fix(postgresql): [122768403]support kms_cluster_id

.changelog/3341.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/tencentcloud_postgresql_instance: support kms_cluster_id
+```

go.mod

@@ -46,7 +46,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1107
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.1033
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.1148
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1154
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1156
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.1153
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.1111
@@ -70,7 +70,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/monitor v1.0.1066
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/mps v1.0.853
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.0.1038
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1103
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1156
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.1038
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/pts v1.0.762
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/redis v1.0.1008

go.sum

@@ -959,12 +959,14 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1148 h1:+2j
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1148/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1149 h1:a2N8e9YHftVvJmI6PIVJBLfPuy2dn+jZ92atTsmtJuc=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1149/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1153 h1:g/aw2nrrMfO/+sdBPCFsiq+sgSFNiUK/sAci6PT4O4E=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1153/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1150 h1:r/cHvpMZ0oO5/HOuSsPdq3Dj1YX4pF0mhZS7G5gWKEs=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1150/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1153 h1:g/aw2nrrMfO/+sdBPCFsiq+sgSFNiUK/sAci6PT4O4E=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1153/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1154 h1:tc2GXLGwpjaZdapd7pEpUjoeWU5gl3XUuZzDEyes7fg=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1154/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1156 h1:Uz9TqzwTAtRYuV7gB0Fh2E013qPrUJpS6CeNJ7vlfAI=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1156/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993 h1:WlPgXldQCxt7qi5Xrc6j6zTrsXWzN5BcOGs7Irq7fwQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993/go.mod h1:Z9U8zNtyuyKhjS0698wqsrG/kLx1TQ5CEixXBwVe7xY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.860 h1:F3esKBIT3HW9+7Gt8cVgf8X06VdGIczpgLBUECzSEzU=
@@ -1029,6 +1031,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.0.1038
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.0.1038/go.mod h1:ZcauOIKWXstNwe6IlD3iBBxzljEWdQjZbTc6PfwsPxQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1103 h1:lJW5ID6x9DS2xZzzALJVpY9zhNfqhBl/e2YDUkbzBcg=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1103/go.mod h1:PI4OqbnLLCWw6u/vNHnVVZeV/awmB9+zpLdhjYhWbKs=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1156 h1:zf/4a8G7E7RlVaGCVyjVkljX5P4gjNJymQkHoEzhjs4=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1156/go.mod h1:B1+7f2z0qF8G2EjFzPXtqHK3tPbzqb2y725eW1wIkaM=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.1038 h1:4rzyVxkDB27v73jDXPr5eGAwjN859R7SsqniCt+46XE=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.1038/go.mod h1:TAHhxxDVV36Pe4P4Gel3dgX4kHUfQO7f27GzRf8DAro=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/pts v1.0.762 h1:rZDKucVVtTnmnbZFDyh6t47dHswkb2oSuOxOHTTkygA=

tencentcloud/services/postgresql/resource_tc_postgresql_instance.go

@@ -203,6 +203,12 @@ func ResourceTencentCloudPostgresqlInstance() *schema.Resource {
 				Computed:    true,
 				Description: "Region of the custom key.",
 			},
+			"kms_cluster_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: "Specify the cluster served by KMS. If KMSClusterId is blank, use the KMS of the default cluster. If you choose to specify a KMS cluster, you need to pass in KMSClusterId.",
+			},
 			"public_access_switch": {
 				Type:        schema.TypeBool,
 				Optional:    true,
@@ -390,6 +396,7 @@ func resourceTencentCloudPostgresqlInstanceCreate(d *schema.ResourceData, meta i
 		needSupportTde  = 0
 		kmsKeyId        = ""
 		kmsRegion       = ""
+		kmsClusterId    = ""
 		period          = 1
 		autoRenewFlag   = 0
 		autoVoucher     = 0
@@ -432,6 +439,10 @@ func resourceTencentCloudPostgresqlInstanceCreate(d *schema.ResourceData, meta i
 		kmsRegion = v.(string)
 	}
 
+	if v, ok := d.GetOk("kms_cluster_id"); ok {
+		kmsClusterId = v.(string)
+	}
+
 	if v, ok := d.GetOkExists("auto_renew_flag"); ok {
 		autoRenewFlag = v.(int)
 	}
@@ -562,6 +573,7 @@ func resourceTencentCloudPostgresqlInstanceCreate(d *schema.ResourceData, meta i
 			needSupportTde,
 			kmsKeyId,
 			kmsRegion,
+			kmsClusterId,
 			autoVoucher,
 			voucherIds,
 		)
@@ -925,6 +937,7 @@ func resourceTencentCloudPostgresqlInstanceRead(d *schema.ResourceData, meta int
 	if has {
 		_ = d.Set("kms_key_id", kms.KeyId)
 		_ = d.Set("kms_region", kms.KeyRegion)
+		_ = d.Set("kms_cluster_id", kms.KMSClusterId)
 	}
 
