Skip to content

Commit

Permalink
Merge pull request #175 from volcengine/Feat/pg-allowlist
Browse files Browse the repository at this point in the history
Feat/pg allowlist
  • Loading branch information
msq177 authored Sep 12, 2024
2 parents 505f7eb + f3d99f9 commit a248703
Show file tree
Hide file tree
Showing 28 changed files with 1,248 additions and 26 deletions.
4 changes: 4 additions & 0 deletions common/common_volcengine_limit.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,10 @@ func init() {
Limiter: rate.NewLimiter(4, 10),
Semaphore: semaphore.NewWeighted(10),
},
"storage_ebs.DescribeVolumes.2020-04-01": {
Limiter: rate.NewLimiter(10, 30),
Semaphore: semaphore.NewWeighted(30),
},
}
}

Expand Down
2 changes: 1 addition & 1 deletion common/common_volcengine_version.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ package common

const (
TerraformProviderName = "terraform-provider-volcengine"
TerraformProviderVersion = "0.0.151"
TerraformProviderVersion = "0.0.152"
)
3 changes: 3 additions & 0 deletions example/dataRdsPostgresqlAllowlists/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
data "volcengine_rds_postgresql_allowlists" "foo" {

}
6 changes: 6 additions & 0 deletions example/rdsPostgresqlAllowlist/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
resource "volcengine_rds_postgresql_allowlist" "foo" {
allow_list_name = "acc-test-allowlist"
allow_list_desc = "acc-test"
allow_list_type = "IPv4"
allow_list = ["192.168.0.0/24", "192.168.1.0/24"]
}
53 changes: 53 additions & 0 deletions example/rdsPostgresqlAllowlistAssociate/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
data "volcengine_zones" "foo" {
}

resource "volcengine_vpc" "foo" {
vpc_name = "acc-test-vpc"
cidr_block = "172.16.0.0/16"
}

resource "volcengine_subnet" "foo" {
subnet_name = "acc-test-subnet"
cidr_block = "172.16.0.0/24"
zone_id = data.volcengine_zones.foo.zones[0].id
vpc_id = volcengine_vpc.foo.id
}


resource "volcengine_rds_postgresql_instance" "foo" {
db_engine_version = "PostgreSQL_12"
node_spec = "rds.postgres.1c2g"
primary_zone_id = data.volcengine_zones.foo.zones[0].id
secondary_zone_id = data.volcengine_zones.foo.zones[0].id
storage_space = 40
subnet_id = volcengine_subnet.foo.id
instance_name = "acc-test-postgresql"
charge_info {
charge_type = "PostPaid"
}
project_name = "default"
tags {
key = "tfk1"
value = "tfv1"
}
parameters {
name = "auto_explain.log_analyze"
value = "off"
}
parameters {
name = "auto_explain.log_format"
value = "text"
}
}

resource "volcengine_rds_postgresql_allowlist" "foo" {
allow_list_name = "acc-test-allowlist"
allow_list_desc = "acc-test"
allow_list_type = "IPv4"
allow_list = ["192.168.0.0/24", "192.168.1.0/24"]
}

