tencentcloudstack
diff --git a/‎.changelog/1545.txt‎
Lines changed: 3 additions & 0 deletions b/‎.changelog/1545.txt‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎go.mod‎
Lines changed: 1 addition & 0 deletions b/‎go.mod‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎go.sum‎
Lines changed: 6 additions & 19 deletions b/‎go.sum‎
Lines changed: 6 additions & 19 deletions
diff --git a/‎tencentcloud/connectivity/client.go‎
Lines changed: 15 additions & 0 deletions b/‎tencentcloud/connectivity/client.go‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎tencentcloud/extension_tke.go‎
Lines changed: 4 additions & 0 deletions b/‎tencentcloud/extension_tke.go‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎tencentcloud/internal/helper/transform.go‎
Lines changed: 11 additions & 0 deletions b/‎tencentcloud/internal/helper/transform.go‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎tencentcloud/resource_tc_kubernetes_node_pool.go‎
Lines changed: 35 additions & 10 deletions b/‎tencentcloud/resource_tc_kubernetes_node_pool.go‎
Lines changed: 35 additions & 10 deletions
diff --git a/‎tencentcloud/resource_tc_kubernetes_node_pool_test.go‎
Lines changed: 3 additions & 1 deletion b/‎tencentcloud/resource_tc_kubernetes_node_pool_test.go‎
Lines changed: 3 additions & 1 deletion
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/tencentcloud_kubernetes_node_pool: adjust enhanced_security_service to not forceNew
+```
@@ -37,6 +37,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.412
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.591
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.553
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.589
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.572
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dayu v1.0.335
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dbbrain v1.0.542
 
