Merge pull request #133 from volcengine/feat/iam

Feat/iam
volcengine · Oct 19, 2023 · 766fbca · 766fbca
2 parents 85ef331 + b824ab0
commit 766fbca
Show file tree

Hide file tree

Showing 24 changed files with 1,689 additions and 16 deletions.
diff --git a/common/common_volcengine_version.go b/common/common_volcengine_version.go
@@ -2,5 +2,5 @@ package common
 
 const (
 	TerraformProviderName    = "terraform-provider-volcengine"
-	TerraformProviderVersion = "0.0.114"
+	TerraformProviderVersion = "0.0.115"
 )
diff --git a/example/dataIamUserGroupPolicyAttachments/main.tf b/example/dataIamUserGroupPolicyAttachments/main.tf
@@ -0,0 +1,21 @@
+resource "volcengine_iam_policy" "foo" {
+  policy_name = "acc-test-policy"
+  description = "acc-test"
+  policy_document = "{\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"auto_scaling:DescribeScalingGroups\"],\"Resource\":[\"*\"]}]}"
+}
+
+resource "volcengine_iam_user_group" "foo" {
+  user_group_name = "acc-test-group"
+  description = "acc-test"
+  display_name = "acc-test"
+}
+
+resource "volcengine_iam_user_group_policy_attachment" "foo" {
+  policy_name = volcengine_iam_policy.foo.policy_name
+  policy_type = "Custom"
+  user_group_name = volcengine_iam_user_group.foo.user_group_name
+}
+
+data "volcengine_iam_user_group_policy_attachments" "foo" {
+  user_group_name = volcengine_iam_user_group_policy_attachment.foo.user_group_name
+}
diff --git a/example/dataVpcPrefixLists/main.tf b/example/dataVpcPrefixLists/main.tf
@@ -0,0 +1,22 @@
+resource "volcengine_vpc_prefix_list" "foo" {
+  prefix_list_name = "acc-test-prefix"
+  max_entries = 3
+  description = "acc test description"
+  ip_version = "IPv4"
+  prefix_list_entries {
+    cidr = "192.168.4.0/28"
+    description = "acc-test-1"
+  }
+  prefix_list_entries {
+    cidr = "192.168.5.0/28"
+    description = "acc-test-2"
+  }
+  tags {
+    key = "tf-key1"
+    value = "tf-value1"
+  }
+}
+
+data "volcengine_vpc_prefix_lists" "foo" {
+  ids = [volcengine_vpc_prefix_list.foo.id]
+}
diff --git a/example/iamUserGroupPolicyAttachment/main.tf b/example/iamUserGroupPolicyAttachment/main.tf
@@ -0,0 +1,17 @@
+resource "volcengine_iam_policy" "foo" {
+  policy_name = "acc-test-policy"
+  description = "acc-test"
+  policy_document = "{\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"auto_scaling:DescribeScalingGroups\"],\"Resource\":[\"*\"]}]}"
+}
+
+resource "volcengine_iam_user_group" "foo" {
+  user_group_name = "acc-test-group"
+  description = "acc-test"
+  display_name = "acc-test"
+}
+
+resource "volcengine_iam_user_group_policy_attachment" "foo" {
+  policy_name = volcengine_iam_policy.foo.policy_name
+  policy_type = "Custom"
+  user_group_name = volcengine_iam_user_group.foo.user_group_name
+}
diff --git a/example/vpcPrefixList/main.tf b/example/vpcPrefixList/main.tf
@@ -0,0 +1,22 @@
+resource "volcengine_vpc_prefix_list" "foo" {
+  prefix_list_name = "acc-test-prefix"
+  max_entries = 7
+  description = "acc test description"
+  ip_version = "IPv4"
+  prefix_list_entries {
+    cidr = "192.168.4.0/28"
+    description = "acc-test-1"
+  }
+  prefix_list_entries {
+    cidr = "192.168.9.0/28"
+    description = "acc-test-4"
+  }
+  prefix_list_entries {
+    cidr = "192.168.8.0/28"
+    description = "acc-test-5"
+  }
+  tags {
+    key = "tf-key1"
+    value = "tf-value1"
+  }
+}
diff --git a/volcengine/ecs/ecs_instance/data_source_volcengine_ecs_instances.go b/volcengine/ecs/ecs_instance/data_source_volcengine_ecs_instances.go
@@ -171,6 +171,11 @@ func DataSourceVolcengineEcsInstances() *schema.Resource {
 							Computed:    true,
 							Description: "The spot strategy of ECS instance.",
 						},
+						"spot_price_limit": {
+							Type:        schema.TypeFloat,
+							Computed:    true,
+							Description: "The spot price limit of ECS instance.",
+						},
 						"instance_type": {
 							Type:        schema.TypeString,
 							Computed:    true,

