enhancement module

README.md

@@ -29,13 +29,23 @@ This module can create CDN domain.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
-| region | TencentCloud region to launch resources. | string |  | no 
-| domain | Name of the acceleration domain. | string | "" | no 
-| service_type | Service type of acceleration domain name. | string | ""  | no 
+| domain | Name of the acceleration domain. | string | "" | yes 
+| service_type | Service type of acceleration domain name. | string | ""  | yes 
+| full_url_cache | Whether to enable full-path cache. | bool | true | no 
+| area | Domain name acceleration region. | string | null | no 
+| origin_type | Master origin server type.  | string| "" | yes|
+| origin_list | Master origin server list. Valid values can be ip or domain name. When modifying the origin server, you need to enter the corresponding `origin_type`.  | list(string)| [] | yes |
+| server_name | Host header used when accessing the master origin server. | string | null | no 
+| cos_private_access | When OriginType is COS, you can specify if access to private buckets is allowed. | string | off | no 
+| origin_pull_protocol | Origin-pull protocol configuration. | string | http | no 
 | https_switch | HTTPS configuration switch. | string| "off" | no |
-| origin_type | Master origin server type.  | string| "" | no|
-| origin_list | Master origin server list. Valid values can be ip or domain name. When modifying the origin server, you need to enter the corresponding `origin_type`.  | list(string)| [] | no |
-
+| http2_switch | HTTP2 configuration switch. | string | off | no 
+| ocsp_stapling_switch | OCSP configuration switch. | string | off | no 
+| spdy_switch | Spdy configuration switch. | string | off | no 
+| verify_client | Client certificate authentication feature. | string | off | no 
+| server_certificate_config | Server certificate configuration information. | list | [] | no 
+| client_certificate_config | Client certificate configuration information. | list | [] | no 
+| tags | Tags of cdn domain. | map | null | no 
 ## Outputs
 
 | Name | Description |

examples/exist-cdn-domain/README.md

@@ -0,0 +1,24 @@
+# CDN Module Example
+
+This module will create new CDN domain.
+
+## Usage
+
+To run this example, you need first replace the configuration like `domain`, `service_type` etc, and then execute:
+
+```bash
+$ terraform init
+$ terraform plan
+$ terraform apply
+```
+
+Note, this example may create resources which cost money. Run `terraform destroy` if you don't need these resources.
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| project_id | Project CDN belongs to. |
+| cname | CNAME address of domain name. |
+| create_time | Domain name creation time. |
+| status | Acceleration service status. |

examples/exist-cdn-domain/main.tf

@@ -0,0 +1,7 @@
+module "cdn" {
+  source       = "../../"
+  domain       = "test.zhaoshaona.com"
+  service_type = "web"
+  origin_type  = "ip"
+  origin_list  = ["172.199.199.130"]
+}

examples/exist-cdn-domain/outputs.tf

@@ -0,0 +1,19 @@
+output "project_id" {
+  description = "Project CDN belongs to."
+  value       = module.cdn.project_id
+}
+
+output "cname" {
+  description = "CNAME address of domain name."
+  value       = module.cdn.cname
+}
+
+output "create_time" {
+  description = "Domain name creation time."
+  value       = module.cdn.create_time
+}
+
+output "status" {
+  description = "Acceleration service status."
+  value       = module.cdn.status
+}

