODO(), logIdKey, logId) - - service := OrganizationService{client: meta.(*TencentCloudClient).apiV3Conn} - - orgMemberPolicyId := d.Id() - var uins []*int64 - if v, ok := d.GetOk("member_uins"); ok { - memberUinsSet := v.(*schema.Set).List() - for i := range memberUinsSet { - memberUins := memberUinsSet[i].(int) - uins = append(uins, helper.IntInt64(memberUins)) - } - } - orgMemberPolicy, err := service.DescribeOrganizationOrgMemberPolicyById(ctx, orgMemberPolicyId, uins) - if err != nil { - return err - } - - if orgMemberPolicy == nil { - d.SetId("") - log.Printf("[WARN]%s resource `OrganizationOrgMemberPolicy` [%s] not found, please check if it has been deleted.\n", logId, d.Id()) - return nil - } - - if orgMemberPolicy.MemberUins != nil { - _ = d.Set("member_uins", orgMemberPolicy.MemberUins) - } - - if orgMemberPolicy.PolicyName != nil { - _ = d.Set("policy_name", orgMemberPolicy.PolicyName) - } - - if orgMemberPolicy.IdentityId != nil { - _ = d.Set("identity_id", orgMemberPolicy.IdentityId) - } - - if orgMemberPolicy.Description != nil { - _ = d.Set("description", orgMemberPolicy.Description) - } - - return nil -} - -func resourceTencentCloudOrganizationOrgMemberPolicyUpdate(d *schema.ResourceData, meta interface{}) error { - defer logElapsed("resource.tencentcloud_organization_org_member_policy.update")() - defer inconsistentCheck(d, meta)() - - logId := getLogId(contextNil) - - immutableArgs := []string{"member_uins", "policy_name", "identity_id", "description"} - - for _, v := range immutableArgs { - if d.HasChange(v) { - return fmt.Errorf("argument `%s` cannot be changed", v) - } - } - return resourceTencentCloudOrganizationOrgMemberPolicyRead(d, meta) -} - -func resourceTencentCloudOrganizationOrgMemberPolicyDelete(d *schema.ResourceData, meta interface{}) error { - defer logElapsed("resource.tencentcloud_organization_org_member_policy.delete")() - defer inconsistentCheck(d, meta)() - - logId := getLogId(contextNil) - ctx := context.WithValue(context.TODO(), logIdKey, logId) - - service := OrganizationService{client: meta.(*TencentCloudClient).apiV3Conn} - orgMemberPolicyId := d.Id() - - if err := service.DeleteOrganizationOrgMemberPolicyById(ctx, policyId); err != nil { - return err - } - - return nil -} diff --git a/tencentcloud/resource_tc_organization_org_member_policy_attachment.go b/tencentcloud/resource_tc_organization_org_member_policy_attachment.go new file mode 100644 index 0000000000..034865a0f2 --- /dev/null +++ b/tencentcloud/resource_tc_organization_org_member_policy_attachment.go @@ -0,0 +1,154 @@ +/* +Provides a resource to create a organization org_member_policy_attachment + +Example Usage + +```hcl +resource "tencentcloud_organization_org_member_policy_attachment" "org_member_policy_attachment" { + member_uins = [100033905366,100033905356] + policy_name = "example-iac" + identity_id = 1 +} +``` + +Import + +organization org_member_policy_attachment can be imported using the id, e.g. + +``` +terraform import tencentcloud_organization_org_member_policy_attachment.org_member_policy_attachment org_member_policy_attachment_id +``` +*/ +package tencentcloud + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + organization "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization/v20210331" + "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper" +) + +func resourceTencentCloudOrganizationOrgMemberPolicyAttachment() *schema.Resource { + return &schema.Resource{ + Create: resourceTencentCloudOrganizationOrgMemberPolicyAttachmentCreate, + Read: resourceTencentCloudOrganizationOrgMemberPolicyAttachmentRead, + Delete: resourceTencentCloudOrganizationOrgMemberPolicyAttachmentDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + Schema: map[string]*schema.Schema{ + "member_uins": { + Required: true, + ForceNew: true, + Type: schema.TypeSet, + Elem: &schema.Schema{ + Type: schema.TypeInt, + }, + Description: "Member Uin list. Up to 10.", + }, + + "policy_name": { + Required: true, + ForceNew: true, + Type: schema.TypeString, + Description: "Policy name.The maximum length is 128 characters, supporting English letters, numbers, and symbols +=,.