resource "volcengine_rds_postgresql_allowlist_associate" "foo" {
instance_id = volcengine_rds_postgresql_instance.foo.id
allow_list_id = volcengine_rds_postgresql_allowlist.foo.id
}
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ func ResourceVolcengineCenServiceRouteEntry() *schema.Resource {
Description: "Publishing scope of cloud service access routes. Valid values are `LocalDCGW`(default), `Custom`.",
},
"publish_to_instances": {
Type: schema.TypeList,
Type: schema.TypeSet,
Optional: true,
MaxItems: 100,
Description: "The publish instances. A maximum of 100 can be uploaded in one request. This field needs to be filled in when the `publish_mode` is `Custom`.",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -80,10 +80,10 @@ func TestAccVolcengineCenServiceRouteEntryResource_Basic(t *testing.T) {
resource.TestCheckResourceAttr(acc.ResourceId, "publish_mode", "Custom"),
resource.TestCheckResourceAttr(acc.ResourceId, "service_region_id", "cn-beijing"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.#", "2"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.0.instance_type", "VPC"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.0.instance_region_id", "cn-beijing"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.1.instance_type", "VPC"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.1.instance_region_id", "cn-beijing"),
volcengine.TestCheckTypeSetElemNestedAttrs(acc.ResourceId, "publish_to_instances.*", map[string]string{
"instance_type": "VPC",
"instance_region_id": "cn-beijing",
}),
resource.TestCheckResourceAttrSet(acc.ResourceId, "cen_id"),
resource.TestCheckResourceAttrSet(acc.ResourceId, "service_vpc_id"),
),
Expand Down Expand Up @@ -158,10 +158,10 @@ func TestAccVolcengineCenServiceRouteEntryResource_Update(t *testing.T) {
resource.TestCheckResourceAttr(acc.ResourceId, "publish_mode", "Custom"),
resource.TestCheckResourceAttr(acc.ResourceId, "service_region_id", "cn-beijing"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.#", "2"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.0.instance_type", "VPC"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.0.instance_region_id", "cn-beijing"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.1.instance_type", "VPC"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.1.instance_region_id", "cn-beijing"),
volcengine.TestCheckTypeSetElemNestedAttrs(acc.ResourceId, "publish_to_instances.*", map[string]string{
"instance_type": "VPC",
"instance_region_id": "cn-beijing",
}),
resource.TestCheckResourceAttrSet(acc.ResourceId, "cen_id"),
resource.TestCheckResourceAttrSet(acc.ResourceId, "service_vpc_id"),
),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ func (s *VolcengineCenServiceRouteEntryService) ModifyResource(resourceData *sch
},
BeforeCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (bool, error) {
mode := d.Get("publish_mode").(string)
instances := d.Get("publish_to_instances").([]interface{})
instances := d.Get("publish_to_instances").(*schema.Set).List()
if mode == "Custom" && len(instances) == 0 {
return false, fmt.Errorf("public_to_instances must exist when publish_mode is Custom")
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,11 @@ func DataSourceVolcengineEcsInstances() *schema.Resource {
Optional: true,
Description: "The charge type of ECS instance.",
},
"instance_name": {
Type: schema.TypeString,
Optional: true,
Description: "The name of ECS instance. This field support fuzzy query.",
},
"name_regex": {
Type: schema.TypeString,
Optional: true,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,7 @@ func ResourceVolcengineEcsLaunchTemplate() *schema.Resource {
"suffix_index": {
Type: schema.TypeInt,
Optional: true,
Computed: true,
Description: "The index of the ordered suffix.",
},
"key_pair_name": {
Expand Down
17 changes: 10 additions & 7 deletions volcengine/iam/iam_role/resource_volcengine_iam_role.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,15 +39,18 @@ func ResourceVolcengineIamRole() *schema.Resource {
Required: true,
Description: "The trust policy document of the Role.",
DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
oldMap := make(map[string]interface{})
newMap := make(map[string]interface{})
if d.Id() != "" {
oldMap := make(map[string]interface{})
newMap := make(map[string]interface{})

_ = json.Unmarshal([]byte(old), &oldMap)
_ = json.Unmarshal([]byte(new), &newMap)
_ = json.Unmarshal([]byte(old), &oldMap)
_ = json.Unmarshal([]byte(new), &newMap)

oldStr, _ := json.MarshalIndent(oldMap, "", "\t")
newStr, _ := json.MarshalIndent(newMap, "", "\t")
return string(oldStr) == string(newStr)
oldStr, _ := json.MarshalIndent(oldMap, "", "\t")
newStr, _ := json.MarshalIndent(newMap, "", "\t")
return string(oldStr) == string(newStr)
}
return false
},
},
"role_name": {
Expand Down
11 changes: 8 additions & 3 deletions volcengine/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,8 @@ import (
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_mssql/rds_mssql_region"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_mssql/rds_mssql_zone"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_account"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_allowlist"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_allowlist_associate"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_database"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_instance"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_instance_readonly_node"
Expand Down Expand Up @@ -643,9 +645,10 @@ func Provider() terraform.ResourceProvider {
"volcengine_rds_mssql_backups": mssqlBackup.DataSourceVolcengineRdsMssqlBackups(),

// ================ Postgresql ================
"volcengine_rds_postgresql_databases": rds_postgresql_database.DataSourceVolcengineRdsPostgresqlDatabases(),
"volcengine_rds_postgresql_accounts": rds_postgresql_account.DataSourceVolcengineRdsPostgresqlAccounts(),
"volcengine_rds_postgresql_instances": rds_postgresql_instance.DataSourceVolcengineRdsPostgresqlInstances(),
"volcengine_rds_postgresql_databases": rds_postgresql_database.DataSourceVolcengineRdsPostgresqlDatabases(),
"volcengine_rds_postgresql_accounts": rds_postgresql_account.DataSourceVolcengineRdsPostgresqlAccounts(),
"volcengine_rds_postgresql_instances": rds_postgresql_instance.DataSourceVolcengineRdsPostgresqlInstances(),
"volcengine_rds_postgresql_allowlists": rds_postgresql_allowlist.DataSourceVolcengineRdsPostgresqlAllowlists(),

