diff --git a/.changelog/2931.txt b/.changelog/2931.txt
new file mode 100644
index 0000000000..f29b0a3382
--- /dev/null
+++ b/.changelog/2931.txt
@@ -0,0 +1,3 @@
+```release-note:new-resource
+tencentcloud_events_audit_track
+```
\ No newline at end of file
diff --git a/tencentcloud/connectivity/client.go b/tencentcloud/connectivity/client.go
index ce925b995c..2d64e93827 100644
--- a/tencentcloud/connectivity/client.go
+++ b/tencentcloud/connectivity/client.go
@@ -212,14 +212,15 @@ type TencentCloudClient struct {
controlcenterConn *controlcenter.Client
thpcConn *thpc.Client
//omit nil client
- omitNilConn *common.Client
- emrv20190103Conn *emr.Client
- teov20220901Conn *teo.Client
- sslv20191205Conn *sslCertificate.Client
- postgresv20170312Conn *postgre.Client
- cfwv20190904Conn *cfw.Client
- ccnv20170312Conn *vpc.Client
- tcssv20201101Conn *tcss.Client
+ omitNilConn *common.Client
+ emrv20190103Conn *emr.Client
+ teov20220901Conn *teo.Client
+ sslv20191205Conn *sslCertificate.Client
+ postgresv20170312Conn *postgre.Client
+ cfwv20190904Conn *cfw.Client
+ ccnv20170312Conn *vpc.Client
+ tcssv20201101Conn *tcss.Client
+ cloudauditv20190319Conn *audit.Client
}
// NewClientProfile returns a new ClientProfile
@@ -1915,3 +1916,16 @@ func (me *TencentCloudClient) UseTcssV20201101Client() *tcss.Client {
return me.tcssv20201101Conn
}
+
+// UseCloudauditV20190319Client return CLOUDAUDIT client for service
+func (me *TencentCloudClient) UseCloudauditV20190319Client() *audit.Client {
+ if me.cloudauditv20190319Conn != nil {
+ return me.cloudauditv20190319Conn
+ }
+ cpf := me.NewClientProfile(300)
+ cpf.Language = "zh-CN"
+ me.cloudauditv20190319Conn, _ = audit.NewClient(me.Credential, me.Region, cpf)
+ me.cloudauditv20190319Conn.WithHttpTransport(&LogRoundTripper{})
+
+ return me.cloudauditv20190319Conn
+}
diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go
index 071110fcad..dd5f243396 100644
--- a/tencentcloud/provider.go
+++ b/tencentcloud/provider.go
@@ -3,7 +3,6 @@ package tencentcloud
import (
"encoding/json"
"fmt"
-
"io/ioutil"
"net/url"
"os"
@@ -1566,6 +1565,7 @@ func Provider() *schema.Provider {
"tencentcloud_ckafka_datahub_task": ckafka.ResourceTencentCloudCkafkaDatahubTask(),
"tencentcloud_ckafka_route": ckafka.ResourceTencentCloudCkafkaRoute(),
"tencentcloud_audit_track": audit.ResourceTencentCloudAuditTrack(),
+ "tencentcloud_events_audit_track": audit.ResourceTencentCloudEventsAuditTrack(),
"tencentcloud_image": cvm.ResourceTencentCloudImage(),
"tencentcloud_cynosdb_proxy": cynosdb.ResourceTencentCloudCynosdbProxy(),
"tencentcloud_cynosdb_reload_proxy_node": cynosdb.ResourceTencentCloudCynosdbReloadProxyNode(),
diff --git a/tencentcloud/provider.md b/tencentcloud/provider.md
index 59acef0e53..d796faa216 100644
--- a/tencentcloud/provider.md
+++ b/tencentcloud/provider.md
@@ -159,6 +159,7 @@ Cloud Audit(Audit)
Resource
tencentcloud_audit_track
+ tencentcloud_events_audit_track
Auto Scaling(AS)
Data Source
diff --git a/tencentcloud/services/audit/resource_tc_events_audit_track.go b/tencentcloud/services/audit/resource_tc_events_audit_track.go
new file mode 100644
index 0000000000..0017f7bbc5
--- /dev/null
+++ b/tencentcloud/services/audit/resource_tc_events_audit_track.go
@@ -0,0 +1,453 @@
+// Code generated by iacg; DO NOT EDIT.