diff --git a/volcengine/ecs/ecs_instance/resource_volcengine_ecs_instance.go b/volcengine/ecs/ecs_instance/resource_volcengine_ecs_instance.go
@@ -112,10 +112,26 @@ func ResourceVolcengineEcsInstance() *schema.Resource {
 				ValidateFunc: validation.StringInSlice([]string{
 					"NoSpot",
 					"SpotAsPriceGo",
+					"SpotWithPriceLimit",
 				}, false),
 				Description: "The spot strategy will auto" +
 					"remove instance in some conditions.Please make sure you can maintain instance lifecycle before " +
-					"auto remove.The spot strategy of ECS instance, the value can be `NoSpot` or `SpotAsPriceGo`.",
+					"auto remove.The spot strategy of ECS instance, values:\n NoSpot (default): indicates creating a normal pay-as-you-go instance." +
+					"\nSpotAsPriceGo: spot instance with system automatically bidding and following the current market price." +
+					"\nSpotWithPriceLimit: spot instance with a set upper limit for bidding price.",
+			},
+			"spot_price_limit": {
+				Type:     schema.TypeFloat,
+				Optional: true,
+				ForceNew: true,
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if d.Get("instance_charge_type").(string) == "PostPaid" && d.Get("spot_strategy").(string) == "SpotWithPriceLimit" {
+						return false
+					}
+					return true
+				},
+				Description: "The maximum hourly price for spot instances supports up to three decimal places. " +
+					"This parameter only takes effect when SpotStrategy=SpotWithPriceLimit.",
 			},
 			"user_data": {
 				Type:             schema.TypeString,