// ================ Organization ================
"volcengine_organization_units": organization_unit.DataSourceVolcengineOrganizationUnits(),
Expand Down Expand Up @@ -946,6 +949,8 @@ func Provider() terraform.ResourceProvider {
"volcengine_rds_postgresql_account": rds_postgresql_account.ResourceVolcengineRdsPostgresqlAccount(),
"volcengine_rds_postgresql_instance": rds_postgresql_instance.ResourceVolcengineRdsPostgresqlInstance(),
"volcengine_rds_postgresql_instance_readonly_node": rds_postgresql_instance_readonly_node.ResourceVolcengineRdsPostgresqlInstanceReadonlyNode(),
"volcengine_rds_postgresql_allowlist": rds_postgresql_allowlist.ResourceVolcengineRdsPostgresqlAllowlist(),
"volcengine_rds_postgresql_allowlist_associate": rds_postgresql_allowlist_associate.ResourceVolcengineRdsPostgresqlAllowlistAssociate(),

// ================ Organization ================
"volcengine_organization_unit": organization_unit.ResourceVolcengineOrganizationUnit(),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,8 @@ func (s *VolcengineRdsMysqlAllowListService) ReadResource(resourceData *schema.R
id = s.ReadResourceId(resourceData.Id())
}
req := map[string]interface{}{
"RegionId": s.Client.Region,
"RegionId": s.Client.Region,
"AllowListId": id,
}
results, err = s.ReadResources(req)
if err != nil {
Expand All @@ -108,6 +109,7 @@ func (s *VolcengineRdsMysqlAllowListService) ReadResource(resourceData *schema.R
}
if result["AllowListId"].(string) == id {
data = result
break
}
}
if len(data) == 0 {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
package rds_postgresql_allowlist

import (
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
ve "github.com/volcengine/terraform-provider-volcengine/common"
)

func DataSourceVolcengineRdsPostgresqlAllowlists() *schema.Resource {
return &schema.Resource{
Read: dataSourceVolcengineRdsPostgresqlAllowlistsRead,
Schema: map[string]*schema.Schema{
"instance_id": {
Type: schema.TypeString,
Optional: true,
Description: "The id of the postgresql Instance.",
},
"name_regex": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringIsValidRegExp,
Description: "A Name Regex of Resource.",
},
"output_file": {
Type: schema.TypeString,
Optional: true,
Description: "File name where to save data source results.",
},
"total_count": {
Type: schema.TypeInt,
Computed: true,
Description: "The total count of query.",
},

"postgresql_allow_lists": {
Description: "The list of postgresql allowed list.",
Type: schema.TypeList,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeString,
Computed: true,
Description: "The id of the postgresql allow list.",
},
"allow_list_id": {
Type: schema.TypeString,
Computed: true,
Description: "The id of the postgresql allow list.",
},
"allow_list_name": {
Type: schema.TypeString,
Computed: true,
Description: "The name of the postgresql allow list.",
},
"allow_list_desc": {
Type: schema.TypeString,
Computed: true,
Description: "The description of the postgresql allow list.",
},
"allow_list_type": {
Type: schema.TypeString,
Computed: true,
Description: "The type of the postgresql allow list.",
},
"allow_list_ip_num": {
Type: schema.TypeInt,
Computed: true,
Description: "The total number of IP addresses (or address ranges) in the whitelist.",
},
"associated_instance_num": {
Type: schema.TypeInt,
Computed: true,
Description: "The total number of instances bound under the whitelist.",
},
"allow_list": {
Type: schema.TypeList,
Computed: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
Description: "The IP address or a range of IP addresses in CIDR format.",
},
"associated_instances": {
Type: schema.TypeList,
Computed: true,
Description: "The list of postgresql instances.",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"instance_id": {
Type: schema.TypeString,
Computed: true,
Description: "The id of the postgresql instance.",
},
"instance_name": {
Type: schema.TypeString,
Computed: true,
Description: "The name of the postgresql instance.",
},
"vpc": {
Type: schema.TypeString,
Computed: true,
Description: "The id of the vpc.",
},
},
},
},
},
},
},
},
}
}

func dataSourceVolcengineRdsPostgresqlAllowlistsRead(d *schema.ResourceData, meta interface{}) error {
service := NewRdsPostgresqlAllowlistService(meta.(*ve.SdkClient))
return service.Dispatcher.Data(service, d, DataSourceVolcengineRdsPostgresqlAllowlists())
}
Loading

0 comments on commit a248703

Please sign in to comment.