+package audit
+
+import (
+ "context"
+ "log"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ cloudauditv20190319 "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit/v20190319"
+
+ tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+ "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func ResourceTencentCloudEventsAuditTrack() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceTencentCloudEventsAuditTrackCreate,
+ Read: resourceTencentCloudEventsAuditTrackRead,
+ Update: resourceTencentCloudEventsAuditTrackUpdate,
+ Delete: resourceTencentCloudEventsAuditTrackDelete,
+ Importer: &schema.ResourceImporter{
+ State: schema.ImportStatePassthrough,
+ },
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ Description: "Tracking set name, which can only contain 3-48 letters, digits, hyphens, and underscores.",
+ },
+
+ "status": {
+ Type: schema.TypeInt,
+ Required: true,
+ Description: "Tracking set status (0: Not enabled; 1: Enabled).",
+ },
+
+ "storage": {
+ Type: schema.TypeList,
+ Required: true,
+ MaxItems: 1,
+ Description: "Storage type of shipped data. Valid values: `cos`, `cls`.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "storage_type": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Storage type (Valid values: cos, cls).",
+ },
+ "storage_region": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "StorageRegion *string `json:'StorageRegion,omitnil,omitempty' name: 'StorageRegion'`.",
+ },
+ "storage_name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Storage name. For COS, the storage name is the custom bucket name, which can contain up to 50 lowercase letters, digits, and hyphens. It cannot contain \"-APPID\" and cannot start or end with a hyphen. For CLS, the storage name is the log topic ID, which can contain 1-50 characters.",
+ },
+ "storage_prefix": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Storage directory prefix. The COS log file prefix can only contain 3-40 letters and digits.",
+ },
+ "storage_account_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Designated to store user ID.",
+ },
+ "storage_app_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Designated to store user app ID.",
+ },
+ },
+ },
+ },
+
+ "filters": {
+ Type: schema.TypeList,
+ Required: true,
+ MaxItems: 1,
+ Description: "Data filtering criteria.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "resource_fields": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "Resource filtering conditions.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "resource_type": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "The product to which the tracking set event belongs. The value can be a single product such as `cos`, or `*` that indicates all products.",
+ },
+ "action_type": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Tracking set event type (`Read`: Read; `Write`: Write; `*`: All).",
+ },
+ "event_names": {
+ Type: schema.TypeSet,
+ Required: true,
+ Description: "The list of API names of tracking set events. When `ResourceType` is `*`, the value of `EventNames` must be `*`. When `ResourceType` is a specified product, the value of `EventNames` can be `*`. When `ResourceType` is `cos` or `cls`, up to 10 APIs are supported.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+
+ "track_for_all_members": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Whether to enable the feature of shipping organization members operation logs to the organization admin account or the trusted service admin account (0: Not enabled; 1: Enabled. This feature can only be enabled by the organization admin account or the trusted service admin account).",
+ },
+
+ "track_id": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Whether the log list has come to an end. `true`: Yes. Pagination is not required.",
+ },
+ },
+ }
+}
+