examples/simple-cdn-domain/main.tf

@@ -1,12 +1,68 @@
-provider "tencentcloud" {
-  region = "ap-guangzhou"
-}
-
 module "cdn" {
   source       = "../../"
-  domain       = "test999.zhaoshaona.com"
+  domain       = "test.zhaoshaona.com"
   service_type = "web"
-  https_switch = "off"
   origin_type  = "ip"
   origin_list  = ["172.199.199.130"]
+
+  https_switch              = "on"
+  http2_switch              = "on"
+  server_certificate_config = [{
+    certificate_content = <<EOT
+-----BEGIN CERTIFICATE-----
+MIIDuDCCAqACCQDJd98Shn/cJTANBgkqhkiG9w0BAQsFADCBnTELMAkGA1UEBhMC
+Q04xEDAOBgNVBAgMB1RpYW5qaW4xEDAOBgNVBAcMB1RpYW5qaW4xDjAMBgNVBAoM
+BU1vY2hhMRcwFQYDVQQLDA5Nb2NoYSBTb2Z0d2FyZTEcMBoGA1UEAwwTdGVzdC56
+aGFvc2hhb25hLmNvbTEjMCEGCSqGSIb3DQEJARYUeWFsaW5wZWlAdGVuY2VudC5j
+b20wHhcNMjAwNTIwMDcyNDQyWhcNMzAwNTE4MDcyNDQyWjCBnTELMAkGA1UEBhMC
+Q04xEDAOBgNVBAgMB1RpYW5qaW4xEDAOBgNVBAcMB1RpYW5qaW4xDjAMBgNVBAoM
+BU1vY2hhMRcwFQYDVQQLDA5Nb2NoYSBTb2Z0d2FyZTEcMBoGA1UEAwwTdGVzdC56
+aGFvc2hhb25hLmNvbTEjMCEGCSqGSIb3DQEJARYUeWFsaW5wZWlAdGVuY2VudC5j
+b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgndm2xEWL7CaVQ/lb
+TO6Gj4EqEp1tWygjdfqkUXADfsgMGPukYaZY+klV6AJzLcj8VD5iWgKa+V4kLHtf
+yh66c45nZrdUVoF9CFTw2+B/LTa/UzsvbLTVOnEjVBjI1V5kVzliF5cK5OlQ258d
+w6yFaccOgXqSkp9i57Y9pT1FIb691hsf2VHiVLizPYy3vvLQeN8RnXS3vK56BcQk
+o+49H11TAsrIh0C5maF0jp/7poSQkrX0kjfX4+gK/mC4Dn3PgK464Ko5OR45IGji
+D368/klCK1bqIshlv4owEfgzAEQMPUQ0CfuvXTX85aojM48RiYiDmYveaICtYnSR
+04MTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHWUpfePVt3LjZVDS3OmQ7rTG8zc
+zwZgJfxP0f4ZNo/9t53SNsQ0UM/+7sqnBKOjsWfgyFqSh9cfN0Bnsn3gmvPXmD5R
+nCa9qr9IO+FP9Ke4KKn0Ndx1sWJN3B6D8bUTnvFIkJoRsvsqNi24o2uKrUdcAYHL
+5BVtrVe8E55i0A5WosC8KWv4ZJxTacvuxVjfyroKzxsLwOQvCqBNSuZLg1HYUeG6
+XIj0/acmysb8S82Lxm39E82DbPdUO3Z0TlGL7umlAV947/6eGvPhszjnhBlxVo3p
+tmHdyqfHxWbkTW4bnO/Gu+Sll6a3n1uyQ/onXuXH3pBZoXLp3Jj+CV1+N6E=