@_-.", + }, + + "identity_id": { + Required: true, + ForceNew: true, + Type: schema.TypeInt, + Description: "Organization identity ID.", + }, + + "description": { + Optional: true, + ForceNew: true, + Type: schema.TypeString, + Description: "Notes.The maximum length is 128 characters.", + }, + }, + } +} + +func resourceTencentCloudOrganizationOrgMemberPolicyAttachmentCreate(d *schema.ResourceData, meta interface{}) error { + defer logElapsed("resource.tencentcloud_organization_org_member_policy_attachment.create")() + defer inconsistentCheck(d, meta)() + + logId := getLogId(contextNil) + + var ( + request = organization.NewCreateOrganizationMembersPolicyRequest() + response = organization.NewCreateOrganizationMembersPolicyResponse() + ) + if v, ok := d.GetOk("member_uins"); ok { + memberUinsSet := v.(*schema.Set).List() + for i := range memberUinsSet { + memberUins := memberUinsSet[i].(int) + request.MemberUins = append(request.MemberUins, helper.IntInt64(memberUins)) + } + } + + if v, ok := d.GetOk("policy_name"); ok { + request.PolicyName = helper.String(v.(string)) + } + + if v, ok := d.GetOkExists("identity_id"); ok { + request.IdentityId = helper.IntInt64(v.(int)) + } + + if v, ok := d.GetOk("description"); ok { + request.Description = helper.String(v.(string)) + } + + err := resource.Retry(writeRetryTimeout, func() *resource.RetryError { + result, e := meta.(*TencentCloudClient).apiV3Conn.UseOrganizationClient().CreateOrganizationMembersPolicy(request) + if e != nil { + return retryError(e) + } else { + log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString()) + } + response = result + return nil + }) + if err != nil { + log.Printf("[CRITAL]%s create organization orgMemberPolicyAttachment failed, reason:%+v", logId, err) + return err + } + + if response == nil || response.Response == nil || response.Response.PolicyId == nil { + return fmt.Errorf("policy id is null") + } + policyId := *response.Response.PolicyId + d.SetId(helper.Int64ToStr(policyId)) + + return resourceTencentCloudOrganizationOrgMemberPolicyAttachmentRead(d, meta) +} + +func resourceTencentCloudOrganizationOrgMemberPolicyAttachmentRead(d *schema.ResourceData, meta interface{}) error { + defer logElapsed("resource.tencentcloud_organization_org_member_policy_attachment.read")() + defer inconsistentCheck(d, meta)() + + return nil +} + +func resourceTencentCloudOrganizationOrgMemberPolicyAttachmentDelete(d *schema.ResourceData, meta interface{}) error { + defer logElapsed("resource.tencentcloud_organization_org_member_policy_attachment.delete")() + defer inconsistentCheck(d, meta)() + + logId := getLogId(contextNil) + ctx := context.WithValue(context.TODO(), logIdKey, logId) + + service := OrganizationService{client: meta.(*TencentCloudClient).apiV3Conn} + orgMemberPolicyAttachmentId := d.Id() + + if err := service.DeleteOrganizationOrgMemberPolicyAttachmentById(ctx, orgMemberPolicyAttachmentId); err != nil { + return err + } + + return nil +} diff --git a/tencentcloud/resource_tc_organization_org_member_policy_attachment_test.go b/tencentcloud/resource_tc_organization_org_member_policy_attachment_test.go new file mode 100644 index 0000000000..d23ed0aea7 --- /dev/null +++ b/tencentcloud/resource_tc_organization_org_member_policy_attachment_test.go @@ -0,0 +1,36 @@ +package tencentcloud + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccTencentCloudOrganizationOrgMemberPolicyAttachmentResource_basic(t *testing.T) { + t.Parallel() + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccOrganizationOrgMemberPolicyAttachment, + Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_organization_org_member_policy_attachment.org_member_policy_attachment", "id"), + resource.TestCheckResourceAttrSet("tencentcloud_organization_org_member_policy_attachment.org_member_policy_attachment", "member_uins.