+func resourceTencentCloudEventsAuditTrackCreate(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("resource.tencentcloud_events_audit_track.create")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ logId := tccommon.GetLogId(tccommon.ContextNil)
+
+ ctx := tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+
+ var (
+ trackId uint64
+ )
+ var (
+ request = cloudauditv20190319.NewCreateEventsAuditTrackRequest()
+ response = cloudauditv20190319.NewCreateEventsAuditTrackResponse()
+ )
+
+ if v, ok := d.GetOk("name"); ok {
+ request.Name = helper.String(v.(string))
+ }
+
+ if v, ok := d.GetOkExists("status"); ok {
+ request.Status = helper.IntUint64(v.(int))
+ }
+
+ if storageMap, ok := helper.InterfacesHeadMap(d, "storage"); ok {
+ storage := cloudauditv20190319.Storage{}
+ if v, ok := storageMap["storage_type"]; ok {
+ storage.StorageType = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_region"]; ok {
+ storage.StorageRegion = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_name"]; ok {
+ storage.StorageName = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_prefix"]; ok {
+ storage.StoragePrefix = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_account_id"]; ok && v != "" {
+ storage.StorageAccountId = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_app_id"]; ok && v != "" {
+ storage.StorageAppId = helper.String(v.(string))
+ }
+ request.Storage = &storage
+ }
+
+ if filtersMap, ok := helper.InterfacesHeadMap(d, "filters"); ok {
+ filter := cloudauditv20190319.Filter{}
+ if v, ok := filtersMap["resource_fields"]; ok {
+ for _, item := range v.([]interface{}) {
+ resourceFieldsMap := item.(map[string]interface{})
+ resourceField := cloudauditv20190319.ResourceField{}
+ if v, ok := resourceFieldsMap["resource_type"]; ok {
+ resourceField.ResourceType = helper.String(v.(string))
+ }
+ if v, ok := resourceFieldsMap["action_type"]; ok {
+ resourceField.ActionType = helper.String(v.(string))
+ }
+ if v, ok := resourceFieldsMap["event_names"]; ok {
+ eventNamesSet := v.(*schema.Set).List()
+ for i := range eventNamesSet {
+ eventNames := eventNamesSet[i].(string)
+ resourceField.EventNames = append(resourceField.EventNames, helper.String(eventNames))
+ }
+ }
+ filter.ResourceFields = append(filter.ResourceFields, &resourceField)
+ }
+ }
+ request.Filters = &filter
+ }
+
+ if v, ok := d.GetOkExists("track_for_all_members"); ok {
+ request.TrackForAllMembers = helper.IntUint64(v.(int))
+ }
+
+ err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseCloudauditV20190319Client().CreateEventsAuditTrackWithContext(ctx, request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+ response = result
+ return nil
+ })
+ if err != nil {
+ log.Printf("[CRITAL]%s create events audit track failed, reason:%+v", logId, err)
+ return err
+ }
+
+ trackId = *response.Response.TrackId
+
+ d.SetId(helper.UInt64ToStr(trackId))
+
+ return resourceTencentCloudEventsAuditTrackRead(d, meta)
+}
+
+func resourceTencentCloudEventsAuditTrackRead(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("resource.tencentcloud_events_audit_track.read")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ logId := tccommon.GetLogId(tccommon.ContextNil)
+
+ ctx := tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+
+ service := CloudauditService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+
+ trackId := d.Id()
+
+ respData, err := service.DescribeEventsAuditTrackById(ctx, trackId)
+ if err != nil {
+ return err
+ }
+
+ if respData == nil {
+ d.SetId("")
+ log.Printf("[WARN]%s resource `events_audit_track` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+ return nil
+ }
+ if respData.Name != nil {
+ _ = d.Set("name", respData.Name)
+ }
+
+ if respData.Status != nil {
+ _ = d.Set("status", respData.Status)
+ }
+
+ storageMap := map[string]interface{}{}
+
