Merge pull request #151 from volcengine/feat/iam

Feat/iam
volcengine · Dec 15, 2023 · a19ecb2 · a19ecb2
2 parents 751ec5e + 82208ba
commit a19ecb2
Show file tree

Hide file tree

Showing 15 changed files with 138 additions and 22 deletions.
diff --git a/common/common_volcengine_version.go b/common/common_volcengine_version.go
@@ -2,5 +2,5 @@ package common
 
 const (
 	TerraformProviderName    = "terraform-provider-volcengine"
-	TerraformProviderVersion = "0.0.130"
+	TerraformProviderVersion = "0.0.131"
 )
diff --git a/example/bandwidthPackageAttachment/main.tf b/example/bandwidthPackageAttachment/main.tf
@@ -5,6 +5,7 @@ resource "volcengine_eip_address" "foo" {
     name = "acc-eip"
     description = "acc-test"
     project_name = "default"
+    security_protection_types = ["AntiDDoS_Enhanced"]
 }
 
 resource "volcengine_bandwidth_package" "foo" {
@@ -18,6 +19,7 @@ resource "volcengine_bandwidth_package" "foo" {
         key = "tftest"
         value = "tftest"
     }
+    security_protection_types = ["AntiDDoS_Enhanced"]
 }
 
 resource "volcengine_bandwidth_package_attachment" "foo" {

diff --git a/volcengine/eip/eip_address/data_source_volcengine_eip_addresses.go b/volcengine/eip/eip_address/data_source_volcengine_eip_addresses.go
@@ -40,16 +40,14 @@ func DataSourceVolcengineEipAddresses() *schema.Resource {
 				Description: "A name of EIP.",
 			},
 			"isp": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Description:  "An ISP of EIP Address, the value can be `BGP` or `ChinaMobile` or `ChinaUnicom` or `ChinaTelecom`.",
-				ValidateFunc: validation.StringInSlice([]string{"BGP", "ChinaMobile", "ChinaUnicom", "ChinaTelecom"}, false),
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "An ISP of EIP Address, the value can be `BGP` or `ChinaMobile` or `ChinaUnicom` or `ChinaTelecom`.",
 			},
 			"associated_instance_type": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Description:  "A type of associated instance, the value can be `Nat`, `NetworkInterface`, `ClbInstance` or `EcsInstance`.",
-				ValidateFunc: validation.StringInSlice([]string{"Nat", "NetworkInterface", "ClbInstance", "EcsInstance"}, false),
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "A type of associated instance, the value can be `Nat`, `NetworkInterface`, `ClbInstance`, `AlbInstance`, `HaVip` or `EcsInstance`.",
 			},
 			"associated_instance_id": {
 				Type:        schema.TypeString,
@@ -62,7 +60,6 @@ func DataSourceVolcengineEipAddresses() *schema.Resource {
 				Description: "The ProjectName of EIP.",
 			},
 			"tags": ve.TagsSchema(),
-
 			"output_file": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -174,6 +171,19 @@ func DataSourceVolcengineEipAddresses() *schema.Resource {
 							Computed:    true,
 							Description: "The ProjectName of the EIP.",
 						},
+						"security_protection_types": {
+							Type:     schema.TypeList,
+							Computed: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+							Description: "Security protection types for shared bandwidth packages. Parameter - N: Indicates the number of security protection types, currently only supports taking 1. Value: `AntiDDoS_Enhanced`.",
+						},
+						"bandwidth_package_id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The id of the bandwidth package.",
+						},
 						"tags": ve.TagsSchemaComputed(),
 					},
 				},

diff --git a/volcengine/eip/eip_address/resource_volcengine_eip_address.go b/volcengine/eip/eip_address/resource_volcengine_eip_address.go
@@ -119,6 +119,19 @@ func ResourceVolcengineEipAddress() *schema.Resource {
 				Computed:    true,
 				Description: "The ProjectName of the EIP.",
 			},
+			"security_protection_types": {
+				Type:     schema.TypeList,
+				Optional: true,
+				ForceNew: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Description: "Security protection types for public IP addresses. " +
+					"Parameter - N: Indicates the number of security protection types, currently only supports taking 1. Value: `AntiDDoS_Enhanced` or left blank." +
+					"If the value is `AntiDDoS_Enhanced`, then will create an eip with enhanced protection," +
+					"(can be added to DDoS native protection (enterprise version) instance). " +
+					"If left blank, it indicates an eip with basic protection.",
+			},
 			"tags": ve.TagsSchema(),
 			"status": {
 				Type:        schema.TypeString,

