feat(tco): [126756602] add new resource

.changelog/3492.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+tencentcloud_organization_member_auth_policy_attachment
+```

go.mod

@@ -46,7 +46,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1107
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.1033
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.1148
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.13
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.14
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.1206
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.1161
@@ -69,7 +69,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/mongodb v1.0.1096
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/monitor v1.0.1149
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/mps v1.0.853
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.1.8
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.1.14
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1156
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.1038
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/pts v1.0.762

go.sum

@@ -955,6 +955,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.8 h1:Qxwajp
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.8/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.13 h1:xQc87gs85w3Rj7rhT83YvoLpVRzsmUHNmm05ti6cVKI=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.13/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.14 h1:+I+n8wDpnG95yLnV3rtT4MUs8gdwgbpuZEVKQhSxqxs=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.14/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993 h1:WlPgXldQCxt7qi5Xrc6j6zTrsXWzN5BcOGs7Irq7fwQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993/go.mod h1:Z9U8zNtyuyKhjS0698wqsrG/kLx1TQ5CEixXBwVe7xY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.860 h1:F3esKBIT3HW9+7Gt8cVgf8X06VdGIczpgLBUECzSEzU=
@@ -1024,6 +1026,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.1.0 h1:
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.1.0/go.mod h1:aJQSSfZOC9JLE19cH0ypZuipGaTQLMazzf6BGyqCl+0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.1.8 h1:8jEpC3Oa4s3B94ME97URLw4Qufwv1x8WS284nZAWNoI=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.1.8/go.mod h1:5j1DRgOuOlxM54zVCDtiLM8WMYvFyhOuQM/PzWugUqA=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.1.14 h1:vmvzSrR90cbhhxYkfJNs+OLJigfnPCW8cQtmOk8CZ1M=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization v1.1.14/go.mod h1:KI5v7d+FJCm06dmIqJJInxluDS0W5hV/GesQn4YiJYM=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1156 h1:zf/4a8G7E7RlVaGCVyjVkljX5P4gjNJymQkHoEzhjs4=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres v1.0.1156/go.mod h1:B1+7f2z0qF8G2EjFzPXtqHK3tPbzqb2y725eW1wIkaM=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.1038 h1:4rzyVxkDB27v73jDXPr5eGAwjN859R7SsqniCt+46XE=

tencentcloud/provider.go

@@ -2019,6 +2019,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_identity_center_scim_credential":                                          tco.ResourceTencentCloudIdentityCenterScimCredential(),
 			"tencentcloud_identity_center_scim_synchronization_status":                              tco.ResourceTencentCloudIdentityCenterScimSynchronizationStatus(),
 			"tencentcloud_provision_role_configuration_operation":                                   tco.ResourceTencentCloudProvisionRoleConfigurationOperation(),
+			"tencentcloud_organization_member_auth_policy_attachment":                               tco.ResourceTencentCloudOrganizationMemberAuthPolicyAttachment(),
 			"tencentcloud_dbbrain_sql_filter":                                                       dbbrain.ResourceTencentCloudDbbrainSqlFilter(),
 			"tencentcloud_dbbrain_security_audit_log_export_task":                                   dbbrain.ResourceTencentCloudDbbrainSecurityAuditLogExportTask(),
 			"tencentcloud_dbbrain_db_diag_report_task":                                              dbbrain.ResourceTencentCloudDbbrainDbDiagReportTask(),

tencentcloud/provider.md

@@ -1798,6 +1798,7 @@ tencentcloud_organization_org_share_unit_resource
 tencentcloud_accept_join_share_unit_invitation_operation
 tencentcloud_reject_join_share_unit_invitation_operation
 tencentcloud_provision_role_configuration_operation
+tencentcloud_organization_member_auth_policy_attachment
 
 TDSQL-C for PostgreSQL(TDCPG)
 Data Source

tencentcloud/services/tco/resource_tc_organization_member_auth_policy_attachment.go

