diff --git a/CHANGELOG.md b/CHANGELOG.md index c9888149..02799ae9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ - ## 1.19.20 (Unreleased) + ## 1.19.21 (Unreleased) +## 1.19.20 (November 13, 2023) +NOTES: +- ADD RDS Security ip. + + ## 1.19.19 (October 17, 2023) NOTES: - update resource/baiducloud_cds storage_type description : add `enhanced_ssd_pl1`. diff --git a/baiducloud/common_test.go b/baiducloud/common_test.go index 066b73cc..6af72494 100644 --- a/baiducloud/common_test.go +++ b/baiducloud/common_test.go @@ -37,6 +37,7 @@ const ( BaiduCloudTestResourceTypeNameRdsAccount = BaiduCloudTestResourceTypeName + "-" + "rds-account" BaiduCloudTestResourceTypeNameRdsInstance = BaiduCloudTestResourceTypeName + "-" + "rds-instance" BaiduCloudTestResourceTypeNameRdsReadonlyInstance = BaiduCloudTestResourceTypeName + "-" + "rds-readonly-instance" + BaiduCloudTestResourceTypeNameRdsSecurityIp = BaiduCloudTestResourceTypeName + "-" + "rds-security-ip" BaiduCloudTestResourceTypeNameRouteRule = BaiduCloudTestResourceTypeName + "-" + "route-rule" BaiduCloudTestResourceTypeNameScs = BaiduCloudTestResourceTypeName + "-" + "scs" BaiduCloudTestResourceTypeNameSecurityGroup = BaiduCloudTestResourceTypeName + "-" + "security-group" diff --git a/baiducloud/data_source_baiducloud_rds_security_ips.go b/baiducloud/data_source_baiducloud_rds_security_ips.go new file mode 100644 index 00000000..438e2fdb --- /dev/null +++ b/baiducloud/data_source_baiducloud_rds_security_ips.go @@ -0,0 +1,98 @@ +/* +Use this data source to query RDS security ips. + +Example Usage + +```hcl +data "baiducloud_rds_security_ips" "default" { + instance_id = "rds-LCP5Tn03" +} + +output "security_ips" { + value = "${data.baiducloud_rdss.default.security_ips}" +} +``` +*/ +package baiducloud + +import ( + "github.com/baidubce/bce-sdk-go/services/rds" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + + "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/connectivity" +) + +func dataSourceBaiduCloudRdsSecurityIps() *schema.Resource { + return &schema.Resource{ + Read: dataSourceBaiduCloudRdssSecurityIpsRead, + + Schema: map[string]*schema.Schema{ + "instance_id": { + Type: schema.TypeString, + Description: "ID of the instance", + Required: true, + ForceNew: true, + }, + "security_ips": { + Type: schema.TypeList, + Description: "security_ips", + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "ip": { + Type: schema.TypeString, + Description: "securityIp", + Computed: true, + }, + }, + }, + }, + }, + } +} + +func dataSourceBaiduCloudRdssSecurityIpsRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*connectivity.BaiduClient) + + instanceID := d.Get("instance_id").(string) + action := "Query RDS SecurityIp instanceID is " + instanceID + + raw, err := client.WithRdsClient(func(rdsClient *rds.Client) (interface{}, error) { + return rdsClient.GetSecurityIps(instanceID) + }) + + addDebug(action, raw) + + if err != nil { + if NotFoundError(err) { + d.SetId("") + return nil + } + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_rds_security_ips", action, BCESDKGoERROR) + } + + securityIpsResult, _ := raw.(*rds.GetSecurityIpsResult) + securityIps := make([]map[string]interface{}, 0) + for _, ip := range securityIpsResult.SecurityIps { + ipMap := make(map[string]interface{}) + ipMap["ip"] = ip + securityIps = append(securityIps, ipMap) + } + addDebug(action, securityIps) + + FilterDataSourceResult(d, &securityIps) + + if err := d.Set("security_ips", securityIps); err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_rds_security_ips", action, BCESDKGoERROR) + } + + d.SetId(resource.UniqueId()) + + if v, ok := d.GetOk("output_file"); ok && v.(string) != "" { + if err := writeToFile(v.