add product ciam (#1946)

* add product ciam

* add changelog

Author: hellertang

.changelog/1946.txt

@@ -0,0 +1,7 @@
+```release-note:new-resource
+tencentcloud_ciam_user_store
+```
+
+```release-note:new-resource
+tencentcloud_ciam_user_group
+```

go.mod

@@ -36,11 +36,12 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.539
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cfs v1.0.627
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/chdfs v1.0.600
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ciam v1.0.695
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ckafka v1.0.667
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.659
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.544
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.663
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.692
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.695
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.589
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.692

go.sum

@@ -794,6 +794,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cfs v1.0.627 h1:nChNdoC
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cfs v1.0.627/go.mod h1:lr3IyWgJk4rLWr0vVd8J1Tfs5O+wNcwSZ9ciMhGUrlI=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/chdfs v1.0.600 h1:qSpp4rEgAzfXhi1rPxes+AJp2mwnsyRGPY/Km1FuYGs=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/chdfs v1.0.600/go.mod h1:xud1dQ7Rc23yC5kS00TYRrvZ/A+94EOkwquaI6xGVac=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ciam v1.0.695 h1:FGwsF1/PgY+M92bEC+0NH4tJkI8i0qjrLbZWVjLXOAY=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ciam v1.0.695/go.mod h1:HAasVoWz8ed6kAg7Q/DTg+8uZXiOgW7lmJeAGGrquEQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ckafka v1.0.667 h1:cecrsRRZ5bvKC/3DHvngMkkHe52+Run+73kLy/I/xLU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ckafka v1.0.667/go.mod h1:oMEFOM7AR1K/5pJyhQ9x+TXWX3AsxCqYACdqZLxH/kA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.659 h1:Hleh17bTIva3PWprkgA/qR1mkHlzV0TSBBOEzqxI500=
@@ -851,8 +853,9 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.680/go.mod
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.688/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.689/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.691/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.692 h1:BS3D1DcM2nRMPYW9DaIQT0OaQ7A0AkUl3zglBBXalB4=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.692/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.695 h1:p2p8V1WmR2LLQKRof2ljXePtbtlv+nzoF3e8A0AXbUc=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.695/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624 h1:nEZqsoqt1pEoaP9JjkHQy3/H00suCfzlHW1qOm2nYD8=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624/go.mod h1:+TXSVyeKwt1IhZRqKPbTREteBcP+K07Q846/ilNzLWA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.589 h1:LZihgirMH0vsaGScYexxwY0fTss9vHaSZs/YOQUVESg=

tencentcloud/connectivity/client.go

@@ -8,6 +8,8 @@ import (
 	"strconv"
 	"time"
 
+	ciam "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ciam/v20220331"
+
 	"github.com/tencentyun/cos-go-sdk-v5"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -165,6 +167,7 @@ type TencentCloudClient struct {
 	chdfsConn          *chdfs.Client
 	mdlConn            *mdl.Client
 	apmConn            *apm.Client
+	ciamConn           *ciam.Client
 	tseConn            *tse.Client
 }
 
@@ -1163,6 +1166,20 @@ func (me *TencentCloudClient) UseApmClient() *apm.Client {
 	return me.apmConn
 }
 
+// UseCiamClient returns ciam client for service
+func (me *TencentCloudClient) UseCiamClient() *ciam.Client {
+	if me.ciamConn != nil {
+		return me.ciamConn
+	}
+
+	cpf := me.NewClientProfile(300)
+	cpf.Language = "zh-CN"
+	me.ciamConn, _ = ciam.NewClient(me.Credential, me.Region, cpf)
+	me.ciamConn.WithHttpTransport(&LogRoundTripper{})
+
+	return me.ciamConn
+}
+
 // UseTseClient returns tse client for service
 func (me *TencentCloudClient) UseTseClient() *tse.Client {
 	if me.tseConn != nil {

tencentcloud/provider.go

@@ -225,6 +225,11 @@ Cloud Access Management(CAM)
 	tencentcloud_cam_service_linked_role
 	tencentcloud_cam_user_saml_config
 