@@ -0,0 +1,259 @@
+package tco
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	organizationv20210331 "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization/v20210331"
+
+	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func ResourceTencentCloudOrganizationMemberAuthPolicyAttachment() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudOrganizationMemberAuthPolicyAttachmentCreate,
+		Read:   resourceTencentCloudOrganizationMemberAuthPolicyAttachmentRead,
+		Delete: resourceTencentCloudOrganizationMemberAuthPolicyAttachmentDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"policy_id": {
+				Type:        schema.TypeInt,
+				Required:    true,
+				ForceNew:    true,
+				Description: "Pilicy ID.",
+			},
+
+			"org_sub_account_uin": {
+				Type:        schema.TypeInt,
+				Required:    true,
+				ForceNew:    true,
+				Description: "Organization administrator sub-account Uin.",
+			},
+
+			// computed
+			"identity_id": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Identity ID.",
+			},
+
+			"identity_role_name": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Identity role name.",
+			},
+
+			"identity_role_alias_name": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Identity role alias name.",
+			},
+
+			"create_time": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Create time.",
+			},
+
+			"policy_name": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Policy name.",
+			},
+
+			"member_uin": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Member UIN.",
+			},
+
+			"member_name": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Member name.",
+			},
+
+			"org_sub_account_name": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Org sub account name.",
+			},
+
+			"bind_type": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Bind type. 1-Subaccount, 2-User Group.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudOrganizationMemberAuthPolicyAttachmentCreate(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_organization_member_auth_policy_attachment.create")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	var (
+		logId            = tccommon.GetLogId(tccommon.ContextNil)
+		ctx              = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+		request          = organizationv20210331.NewBindOrganizationPolicySubAccountRequest()
+		policyId         string
+		orgSubAccountUin string
+	)
+
+	if v, ok := d.GetOkExists("policy_id"); ok {
+		request.PolicyId = helper.IntInt64(v.(int))
+		policyId = helper.IntToStr(v.(int))
+	}
+
+	if v, ok := d.GetOkExists("org_sub_account_uin"); ok {
+		request.OrgSubAccountUins = append(request.OrgSubAccountUins, helper.IntInt64(v.(int)))
+		orgSubAccountUin = helper.IntToStr(v.(int))
+	}
+
+	reqErr := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseOrganizationClient().BindOrganizationPolicySubAccountWithContext(ctx, request)
+		if e != nil {
+			return tccommon.RetryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+
+		return nil
+	})
+
+	if reqErr != nil {
+		log.Printf("[CRITAL]%s create organization members auth policy attachment failed, reason:%+v", logId, reqErr)
+		return reqErr
+	}
+
+	d.SetId(strings.Join([]string{policyId, orgSubAccountUin}, tccommon.FILED_SP))
+	return resourceTencentCloudOrganizationMemberAuthPolicyAttachmentRead(d, meta)
+}
+
+func resourceTencentCloudOrganizationMemberAuthPolicyAttachmentRead(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_organization_member_auth_policy_attachment.read")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	var (
+		logId   = tccommon.GetLogId(tccommon.ContextNil)
+		ctx     = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+		service = OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+	)
+
+	idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
+	}
+
+	policyId := idSplit[0]
+	orgSubAccountUin := idSplit[1]
+
+	respData, err := service.DescribeOrganizationMembersAuthPolicyAttachmentById(ctx, policyId, orgSubAccountUin)
+	if err != nil {
+		return err
+	}
+
+	if respData == nil {
+		log.Printf("[WARN]%s resource `tencentcloud_organization_member_auth_policy_attachment` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		d.SetId("")
+		return nil
+	}
+
+	if len(respData) != 1 {
+		return fmt.Errorf("Query organization members auth policy attachment by id return more than one.")
+	}
+
+	for _, item := range respData {
+		if item.PolicyId != nil {
+			_ = d.Set("policy_id", item.PolicyId)
+		}
+
+		if item.OrgSubAccountUin != nil {
+			_ = d.Set("org_sub_account_uin", item.OrgSubAccountUin)
+		}
+
+		if item.IdentityId != nil {
+			_ = d.Set("identity_id", item.IdentityId)
+		}
+
+		if item.IdentityRoleName != nil {
+			_ = d.Set("identity_role_name", item.IdentityRoleName)
+		}
+
+		if item.IdentityRoleAliasName != nil {
+			_ = d.Set("identity_role_alias_name", item.IdentityRoleAliasName)
+		}
+
+		if item.CreateTime != nil {
+			_ = d.Set("create_time", item.CreateTime)
+		}
+
+		if item.PolicyName != nil {
+			_ = d.Set("policy_name", item.PolicyName)
+		}
+
+		if item.MemberUin != nil {
+			_ = d.Set("member_uin", item.MemberUin)
+		}
+
+		if item.MemberName != nil {
+			_ = d.Set("member_name", item.MemberName)
+		}
+
+		if item.OrgSubAccountName != nil {
+			_ = d.Set("org_sub_account_name", item.OrgSubAccountName)
+		}
+
+		if item.BindType != nil {
+			_ = d.Set("bind_type", item.BindType)
+		}
+	}
+
+	return nil
+}
+
+func resourceTencentCloudOrganizationMemberAuthPolicyAttachmentDelete(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_organization_member_auth_policy_attachment.delete")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	var (
+		logId   = tccommon.GetLogId(tccommon.ContextNil)
+		ctx     = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+		request = organizationv20210331.NewCancelOrganizationPolicySubAccountRequest()
+	)
+
+	idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
+	if len(idSplit) != 2 {
+		return fmt.Errorf("id is broken,%s", d.Id())
+	}
+
+	policyId := idSplit[0]
+	orgSubAccountUin := idSplit[1]
+
+	request.PolicyId = helper.StrToInt64Point(policyId)
+	request.OrgSubAccountUins = append(request.OrgSubAccountUins, helper.StrToInt64Point(orgSubAccountUin))
+	reqErr := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseOrganizationClient().CancelOrganizationPolicySubAccountWithContext(ctx, request)
+		if e != nil {
+			return tccommon.RetryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+
+		return nil
+	})
+
+	if reqErr != nil {
+		log.Printf("[CRITAL]%s delete organization members auth policy attachment failed, reason:%+v", logId, reqErr)
+		return reqErr
+	}
+
+	return nil
+}