(string), securityIps); err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_rds_security_ips", action, BCESDKGoERROR) + } + } + return nil +} diff --git a/baiducloud/data_source_baiducloud_rds_security_ips_test.go b/baiducloud/data_source_baiducloud_rds_security_ips_test.go new file mode 100644 index 00000000..eb021b97 --- /dev/null +++ b/baiducloud/data_source_baiducloud_rds_security_ips_test.go @@ -0,0 +1,40 @@ +package baiducloud + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + testAccRdsSecurityIpDataSourceName = "data.baiducloud_rds_security_ips.default" + testAccRdsSecurityIpDataSourceAttrKeyPrefix = "security_ips.0." +) + +//lintignore:AT003 +func TestAccBaiduCloudRdsSecurityIpDataSource(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccRdsSecurityIpDataSourceConfig(), + Check: resource.ComposeTestCheckFunc( + testAccCheckBaiduCloudDataSourceId(testAccRdsSecurityIpDataSourceName), + resource.TestCheckResourceAttrSet(testAccRdsSecurityIpDataSourceName, testAccRdsSecurityIpDataSourceAttrKeyPrefix+"ip"), + ), + }, + }, + }) +} + +func testAccRdsSecurityIpDataSourceConfig() string { + return fmt.Sprintf(` +data "baiducloud_rds_security_ips" "default" { + instance_id = "rds-BIFDrIl9" +} +`) +} diff --git a/baiducloud/provider.go b/baiducloud/provider.go index 9b46fbff..9e97beaf 100644 --- a/baiducloud/provider.go +++ b/baiducloud/provider.go @@ -122,14 +122,13 @@ package baiducloud import ( "bytes" "fmt" - "os" - "strings" - "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/service/bcc" "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/service/bec" "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/service/cdn" "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/service/iam" "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/service/snic" + "os" + "strings" "github.com/hashicorp/terraform-plugin-sdk/helper/hashcode" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" @@ -213,6 +212,7 @@ func Provider() terraform.ResourceProvider { "baiducloud_ccev2_instance_group_instances": dataSourceBaiduCloudCCEv2InstanceGroupInstances(), "baiducloud_cce_kubeconfig": dataSourceBaiduCloudCceKubeConfig(), "baiducloud_rdss": dataSourceBaiduCloudRdss(), + "baiducloud_rds_security_ips": dataSourceBaiduCloudRdsSecurityIps(), "baiducloud_dtss": dataSourceBaiduCloudDtss(), "baiducloud_cdn_domains": cdn.DataSourceDomains(), "baiducloud_cdn_domain_certificate": cdn.DataSourceDomainCertificate(), @@ -278,6 +278,7 @@ func Provider() terraform.ResourceProvider { "baiducloud_rds_instance": resourceBaiduCloudRdsInstance(), "baiducloud_rds_readonly_instance": resourceBaiduCloudRdsReadOnlyInstance(), "baiducloud_rds_account": resourceBaiduCloudRdsAccount(), + "baiducloud_rds_security_ip": resourceBaiduCloudRdsSecurityIp(), "baiducloud_dts": resourceBaiduCloudDts(), "baiducloud_iam_user": resourceBaiduCloudIamUser(), "baiducloud_iam_group": resourceBaiduCloudIamGroup(), diff --git a/baiducloud/resource_baiducloud_rds_security_ip.go b/baiducloud/resource_baiducloud_rds_security_ip.go new file mode 100644 index 00000000..3e983dd3 --- /dev/null +++ b/baiducloud/resource_baiducloud_rds_security_ip.go @@ -0,0 +1,246 @@ +/* +Use this resource to get information about a RDS Security Ip. + +~> **NOTE:** The terminate operation of rds instance does NOT take effect immediately,maybe takes for several minites. + +Example Usage + +```hcl +resource "baiducloud_rds_security_ip" "default" { + instance_id = "rds-ZuZd7s1l" + security_ips = [192.168.0.8] +} +``` + +Import + +RDS RDS Security Ip. can be imported, e.g. + +```hcl +$ terraform import baiducloud_rds_security_ip.default id +``` +*/ +package baiducloud + +import ( + "log" + "time" + + "github.com/baidubce/bce-sdk-go/bce" + "github.com/baidubce/bce-sdk-go/services/rds" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/connectivity" +) + +func resourceBaiduCloudRdsSecurityIp() *schema.Resource { + return &schema.Resource{ + Create: resourceBaiduCloudRdsSecurityIpCreate, + Read: resourceBaiduCloudRdsSecurityIpRead, + Update: resourceBaiduCloudRdsSecurityIpUpdate, + Delete: resourceBaiduCloudRdsSecurityIpDelete, + + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(20 * time.Minute), + Update: schema.DefaultTimeout(30 * time.Minute), + Delete: schema.DefaultTimeout(20 * time.Minute), + }, + + Schema: map[string]*schema.Schema{ + "instance_id": { + Type: schema.TypeString, + Description: "ID of the instance", + Required: true, + ForceNew: true, + }, + "security_ips": { + Type: schema.TypeSet, + Description: "securityIps", + Optional: true, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "e_tag": { + Type: schema.TypeString, + Description: "ETag of the instance.", + Computed: true, + }, + }, + } +} + +func resourceBaiduCloudRdsSecurityIpCreate(d *schema.ResourceData, meta interface{}) error { + client := meta.