+Customer Identity and Access Management(CIAM)
+  Resource
+	tencentcloud_ciam_user_store
+    tencentcloud_ciam_user_group
+
 Cloud Block Storage(CBS)
   Data Source
     tencentcloud_cbs_snapshots
@@ -2442,6 +2447,8 @@ func Provider() *schema.Provider {
 			"tencentcloud_cam_saml_provider":                                   resourceTencentCloudCamSAMLProvider(),
 			"tencentcloud_cam_service_linked_role":                             resourceTencentCloudCamServiceLinkedRole(),
 			"tencentcloud_cam_user_saml_config":                                resourceTencentCloudCamUserSamlConfig(),
+			"tencentcloud_ciam_user_group":                                     resourceTencentCloudCiamUserGroup(),
+			"tencentcloud_ciam_user_store":                                     resourceTencentCloudCiamUserStore(),
 			"tencentcloud_scf_function":                                        resourceTencentCloudScfFunction(),
 			"tencentcloud_scf_function_version":                                resourceTencentCloudScfFunctionVersion(),
 			"tencentcloud_scf_function_event_invoke_config":                    resourceTencentCloudScfFunctionEventInvokeConfig(),

tencentcloud/resource_tc_ciam_user_group.go

@@ -0,0 +1,243 @@
+/*
+Provides a resource to create a ciam user group
+
+Example Usage
+
+```hcl
+resource "tencentcloud_ciam_user_store" "user_store" {
+  user_pool_name = "tf_user_store"
+  user_pool_desc = "for terraform test"
+  user_pool_logo = "https://ciam-prd-1302490086.cos.ap-guangzhou.myqcloud.com/temporary/92630252a2c5422d9663db5feafd619b.png"
+}
+
+resource "tencentcloud_ciam_user_group" "user_group" {
+  display_name  = "tf_user_group"
+  user_store_id = tencentcloud_ciam_user_store.user_store.id
+  description   = "for terrafrom test"
+}
+```
+
+Import
+
+ciam user_group can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_ciam_user_group.user_group userStoreId#userGroupId
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	ciam "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ciam/v20220331"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudCiamUserGroup() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudCiamUserGroupCreate,
+		Read:   resourceTencentCloudCiamUserGroupRead,
+		Update: resourceTencentCloudCiamUserGroupUpdate,
+		Delete: resourceTencentCloudCiamUserGroupDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"user_store_id": {
+				Required:    true,
+				Type:        schema.TypeString,
+				Description: "User Store ID.",
+			},
+			"display_name": {
+				Required:    true,
+				Type:        schema.TypeString,
+				Description: "User Group Name.",
+			},
+			"description": {
+				Optional:    true,
+				Type:        schema.TypeString,
+				Description: "User Group Description.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudCiamUserGroupCreate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ciam_user_group.create")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	var (
+		request     = ciam.NewCreateUserGroupRequest()
+		response    = ciam.NewCreateUserGroupResponse()
+		userStoreId string
+		userGroupId string
+	)
+	if v, ok := d.GetOk("user_store_id"); ok {
+		userStoreId = v.(string)
+		request.UserStoreId = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("display_name"); ok {
+		request.DisplayName = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("description"); ok {
+		request.Description = helper.String(v.(string))
+	}
+
+	err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(*TencentCloudClient).apiV3Conn.UseCiamClient().CreateUserGroup(request)
+		if e != nil {
+			return retryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+		response = result
+		return nil
+	})
+	if err != nil {
+		log.Printf("[CRITAL]%s create ciam userGroup failed, reason:%+v", logId, err)
+		return err
+	}
+
+	userGroupId = *response.Response.UserGroupId
+
+	d.SetId(userStoreId + FILED_SP + userGroupId)
+
+	return resourceTencentCloudCiamUserGroupRead(d, meta)
