Merge pull request #2115 from tencentcloudstack/feat/cam-mfa-config

feat: resource mfaFlag

Author: andrew-tx

.changelog/2115.txt

@@ -0,0 +1,6 @@
+```release-note:new-resource
+tencentcloud_cam_mfa_flag
+```
+```release-note:enhancement
+resource/tencentcloud_ssl_pay_certificate: Supports `csr_type` modification
+```

tencentcloud/provider.go

@@ -233,6 +233,7 @@ Cloud Access Management(CAM)
 	tencentcloud_cam_oidc_sso
 	tencentcloud_cam_role_sso
 	tencentcloud_cam_service_linked_role
+	tencentcloud_cam_mfa_flag
 	tencentcloud_cam_user_saml_config
 
 Customer Identity and Access Management(CIAM)
@@ -2552,6 +2553,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_cam_group_membership":                                resourceTencentCloudCamGroupMembership(),
 			"tencentcloud_cam_saml_provider":                                   resourceTencentCloudCamSAMLProvider(),
 			"tencentcloud_cam_service_linked_role":                             resourceTencentCloudCamServiceLinkedRole(),
+			"tencentcloud_cam_mfa_flag":                                        resourceTencentCloudCamMfaFlag(),
 			"tencentcloud_cam_user_saml_config":                                resourceTencentCloudCamUserSamlConfig(),
 			"tencentcloud_ciam_user_group":                                     resourceTencentCloudCiamUserGroup(),
 			"tencentcloud_ciam_user_store":                                     resourceTencentCloudCiamUserStore(),

tencentcloud/resource_tc_cam_mfa_flag.go

@@ -0,0 +1,260 @@
+/*
+Provides a resource to create a cam mfa_flag
+
+Example Usage
+
+```hcl
+data "tencentcloud_user_info" "info"{}
+
+resource "tencentcloud_cam_mfa_flag" "mfa_flag" {
+  op_uin = data.tencentcloud_user_info.info.uin
+  login_flag {
+	phone = 0
+	stoken = 1
+	wechat = 0
+  }
+  action_flag {
+	phone = 0
+	stoken = 1
+	wechat = 0
+  }
+}
+
+```
+
+Import
+
+cam mfa_flag can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_cam_mfa_flag.mfa_flag mfa_flag_id
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+	"log"
+	"strconv"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	cam "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cam/v20190116"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudCamMfaFlag() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudCamMfaFlagCreate,
+		Read:   resourceTencentCloudCamMfaFlagRead,
+		Update: resourceTencentCloudCamMfaFlagUpdate,
+		Delete: resourceTencentCloudCamMfaFlagDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"op_uin": {
+				Required:    true,
+				Type:        schema.TypeInt,
+				Description: "Operate uin.",
+			},
+
+			"login_flag": {
+				Optional:    true,
+				Type:        schema.TypeList,
+				MaxItems:    1,
+				Description: "Login flag setting.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"phone": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Phone.",
+						},
+						"stoken": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Soft token.",
+						},
+						"wechat": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Wechat.",
+						},
+					},
+				},
+			},
+
+			"action_flag": {
+				Optional:    true,
+				Type:        schema.TypeList,
+				MaxItems:    1,
+				Description: "Action flag setting.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"phone": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Phone.",
+						},
+						"stoken": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Soft token.",
+						},
+						"wechat": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Wechat.",
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func resourceTencentCloudCamMfaFlagCreate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_cam_mfa_flag.create")()
+	defer inconsistentCheck(d, meta)()
+	var opUin int
+
+	if v, ok := d.GetOk("op_uin"); ok {
+		opUin = v.(int)
+	}
+	d.SetId(strconv.Itoa(opUin))
+	return resourceTencentCloudCamMfaFlagUpdate(d, meta)
+}
+
+func resourceTencentCloudCamMfaFlagRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_cam_mfa_flag.read")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+	opUin := d.Id()
+	uin, err := strconv.Atoi(opUin)
+	if err != nil {
+		return err
+	}
+	service := CamService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	loginFlag, actionFlag, err := service.DescribeCamMfaFlagById(ctx, uint64(uin))
+	if err != nil {
+		return err
+	}
+
+	if loginFlag == nil && actionFlag == nil {
+		log.Printf("[WARN]%s resource `CamMfaFlag` not found, please check if it has been deleted.\n", logId)
+		return nil
+	}
+
+	if loginFlag != nil {
+		loginFlagMap := map[string]interface{}{}
+
+		if loginFlag.Phone != nil {
+			loginFlagMap["phone"] = loginFlag.Phone
+		}
+
+		if loginFlag.Stoken != nil {
+			loginFlagMap["stoken"] = loginFlag.Stoken
+		}
+
+		if loginFlag.Wechat != nil {
+			loginFlagMap["wechat"] = loginFlag.Wechat
+		}
+
+		_ = d.Set("login_flag", []interface{}{loginFlagMap})
+	}
+
+	if actionFlag != nil {
+		actionFlagMap := map[string]interface{}{}
+
+		if actionFlag.Phone != nil {
+			actionFlagMap["phone"] = actionFlag.Phone
+		}
+
+		if actionFlag.Stoken != nil {
+			actionFlagMap["stoken"] = actionFlag.Stoken
+		}
+
+		if actionFlag.Wechat != nil {
+			actionFlagMap["wechat"] = actionFlag.Wechat
+		}
+
+		_ = d.Set("action_flag", []interface{}{actionFlagMap})
+	}
+
+	return nil
+}
+
+func resourceTencentCloudCamMfaFlagUpdate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_cam_mfa_flag.update")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+	opUin := d.Id()
+	request := cam.NewSetMfaFlagRequest()
+	uin, err := strconv.Atoi(opUin)
+	if err != nil {
+		return err
+	}
+	request.OpUin = common.Uint64Ptr(uint64(uin))
+
+	if d.HasChange("login_flag") {
+		if dMap, ok := helper.InterfacesHeadMap(d, "login_flag"); ok {
+			loginActionMfaFlag := cam.LoginActionMfaFlag{}
+			if v, ok := dMap["phone"]; ok {
+				loginActionMfaFlag.Phone = helper.IntUint64(v.(int))
+			}
+			if v, ok := dMap["stoken"]; ok {
+				loginActionMfaFlag.Stoken = helper.IntUint64(v.(int))
+			}
+			if v, ok := dMap["wechat"]; ok {
+				loginActionMfaFlag.Wechat = helper.IntUint64(v.(int))
+			}
+			request.LoginFlag = &loginActionMfaFlag
+		}
+	}
+
+	if d.HasChange("action_flag") {
+		if dMap, ok := helper.InterfacesHeadMap(d, "action_flag"); ok {
+			loginActionMfaFlag := cam.LoginActionMfaFlag{}
+			if v, ok := dMap["phone"]; ok {
+				loginActionMfaFlag.Phone = helper.IntUint64(v.(int))
+			}
+			if v, ok := dMap["stoken"]; ok {
+				loginActionMfaFlag.Stoken = helper.IntUint64(v.(int))
+			}
+			if v, ok := dMap["wechat"]; ok {
+				loginActionMfaFlag.Wechat = helper.IntUint64(v.(int))
+			}
+			request.ActionFlag = &loginActionMfaFlag
+		}
+	}
+
+	err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(*TencentCloudClient).apiV3Conn.UseCamClient().SetMfaFlag(request)
+		if e != nil {
+			return retryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+		return nil
+	})
+	if err != nil {
+		log.Printf("[CRITAL]%s update cam mfaFlag failed, reason:%+v", logId, err)
+		return err
+	}
+
+	return resourceTencentCloudCamMfaFlagRead(d, meta)
+}
+
+func resourceTencentCloudCamMfaFlagDelete(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_cam_mfa_flag.delete")()
+	defer inconsistentCheck(d, meta)()
+
+	return nil
+}