(*connectivity.BaiduClient) + + instanceIdArg := d.Get("instance_id").(string) + + updateSecurityArgs, err := buildBaiduCloudRdsSecurityIpArgs(d, meta) + + if err != nil { + return WrapError(err) + } + + action := "Create RDS SecurityIp instance id is" + instanceIdArg + addDebug(action, updateSecurityArgs) + + err = resource.Retry(d.Timeout(schema.TimeoutCreate), func() *resource.RetryError { + _, err := client.WithRdsClient(func(rdsClient *rds.Client) (interface{}, error) { + + result, e := rdsClient.GetSecurityIps(instanceIdArg) + log.Printf("GetSecurityIps Etag is:" + result.Etag) + if e != nil { + return nil, e + } + return nil, rdsClient.UpdateSecurityIps(instanceIdArg, result.Etag, updateSecurityArgs) + }) + if err != nil { + if IsExceptedErrors(err, []string{bce.EINTERNAL_ERROR}) { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + addDebug(action, err) + d.SetId(instanceIdArg) + return nil + }) + if err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_rds_security_ip", action, BCESDKGoERROR) + } + + return resourceBaiduCloudRdsSecurityIpRead(d, meta) +} + +func resourceBaiduCloudRdsSecurityIpRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*connectivity.BaiduClient) + + instanceID := d.Id() + action := "Query RDS SecurityIp instanceID is " + instanceID + + raw, err := client.WithRdsClient(func(rdsClient *rds.Client) (interface{}, error) { + return rdsClient.GetSecurityIps(instanceID) + }) + + addDebug(action, raw) + + if err != nil { + if NotFoundError(err) { + d.SetId("") + return nil + } + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_rds_instance", action, BCESDKGoERROR) + } + + result, _ := raw.(*rds.GetSecurityIpsResult) + + d.Set("e_tag", result.Etag) + d.Set("security_ips", result.SecurityIps) + + return nil +} + +func resourceBaiduCloudRdsSecurityIpUpdate(d *schema.ResourceData, meta interface{}) error { + + if !d.HasChange("security_ips") { + return resourceBaiduCloudRdsSecurityIpRead(d, meta) + } + + client := meta.(*connectivity.BaiduClient) + instanceID := d.Id() + + updateSecurityArgs, err := buildBaiduCloudRdsSecurityIpArgs(d, meta) + + if err != nil { + return WrapError(err) + } + + action := "Update RDS SecurityIp instance id is" + instanceID + addDebug(action, updateSecurityArgs) + + err = resource.Retry(d.Timeout(schema.TimeoutCreate), func() *resource.RetryError { + _, err := client.WithRdsClient(func(rdsClient *rds.Client) (interface{}, error) { + + result, e := rdsClient.GetSecurityIps(instanceID) + log.Printf("GetSecurityIps Etag is:" + result.Etag) + if e != nil { + return nil, e + } + return nil, rdsClient.UpdateSecurityIps(instanceID, result.Etag, updateSecurityArgs) + }) + if err != nil { + if IsExceptedErrors(err, []string{bce.EINTERNAL_ERROR}) { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + addDebug(action, err) + return nil + }) + if err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_rds_security_ip", action, BCESDKGoERROR) + } + + return resourceBaiduCloudRdsSecurityIpRead(d, meta) +} + +func resourceBaiduCloudRdsSecurityIpDelete(d *schema.ResourceData, meta interface{}) error { + client := meta.(*connectivity.BaiduClient) + + instanceId := d.Id() + + action := "Delete RDS SecurityIp instance id is" + instanceId + + request := &rds.UpdateSecurityIpsArgs{} + ips := make([]string, 0) + //ips = append(ips, "") + request.SecurityIps = ips + + addDebug(action, "") + + err := resource.Retry(d.Timeout(schema.TimeoutDelete), func() *resource.RetryError { + _, err := client.WithRdsClient(func(rdsClient *rds.Client) (interface{}, error) { + + result, e := rdsClient.GetSecurityIps(instanceId) + log.Printf("GetSecurityIps Etag is:" + result.Etag) + if e != nil { + return nil, e + } + return nil, rdsClient.UpdateSecurityIps(instanceId, result.Etag, request) + }) + if err != nil { + if IsExceptedErrors(err, []string{bce.EINTERNAL_ERROR}) { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + addDebug(action, err) + return nil + }) + + if err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_rds_security_ip", action, BCESDKGoERROR) + } + + return nil +} + +func buildBaiduCloudRdsSecurityIpArgs(d *schema.ResourceData, meta interface{}) (*rds.UpdateSecurityIpsArgs, error) { + request := &rds.UpdateSecurityIpsArgs{} + + if securityIps, ok := d.GetOk("security_ips"); ok { + + ips := make([]string, 0) + for _, ip := range securityIps.