add clb attach (#1840)

hellertang · web-flow · commit 94e8e864e3e8 · 2023-05-30T17:15:14.000+08:00
* add clb attach

* add clb attach res

* add res
diff --git a/.changelog/1840.txt b/.changelog/1840.txt
@@ -0,0 +1,3 @@
+```release-note:new-resource
+tencentcloud_clb_security_group_attachment
+```
diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go
@@ -313,6 +313,7 @@ Cloud Load Balancer(CLB)
 	tencentcloud_clb_instance_sla_config
 	tencentcloud_clb_instance_mix_ip_target_config
 	tencentcloud_clb_replace_cert_for_lbs
+	tencentcloud_clb_security_group_attachment
 
 Cloud Object Storage(COS)
   Data Source
@@ -1931,6 +1932,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_clb_instance_mix_ip_target_config":             resourceTencentCloudClbInstanceMixIpTargetConfig(),
 			"tencentcloud_clb_instance_sla_config":                       resourceTencentCloudClbInstanceSlaConfig(),
 			"tencentcloud_clb_replace_cert_for_lbs":                      resourceTencentCloudClbReplaceCertForLbs(),
+			"tencentcloud_clb_security_group_attachment":                 resourceTencentCloudClbSecurityGroupAttachment(),
 			"tencentcloud_container_cluster":                             resourceTencentCloudContainerCluster(),
 			"tencentcloud_container_cluster_instance":                    resourceTencentCloudContainerClusterInstance(),
 			"tencentcloud_kubernetes_cluster":                            resourceTencentCloudTkeCluster(),
diff --git a/tencentcloud/resource_tc_clb_security_group_attachment.go b/tencentcloud/resource_tc_clb_security_group_attachment.go
@@ -0,0 +1,170 @@
+/*
+Provides a resource to create a clb security_group_attachment
+
+Example Usage
+
+```hcl
+resource "tencentcloud_clb_security_group_attachment" "security_group_attachment" {
+  security_group = "sg-ijato2x1"
+  load_balancer_ids = ["lb-5dnrkgry"]
+}
+```
+
+Import
+
+clb security_group_attachment can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_clb_security_group_attachment.security_group_attachment security_group_id#clb_id
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	clb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb/v20180317"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudClbSecurityGroupAttachment() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudClbSecurityGroupAttachmentCreate,
+		Read:   resourceTencentCloudClbSecurityGroupAttachmentRead,
+		Delete: resourceTencentCloudClbSecurityGroupAttachmentDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"security_group": {
+				Required:    true,
+				Type:        schema.TypeString,
+				ForceNew:    true,
+				Description: "Security group ID, such as esg-12345678.",
+			},
+
+			"load_balancer_ids": {
+				Required: true,
+				Type:     schema.TypeSet,
+				ForceNew: true,
+				MaxItems: 1,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Description: "Array of CLB instance IDs. Only support set one security group now.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudClbSecurityGroupAttachmentCreate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_clb_security_group_attachment.create")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	var (
+		request        = clb.NewSetSecurityGroupForLoadbalancersRequest()
+		securityGroup  string
+		loadBalancerId string
+	)
+	if v, ok := d.GetOk("security_group"); ok {
+		securityGroup = v.(string)
+		request.SecurityGroup = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("load_balancer_ids"); ok {
+		loadBalancerIdsSet := v.(*schema.Set).List()
+		for i := range loadBalancerIdsSet {
+			loadBalancerId = loadBalancerIdsSet[i].(string)
+			request.LoadBalancerIds = append(request.LoadBalancerIds, &loadBalancerId)
+		}
+	}
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	service := ClbService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	err := service.SetClbSecurityGroup(ctx, securityGroup, loadBalancerId, "ADD")
+	if err != nil {
+		return err
+	}
+
+	d.SetId(securityGroup + FILED_SP + loadBalancerId)
+
+	return resourceTencentCloudClbSecurityGroupAttachmentRead(d, meta)
+}
+
+func resourceTencentCloudClbSecurityGroupAttachmentRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_clb_security_group_attachment.read")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	service := ClbService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	idSplit := strings.Split(d.Id(), FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
+	}
+	securityGroup := idSplit[0]
+	loadBalancerId := idSplit[1]
+
+	instance, err := service.DescribeLoadBalancerById(ctx, loadBalancerId)
+	if err != nil {
+		return err
+	}
+
+	if instance == nil {
+		d.SetId("")
+		log.Printf("[WARN]%s resource `ClbSecurityGroupAttachment` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		return nil
+	}
+
+	exist := false
+	for _, sg := range instance.SecureGroups {
+		if *sg == securityGroup {
+			exist = true
+			break
+		}
+	}
+	if !exist {
+		d.SetId("")
+		log.Printf("[WARN]%s resource `ClbSecurityGroupAttachment` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		return nil
+	}
+
+	_ = d.Set("security_group", securityGroup)
+
+	_ = d.Set("load_balancer_ids", []*string{&loadBalancerId})
+
+	return nil
+}
+
+func resourceTencentCloudClbSecurityGroupAttachmentDelete(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_clb_security_group_attachment.delete")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	service := ClbService{client: meta.(*TencentCloudClient).apiV3Conn}
+	idSplit := strings.Split(d.Id(), FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
+	}
+	securityGroup := idSplit[0]
+	loadBalancerId := idSplit[1]
+
+	if err := service.SetClbSecurityGroup(ctx, securityGroup, loadBalancerId, "DEL"); err != nil {
+		return err
+	}
+
+	return nil
+}
diff --git a/tencentcloud/resource_tc_clb_security_group_attachment_test.go b/tencentcloud/resource_tc_clb_security_group_attachment_test.go
@@ -0,0 +1,37 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccTencentCloudClbSecurityGroupAttachmentResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccClbSecurityGroupAttachment,
+				Check:  resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_clb_security_group_attachment.security_group_attachment", "id")),
+			},
+			{
+				ResourceName:      "tencentcloud_clb_security_group_attachment.security_group_attachment",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+const testAccClbSecurityGroupAttachment = `
+
+resource "tencentcloud_clb_security_group_attachment" "security_group_attachment" {
+  security_group = "sg-ijato2x1"
+  load_balancer_ids = ["lb-5dnrkgry"]
+}
+
+`
diff --git a/tencentcloud/service_tencentcloud_clb.go b/tencentcloud/service_tencentcloud_clb.go
@@ -230,6 +230,21 @@ func (me *ClbService) DeleteListenerById(ctx context.Context, clbId string, list
 	return nil
 }
 