@@ -464,26 +464,18 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cam v1.0.409 h1:ToZpNh7
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cam v1.0.409/go.mod h1:U24yUxCDruJLayOsP/onO2E/7+9ljeNsNO+phu+PeiM=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cat v1.0.520 h1:n4FN0PI+1MVWi+RGQbD/cElXjquZQK0K1h1Z1nNWNWw=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cat v1.0.520/go.mod h1:gzI+2Qd/iUfPPQQjW30k0G3mJ3m7tXeXrydJMm8jsOo=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cbs v1.0.581 h1:LhzXiQ82MJL5r1sxu6sqho4ZxeYVvfQeR1AYmrmBl80=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cbs v1.0.581/go.mod h1:UZW7JY6opRJm39HJzV+M7BfapfLQoY0a55RyTxc34uI=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cbs v1.0.591 h1:TPGLjH6wqkA5Iirl6xCxFkWwrtCZ8ZmeF7ASzqUbsZA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cbs v1.0.591/go.mod h1:nCAGfVTXZkVnurkbjF3b0FM6RwGztE9t8D9Ms1unaKo=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdb v1.0.576 h1:0Ob8XAXco+lp19HE3CCH/oQBxq6SdhUB/5O842dJ9Ec=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdb v1.0.576/go.mod h1:kbILC5/kqFl+0UK8X9PGP3ubvZi8VReQLQYxhVw8ZH0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.539 h1:0L6nZhT2bToTc/n1z3HOpNgdu5VX5ulmqIuPY+8UozA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.539/go.mod h1:6Syk7W5fdDf0BLvX+RXL5obQ6unkt3Id4aN2QqVrV6U=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cfs v1.0.562 h1:gPdY1ow4dh3+Fs0ShjpiX9u+lQLjSHuH9OCBXuoin+Q=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cfs v1.0.562/go.mod h1:eC3p0uhPlovCmDlIhwQTej95aj33O5TI4nNHJQpH+8g=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cfs v1.0.581 h1:Ei818gJRB9wd1sGux9x9Hi3l9XwfYbPBhri6T3aYorc=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cfs v1.0.581/go.mod h1:T7/YP64GYsB74saN6wG9IOQ1/XZFWX2MKEM9tphORYk=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ckafka v1.0.403 h1:rD9H4dQkULnRpq1BiD2KuDKsd9VEKHun2gMT+V6DNOE=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ckafka v1.0.403/go.mod h1:yWwwGj2gV0hRPfM9GXG4EgDee0cEWYcAwl/M8CTTvzM=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.445 h1:ZUtZLAXy7xQbDipfEIPEBahjHBoJ+hTAbQYaqjiwFAg=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.445/go.mod h1:qiBToiXBl7c0k05B3ZzLlAdPuDl5sFHzYsnB8/IBRiA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.591 h1:Rg1AD/9y3pwo7iQ//YwylFrQYsjFcYMCESA6XDkzlvI=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.591/go.mod h1:V/OfxmhJ/kic0QZzdl82fSREd2fuQ1VQqjVEYdsgQRE=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.199 h1:o41qFAFJGPDTLNWXs7nLw4fsDxFUCe5gkO2YXI9Ye6Q=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.199/go.mod h1:b7dNjabPys0/iLwRFd8MVE5EkJTNAh4qtaHQOOLchx4=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.544 h1:ApY6rS7I9otgujOdAFy0+Epno1PNVCQmsOoWQxx724Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.544/go.mod h1:c37rIdL3LrJXYwrfp9c8L4MabTqKIZUe1xvnWhN75oc=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.412 h1:mQbC16tarrfz+ILlHTMiiA3MTUP79fSqs+KEpuL2FKE=
@@ -493,12 +485,10 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.358/go.mod
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.383/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.391/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.403/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.406/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.409/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.412/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.413/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.414/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.445/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.466/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.486/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.490/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
@@ -516,31 +506,25 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.540/go.mod
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.542/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.544/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.547/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.549/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.553/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.562/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.564/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.567/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.569/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.571/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.572/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.576/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.577/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.578/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.581 h1:D9CgaCBTobVR13v0ZTGV/41hbv+l5DFCsWD2Sia83i4=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.581/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.583 h1:1zUg5BBJTuiLhd2QsifiLdWxbuVfP7I2bROwNkaY4vo=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.583/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.584 h1:FbppCUoExsYKd8orUHqcTJacEIGgFcTyvzdFNMb/7zI=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.584/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.588 h1:DYtBXB7sVc3EOW5horg8j55cLZynhsLYhHrvQ/jXKKM=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.588/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.589/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.591 h1:tb1wlm1K9ca6bNrwC0sr65vJAL+1gYq4UzLsZxaY5KU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.591/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.445 h1:Bh7XD0ypNMHYyBOM8hhKsSu+y0VVKUnJVS+YKKhfpGg=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.445/go.mod h1:jMDD351efCFpT1+KVFbcpu6SbmP4TYmp4qkoCfr63nQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.553 h1:Pl1kYgFhJp0QSoVFSzRsiGk+HfEAkBTQg7+O60tytNA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.553/go.mod h1:dnnqPxXYK+kax3e1MKo/PI3iWJtytm6ogWKQHJS7SGE=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.589 h1:LZihgirMH0vsaGScYexxwY0fTss9vHaSZs/YOQUVESg=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.589/go.mod h1:rP1Sng8NNveLZ4HhjuvAZSxdmYQOyFyJY3qaut0xJrA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.572 h1:s6YaKNJla+zow8j+9UDFVWblPRv8kwS4dlAY1IWT15o=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.572/go.mod h1:Wp8vjOiPCqWs8ERh6+XcMYdGul6L8bU/icFY6JzxGdU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dayu v1.0.335 h1:D8qrelkK5udv8RzJJIABMzItGIyaZoYnxEVeIsYqiNw=
@@ -837,13 +821,16 @@ gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLks
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/ini.v1 v1.51.0 h1:AQvPpx3LzTDM0AjnIRlVFwFFGC+npRopjZxLJj6gdno=
 gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 
@@ -38,6 +38,7 @@ import (
 	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
 	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
 	cvm "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm/v20170312"
+	cwp "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp/v20180228"
 	cynosdb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb/v20190107"
 	dayu "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dayu/v20180709"
 	dbbrain "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dbbrain/v20210527"
@@ -157,6 +158,7 @@ type TencentCloudClient struct {
 	ciConn             *cos.Client
 	tsfConn            *tsf.Client
 	mpsConn            *mps.Client
+	cwpConn            *cwp.Client
 }
 