+-----END CERTIFICATE-----
+EOT
+
+    private_key = <<EOT
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAoJ3ZtsRFi+wmlUP5W0zuho+BKhKdbVsoI3X6pFFwA37IDBj7
+pGGmWPpJVegCcy3I/FQ+YloCmvleJCx7X8oeunOOZ2a3VFaBfQhU8Nvgfy02v1M7
+L2y01TpxI1QYyNVeZFc5YheXCuTpUNufHcOshWnHDoF6kpKfYue2PaU9RSG+vdYb
+H9lR4lS4sz2Mt77y0HjfEZ10t7yuegXEJKPuPR9dUwLKyIdAuZmhdI6f+6aEkJK1
+9JI31+PoCv5guA59z4CuOuCqOTkeOSBo4g9+vP5JQitW6iLIZb+KMBH4MwBEDD1E
+NAn7r101/OWqIzOPEYmIg5mL3miArWJ0kdODEwIDAQABAoIBAQCW2uuLX9k6THkI
+pSlleWJm/A4C6Cz4cy/F7p+VCfA9OCzIQAbKI/VLiPisORdj+tLVPILDeWsNB75G
+F4lhNMObt8E+mRkDm6RPPS4ac0nt6ReMp63lIyLNSvDMj8Yfi1f2wn3hBesVjl8d
+VMmj+Q7m16zgkPgBBrmw+ZUPXU2oyUW4+0RvGYvuWnVUdtm/34PD1LC0NKBKaX9T
+MDHrSIns0WpQ7P4vNVQyHW7MGgEl81uzIitSWuT/k+zH6YxBlxd7d66vmhNoxz9c
+aeEf7DE3wAb4819UYWt0/ciMJwSLPkBOaTeAsktKUHVsrMLVELWcWqSIS+PYbSX8
+g3tY1DlxAoGBANSiDKNjfr1rZRtpZvxnVkssLY/586UaHs+dFfyFyd0unr/rAPf/
+GO/BIO0NbBdRb3XORMuiLQN3xf+qgKfoS0kXYglDMGKbEAC/5o6ZMV6E2E/aFrxh
+xmgKTZxCBVnOxlAy33UFs+qR8tpOnR4auAc0pNPA9QB4I7q17vGJRMyHAoGBAMFf
+7nF2aJ/k0Fcl53Cabs/FIaAwL/GBvok6Ny8wWLwiMZCtsGUUywnUdN/qbfr2GwC5
+g0w2iaxGqQPI+qw2qn0utAIfZ0Tz2VAH+P3aUTuG+M4XWHObHVXxBUqO61X9zgV2
+sXRXcbDOx3HgZeDCjk0otcGVJoC3zgzaaEZi5mQVAoGAQer+2gQ1PUm27XmOmL78
+bI+EjHbjhpKDbL95GnDrdKtIQZz8DuXBeEo6B+M6WDxBvpa0kyByrfmKo0jbW7JS
+7JTYKqDuthL2MhVLx3dMa83pNVAZ7kqtdIGFL+TzvbSxnBk5VxDuhtC6Jd1rLfMA
+jBNQ6eiOy5dzFCXkrnJspq8CgYAO4ISFsihmdMIakk31+cugrHfjzRFDMUopYJMy
+TDPndXH+wX4aqLjeLrw3JeAEOL7nFV6mlGOPH3iNU/8FFMeVDezHZQca5O/JGnPr
+g8pQHBg0MtOZQUvGet5/V/N/ECGzhegtHTUf9yic+DieTBmKkiE5nXHy4TE3B+6R
+y7YR6QKBgQDUoNAFOnMZB4BQMeCb/pQQnzNkNTG+Y02eMKjo5eZZDfyusqIui29l
+KKcVGqvwVh2r8ocP7OnrQPVK9ZW7BcoYiqM2DjdKyl7AtQKnvWfPMai++oXKzo0y
+8sg7m1Ic26sKO9W9t87cfZtFKcbKVcImLWucd9R7Ny4M4r6xlRKWpA==
+-----END RSA PRIVATE KEY-----
+EOT
+    message     = "test"
+  }]
+
 }