+ if respData.Storage != nil {
+ if respData.Storage.StorageType != nil {
+ storageMap["storage_type"] = respData.Storage.StorageType
+ }
+
+ if respData.Storage.StorageRegion != nil {
+ storageMap["storage_region"] = respData.Storage.StorageRegion
+ }
+
+ if respData.Storage.StorageName != nil {
+ storageMap["storage_name"] = respData.Storage.StorageName
+ }
+
+ if respData.Storage.StoragePrefix != nil {
+ storageMap["storage_prefix"] = respData.Storage.StoragePrefix
+ }
+
+ _ = d.Set("storage", []interface{}{storageMap})
+ }
+
+ if respData.TrackForAllMembers != nil {
+ _ = d.Set("track_for_all_members", respData.TrackForAllMembers)
+ }
+
+ filtersMap := map[string]interface{}{}
+
+ if respData.Filters != nil {
+ resourceFieldsList := make([]map[string]interface{}, 0, len(respData.Filters.ResourceFields))
+ if respData.Filters.ResourceFields != nil {
+ for _, resourceFields := range respData.Filters.ResourceFields {
+ resourceFieldsMap := map[string]interface{}{}
+
+ if resourceFields.ResourceType != nil {
+ resourceFieldsMap["resource_type"] = resourceFields.ResourceType
+ }
+
+ if resourceFields.ActionType != nil {
+ resourceFieldsMap["action_type"] = resourceFields.ActionType
+ }
+
+ if resourceFields.EventNames != nil {
+ resourceFieldsMap["event_names"] = resourceFields.EventNames
+ }
+
+ resourceFieldsList = append(resourceFieldsList, resourceFieldsMap)
+ }
+
+ filtersMap["resource_fields"] = resourceFieldsList
+ }
+ _ = d.Set("filters", []interface{}{filtersMap})
+ }
+
+ return nil
+}
+
+func resourceTencentCloudEventsAuditTrackUpdate(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("resource.tencentcloud_events_audit_track.update")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ logId := tccommon.GetLogId(tccommon.ContextNil)
+
+ ctx := tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+
+ trackId := d.Id()
+
+ needChange := false
+ mutableArgs := []string{"name", "status", "storage", "track_for_all_members", "filters"}
+ for _, v := range mutableArgs {
+ if d.HasChange(v) {
+ needChange = true
+ break
+ }
+ }
+
+ if needChange {
+ request := cloudauditv20190319.NewModifyEventsAuditTrackRequest()
+
+ request.TrackId = helper.StrToUint64Point(trackId)
+
+ if v, ok := d.GetOk("name"); ok {
+ request.Name = helper.String(v.(string))
+ }
+
+ if v, ok := d.GetOkExists("status"); ok {
+ request.Status = helper.IntUint64(v.(int))
+ }
+
+ if storageMap, ok := helper.InterfacesHeadMap(d, "storage"); ok {
+ storage := cloudauditv20190319.Storage{}
+ if v, ok := storageMap["storage_type"]; ok {
+ storage.StorageType = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_region"]; ok {
+ storage.StorageRegion = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_name"]; ok {
+ storage.StorageName = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_prefix"]; ok {
+ storage.StoragePrefix = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_account_id"]; ok && v != "" {
+ storage.StorageAccountId = helper.String(v.(string))
+ }
+ if v, ok := storageMap["storage_app_id"]; ok && v != "" {
+ storage.StorageAppId = helper.String(v.(string))
+ }
+ request.Storage = &storage
+ }
+
+ if v, ok := d.GetOkExists("track_for_all_members"); ok {
+ request.TrackForAllMembers = helper.IntUint64(v.(int))
+ }
+
+ if filtersMap, ok := helper.InterfacesHeadMap(d, "filters"); ok {
+ filter := cloudauditv20190319.Filter{}
+ if v, ok := filtersMap["resource_fields"]; ok {
+ for _, item := range v.([]interface{}) {
+ resourceFieldsMap := item.(map[string]interface{})
+ resourceField := cloudauditv20190319.ResourceField{}
+ if v, ok := resourceFieldsMap["resource_type"]; ok {
+ resourceField.ResourceType = helper.String(v.(string))
+ }
+ if v, ok := resourceFieldsMap["action_type"]; ok {
+ resourceField.ActionType = helper.String(v.(string))
+ }
+ if v, ok := resourceFieldsMap["event_names"]; ok {
