From e0e811454d4ce573872183acd5aecc2e76d4e00c Mon Sep 17 00:00:00 2001 From: KGSN Date: Thu, 9 Dec 2021 20:04:46 +0800 Subject: [PATCH 1/3] fix: redis - support no-auth access --- tencentcloud/resource_tc_redis_instance.go | 18 ++++++++++++++++-- tencentcloud/service_tencentcloud_redis.go | 11 ++++++++++- website/docs/r/redis_instance.html.markdown | 3 ++- 3 files changed, 28 insertions(+), 4 deletions(-) diff --git a/tencentcloud/resource_tc_redis_instance.go b/tencentcloud/resource_tc_redis_instance.go index f1c001f441..a023af5627 100644 --- a/tencentcloud/resource_tc_redis_instance.go +++ b/tencentcloud/resource_tc_redis_instance.go @@ -154,10 +154,16 @@ func resourceTencentCloudRedisInstance() *schema.Resource { }, "password": { Type: schema.TypeString, - Required: true, + Optional: true, Sensitive: true, ValidateFunc: validateMysqlPassword, - Description: "Password for a Redis user, which should be 8 to 16 characters.", + Description: "Password for a Redis user, which should be 8 to 16 characters. NOTE: Only `no_auth=true` specified can make password empty.", + }, + "no_auth": { + Type: schema.TypeBool, + Optional: true, + ForceNew: true, + Description: "Indicates whether the redis instance support no-auth access. NOTE: Only available in private cloud environment.", }, "mem_size": { Type: schema.TypeInt, @@ -267,6 +273,7 @@ func resourceTencentCloudRedisInstanceCreate(d *schema.ResourceData, meta interf redisShardNum := d.Get("redis_shard_num").(int) redisReplicasNum := d.Get("redis_replicas_num").(int) password := d.Get("password").(string) + noAuth := d.Get("no_auth").(bool) memSize := d.Get("mem_size").(int) vpcId := d.Get("vpc_id").(string) subnetId := d.Get("subnet_id").(string) @@ -401,6 +408,7 @@ func resourceTencentCloudRedisInstanceCreate(d *schema.ResourceData, meta interf chargeTypeID, chargePeriod, nodeInfo, + noAuth, ) if err != nil { @@ -519,6 +527,12 @@ func resourceTencentCloudRedisInstanceRead(d *schema.ResourceData, meta interfac _ = d.Set("port", info.Port) _ = d.Set("ip", info.WanIp) _ = d.Set("create_time", info.Createtime) + + // only true or user explicit declared will set for import case. + if _, ok := d.GetOk("no_auth"); ok || *info.NoAuth { + _ = d.Set("no_auth", info.NoAuth) + } + if d.Get("vpc_id").(string) != "" { securityGroups, err := service.DescribeInstanceSecurityGroup(ctx, d.Id()) if err != nil { diff --git a/tencentcloud/service_tencentcloud_redis.go b/tencentcloud/service_tencentcloud_redis.go index c1244c4336..ef254f8f1e 100644 --- a/tencentcloud/service_tencentcloud_redis.go +++ b/tencentcloud/service_tencentcloud_redis.go @@ -244,7 +244,12 @@ func (me *RedisService) CreateInstances(ctx context.Context, memSize, projectId, port int64, securityGroups []string, redisShardNum, - redisReplicasNum int, chargeTypeID int64, chargePeriod uint64, nodeInfo []*redis.RedisNodeInfo) (instanceIds []*string, errRet error) { + redisReplicasNum int, + chargeTypeID int64, + chargePeriod uint64, + nodeInfo []*redis.RedisNodeInfo, + noAuth bool, +) (instanceIds []*string, errRet error) { logId := getLogId(ctx) request := redis.NewCreateInstancesRequest() @@ -316,6 +321,10 @@ func (me *RedisService) CreateInstances(ctx context.Context, request.NodeSet = nodeInfo } + if noAuth { + request.NoAuth = &noAuth + } + ratelimit.Check(request.GetAction()) response, err := me.client.UseRedisClient().CreateInstances(request) if err != nil { diff --git a/website/docs/r/redis_instance.html.markdown b/website/docs/r/redis_instance.html.markdown index f13d242cdc..f597010c40 100644 --- a/website/docs/r/redis_instance.html.markdown +++ b/website/docs/r/redis_instance.html.markdown @@ -69,10 +69,11 @@ The following arguments are supported: * `availability_zone` - (Required, ForceNew) The available zone ID of an instance to be created, please refer to `tencentcloud_redis_zone_config.list`. * `mem_size` - (Required) The memory volume of an available instance(in MB), please refer to `tencentcloud_redis_zone_config.list[zone].mem_sizes`. When redis is standard type, it represents total memory size of the instance; when Redis is cluster type, it represents memory size of per sharding. -* `password` - (Required) Password for a Redis user, which should be 8 to 16 characters. * `charge_type` - (Optional, ForceNew) The charge type of instance. Valid values: `PREPAID` and `POSTPAID`. Default value is `POSTPAID`. Note: TencentCloud