main.tf

@@ -1,27 +1,56 @@
-provider "tencentcloud" {
-  version = ">=1.19.0"
-  region  = var.region != "" ? var.region : null
-}
-
 resource "tencentcloud_cdn_domain" "default" {
-  domain       = trimspace(var.domain)
-  service_type = var.service_type
+  domain         = trimspace(var.domain)
+  service_type   = var.service_type
+  area           = var.area
+  full_url_cache = var.full_url_cache
 
   origin {
-    origin_type = var.origin_type
-    origin_list = var.origin_list
+    origin_type          = var.origin_type
+    origin_list          = var.origin_list
+    server_name          = var.server_name
+    cos_private_access   = var.cos_private_access
+    origin_pull_protocol = var.origin_pull_protocol
   }
 
   https_config {
-    https_switch = var.https_switch
-  }
+    https_switch         = var.https_switch
+    http2_switch         = var.http2_switch
+    ocsp_stapling_switch = var.ocsp_stapling_switch
+    spdy_switch          = var.spdy_switch
+    verify_client        = var.verify_client
 
-}
+    dynamic "server_certificate_config" {
+      for_each = local.server_certificate_config
+      content {
+        certificate_id      = lookup(server_certificate_config.value, "certificate_id")
+        certificate_content = lookup(server_certificate_config.value, "certificate_content")
+        private_key         = lookup(server_certificate_config.value, "private_key")
+        message             = lookup(server_certificate_config.value, "message")
+      }
+    }
 
-data "tencentcloud_cdn_domains" "foo" {
-  domain = local.domain
+    dynamic "client_certificate_config" {
+      for_each = local.client_certificate_config
+      content {
+        certificate_content = lookup(client_certificate_config.value, "certificate_content")
+      }
+    }
+  }
+
+  tags = var.tags
 }
 
 locals {
-  domain = tencentcloud_cdn_domain.default.domain
+  server_certificate_config = flatten([
+  for _, obj in var.server_certificate_config : {
+    certificate_id      = lookup(obj, "certificate_id", null)
+    certificate_content = lookup(obj, "certificate_content", null)
+    private_key         = lookup(obj, "private_key", null)
+    message             = lookup(obj, "message", null)
+  }])
+
+  client_certificate_config = flatten([
+  for _, obj in var.client_certificate_config : {
+    certificate_content = lookup(obj, "certificate_content", null)
+  }])
 }

variables.tf

@@ -1,9 +1,3 @@
-variable "region" {
-  description = "TencentCloud region to launch resources."
-  type        = string
-  default     = ""
-}
-
 variable "domain" {
   description = "Name of the acceleration domain."
   type        = string
@@ -32,4 +26,76 @@ variable "https_switch" {
   description = "HTTPS configuration switch."
   type        = string
   default     = "off"
-}
+}
+
+variable "server_certificate_config" {
+  description = "Server certificate configuration information."
+  type        = list
+  default     = []
+}
+
+variable "client_certificate_config" {
+  description = "Client certificate configuration information."
+  type        = list
+  default     = []
+}
+
+variable "full_url_cache" {
+  description = "Whether to enable full-path cache."
+  type        = bool
+  default     = true
+}
+
+variable "area" {
+  description = "Domain name acceleration region."
+  type        = string
+  default     = null
+}
+
+variable "tags" {
+  description = "Tags of cdn domain."
+  type        = map(string)
+  default     = null
+}
+
+variable "server_name" {
+  description = "Host header used when accessing the master origin server."
+  type        = string
+  default     = null
+}
+
+variable "cos_private_access" {
+  description = "When OriginType is COS, you can specify if access to private buckets is allowed."
+  type        = string
+  default     = "off"
+}
+
+variable "origin_pull_protocol" {
+  description = "Origin-pull protocol configuration."
+  type        = string
+  default     = "http"
+}
+
+variable "http2_switch" {
+  description = "HTTP2 configuration switch."
+  type        = string
+  default     = "off"
+}
+
+variable "ocsp_stapling_switch" {
+  description = "OCSP configuration switch."
+  type        = string
+  default     = "off"
+}
+
+variable "spdy_switch" {
+  description = "Spdy configuration switch."
+  type        = string
+  default     = "off"
+}
+
+variable "verify_client" {
+  description = "Client certificate authentication feature."
+  type        = string
+  default     = "off"
+}

version.tf

@@ -1,3 +1,7 @@
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    tencentcloud = ">=1.19.0"
+  }
 }