+ eventNamesSet := v.(*schema.Set).List()
+ for i := range eventNamesSet {
+ eventNames := eventNamesSet[i].(string)
+ resourceField.EventNames = append(resourceField.EventNames, helper.String(eventNames))
+ }
+ }
+ filter.ResourceFields = append(filter.ResourceFields, &resourceField)
+ }
+ }
+ request.Filters = &filter
+ }
+
+ err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseCloudauditV20190319Client().ModifyEventsAuditTrackWithContext(ctx, request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+ return nil
+ })
+ if err != nil {
+ log.Printf("[CRITAL]%s update events audit track failed, reason:%+v", logId, err)
+ return err
+ }
+ }
+
+ return resourceTencentCloudEventsAuditTrackRead(d, meta)
+}
+
+func resourceTencentCloudEventsAuditTrackDelete(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("resource.tencentcloud_events_audit_track.delete")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ logId := tccommon.GetLogId(tccommon.ContextNil)
+ ctx := tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+
+ trackId := d.Id()
+
+ var (
+ request = cloudauditv20190319.NewDeleteAuditTrackRequest()
+ response = cloudauditv20190319.NewDeleteAuditTrackResponse()
+ )
+
+ request.TrackId = helper.StrToUint64Point(trackId)
+
+ err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseCloudauditV20190319Client().DeleteAuditTrackWithContext(ctx, request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+ response = result
+ return nil
+ })
+ if err != nil {
+ log.Printf("[CRITAL]%s delete events audit track failed, reason:%+v", logId, err)
+ return err
+ }
+
+ _ = response
+ return nil
+}
diff --git a/tencentcloud/services/audit/resource_tc_events_audit_track.md b/tencentcloud/services/audit/resource_tc_events_audit_track.md
new file mode 100644
index 0000000000..108faebaf8
--- /dev/null
+++ b/tencentcloud/services/audit/resource_tc_events_audit_track.md
@@ -0,0 +1,44 @@
+Provides a resource to create events audit track
+
+Example Usage
+
+```hcl
+resource "tencentcloud_events_audit_track" "example" {
+ name = "track_example"
+
+ status = 1
+ track_for_all_members = 0
+
+ storage {
+ storage_name = "393953ac-5c1b-457d-911d-376271b1b4f2"
+ storage_prefix = "cloudaudit"
+ storage_region = "ap-guangzhou"
+ storage_type = "cls"
+ }
+
+ filters {
+ resource_fields {
+ resource_type = "cam"
+ action_type = "*"
+ event_names = ["AddSubAccount", "AddSubAccountCheckingMFA"]
+ }
+ resource_fields {
+ resource_type = "cvm"
+ action_type = "*"
+ event_names = ["*"]
+ }
+ resource_fields {
+ resource_type = "tke"
+ action_type = "*"
+ event_names = ["*"]
+ }
+ }
+}
+```
+
+Import
+
+events audit track can be imported using the id, e.g.
+```
+$ terraform import tencentcloud_events_audit_track.example 24283
+```
\ No newline at end of file
diff --git a/tencentcloud/services/audit/resource_tc_events_audit_track_extension.go b/tencentcloud/services/audit/resource_tc_events_audit_track_extension.go
new file mode 100644
index 0000000000..6fd56fbc4b
--- /dev/null
+++ b/tencentcloud/services/audit/resource_tc_events_audit_track_extension.go
@@ -0,0 +1 @@
+package audit
diff --git a/tencentcloud/services/audit/resource_tc_events_audit_track_test.go b/tencentcloud/services/audit/resource_tc_events_audit_track_test.go
new file mode 100644
index 0000000000..6722a6323d
--- /dev/null
+++ b/tencentcloud/services/audit/resource_tc_events_audit_track_test.go
@@ -0,0 +1,62 @@
+package audit_test
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+ tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudEventsAuditTrackResource_basic(t *testing.T) {
+ t.Parallel()
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() {
+ tcacctest.AccPreCheck(t)
+ },
+ Providers: tcacctest.AccProviders,
+ Steps: []resource.TestStep{{
+ Config: testAccEventsAuditTrack,
+ Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_events_audit_track.example", "id")),
+ }, {
+ ResourceName: "tencentcloud_events_audit_track.example",
+ ImportState: true,
+ ImportStateVerify: true,
+ }},
+ })
+}
+
+const testAccEventsAuditTrack = `
+
+resource "tencentcloud_events_audit_track" "example" {
+ name = "track_example"
+
+ status = 1
+ track_for_all_members = 0
+
+ storage {
+ storage_name = "393953ac-5c1b-457d-911d-376271b1b4f2"
+ storage_prefix = "cloudaudit"
+ storage_region = "ap-guangzhou"
+ storage_type = "cls"
+ }
+
+ filters {
+ resource_fields {
+ resource_type = "cam"
+ action_type = "*"
+ event_names = ["AddSubAccount", "AddSubAccountCheckingMFA"]
+ }
+ resource_fields {
+ resource_type = "cvm"
+ action_type = "*"
+ event_names = ["*"]
+ }
+ resource_fields {
+ resource_type = "tke"
+ action_type = "*"
+ event_names = ["*"]
+ }
+ }
+}
+`
diff --git a/tencentcloud/services/audit/tencentcloud_sweeper_test.go b/tencentcloud/services/audit/resource_test.go
similarity index 100%
rename from tencentcloud/services/audit/tencentcloud_sweeper_test.go
rename to tencentcloud/services/audit/resource_test.go
diff --git a/tencentcloud/services/audit/service_tencentcloud_audit.go b/tencentcloud/services/audit/service_tencentcloud_audit.go
index 45ff609d67..30616e57da 100644
--- a/tencentcloud/services/audit/service_tencentcloud_audit.go
+++ b/tencentcloud/services/audit/service_tencentcloud_audit.go
@@ -21,10 +21,18 @@ func NewAuditService(client *connectivity.TencentCloudClient) AuditService {
return AuditService{client: client}
}
+func NewCloudauditService(client *connectivity.TencentCloudClient) CloudauditService {
+ return CloudauditService{client: client}
+}
+
type AuditService struct {
client *connectivity.TencentCloudClient
}
+type CloudauditService struct {
+ client *connectivity.TencentCloudClient
+}
+
func (me *AuditService) DescribeAuditById(ctx context.Context, name string) (auditInfo *audit.DescribeAuditResponse, has bool, errRet error) {
logId := tccommon.GetLogId(ctx)
request := audit.NewDescribeAuditRequest()
@@ -226,3 +234,28 @@ func (me *AuditService) DescribeAuditEventByFilter(ctx context.Context, param ma
return
}
+
+func (me *CloudauditService) DescribeEventsAuditTrackById(ctx context.Context, trackId string) (ret *audit.DescribeAuditTrackResponseParams, errRet error) {
+ logId := tccommon.GetLogId(ctx)
+
+ request := audit.NewDescribeAuditTrackRequest()
+ request.TrackId = helper.StrToUint64Point(trackId)
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ ratelimit.Check(request.GetAction())
+
+ response, err := me.client.UseCloudauditV20190319Client().DescribeAuditTrack(request)
+ if err != nil {
+ errRet = err
+ return
+ }
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+ ret = response.Response
+ return
+}
diff --git a/tencentcloud/services/ccn/data_source_tc_ccn_route_table_input_policies.go b/tencentcloud/services/ccn/data_source_tc_ccn_route_table_input_policies.go
index e11de484fb..c378154746 100644
--- a/tencentcloud/services/ccn/data_source_tc_ccn_route_table_input_policies.go
+++ b/tencentcloud/services/ccn/data_source_tc_ccn_route_table_input_policies.go
@@ -3,12 +3,13 @@ package ccn
import (
"context"
+ "strings"
+
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
vpcv20170312 "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc/v20170312"
tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
- "strings"
)
func DataSourceTencentCloudCcnRouteTableInputPolicies() *schema.Resource {
diff --git a/website/docs/r/events_audit_track.html.markdown b/website/docs/r/events_audit_track.html.markdown
new file mode 100644
index 0000000000..981792527c
--- /dev/null
+++ b/website/docs/r/events_audit_track.html.markdown
@@ -0,0 +1,93 @@
+---
+subcategory: "Cloud Audit(Audit)"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_events_audit_track"