tencentcloud/resource_tc_cam_mfa_flag_test.go

@@ -0,0 +1,86 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccTencentCloudCamMfaFlagResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCamMfaFlag,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("tencentcloud_cam_mfa_flag.mfa_flag", "id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_cam_mfa_flag.mfa_flag", "login_flag.#"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "login_flag.0.phone", "0"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "login_flag.0.stoken", "1"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "login_flag.0.wechat", "0"),
+
+					resource.TestCheckResourceAttrSet("tencentcloud_cam_mfa_flag.mfa_flag", "action_flag.#"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "action_flag.0.phone", "0"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "action_flag.0.stoken", "1"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "action_flag.0.wechat", "0"),
+				),
+			},
+			{
+				Config: testAccCamMfaFlagUpdate,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("tencentcloud_cam_mfa_flag.mfa_flag", "id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_cam_mfa_flag.mfa_flag", "login_flag.#"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "login_flag.0.phone", "0"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "login_flag.0.stoken", "0"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "login_flag.0.wechat", "0"),
+
+					resource.TestCheckResourceAttrSet("tencentcloud_cam_mfa_flag.mfa_flag", "action_flag.#"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "action_flag.0.phone", "0"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "action_flag.0.stoken", "0"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_mfa_flag.mfa_flag", "action_flag.0.wechat", "0"),
+				),
+			},
+		},
+	})
+}
+
+const testAccCamMfaFlag = `
+data "tencentcloud_user_info" "info"{}
+
+resource "tencentcloud_cam_mfa_flag" "mfa_flag" {
+  op_uin = data.tencentcloud_user_info.info.uin
+  login_flag {
+	phone = 0
+	stoken = 1
+	wechat = 0
+  }
+  action_flag {
+	phone = 0
+	stoken = 1
+	wechat = 0
+  }
+}
+
+`
+const testAccCamMfaFlagUpdate = `
+data "tencentcloud_user_info" "info"{}
+
+resource "tencentcloud_cam_mfa_flag" "mfa_flag" {
+  op_uin = data.tencentcloud_user_info.info.uin
+  login_flag {
+	phone = 0
+	stoken = 0
+	wechat = 0
+  }
+  action_flag {
+	phone = 0
+	stoken = 0
+	wechat = 0
+  }
+}
+
+`

tencentcloud/resource_tc_ssl_commit_certificate_information.go

@@ -46,12 +46,13 @@ package tencentcloud
 
 import (
 	"context"
+	"log"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/errors"
 	ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
 	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
-	"log"
 )
 
 func resourceTencentCloudSslCommitCertificateInformation() *schema.Resource {

tencentcloud/resource_tc_ssl_commit_certificate_information_test.go

@@ -1,8 +1,9 @@
 package tencentcloud
 
 import (
-	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 )
 
 func TestAccTencentCloudSslCommitCertificateInformationResource_basic(t *testing.T) {