tencentcloud/services/tco/resource_tc_organization_member_auth_policy_attachment.md

@@ -0,0 +1,18 @@
+Provides a resource to create a Organization member auth policy attachment
+
+Example Usage
+
+```hcl
+resource "tencentcloud_organization_member_auth_policy_attachment" "example" {
+  policy_id           = 252421751
+  org_sub_account_uin = 100037718939
+}
+```
+
+Import
+
+Organization member auth policy attachment can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_organization_member_auth_policy_attachment.example 252421751#100037718939
+```

tencentcloud/services/tco/resource_tc_organization_member_auth_policy_attachment_test.go

@@ -0,0 +1,41 @@
+package tco_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudOrganizationMemberAuthPolicyAttachmentResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			tcacctest.AccPreCheck(t)
+		},
+		Providers: tcacctest.AccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccOrganizationMemberAuthPolicyAttachment,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("tencentcloud_organization_member_auth_policy_attachment.example", "id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_organization_member_auth_policy_attachment.example", "policy_id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_organization_member_auth_policy_attachment.example", "org_sub_account_uin"),
+				),
+			},
+			{
+				ResourceName:      "tencentcloud_organization_member_auth_policy_attachment.example",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+const testAccOrganizationMemberAuthPolicyAttachment = `
+resource "tencentcloud_organization_member_auth_policy_attachment" "example" {
+  policy_id           = 250021751
+  org_sub_account_uin = 100037718139
+}
+`