#"), + resource.TestCheckResourceAttr("tencentcloud_organization_org_member_policy_attachment.org_member_policy_attachment", "policy_name", "example-iac"), + resource.TestCheckResourceAttr("tencentcloud_organization_org_member_policy_attachment.org_member_policy_attachment", "identity_id", "1"), + ), + }, + }, + }) +} + +const testAccOrganizationOrgMemberPolicyAttachment = ` + +resource "tencentcloud_organization_org_member_policy_attachment" "org_member_policy_attachment" { + member_uins = [100033905366,100033905356] + policy_name = "example-iac" + identity_id = 1 +} +` diff --git a/tencentcloud/resource_tc_organization_org_member_policy_test.go b/tencentcloud/resource_tc_organization_org_member_policy_test.go deleted file mode 100644 index 0bbcf5fe37..0000000000 --- a/tencentcloud/resource_tc_organization_org_member_policy_test.go +++ /dev/null @@ -1,38 +0,0 @@ -package tencentcloud - -import ( - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" - "testing" -) - -func TestAccTencentCloudOrganizationOrgMemberPolicyResource_basic(t *testing.T) { - t.Parallel() - resource.Test(t, resource.TestCase{ - PreCheck: func() { - testAccPreCheck(t) - }, - Providers: testAccProviders, - Steps: []resource.TestStep{ - { - Config: testAccOrganizationOrgMemberPolicy, - Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_organization_org_member_policy.org_member_policy", "id")), - }, - { - ResourceName: "tencentcloud_organization_org_member_policy.org_member_policy", - ImportState: true, - ImportStateVerify: true, - }, - }, - }) -} - -const testAccOrganizationOrgMemberPolicy = ` - -resource "tencentcloud_organization_org_member_policy" "org_member_policy" { - member_uins = <nil> - policy_name = <nil> - identity_id = <nil> - description = <nil> -} - -` diff --git a/tencentcloud/service_tencentcloud_organization.go b/tencentcloud/service_tencentcloud_organization.go index a671a59285..36cd3a7930 100644 --- a/tencentcloud/service_tencentcloud_organization.go +++ b/tencentcloud/service_tencentcloud_organization.go @@ -686,55 +686,11 @@ func (me *OrganizationService) DeleteOrganizationOrgIdentityById(ctx context.Con return } -func (me *OrganizationService) DescribeOrganizationOrgMemberPolicyById(ctx context.Context, policyId string, uins []int64) (orgMemberPolicy *organization.OrgMemberPolicy, errRet error) { - logId := getLogId(ctx) - - request := organization.NewDescribeOrganizationMemberPoliciesRequest() - request.MemberUin = - - defer func() { - if errRet != nil { - log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error()) - } - }() - - ratelimit.Check(request.GetAction()) - var ( - offset int64 = 0 - limit int64 = 20 - ) - var tmp []*organization.OrgMemberPolicy - for { - request.Offset = &offset - request.Limit = &limit - response, err := me.client.UseOrganizationClient().DescribeOrganizationMemberPolicies(request) - if err != nil { - errRet = err - return - } - log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString()) - - if response == nil || len(response.Response.Items) < 1 { - break - } - tmp = append(tmp, response.Response.Items...) - if len(response.Response.Items) < int(limit) { - break - } - } - for _, item := range tmp { - if *item.IdentityId == helper.StrToInt64(identityId) { - orgIdentity = item - } - } - return -} - -func (me *OrganizationService) DeleteOrganizationOrgMemberPolicyById(ctx context.Context, policyId string) (errRet error) { +func (me *OrganizationService) DeleteOrganizationOrgMemberPolicyAttachmentById(ctx context.Context, policyId string) (errRet error) { logId := getLogId(ctx) request := organization.NewDeleteOrganizationMembersPolicyRequest() - request.PolicyId = &policyId + request.PolicyId = helper.StrToUint64Point(policyId) defer func() { if errRet != nil { diff --git a/website/docs/r/organization_org_member_policy_attachment.html.markdown b/website/docs/r/organization_org_member_policy_attachment.html.markdown new file mode 100644 index 0000000000..ea090f387c --- /dev/null +++ b/website/docs/r/organization_org_member_policy_attachment.html.markdown @@ -0,0 +1,48 @@ +--- +subcategory: "Tencent Cloud Organization (TCO)" +layout: "tencentcloud" +page_title: "TencentCloud: tencentcloud_organization_org_member_policy_attachment" +sidebar_current: "docs-tencentcloud-resource-organization_org_member_policy_attachment" +description: |- + Provides a resource to create a organization org_member_policy_attachment +--- + +# tencentcloud_organization_org_member_policy_attachment + +Provides a resource to create a organization org_member_policy_attachment + +## Example Usage + +```hcl +resource "tencentcloud_organization_org_member_policy_attachment" "org_member_policy_attachment" { + member_uins = [100033905366, 100033905356] + policy_name = "example-iac" + identity_id = 1 +} +``` + +## Argument Reference + +The following arguments are supported: + +* `identity_id` - (Required, Int, ForceNew) Organization identity ID. +* `member_uins` - (Required, Set: [`Int`], ForceNew) Member Uin list. Up to 10. +* `policy_name` - (Required, String, ForceNew) Policy name.The maximum length is 128 characters, supporting English letters, numbers, and symbols +=,.