diff --git a/volcengine/eip/eip_address/service_volcengine_eip_address.go b/volcengine/eip/eip_address/service_volcengine_eip_address.go
@@ -189,6 +189,10 @@ func (s *VolcengineEipAddressService) CreateResource(resourceData *schema.Resour
 					TargetField: "Tags",
 					ConvertType: ve.ConvertListN,
 				},
+				"security_protection_types": {
+					TargetField: "SecurityProtectionTypes",
+					ConvertType: ve.ConvertWithN,
+				},
 			},
 		},
 	}

diff --git a/volcengine/iam/iam_user/data_source_volcengine_iam_users.go b/volcengine/iam/iam_user/data_source_volcengine_iam_users.go
@@ -42,6 +42,11 @@ func DataSourceVolcengineIamUsers() *schema.Resource {
 				Computed:    true,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
+						"user_id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The id of the user.",
+						},
 						"user_name": {
 							Type:        schema.TypeString,
 							Computed:    true,
@@ -60,13 +65,43 @@ func DataSourceVolcengineIamUsers() *schema.Resource {
 						"account_id": {
 							Type:        schema.TypeString,
 							Computed:    true,
-							Description: "The account id of the user.",
+							Description: "Main account ID to which the sub-user belongs.",
 						},
 						"trn": {
 							Type:        schema.TypeString,
 							Computed:    true,
 							Description: "The trn of the user.",
 						},
+						"display_name": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The display name of the user.",
+						},
+						"mobile_phone": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The mobile phone of the user.",
+						},
+						"mobile_phone_is_verify": {
+							Type:        schema.TypeBool,
+							Computed:    true,
+							Description: "Whether the phone number has been verified.",
+						},
+						"email": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The email of the user.",
+						},
+						"email_is_verify": {
+							Type:        schema.TypeBool,
+							Computed:    true,
+							Description: "Whether the email has been verified.",
+						},
+						"description": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The description of the user.",
+						},
 					},
 				},
 			},

diff --git a/volcengine/iam/iam_user/service_volcengine_iam_user.go b/volcengine/iam/iam_user/service_volcengine_iam_user.go
@@ -128,6 +128,12 @@ func (VolcengineIamUserService) WithResourceResponseHandlers(v map[string]interf
 					return strconv.FormatFloat(i.(float64), 'f', 0, 64)
 				},
 			},
+			"Id": {
+				TargetField: "user_id",
+				Convert: func(i interface{}) interface{} {
+					return strconv.FormatFloat(i.(float64), 'f', 0, 64)
+				},
+			},
 		}, nil
 	}
 	return []ve.ResourceResponseHandler{handler}
@@ -226,6 +232,12 @@ func (s *VolcengineIamUserService) DatasourceResources(*schema.ResourceData, *sc
 		IdField:      "UserName",
 		CollectField: "users",
 		ResponseConverts: map[string]ve.ResponseConvert{
+			"Id": {
+				TargetField: "user_id",
+				Convert: func(i interface{}) interface{} {
+					return strconv.FormatFloat(i.(float64), 'f', 0, 64)
+				},
+			},
 			"AccountId": {
 				TargetField: "account_id",
 				Convert: func(i interface{}) interface{} {

diff --git a/volcengine/nat/dnat_entry/service_volcengine_dnat_entry.go b/volcengine/nat/dnat_entry/service_volcengine_dnat_entry.go
@@ -156,6 +156,9 @@ func (s *VolcengineDnatEntryService) ModifyResource(resourceData *schema.Resourc
 				(*call.SdkParam)["DnatEntryId"] = d.Id()
 				return true, nil
 			},
+			LockId: func(d *schema.ResourceData) string {
+				return d.Get("nat_gateway_id").(string)
+			},
 			ExecuteCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (*map[string]interface{}, error) {
 				logger.Debug(logger.ReqFormat, call.Action, call.SdkParam)
 				return s.Client.UniversalClient.DoCall(getUniversalInfo(call.Action), call.SdkParam)
@@ -181,6 +184,9 @@ func (s *VolcengineDnatEntryService) RemoveResource(resourceData *schema.Resourc
 				logger.Debug(logger.ReqFormat, call.Action, call.SdkParam)
 				return s.Client.UniversalClient.DoCall(getUniversalInfo(call.Action), call.SdkParam)
 			},
+			LockId: func(d *schema.ResourceData) string {
+				return d.Get("nat_gateway_id").(string)
+			},
 			CallError: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall, baseErr error) error {
 				//出现错误后重试
 				return resource.Retry(15*time.Minute, func() *resource.RetryError {