International only supports `POSTPAID`. Caution that update operation on this field will delete old instances and create new with new charge type. * `force_delete` - (Optional) Indicate whether to delete Redis instance directly or not. Default is false. If set true, the instance will be deleted instead of staying recycle bin. Note: only works for `PREPAID` instance. * `name` - (Optional) Instance name. +* `no_auth` - (Optional, ForceNew) Indicates whether the redis instance support no-auth access. NOTE: Only `vpc_id` specified can set `no_auth` to `true`. +* `password` - (Optional) Password for a Redis user, which should be 8 to 16 characters. NOTE: Only `vpc_id` and `no_auth=true` specified can make password optional. * `port` - (Optional, ForceNew) The port used to access a redis instance. The default value is 6379. And this value can't be changed after creation, or the Redis instance will be recreated. * `prepaid_period` - (Optional) The tenancy (time unit is month) of the prepaid instance, NOTE: it only works when charge_type is set to `PREPAID`. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `11`, `12`, `24`, `36`. * `project_id` - (Optional) Specifies which project the instance should belong to. From d379e17890c3fe72a06179d10271c9f519d865d9 Mon Sep 17 00:00:00 2001 From: KGSN Date: Fri, 10 Dec 2021 10:29:35 +0800 Subject: [PATCH 2/3] fix: auth desc --- website/docs/r/redis_instance.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/redis_instance.html.markdown b/website/docs/r/redis_instance.html.markdown index f597010c40..1f92623630 100644 --- a/website/docs/r/redis_instance.html.markdown +++ b/website/docs/r/redis_instance.html.markdown @@ -72,8 +72,8 @@ The following arguments are supported: * `charge_type` - (Optional, ForceNew) The charge type of instance. Valid values: `PREPAID` and `POSTPAID`. Default value is `POSTPAID`. Note: TencentCloud International only supports `POSTPAID`. Caution that update operation on this field will delete old instances and create new with new charge type. * `force_delete` - (Optional) Indicate whether to delete Redis instance directly or not. Default is false. If set true, the instance will be deleted instead of staying recycle bin. Note: only works for `PREPAID` instance. * `name` - (Optional) Instance name. -* `no_auth` - (Optional, ForceNew) Indicates whether the redis instance support no-auth access. NOTE: Only `vpc_id` specified can set `no_auth` to `true`. -* `password` - (Optional) Password for a Redis user, which should be 8 to 16 characters. NOTE: Only `vpc_id` and `no_auth=true` specified can make password optional. +* `no_auth` - (Optional, ForceNew) Indicates whether the redis instance support no-auth access. NOTE: Only available in private cloud environment. +* `password` - (Optional) Password for a Redis user, which should be 8 to 16 characters. NOTE: Only `no_auth=true` specified can make password empty. * `port` - (Optional, ForceNew) The port used to access a redis instance. The default value is 6379. And this value can't be changed after creation, or the Redis instance will be recreated. * `prepaid_period` - (Optional) The tenancy (time unit is month) of the prepaid instance, NOTE: it only works when charge_type is set to `PREPAID`. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `11`, `12`, `24`, `36`. * `project_id` - (Optional) Specifies which project the instance should belong to. From 8e31ac1606e159e156b0271cb63d53f8277eaa25 Mon Sep 17 00:00:00 2001 From: KGSN Date: Fri, 10 Dec 2021 16:07:11 +0800 Subject: [PATCH 3/3] add no-auth create validation --- tencentcloud/resource_tc_redis_instance.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tencentcloud/resource_tc_redis_instance.go b/tencentcloud/resource_tc_redis_instance.go index a023af5627..71628891a1 100644 --- a/tencentcloud/resource_tc_redis_instance.go +++ b/tencentcloud/resource_tc_redis_instance.go @@ -295,6 +295,14 @@ func resourceTencentCloudRedisInstanceCreate(d *schema.ResourceData, meta interf return fmt.Errorf("`type_id` and `type` set one item and only one item") } + if password == "" && !noAuth { + return fmt.Errorf("`password` must not be empty unless `no_auth` is `true`") + } + + if noAuth && (vpcId == "" || subnetId == "") { + return fmt.Errorf("cannot set `no_auth=true` if `vpc_id` and `subnet_id` is empty") + } + for id, name := range REDIS_NAMES { if redisType == name { typeId = id