 // NewClientProfile returns a new ClientProfile
@@ -1057,6 +1059,19 @@ func (me *TencentCloudClient) UseMpsClient() *mps.Client {
 	return me.mpsConn
 }
 
+// UseTkeClient returns tke client for service
+func (me *TencentCloudClient) UseCwpClient() *cwp.Client {
+	if me.cwpConn != nil {
+		return me.cwpConn
+	}
+
+	cpf := me.NewClientProfile(300)
+	me.cwpConn, _ = cwp.NewClient(me.Credential, me.Region, cpf)
+	me.cwpConn.WithHttpTransport(&LogRoundTripper{})
+
+	return me.cwpConn
+}
+
 func getEnvDefault(key string, defVal int) int {
 	val, ex := os.LookupEnv(key)
 	if !ex {
 
@@ -120,3 +120,7 @@ var TKE_ADDON_DEFAULT_VALUES_KEY = []string{
 	"global.cluster.kubeversion",
 	"global.cluster.kubeminor",
 }
+
+const (
+	InstallSecurityAgentCommandId = "cmd-d8jj2skv"
+)
@@ -235,6 +235,17 @@ func StrListToStr(strList []*string) string {
 	return base64.StdEncoding.EncodeToString([]byte(res))
 }
 
+func StrListValToStr(strListVal []string) string {
+	res := ""
+	for i, v := range strListVal {
+		res += v
+		if i < len(strListVal)-1 {
+			res += ";"
+		}
+	}
+	return base64.StdEncoding.EncodeToString([]byte(res))
+}
+
 func StrToStrList(str string) (res []string, err error) {
 
 	decodeString, err := base64.StdEncoding.DecodeString(str)
 
@@ -334,10 +334,10 @@ func composedKubernetesAsScalingConfigPara() map[string]*schema.Schema {
 			Description: "Security groups to which a CVM instance belongs.",
 		},
 		"enhanced_security_service": {
-			Type:        schema.TypeBool,
-			Optional:    true,
-			Default:     true,
-			ForceNew:    true,
+			Type:     schema.TypeBool,
+			Optional: true,
+			Default:  true,
+			//ForceNew:    true,
 			Description: "To specify whether to enable cloud security service. Default is TRUE.",
 		},
 		"enhanced_monitor_service": {
@@ -964,6 +964,23 @@ func composeAsLaunchConfigModifyRequest(d *schema.ResourceData, launchConfigId s
 		}
 	}
 
+	// set enhanced_security_service if necessary
+	if v, ok := dMap["enhanced_security_service"]; ok {
+		securityService := v.(bool)
+		if request.EnhancedService != nil {
+			request.EnhancedService.SecurityService = &as.RunSecurityServiceEnabled{
+				Enabled: helper.Bool(securityService),
+			}
+		} else {
+			request.EnhancedService = &as.EnhancedService{
+				SecurityService: &as.RunSecurityServiceEnabled{
+					Enabled: helper.Bool(securityService),
+				},
+			}
+		}
+
+	}
+
 	request.InstanceChargeType = &chargeType
 
 	return request
@@ -1337,12 +1354,13 @@ func resourceKubernetesNodePoolUpdate(d *schema.ResourceData, meta interface{})
 	defer logElapsed("resource.tencentcloud_kubernetes_node_pool.update")()
 