+sidebar_current: "docs-tencentcloud-resource-events_audit_track"
+description: |-
+ Provides a resource to create events audit track
+---
+
+# tencentcloud_events_audit_track
+
+Provides a resource to create events audit track
+
+## Example Usage
+
+```hcl
+resource "tencentcloud_events_audit_track" "example" {
+ name = "track_example"
+
+ status = 1
+ track_for_all_members = 0
+
+ storage {
+ storage_name = "393953ac-5c1b-457d-911d-376271b1b4f2"
+ storage_prefix = "cloudaudit"
+ storage_region = "ap-guangzhou"
+ storage_type = "cls"
+ }
+
+ filters {
+ resource_fields {
+ resource_type = "cam"
+ action_type = "*"
+ event_names = ["AddSubAccount", "AddSubAccountCheckingMFA"]
+ }
+ resource_fields {
+ resource_type = "cvm"
+ action_type = "*"
+ event_names = ["*"]
+ }
+ resource_fields {
+ resource_type = "tke"
+ action_type = "*"
+ event_names = ["*"]
+ }
+ }
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `filters` - (Required, List) Data filtering criteria.
+* `name` - (Required, String, ForceNew) Tracking set name, which can only contain 3-48 letters, digits, hyphens, and underscores.
+* `status` - (Required, Int) Tracking set status (0: Not enabled; 1: Enabled).
+* `storage` - (Required, List) Storage type of shipped data. Valid values: `cos`, `cls`.
+* `track_for_all_members` - (Optional, Int) Whether to enable the feature of shipping organization members operation logs to the organization admin account or the trusted service admin account (0: Not enabled; 1: Enabled. This feature can only be enabled by the organization admin account or the trusted service admin account).
+
+The `filters` object supports the following:
+
+* `resource_fields` - (Optional, List) Resource filtering conditions.
+
+The `resource_fields` object of `filters` supports the following:
+
+* `action_type` - (Required, String) Tracking set event type (`Read`: Read; `Write`: Write; `*`: All).
+* `event_names` - (Required, Set) The list of API names of tracking set events. When `ResourceType` is `*`, the value of `EventNames` must be `*`. When `ResourceType` is a specified product, the value of `EventNames` can be `*`. When `ResourceType` is `cos` or `cls`, up to 10 APIs are supported.
+* `resource_type` - (Required, String) The product to which the tracking set event belongs. The value can be a single product such as `cos`, or `*` that indicates all products.
+
+The `storage` object supports the following:
+
+* `storage_name` - (Required, String) Storage name. For COS, the storage name is the custom bucket name, which can contain up to 50 lowercase letters, digits, and hyphens. It cannot contain "-APPID" and cannot start or end with a hyphen. For CLS, the storage name is the log topic ID, which can contain 1-50 characters.
+* `storage_prefix` - (Required, String) Storage directory prefix. The COS log file prefix can only contain 3-40 letters and digits.
+* `storage_region` - (Required, String) StorageRegion *string `json:'StorageRegion,omitnil,omitempty' name: 'StorageRegion'`.
+* `storage_type` - (Required, String) Storage type (Valid values: cos, cls).
+* `storage_account_id` - (Optional, String) Designated to store user ID.
+* `storage_app_id` - (Optional, String) Designated to store user app ID.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - ID of the resource.
+* `track_id` - Whether the log list has come to an end. `true`: Yes. Pagination is not required.
+
+
+## Import
+
+events audit track can be imported using the id, e.g.
+```
+$ terraform import tencentcloud_events_audit_track.example 24283
+```
+
diff --git a/website/tencentcloud.erb b/website/tencentcloud.erb
index 0fbb3487f8..1ae717b967 100644
--- a/website/tencentcloud.erb
+++ b/website/tencentcloud.erb
@@ -844,6 +844,9 @@
tencentcloud_audit_track
+
+ tencentcloud_events_audit_track
+