 	// Uid, must use
@@ -1084,7 +1097,7 @@ func resourceTencentCloudPostgresqlInstanceUpdate(d *schema.ResourceData, meta i
 		return err
 	}
 
-	if d.HasChange("need_support_tde") || d.HasChange("kms_key_id") || d.HasChange("kms_region") {
+	if d.HasChange("need_support_tde") || d.HasChange("kms_key_id") || d.HasChange("kms_region") || d.HasChange("kms_cluster_id") {
 		return fmt.Errorf("Not support change params contact with data transparent encryption.")
 	}
 

tencentcloud/services/postgresql/resource_tc_postgresql_instance_test.go

@@ -403,6 +403,30 @@ func TestAccTencentCloudPostgresqlInstanceResource_MAZ(t *testing.T) {
 	})
 }
 
+func TestAccTencentCloudPostgresqlInstanceResource_kms(t *testing.T) {
+	// t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			tcacctest.AccPreCheck(t)
+		},
+		Providers:    tcacctest.AccProviders,
+		CheckDestroy: testAccCheckPostgresqlInstanceDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccPostgresqlInstanceKMS,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckPostgresqlInstanceExists("tencentcloud_postgresql_instance.pg_kms"),
+					resource.TestCheckResourceAttrSet("tencentcloud_postgresql_instance.pg_kms", "id"),
+					resource.TestCheckResourceAttr("tencentcloud_postgresql_instance.pg_kms", "need_support_tde", "1"),
+					resource.TestCheckResourceAttr("tencentcloud_postgresql_instance.pg_kms", "kms_cluster_id", "cls-hsm-mwpd9cjm"),
+					resource.TestCheckResourceAttr("tencentcloud_postgresql_instance.pg_kms", "kms_key_id", "4fc08855-24ee-11f0-b8ff-5254003580da"),
+					resource.TestCheckResourceAttr("tencentcloud_postgresql_instance.pg_kms", "kms_region", "ap-hongkong"),
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckPostgresqlInstanceDestroy(s *terraform.State) error {
 	for _, rs := range s.RootModule().Resources {
 		if rs.Type != testPostgresqlInstanceResourceName {
@@ -764,3 +788,35 @@ resource "tencentcloud_postgresql_instance" "test" {
   }
 }
 `
+
+const testAccPostgresqlInstanceKMS string = `
+resource "tencentcloud_vpc" "vpc" {
+  cidr_block = "10.0.0.0/16"
+  name       = "vpc"
+}
+
+resource "tencentcloud_subnet" "subnet" {
+  vpc_id            = tencentcloud_vpc.vpc.id
+  availability_zone = "ap-hongkong-2"
+  name              = "subnet"
+  cidr_block        = "10.0.1.0/24"
+}
+
+resource "tencentcloud_postgresql_instance" "pg_kms" {
+  name              = "tf_postsql_kms"
+  availability_zone = "ap-hongkong-2"
+  vpc_id            = tencentcloud_vpc.vpc.id
+  subnet_id         = tencentcloud_subnet.subnet.id
+  engine_version    = "17.4"
+  root_password     = "t1qaA2k1wgvfa3?ZZZ"
+  charset           = "UTF8"
+  project_id        = 0
+  memory            = 2
+  storage           = 20
+  need_support_tde  = 1
+  kms_cluster_id    = "cls-hsm-mwpd9cjm"
+  kms_key_id        = "4fc08855-24ee-11f0-b8ff-5254003580da"
+  kms_region        = "ap-hongkong"
+  db_kernel_version = "v17.4_r1.3"
+}
+`

tencentcloud/services/postgresql/service_tencentcloud_postgresql.go

@@ -37,7 +37,7 @@ func (me *PostgresqlService) CreatePostgresqlInstance(
 	storage int,
 	username, password, charset string,
 	dbNodeSet []*postgresql.DBNode,
-	needSupportTde int, kmsKeyId, kmsRegion string, autoVoucher int, voucherIds []*string,
+	needSupportTde int, kmsKeyId, kmsRegion string, kmsClusterId string, autoVoucher int, voucherIds []*string,
 ) (instanceId string, errRet error) {
 	logId := tccommon.GetLogId(ctx)
 	request := postgresql.NewCreateInstancesRequest()
@@ -76,6 +76,9 @@ func (me *PostgresqlService) CreatePostgresqlInstance(
 		if kmsRegion != "" {
 			request.KMSRegion = helper.String(kmsRegion)
 		}
+		if kmsClusterId != "" {
+			request.KMSClusterId = helper.String(kmsClusterId)
+		}
 	}
 
 	if len(securityGroups) > 0 {