(*schema.Set).List() { + ips = append(ips, ip.(string)) + } + request.SecurityIps = ips + } + + return request, nil + +} diff --git a/baiducloud/resource_baiducloud_rds_security_ip_test.go b/baiducloud/resource_baiducloud_rds_security_ip_test.go new file mode 100644 index 00000000..3e90bea4 --- /dev/null +++ b/baiducloud/resource_baiducloud_rds_security_ip_test.go @@ -0,0 +1,43 @@ +package baiducloud + +import ( + "fmt" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "testing" +) + +const ( + testAccRdsSecurityIpResourceType = "baiducloud_rds_security_ip" + testAccRdsSecurityIpResourceName = testAccRdsSecurityIpResourceType + "." + BaiduCloudTestResourceName +) + +func TestAccBaiduCloudRdsSecurityIp(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + + Steps: []resource.TestStep{ + { + Config: testAccRdsSecurityIpConfig(BaiduCloudTestResourceTypeNameRdsSecurityIp), + Check: resource.ComposeTestCheckFunc( + testAccCheckBaiduCloudDataSourceId(testAccRdsSecurityIpResourceName), + resource.TestCheckResourceAttr(testAccRdsSecurityIpResourceName, "instance_id", "rds-BIFDrIl9"), + ), + }, + }, + }) +} + +func testAccRdsSecurityIpConfig(name string) string { + return fmt.Sprintf(` +variable "name" { + default = "%s" +} +resource "baiducloud_rds_security_ip" "default" { + instance_id = "rds-BIFDrIl9" + security_ips = ["192.168.3.5"] +} +`, name) +} diff --git a/website/docs/d/rds_security_ips.html.markdown b/website/docs/d/rds_security_ips.html.markdown new file mode 100644 index 00000000..343d22cf --- /dev/null +++ b/website/docs/d/rds_security_ips.html.markdown @@ -0,0 +1,38 @@ +--- +layout: "baiducloud" +page_title: "BaiduCloud: baiducloud_rds_security_ips" +sidebar_current: "docs-baiducloud-datasource-rds_security_ips" +description: |- + Use this data source to query RDS security ips. +--- + +# baiducloud_rds_security_ips + +Use this data source to query RDS security ips. + +## Example Usage + +```hcl +data "baiducloud_rds_security_ips" "default" { + instance_id = "rds-xxxxx" +} + +output "security_ips" { + value = "${data.baiducloud_rdss.default.security_ips}" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `instance_id` - (Required, ForceNew) ID of the instance + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `security_ips` - security_ips + * `ip` - securityIp + + diff --git a/website/docs/r/rds_security_ip.html.markdown b/website/docs/r/rds_security_ip.html.markdown new file mode 100644 index 00000000..b1ff954d --- /dev/null +++ b/website/docs/r/rds_security_ip.html.markdown @@ -0,0 +1,45 @@ +--- +layout: "baiducloud" +page_title: "BaiduCloud: baiducloud_rds_security_ip" +sidebar_current: "docs-baiducloud-resource-rds_security_ip" +description: |- + Use this resource to get information about a RDS Security Ip. +--- + +# baiducloud_rds_security_ip + +Use this resource to get information about a RDS Security Ip. + +~> **NOTE:** The terminate operation of rds instance does NOT take effect immediately,maybe takes for several minites. + +## Example Usage + +```hcl +resource "baiducloud_rds_security_ip" "default" { + instance_id = "rds-xxxxx" + security_ips = [192.168.0.8] +} +``` + +## Argument Reference + +The following arguments are supported: + +* `instance_id` - (Required, ForceNew) ID of the instance +* `security_ips` - (Optional) securityIps + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `e_tag` - ETag of the instance. + + +## Import + +RDS RDS Security Ip. can be imported, e.g. + +```hcl +$ terraform import baiducloud_rds_security_ip.default id +``` +