+func (me *ClbService) DescribeTaskStatusById(ctx context.Context, taskId string) (status int64, errRet error) {
+	logId := getLogId(ctx)
+	request := clb.NewDescribeTaskStatusRequest()
+	request.TaskId = &taskId
+	ratelimit.Check(request.GetAction())
+	response, err := me.client.UseClbClient().DescribeTaskStatus(request)
+	if err != nil {
+		return 0, errors.WithStack(err)
+	}
+	log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n",
+		logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+	status = *response.Response.Status
+	return
+}
+
 func (me *ClbService) DescribeRulesByFilter(ctx context.Context, params map[string]string) (rules []*clb.RuleOutput, errRet error) {
 	logId := getLogId(ctx)
 	//listener filter
@@ -2201,3 +2216,29 @@ func (me *ClbService) DescribeClbTargetHealthByFilter(ctx context.Context, param
 
 	return
 }
+
+func (me *ClbService) SetClbSecurityGroup(ctx context.Context, securityGroup string, lbId string, operation string) (errRet error) {
+	logId := getLogId(ctx)
+
+	request := clb.NewSetSecurityGroupForLoadbalancersRequest()
+	request.SecurityGroup = &securityGroup
+	request.LoadBalancerIds = []*string{&lbId}
+	request.OperationType = &operation
+
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+		}
+	}()
+
+	ratelimit.Check(request.GetAction())
+
+	response, err := me.client.UseClbClient().SetSecurityGroupForLoadbalancers(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+	return
+}
diff --git a/website/docs/r/clb_security_group_attachment.html.markdown b/website/docs/r/clb_security_group_attachment.html.markdown
@@ -0,0 +1,45 @@
+---
+subcategory: "Cloud Load Balancer(CLB)"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_clb_security_group_attachment"
+sidebar_current: "docs-tencentcloud-resource-clb_security_group_attachment"
+description: |-
+  Provides a resource to create a clb security_group_attachment
+---
+
+# tencentcloud_clb_security_group_attachment
+
+Provides a resource to create a clb security_group_attachment
+
+## Example Usage
+
+```hcl
+resource "tencentcloud_clb_security_group_attachment" "security_group_attachment" {
+  security_group    = "sg-ijato2x1"
+  load_balancer_ids = ["lb-5dnrkgry"]
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `load_balancer_ids` - (Required, Set: [`String`], ForceNew) Array of CLB instance IDs. Only support set one security group now.
+* `security_group` - (Required, String, ForceNew) Security group ID, such as esg-12345678.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - ID of the resource.
+
+
+
+## Import
+
+clb security_group_attachment can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_clb_security_group_attachment.security_group_attachment security_group_id#clb_id
+```
+
diff --git a/website/tencentcloud.erb b/website/tencentcloud.erb
@@ -900,6 +900,9 @@
                                 <li>
                                     <a href="/docs/providers/tencentcloud/r/clb_replace_cert_for_lbs.html">tencentcloud_clb_replace_cert_for_lbs</a>
                                 </li>
+                                <li>
+                                    <a href="/docs/providers/tencentcloud/r/clb_security_group_attachment.html">tencentcloud_clb_security_group_attachment</a>
+                                </li>
                                 <li>
                                     <a href="/docs/providers/tencentcloud/r/clb_snat_ip.html">tencentcloud_clb_snat_ip</a>
                                 </li>

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+```release-note:new-resource
	`2`	`+tencentcloud_clb_security_group_attachment`
	`3`	+```