diff --git a/volcengine/nat/snat_entry/resource_volcengine_snat_entry.go b/volcengine/nat/snat_entry/resource_volcengine_snat_entry.go
@@ -2,6 +2,9 @@ package snat_entry
 
 import (
 	"fmt"
+	"reflect"
+	"sort"
+	"strings"
 	"time"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
@@ -48,8 +51,18 @@ func ResourceVolcengineSnatEntry() *schema.Resource {
 				Description:  "The id of the subnet that is required to access the internet. Only one of `subnet_id,source_cidr` can be specified.",
 			},
 			"eip_id": {
-				Type:        schema.TypeString,
-				Required:    true,
+				Type:     schema.TypeString,
+				Required: true,
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if len(old) != len(new) {
+						return false
+					}
+					oldArr := strings.Split(old, ",")
+					newArr := strings.Split(new, ",")
+					sort.Strings(oldArr)
+					sort.Strings(newArr)
+					return reflect.DeepEqual(oldArr, newArr)
+				},
 				Description: "The id of the public ip address used by the SNAT entry.",
 			},
 			"snat_entry_name": {

diff --git a/volcengine/nat/snat_entry/service_volcengine_snat_entry.go b/volcengine/nat/snat_entry/service_volcengine_snat_entry.go
@@ -163,6 +163,9 @@ func (s *VolcengineSnatEntryService) ModifyResource(resourceData *schema.Resourc
 				(*call.SdkParam)["SnatEntryId"] = d.Id()
 				return true, nil
 			},
+			LockId: func(d *schema.ResourceData) string {
+				return d.Get("nat_gateway_id").(string)
+			},
 			ExecuteCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (*map[string]interface{}, error) {
 				logger.Debug(logger.ReqFormat, call.Action, call.SdkParam)
 				return s.Client.NatClient.ModifySnatEntryAttributesCommon(call.SdkParam)
@@ -184,6 +187,9 @@ func (s *VolcengineSnatEntryService) RemoveResource(resourceData *schema.Resourc
 			SdkParam: &map[string]interface{}{
 				"SnatEntryId": resourceData.Id(),
 			},
+			LockId: func(d *schema.ResourceData) string {
+				return d.Get("nat_gateway_id").(string)
+			},
 			ExecuteCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (*map[string]interface{}, error) {
 				logger.Debug(logger.ReqFormat, call.Action, call.SdkParam)
 				return s.Client.NatClient.DeleteSnatEntryCommon(call.SdkParam)

diff --git a/website/docs/d/eip_addresses.html.markdown b/website/docs/d/eip_addresses.html.markdown
@@ -20,7 +20,7 @@ data "volcengine_eip_addresses" "foo" {
 ## Argument Reference
 The following arguments are supported:
 * `associated_instance_id` - (Optional) An id of associated instance.
-* `associated_instance_type` - (Optional) A type of associated instance, the value can be `Nat`, `NetworkInterface`, `ClbInstance` or `EcsInstance`.
+* `associated_instance_type` - (Optional) A type of associated instance, the value can be `Nat`, `NetworkInterface`, `ClbInstance`, `AlbInstance`, `HaVip` or `EcsInstance`.
 * `eip_addresses` - (Optional) A list of EIP ip address that you want to query.
 * `ids` - (Optional) A list of EIP allocation ids.
 * `isp` - (Optional) An ISP of EIP Address, the value can be `BGP` or `ChinaMobile` or `ChinaUnicom` or `ChinaTelecom`.
@@ -40,6 +40,7 @@ In addition to all arguments above, the following attributes are exported:
 * `addresses` - The collection of EIP addresses.
     * `allocation_id` - The id of the EIP address.
     * `allocation_time` - The allocation time of the EIP.
+    * `bandwidth_package_id` - The id of the bandwidth package.
     * `bandwidth` - The peek bandwidth of the EIP.
     * `billing_type` - The billing type of the EIP.
     * `business_status` - The business status of the EIP.
@@ -55,6 +56,7 @@ In addition to all arguments above, the following attributes are exported:
     * `name` - The name of the EIP.
     * `overdue_time` - The overdue time of the EIP.
     * `project_name` - The ProjectName of the EIP.
+    * `security_protection_types` - Security protection types for shared bandwidth packages. Parameter - N: Indicates the number of security protection types, currently only supports taking 1. Value: `AntiDDoS_Enhanced`.
     * `status` - The status of the EIP.
     * `tags` - Tags.
         * `key` - The Key of Tags.