 	var (
-		logId     = getLogId(contextNil)
-		ctx       = context.WithValue(context.TODO(), logIdKey, logId)
-		client    = meta.(*TencentCloudClient).apiV3Conn
-		service   = TkeService{client: client}
-		asService = AsService{client: client}
-		items     = strings.Split(d.Id(), FILED_SP)
+		logId      = getLogId(contextNil)
+		ctx        = context.WithValue(context.TODO(), logIdKey, logId)
+		client     = meta.(*TencentCloudClient).apiV3Conn
+		service    = TkeService{client: client}
+		asService  = AsService{client: client}
+		cvmService = CvmService{client: client}
+		items      = strings.Split(d.Id(), FILED_SP)
 	)
 	if len(items) != 2 {
 		return fmt.Errorf("resource_tc_kubernetes_node_pool id  is broken")
@@ -1359,13 +1377,20 @@ func resourceKubernetesNodePoolUpdate(d *schema.ResourceData, meta interface{})
 			return err
 		}
 		launchConfigId := *nodePool.LaunchConfigurationId
+		//  change as config here
 		request := composeAsLaunchConfigModifyRequest(d, launchConfigId)
 		_, err = client.UseAsClient().ModifyLaunchConfigurationAttributes(request)
 		if err != nil {
 			log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n",
 				logId, request.GetAction(), request.ToJsonString(), err.Error())
 			return err
 		}
+
+		// change existed cvm security service if necessary
+		if err := ModifySecurityServiceOfCvmInNodePool(ctx, d, &service, &cvmService, client, clusterId, *nodePool.NodePoolId); err != nil {
+			return err
+		}
+
 		d.SetPartial("auto_scaling_config")
 	}
 
 
@@ -106,6 +106,7 @@ func TestAccTencentCloudKubernetesNodePoolResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(testTkeClusterNodePoolResourceKey, "auto_scaling_config.0.security_group_ids.#", "1"),
 					resource.TestCheckResourceAttr(testTkeClusterNodePoolResourceKey, "auto_scaling_config.0.host_name", "12.123.0.0"),
 					resource.TestCheckResourceAttr(testTkeClusterNodePoolResourceKey, "auto_scaling_config.0.host_name_style", "ORIGINAL"),
+					resource.TestCheckResourceAttr(testTkeClusterNodePoolResourceKey, "auto_scaling_config.0.enhanced_security_service", "false"),
 				),
 			},
 			{
@@ -140,6 +141,7 @@ func TestAccTencentCloudKubernetesNodePoolResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(testTkeClusterNodePoolResourceKey, "auto_scaling_config.0.security_group_ids.#", "2"),
 					resource.TestCheckResourceAttr(testTkeClusterNodePoolResourceKey, "auto_scaling_config.0.host_name", "12.123.1.1"),
 					resource.TestCheckResourceAttr(testTkeClusterNodePoolResourceKey, "auto_scaling_config.0.host_name_style", "UNIQUE"),
+					resource.TestCheckResourceAttr(testTkeClusterNodePoolResourceKey, "auto_scaling_config.0.enhanced_security_service", "true"),
 				),
 			},
 		},
@@ -364,7 +366,7 @@ resource "tencentcloud_kubernetes_node_pool" "np_test" {
     internet_max_bandwidth_out = 20
     public_ip_assigned         = true
     password                   = "test123#"
-    enhanced_security_service  = false
+    enhanced_security_service  = true
     enhanced_monitor_service   = false
 	host_name                  = "12.123.1.1"
 	host_name_style            = "UNIQUE"
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+```release-note:enhancement
	`2`	`+resource/tencentcloud_kubernetes_node_pool: adjust enhanced_security_service to not forceNew`
	`3`	+```
Original file line number	Diff line number	Diff line change
`@@ -120,3 +120,7 @@ var TKE_ADDON_DEFAULT_VALUES_KEY = []string{`
`120`	`120`	`"global.cluster.kubeversion",`
`121`	`121`	`"global.cluster.kubeminor",`
`122`	`122`	`}`
	`123`	`+`
	`124`	`+const (`
	`125`	`+ InstallSecurityAgentCommandId = "cmd-d8jj2skv"`
	`126`	`+)`