diff --git a/..._user_group_policy_attachment/data_source_volcengine_iam_user_group_policy_attachments.go b/..._user_group_policy_attachment/data_source_volcengine_iam_user_group_policy_attachments.go
@@ -0,0 +1,68 @@
+package iam_user_group_policy_attachment
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	ve "github.com/volcengine/terraform-provider-volcengine/common"
+)
+
+func DataSourceVolcengineIamUserGroupPolicyAttachments() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceVolcengineIamUserGroupPolicyAttachmentsRead,
+		Schema: map[string]*schema.Schema{
+			"user_group_name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: "A name of user group.",
+			},
+			"output_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "File name where to save data source results.",
+			},
+			"total_count": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "The total count of query.",
+			},
+			"policies": {
+				Description: "The collection of query.",
+				Type:        schema.TypeList,
+				Computed:    true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"policy_trn": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Resource name of the strategy.",
+						},
+						"policy_name": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Name of the policy.",
+						},
+						"policy_type": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The type of the policy.",
+						},
+						"attach_date": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Attached time.",
+						},
+						"description": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The description.",
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func dataSourceVolcengineIamUserGroupPolicyAttachmentsRead(d *schema.ResourceData, meta interface{}) error {
+	service := NewIamUserGroupPolicyAttachmentService(meta.(*ve.SdkClient))
+	return service.Dispatcher.Data(service, d, DataSourceVolcengineIamUserGroupPolicyAttachments())
+}
diff --git a/.../iam_user_group_policy_attachment/resource_volcengine_iam_user_group_policy_attachment.go b/.../iam_user_group_policy_attachment/resource_volcengine_iam_user_group_policy_attachment.go
@@ -0,0 +1,95 @@
+package iam_user_group_policy_attachment
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	ve "github.com/volcengine/terraform-provider-volcengine/common"
+)
+
+/*
+
+Import
+IamUserGroupPolicyAttachment can be imported using the user group name and policy name, e.g.
+```
+$ terraform import volcengine_iam_user_group_policy_attachment.default userGroupName:policyName
+```
+
+*/
+
+func ResourceVolcengineIamUserGroupPolicyAttachment() *schema.Resource {
+	resource := &schema.Resource{
+		Create: resourceVolcengineIamUserGroupPolicyAttachmentCreate,
+		Read:   resourceVolcengineIamUserGroupPolicyAttachmentRead,
+		Delete: resourceVolcengineIamUserGroupPolicyAttachmentDelete,
+		Importer: &schema.ResourceImporter{
+			State: func(data *schema.ResourceData, i interface{}) ([]*schema.ResourceData, error) {
+				items := strings.Split(data.Id(), ":")
+				if len(items) != 2 {
+					return []*schema.ResourceData{data}, fmt.Errorf("import id must split with ':'")
+				}
+				if err := data.Set("user_group_name", items[0]); err != nil {
+					return []*schema.ResourceData{data}, err
+				}
+				if err := data.Set("policy_name", items[1]); err != nil {
+					return []*schema.ResourceData{data}, err
+				}
+				return []*schema.ResourceData{data}, nil
+			},
+		},
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(30 * time.Minute),
+			Delete: schema.DefaultTimeout(30 * time.Minute),
+		},
+		Schema: map[string]*schema.Schema{
+			"user_group_name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The user group name.",
+			},
+			"policy_name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The policy name.",
+			},
+			"policy_type": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "Strategy types, System strategy, Custom strategy.",
+			},
+		},
+	}
+	return resource
+}
+
+func resourceVolcengineIamUserGroupPolicyAttachmentCreate(d *schema.ResourceData, meta interface{}) (err error) {
+	service := NewIamUserGroupPolicyAttachmentService(meta.(*ve.SdkClient))
+	err = service.Dispatcher.Create(service, d, ResourceVolcengineIamUserGroupPolicyAttachment())
+	if err != nil {
+		return fmt.Errorf("error on creating iam_user_group_policy_attachment %q, %s", d.Id(), err)
+	}
+	return resourceVolcengineIamUserGroupPolicyAttachmentRead(d, meta)
+}
+
+func resourceVolcengineIamUserGroupPolicyAttachmentRead(d *schema.ResourceData, meta interface{}) (err error) {
+	service := NewIamUserGroupPolicyAttachmentService(meta.(*ve.SdkClient))
+	err = service.Dispatcher.Read(service, d, ResourceVolcengineIamUserGroupPolicyAttachment())
+	if err != nil {
+		return fmt.Errorf("error on reading iam_user_group_policy_attachment %q, %s", d.Id(), err)
+	}
+	return err
+}
+
+func resourceVolcengineIamUserGroupPolicyAttachmentDelete(d *schema.ResourceData, meta interface{}) (err error) {
+	service := NewIamUserGroupPolicyAttachmentService(meta.(*ve.SdkClient))
+	err = service.Dispatcher.Delete(service, d, ResourceVolcengineIamUserGroupPolicyAttachment())
+	if err != nil {
+		return fmt.Errorf("error on deleting iam_user_group_policy_attachment %q, %s", d.Id(), err)
+	}
+	return err
+}
diff --git a/...user_group_policy_attachment/resource_volcengine_iam_user_group_policy_attachment_test.go b/...user_group_policy_attachment/resource_volcengine_iam_user_group_policy_attachment_test.go
@@ -0,0 +1,65 @@
+package iam_user_group_policy_attachment_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	ve "github.com/volcengine/terraform-provider-volcengine/common"
+	"github.com/volcengine/terraform-provider-volcengine/volcengine"
+	"github.com/volcengine/terraform-provider-volcengine/volcengine/iam/iam_user_group_policy_attachment"
+)
+
+const testAccVolcengineIamUserGroupPolicyAttachmentCreateConfig = `
+resource "volcengine_iam_policy" "foo" {
+    policy_name = "acc-test-policy"
+	description = "acc-test"
+	policy_document = "{\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"auto_scaling:DescribeScalingGroups\"],\"Resource\":[\"*\"]}]}"
+}
+
+resource "volcengine_iam_user_group" "foo" {
+  user_group_name = "acc-test-group"
+  description = "acc-test"
+  display_name = "acc-test"
+}
+
+resource "volcengine_iam_user_group_policy_attachment" "foo" {
+    policy_name = volcengine_iam_policy.foo.policy_name
+    policy_type = "Custom"
+    user_group_name = volcengine_iam_user_group.foo.user_group_name
+}
+`
+
+func TestAccVolcengineIamUserGroupPolicyAttachmentResource_Basic(t *testing.T) {
+	resourceName := "volcengine_iam_user_group_policy_attachment.foo"
+
+	acc := &volcengine.AccTestResource{
+		ResourceId: resourceName,
+		SvcInitFunc: func(client *ve.SdkClient) ve.ResourceService {
+			return iam_user_group_policy_attachment.NewIamUserGroupPolicyAttachmentService(client)
+		},
+	}
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			volcengine.AccTestPreCheck(t)
+		},
+		Providers:    volcengine.GetTestAccProviders(),
+		CheckDestroy: volcengine.AccTestCheckResourceRemove(acc),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccVolcengineIamUserGroupPolicyAttachmentCreateConfig,
+				Check: resource.ComposeTestCheckFunc(
+					volcengine.AccTestCheckResourceExists(acc),
+					resource.TestCheckResourceAttr(acc.ResourceId, "policy_name", "acc-test-policy"),
+					resource.TestCheckResourceAttr(acc.ResourceId, "policy_type", "Custom"),
+					resource.TestCheckResourceAttr(acc.ResourceId, "user_group_name", "acc-test-group"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}