@_-. +* `description` - (Optional, String, ForceNew) Notes.The maximum length is 128 characters. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `id` - ID of the resource. + + + +## Import + +organization org_member_policy_attachment can be imported using the id, e.g. + +``` +terraform import tencentcloud_organization_org_member_policy_attachment.org_member_policy_attachment org_member_policy_attachment_id +``` + diff --git a/website/tencentcloud.erb b/website/tencentcloud.erb index b4f09ac381..26631e3f69 100644 --- a/website/tencentcloud.erb +++ b/website/tencentcloud.erb @@ -3739,6 +3739,9 @@
  • tencentcloud_organization_org_member_email
    • +
  • + tencentcloud_organization_org_member_policy_attachment +
  • tencentcloud_organization_org_node
    • From d1d72b01523710ff4e86b7d76f4e3a2166329bbf Mon Sep 17 00:00:00 2001 From: WeiMengXS Date: Mon, 23 Oct 2023 17:07:39 +0800 Subject: [PATCH 3/4] feat: doc --- .changelog/2243.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/2243.txt diff --git a/.changelog/2243.txt b/.changelog/2243.txt new file mode 100644 index 0000000000..7a97570f87 --- /dev/null +++ b/.changelog/2243.txt @@ -0,0 +1,3 @@ +```release-note:new-resource +tencentcloud_organization_org_member_policy_attachment +``` From 3c513eea03066fddabfda23542611abc95e4d7e9 Mon Sep 17 00:00:00 2001 From: WeiMengXS Date: Mon, 23 Oct 2023 17:12:50 +0800 Subject: [PATCH 4/4] feat: test --- tencentcloud/provider_test.go | 11 +++++++++++ ..._organization_org_member_policy_attachment_test.go | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/tencentcloud/provider_test.go b/tencentcloud/provider_test.go index 14222e9c03..8ed5c1783f 100644 --- a/tencentcloud/provider_test.go +++ b/tencentcloud/provider_test.go @@ -26,6 +26,7 @@ const ( ACCOUNT_TYPE_SES = "SES" ACCOUNT_TYPE_TSF = "TSF" ACCOUNT_TYPE_SSL = "SSL" + ACCOUNT_TYPE_ORGANIZATION = "ORGANIZATION" INTERNATIONAL_PROVIDER_SECRET_ID = "TENCENTCLOUD_SECRET_ID_INTERNATIONAL" INTERNATIONAL_PROVIDER_SECRET_KEY = "TENCENTCLOUD_SECRET_KEY_INTERNATIONAL" PREPAY_PROVIDER_SECRET_ID = "TENCENTCLOUD_SECRET_ID_PREPAY" @@ -42,6 +43,8 @@ const ( TSF_PROVIDER_SECRET_KEY = "TENCENTCLOUD_SECRET_KEY_TSF" SSL_PROVIDER_SECRET_ID = "TENCENTCLOUD_SECRET_ID_SSL" SSL_PROVIDER_SECRET_KEY = "TENCENTCLOUD_SECRET_KEY_SSL" + ORGANIZATION_PROVIDER_SECRET_ID = "TENCENTCLOUD_SECRET_ID_ORGANIZATION" + ORGANIZATION_PROVIDER_SECRET_KEY = "TENCENTCLOUD_SECRET_KEY_ORGANIZATION" ) func init() { @@ -165,6 +168,14 @@ func testAccPreCheckCommon(t *testing.T, accountType string) { } os.Setenv(PROVIDER_SECRET_ID, secretId) os.Setenv(PROVIDER_SECRET_KEY, secretKey) + case accountType == ACCOUNT_TYPE_ORGANIZATION: + secretId := os.Getenv(ORGANIZATION_PROVIDER_SECRET_ID) + secretKey := os.Getenv(ORGANIZATION_PROVIDER_SECRET_KEY) + if secretId == "" || secretKey == "" { + t.Fatalf("%v and %v must be set for acceptance tests\n", ORGANIZATION_PROVIDER_SECRET_ID, ORGANIZATION_PROVIDER_SECRET_KEY) + } + os.Setenv(PROVIDER_SECRET_ID, secretId) + os.Setenv(PROVIDER_SECRET_KEY, secretKey) default: if v := os.Getenv(PROVIDER_SECRET_ID); v == "" { t.Fatalf("%v must be set for acceptance tests\n", PROVIDER_SECRET_ID) diff --git a/tencentcloud/resource_tc_organization_org_member_policy_attachment_test.go b/tencentcloud/resource_tc_organization_org_member_policy_attachment_test.go index d23ed0aea7..4cd00823cf 100644 --- a/tencentcloud/resource_tc_organization_org_member_policy_attachment_test.go +++ b/tencentcloud/resource_tc_organization_org_member_policy_attachment_test.go @@ -10,7 +10,7 @@ func TestAccTencentCloudOrganizationOrgMemberPolicyAttachmentResource_basic(t *t t.Parallel() resource.Test(t, resource.TestCase{ PreCheck: func() { - testAccPreCheck(t) + testAccPreCheckCommon(t, ACCOUNT_TYPE_ORGANIZATION) }, Providers: testAccProviders, Steps: []resource.TestStep{