From 04c44d422a849aee49ad27407471f3e113a69c5e Mon Sep 17 00:00:00 2001 From: Kevin Zhang Date: Wed, 5 Jun 2024 13:35:36 -0400 Subject: [PATCH] use state for unknown iam_role and private_endpoint_config, deprecate private_endpoint_config --- clickhouse/service.go | 8 +++ docs/data-sources/private_endpoint_config.md | 31 +++------ .../private_endpoint_registration.md | 31 +-------- docs/resources/service.md | 63 +++++++------------ 4 files changed, 40 insertions(+), 93 deletions(-) diff --git a/clickhouse/service.go b/clickhouse/service.go index 7d3d9a10..57d926f7 100644 --- a/clickhouse/service.go +++ b/clickhouse/service.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-framework/resource/schema" "github.com/hashicorp/terraform-plugin-framework/resource/schema/listdefault" "github.com/hashicorp/terraform-plugin-framework/resource/schema/listplanmodifier" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/objectplanmodifier" "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" "github.com/hashicorp/terraform-plugin-framework/types" @@ -187,6 +188,9 @@ func (r *ServiceResource) Schema(_ context.Context, _ resource.SchemaRequest, re "iam_role": schema.StringAttribute{ Description: "IAM role used for accessing objects in s3.", Computed: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.UseStateForUnknown(), + }, }, "private_endpoint_config": schema.SingleNestedAttribute{ Description: "Service config for private endpoints", @@ -201,6 +205,10 @@ func (r *ServiceResource) Schema(_ context.Context, _ resource.SchemaRequest, re Computed: true, }, }, + DeprecationMessage: "Please use the `clickhouse_private_endpoint_config` data source instead.", + PlanModifiers: []planmodifier.Object{ + objectplanmodifier.UseStateForUnknown(), + }, }, "private_endpoint_ids": schema.ListAttribute{ Description: "List of private endpoint IDs", diff --git a/docs/data-sources/private_endpoint_config.md b/docs/data-sources/private_endpoint_config.md index 0ad81db6..abbee4f0 100644 --- a/docs/data-sources/private_endpoint_config.md +++ b/docs/data-sources/private_endpoint_config.md @@ -3,38 +3,25 @@ page_title: "clickhouse_private_endpoint_config Data Source - clickhouse" subcategory: "" description: |- + --- -# Data Source: clickhouse_private_endpoint_config +# clickhouse_private_endpoint_config (Data Source) -`clickhouse_private_endpoint_config` provides details about the service name that ClickHouse Cloud has for the specified region. -This resource can be useful for getting the service name required for endpoint creation. -## Example Usage - -```terraform -data "clickhouse_private_endpoint_config" "this" { - cloud_provider = "aws" - region = "us-east-2" -} - -resource "aws_vpc_endpoint" "this" { - vpc_id = var.vpc_id - service_name = data.clickhouse_private_endpoint_config.this.endpoint_service_id -} -``` - -## Argument Reference +## Schema ### Required -- `cloud_provider` (String) The cloud provider for the private endpoint. Valid values are 'aws' or 'gcp'. -- `region` (String) The region for the private endpoint. Valid values are specific to the cloud provider i.e. 'us-east-2' +- `cloud_provider` (String) The cloud provider for the private endpoint. Valid values are 'aws', 'gcp', or 'azure'. +- `region` (String) The region for the private endpoint. Valid values are specific to the cloud provider i.e. us-east-2 + +### Read-Only + +- `endpoint_service_id` (String) The ID of the private endpoint that is used to securely connect to ClickHouse. This is a read-only attribute. -### Attribute Reference -- `endpoint_service_id` (String) The ID of the private endpoint that is used to securely connect to ClickHouse. diff --git a/docs/resources/private_endpoint_registration.md b/docs/resources/private_endpoint_registration.md index 902168c2..c4e06429 100644 --- a/docs/resources/private_endpoint_registration.md +++ b/docs/resources/private_endpoint_registration.md @@ -6,25 +6,14 @@ description: |- --- -# Resource: clickhouse_private_endpoint_registration +# clickhouse_private_endpoint_registration (Resource) -Registers an Endpoint ID to ClickHouse Cloud organization -## Example Usage - -```terraform -resource "clickhouse_private_endpoint_registration" "this" { - cloud_provider = "aws" - region = "us-east-2" - id = "vpce-0abc1def234abc567" - description = "vpce-0abc1def234abc567" -} -``` -## Argument Reference +## Schema ### Required @@ -37,19 +26,3 @@ resource "clickhouse_private_endpoint_registration" "this" { - `description` (String) Description of the private endpoint -## Import - -In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import private endpoint registrations using the VPC endpoint `id`. For