+}
+
+func resourceTencentCloudCiamUserGroupRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ciam_user_group.read")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	service := CiamService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	idSplit := strings.Split(d.Id(), FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
+	}
+	userStoreId := idSplit[0]
+	userGroupId := idSplit[1]
+
+	userGroup, err := service.DescribeCiamUserGroupById(ctx, userStoreId, userGroupId)
+	if err != nil {
+		return err
+	}
+
+	if userGroup == nil {
+		d.SetId("")
+		log.Printf("[WARN]%s resource `CiamUserGroup` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		return nil
+	}
+
+	if userGroup.DisplayName != nil {
+		_ = d.Set("display_name", userGroup.DisplayName)
+	}
+
+	if userGroup.UserStoreId != nil {
+		_ = d.Set("user_store_id", userGroup.UserStoreId)
+	}
+
+	if userGroup.Description != nil {
+		_ = d.Set("description", userGroup.Description)
+	}
+
+	return nil
+}
+
+func resourceTencentCloudCiamUserGroupUpdate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ciam_user_group.update")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	request := ciam.NewUpdateUserGroupRequest()
+
+	idSplit := strings.Split(d.Id(), FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
+	}
+	userStoreId := idSplit[0]
+	userGroupId := idSplit[1]
+
+	request.UserStoreId = &userStoreId
+	request.UserGroupId = &userGroupId
+
+	needChange := false
+	mutableArgs := []string{
+		"display_name", "user_store_id", "description",
+	}
+
+	for _, v := range mutableArgs {
+		if d.HasChange(v) {
+			needChange = true
+			break
+		}
+	}
+
+	if needChange {
+
+		if v, ok := d.GetOk("display_name"); ok {
+			request.DisplayName = helper.String(v.(string))
+		}
+
+		if v, ok := d.GetOk("user_store_id"); ok {
+			request.UserStoreId = helper.String(v.(string))
+		}
+
+		if v, ok := d.GetOk("description"); ok {
+			request.Description = helper.String(v.(string))
+		}
+
+		err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+			result, e := meta.(*TencentCloudClient).apiV3Conn.UseCiamClient().UpdateUserGroup(request)
+			if e != nil {
+				return retryError(e)
+			} else {
+				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+			}
+			return nil
+		})
+		if err != nil {
+			log.Printf("[CRITAL]%s update ciam userGroup failed, reason:%+v", logId, err)
+			return err
+		}
+
+	}
+	return resourceTencentCloudCiamUserGroupRead(d, meta)
+}
+
+func resourceTencentCloudCiamUserGroupDelete(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ciam_user_group.delete")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	service := CiamService{client: meta.(*TencentCloudClient).apiV3Conn}
+	idSplit := strings.Split(d.Id(), FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
+	}
+	userStoreId := idSplit[0]
+	userGroupId := idSplit[1]
+
+	if err := service.DeleteCiamUserGroupById(ctx, userStoreId, userGroupId); err != nil {
+		return err
+	}
+
+	return nil
+}

tencentcloud/resource_tc_ciam_user_group_test.go

@@ -0,0 +1,44 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccTencentCloudCiamUserGroupResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCiamUserGroup,
+				Check:  resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_ciam_user_group.user_group", "id")),
+			},
+			{
+				ResourceName:      "tencentcloud_ciam_user_group.user_group",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+const testAccCiamUserGroup = `
+
+resource "tencentcloud_ciam_user_store" "user_store" {
+  user_pool_name = "tf_user_store_test"
+  user_pool_desc = "for terraform test"
+  user_pool_logo = "https://ciam-prd-1302490086.cos.ap-guangzhou.myqcloud.com/temporary/92630252a2c5422d9663db5feafd619b.png"
+}
+
+resource "tencentcloud_ciam_user_group" "user_group" {
+  display_name  = "tf_user_group"
+  user_store_id = tencentcloud_ciam_user_store.user_store.id
+  description   = "for terrafrom test"
+}
+
+`