diff --git a/website/docs/d/iam_users.html.markdown b/website/docs/d/iam_users.html.markdown
@@ -29,10 +29,17 @@ The following arguments are supported:
 In addition to all arguments above, the following attributes are exported:
 * `total_count` - The total count of user query.
 * `users` - The collection of user.
-    * `account_id` - The account id of the user.
+    * `account_id` - Main account ID to which the sub-user belongs.
     * `create_date` - The create date of the user.
+    * `description` - The description of the user.
+    * `display_name` - The display name of the user.
+    * `email_is_verify` - Whether the email has been verified.
+    * `email` - The email of the user.
+    * `mobile_phone_is_verify` - Whether the phone number has been verified.
+    * `mobile_phone` - The mobile phone of the user.
     * `trn` - The trn of the user.
     * `update_date` - The update date of the user.
+    * `user_id` - The id of the user.
     * `user_name` - The name of the user.
 
 
diff --git a/website/docs/r/bandwidth_package_attachment.html.markdown b/website/docs/r/bandwidth_package_attachment.html.markdown
@@ -11,12 +11,13 @@ Provides a resource to manage bandwidth package attachment
 ## Example Usage
 ```hcl
 resource "volcengine_eip_address" "foo" {
-  billing_type = "PostPaidByBandwidth"
-  bandwidth    = 1
-  isp          = "BGP"
-  name         = "acc-eip"
-  description  = "acc-test"
-  project_name = "default"
+  billing_type              = "PostPaidByBandwidth"
+  bandwidth                 = 1
+  isp                       = "BGP"
+  name                      = "acc-eip"
+  description               = "acc-test"
+  project_name              = "default"
+  security_protection_types = ["AntiDDoS_Enhanced"]
 }
 
 resource "volcengine_bandwidth_package" "foo" {
@@ -30,6 +31,7 @@ resource "volcengine_bandwidth_package" "foo" {
     key   = "tftest"
     value = "tftest"
   }
+  security_protection_types = ["AntiDDoS_Enhanced"]
 }
 
 resource "volcengine_bandwidth_package_attachment" "foo" {

diff --git a/website/docs/r/eip_address.html.markdown b/website/docs/r/eip_address.html.markdown
@@ -32,6 +32,7 @@ The following arguments are supported:
 * `name` - (Optional) The name of the EIP Address.
 * `period` - (Optional) The period of the EIP Address, the valid value range in 1~9 or 12 or 36. Default value is 12. The period unit defaults to `Month`.This field is only effective when creating a PrePaid Eip or changing the billing_type from PostPaid to PrePaid.
 * `project_name` - (Optional) The ProjectName of the EIP.
+* `security_protection_types` - (Optional, ForceNew) Security protection types for public IP addresses. Parameter - N: Indicates the number of security protection types, currently only supports taking 1. Value: `AntiDDoS_Enhanced` or left blank.If the value is `AntiDDoS_Enhanced`, then will create an eip with enhanced protection,(can be added to DDoS native protection (enterprise version) instance). If left blank, it indicates an eip with basic protection.
 * `tags` - (Optional) Tags.
 
 The `tags` object supports the following:

diff --git a/website/docs/r/iam_user.html.markdown b/website/docs/r/iam_user.html.markdown
@@ -27,10 +27,13 @@ The following arguments are supported:
 ## Attributes Reference
 In addition to all arguments above, the following attributes are exported:
 * `id` - ID of the resource.
-* `account_id` - The account id of the user.
+* `account_id` - Main account ID to which the sub-user belongs.
 * `create_date` - The create date of the user.
+* `email_is_verify` - Whether the email has been verified.
+* `mobile_phone_is_verify` - Whether the phone number has been verified.
 * `trn` - The trn of the user.
 * `update_date` - The update date of the user.
+* `user_id` - The id of the user.
 
 
 ## Import