example: - -```terraform -import { - to = clickhouse_private_endpoint_registration.this - id = "vpce-0abc1def234abc567" -} -``` - -Using `terraform import`, import private endpoint registrations using the VPC endpoint `id`. For example: - -```console -% terraform import clickhouse_private_endpoint_registration.this vpce-0abc1def234abc567 -``` \ No newline at end of file diff --git a/docs/resources/service.md b/docs/resources/service.md index 32ed3362..646403e3 100644 --- a/docs/resources/service.md +++ b/docs/resources/service.md @@ -3,28 +3,17 @@ page_title: "clickhouse_service Resource - clickhouse" subcategory: "" description: |- + --- -# Resource: clickhouse_service +# clickhouse_service (Resource) -Creates a new service on ClickHouse Cloud within your Organization. -## Example Usage - -```terraform -resource "clickhouse_service" "this" { - cloud_provider = "aws" - region = "us-east-2" - name = var.name - tier = "production" - ip_access = [{ "source" = "0.0.0.0/0", "description" = "Anywhere access" }] -} -``` -## Argument Reference +## Schema ### Required @@ -37,6 +26,8 @@ resource "clickhouse_service" "this" { ### Optional - `double_sha1_password_hash` (String, Sensitive) Double SHA1 hash of password for connecting with the MySQL protocol. Cannot be specified if `password` is specified. +- `encryption_assumed_role_identifier` (String) Custom role identifier arn +- `encryption_key` (String) Custom encryption key arn - `idle_scaling` (Boolean) When set to true the service is allowed to scale down to zero when idle. Always true for development services. Configurable only for 'production' services. - `idle_timeout_minutes` (Number) Set minimum idling timeout (in minutes). Available only for 'production' services. Must be greater than or equal to 5 minutes. - `max_total_memory_gb` (Number) Maximum total memory of all workers during auto-scaling in Gb. Available only for 'production' services. Must be a multiple of 12 and lower than 360 for non paid services or 720 for paid services. @@ -45,54 +36,42 @@ resource "clickhouse_service" "this" { - `password_hash` (String, Sensitive) SHA256 hash of password for the default user. One of either `password` or `password_hash` must be specified. - `private_endpoint_ids` (List of String) List of private endpoint IDs - +### Read-Only -#### Nested Schema for `ip_access` +- `endpoints` (Attributes List) List of public endpoints. (see [below for nested schema](#nestedatt--endpoints)) +- `iam_role` (String) IAM role used for accessing objects in s3. +- `id` (String) ID of the created service. Generated by ClickHouse Cloud. +- `last_updated` (String) Date for when the service was last updated by Terraform. +- `private_endpoint_config` (Attributes, Deprecated) Service config for private endpoints (see [below for nested schema](#nestedatt--private_endpoint_config)) + + +### Nested Schema for `ip_access` Required: + - `source` (String) IP address allowed to access the service. In case you want to set the ip_access to anywhere you should set source to 0.0.0.0/0 Optional: -- `description` (String) Description of the IP address. - -## Attribute Reference +- `description` (String) Description of the IP address. -- `endpoints` (Attributes List) List of public endpoints. (see [below for nested schema](#nestedatt--endpoints)) -- `iam_role` (String) IAM role used for accessing objects in s3. -- `id` (String) ID of the created service. Generated by ClickHouse Cloud. -- `last_updated` (String) Date for when the service was last updated by Terraform. -- `private_endpoint_config` (Attributes) Service config for private endpoints (see [below for nested schema](#nestedatt--private_endpoint_config)) +### Nested Schema for `endpoints` -#### Nested Schema for `endpoints` +Read-Only: - `host` (String) Endpoint host. - `port` (Number) Endpoint port. - `protocol` (String) Endpoint protocol: https or nativesecure + +### Nested Schema for `private_endpoint_config` -#### Nested Schema for `private_endpoint_config` +Read-Only: - `endpoint_service_id` (String) Unique identifier of the interface endpoint you created in your VPC with the AWS(Service Name) or GCP(Target Service) resource - `private_dns_hostname` (String) Private DNS Hostname of the VPC you created -## Import - -In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import services using their `id`. For example: - -```terraform -import { - to = clickhouse_service.this - id = "01a2b34c-d56e-7f8a-bc9d-0efabc12defa" -} -``` - -Using `terraform import`, import services using their `id`. For example: - -```console -% terraform import clickhouse_service.this 01a2b34c-d56e-7f8a-bc9d-0efabc12defa -``` \ No newline at end of file