fix: redis - support no-auth access (#769)

* fix: redis - support no-auth access

* fix: auth desc

* add no-auth create validation

Author: Kagashino

tencentcloud/resource_tc_redis_instance.go

@@ -154,10 +154,16 @@ func resourceTencentCloudRedisInstance() *schema.Resource {
 			},
 			"password": {
 				Type:         schema.TypeString,
-				Required:     true,
+				Optional:     true,
 				Sensitive:    true,
 				ValidateFunc: validateMysqlPassword,
-				Description:  "Password for a Redis user, which should be 8 to 16 characters.",
+				Description:  "Password for a Redis user, which should be 8 to 16 characters. NOTE: Only `no_auth=true` specified can make password empty.",
+			},
+			"no_auth": {
+				Type:         schema.TypeBool,
+				Optional:     true,
+				ForceNew:     true,
+				Description:  "Indicates whether the redis instance support no-auth access. NOTE: Only available in private cloud environment.",
 			},
 			"mem_size": {
 				Type:        schema.TypeInt,
@@ -267,6 +273,7 @@ func resourceTencentCloudRedisInstanceCreate(d *schema.ResourceData, meta interf
 	redisShardNum := d.Get("redis_shard_num").(int)
 	redisReplicasNum := d.Get("redis_replicas_num").(int)
 	password := d.Get("password").(string)
+	noAuth := d.Get("no_auth").(bool)
 	memSize := d.Get("mem_size").(int)
 	vpcId := d.Get("vpc_id").(string)
 	subnetId := d.Get("subnet_id").(string)
@@ -288,6 +295,14 @@ func resourceTencentCloudRedisInstanceCreate(d *schema.ResourceData, meta interf
 		return fmt.Errorf("`type_id` and `type` set one item and only one item")
 	}
 
+	if password == "" && !noAuth {
+		return fmt.Errorf("`password` must not be empty unless `no_auth` is `true`")
+	}
+
+	if noAuth && (vpcId == "" || subnetId == "") {
+		return fmt.Errorf("cannot set `no_auth=true` if `vpc_id` and `subnet_id` is empty")
+	}
+
 	for id, name := range REDIS_NAMES {
 		if redisType == name {
 			typeId = id
@@ -401,6 +416,7 @@ func resourceTencentCloudRedisInstanceCreate(d *schema.ResourceData, meta interf
 		chargeTypeID,
 		chargePeriod,
 		nodeInfo,
+		noAuth,
 	)
 
 	if err != nil {
@@ -519,6 +535,12 @@ func resourceTencentCloudRedisInstanceRead(d *schema.ResourceData, meta interfac
 	_ = d.Set("port", info.Port)
 	_ = d.Set("ip", info.WanIp)
 	_ = d.Set("create_time", info.Createtime)
+
+	// only true or user explicit declared will set for import case.
+	if _, ok := d.GetOk("no_auth"); ok || *info.NoAuth {
+		_ = d.Set("no_auth", info.NoAuth)
+	}
+
 	if d.Get("vpc_id").(string) != "" {
 		securityGroups, err := service.DescribeInstanceSecurityGroup(ctx, d.Id())
 		if err != nil {

tencentcloud/service_tencentcloud_redis.go

@@ -244,7 +244,12 @@ func (me *RedisService) CreateInstances(ctx context.Context,
 	memSize, projectId, port int64,
 	securityGroups []string,
 	redisShardNum,
-	redisReplicasNum int, chargeTypeID int64, chargePeriod uint64, nodeInfo []*redis.RedisNodeInfo) (instanceIds []*string, errRet error) {
+	redisReplicasNum int,
+	chargeTypeID int64,
+	chargePeriod uint64,
+	nodeInfo []*redis.RedisNodeInfo,
+	noAuth bool,
+) (instanceIds []*string, errRet error) {
 
 	logId := getLogId(ctx)
 	request := redis.NewCreateInstancesRequest()
@@ -316,6 +321,10 @@ func (me *RedisService) CreateInstances(ctx context.Context,
 		request.NodeSet = nodeInfo
 	}
 
+	if noAuth {
+		request.NoAuth = &noAuth
+	}
+
 	ratelimit.Check(request.GetAction())
 	response, err := me.client.UseRedisClient().CreateInstances(request)
 	if err != nil {

website/docs/r/redis_instance.html.markdown

@@ -69,10 +69,11 @@ The following arguments are supported:
 
 * `availability_zone` - (Required, ForceNew) The available zone ID of an instance to be created, please refer to `tencentcloud_redis_zone_config.list`.
 * `mem_size` - (Required) The memory volume of an available instance(in MB), please refer to `tencentcloud_redis_zone_config.list[zone].mem_sizes`. When redis is standard type, it represents total memory size of the instance; when Redis is cluster type, it represents memory size of per sharding.
-* `password` - (Required) Password for a Redis user, which should be 8 to 16 characters.
 * `charge_type` - (Optional, ForceNew) The charge type of instance. Valid values: `PREPAID` and `POSTPAID`. Default value is `POSTPAID`. Note: TencentCloud International only supports `POSTPAID`. Caution that update operation on this field will delete old instances and create new with new charge type.
 * `force_delete` - (Optional) Indicate whether to delete Redis instance directly or not. Default is false. If set true, the instance will be deleted instead of staying recycle bin. Note: only works for `PREPAID` instance.
 * `name` - (Optional) Instance name.
+* `no_auth` - (Optional, ForceNew) Indicates whether the redis instance support no-auth access. NOTE: Only available in private cloud environment.
+* `password` - (Optional) Password for a Redis user, which should be 8 to 16 characters. NOTE: Only `no_auth=true` specified can make password empty.
 * `port` - (Optional, ForceNew) The port used to access a redis instance. The default value is 6379. And this value can't be changed after creation, or the Redis instance will be recreated.
 * `prepaid_period` - (Optional) The tenancy (time unit is month) of the prepaid instance, NOTE: it only works when charge_type is set to `PREPAID`. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `11`, `12`, `24`, `36`.
 * `project_id` - (Optional) Specifies which project the instance should belong to.