Merge pull request #153 from volcengine/feat/ecs

Feat/ecs
volcengine · Dec 22, 2023 · 423600c · 423600c
2 parents 082d246 + 847b18e
commit 423600c
Show file tree

Hide file tree

Showing 16 changed files with 723 additions and 97 deletions.
diff --git a/common/common_volcengine_version.go b/common/common_volcengine_version.go
@@ -2,5 +2,5 @@ package common
 
 const (
 	TerraformProviderName    = "terraform-provider-volcengine"
-	TerraformProviderVersion = "0.0.132"
+	TerraformProviderVersion = "0.0.133"
 )
diff --git a/example/ecsIamRoleAttachment/main.tf b/example/ecsIamRoleAttachment/main.tf
@@ -0,0 +1,86 @@
+data "volcengine_zones" "foo"{
+}
+
+resource "volcengine_vpc" "foo" {
+  vpc_name   = "acc-test-vpc"
+  cidr_block = "172.16.0.0/16"
+}
+
+resource "volcengine_subnet" "foo" {
+  subnet_name = "acc-test-subnet"
+  cidr_block = "172.16.0.0/24"
+  zone_id = data.volcengine_zones.foo.zones[0].id
+  vpc_id = volcengine_vpc.foo.id
+}
+
+resource "volcengine_security_group" "foo" {
+  security_group_name = "acc-test-security-group"
+  vpc_id = volcengine_vpc.foo.id
+}
+
+data "volcengine_images" "foo" {
+  os_type = "Linux"
+  visibility = "public"
+  instance_type_id = "ecs.g1ie.large"
+}
+
+resource "volcengine_ecs_instance" "foo" {
+  instance_name = "acc-test-ecs"
+  description = "acc-test"
+  host_name = "tf-acc-test"
+  image_id = data.volcengine_images.foo.images[0].image_id
+  instance_type = "ecs.g1ie.large"
+  password = "93f0cb0614Aab12"
+  instance_charge_type = "PostPaid"
+  system_volume_type = "ESSD_PL0"
+  system_volume_size = 40
+  data_volumes {
+    volume_type = "ESSD_PL0"
+    size = 50
+    delete_with_instance = true
+  }
+  subnet_id = volcengine_subnet.foo.id
+  security_group_ids = [volcengine_security_group.foo.id]
+  project_name = "default"
+  tags {
+    key = "k1"
+    value = "v1"
+  }
+}
+
+resource "volcengine_ecs_instance" "foo1" {
+  instance_name = "acc-test-ecs-1"
+  description = "acc-test"
+  host_name = "tf-acc-test"
+  image_id = data.volcengine_images.foo.images[0].image_id
+  instance_type = "ecs.g1ie.large"
+  password = "93f0cb0614Aab12"
+  instance_charge_type = "PostPaid"
+  system_volume_type = "ESSD_PL0"
+  system_volume_size = 40
+  data_volumes {
+    volume_type = "ESSD_PL0"
+    size = 50
+    delete_with_instance = true
+  }
+  subnet_id = volcengine_subnet.foo.id
+  security_group_ids = [volcengine_security_group.foo.id]
+  project_name = "default"
+  tags {
+    key = "k1"
+    value = "v1"
+  }
+}
+
+resource "volcengine_iam_role" "foo" {
+  role_name = "acc-test-role"
+  display_name = "acc-test"
+  description = "acc-test"
+  trust_policy_document = "{\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sts:AssumeRole\"],\"Principal\":{\"Service\":[\"ecs\"]}}]}"
+  max_session_duration = 36000
+}
+
+resource "volcengine_iam_role_attachment" "foo" {
+  iam_role_name = volcengine_iam_role.foo.id
+  instance_id = volcengine_ecs_instance.foo.id
+}
diff --git a/volcengine/clb/listener/data_source_volcengine_listeners.go b/volcengine/clb/listener/data_source_volcengine_listeners.go
@@ -202,6 +202,11 @@ func DataSourceVolcengineListeners() *schema.Resource {
 							Computed:    true,
 							Description: "The persistence timeout of the Listener.",
 						},
+						"cookie": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The name of the cookie for session persistence configured on the backend server.",
+						},
 						"connection_drain_enabled": {
 							Type:        schema.TypeString,
 							Computed:    true,

diff --git a/volcengine/clb/listener/resource_volcengine_listener.go b/volcengine/clb/listener/resource_volcengine_listener.go
@@ -52,11 +52,10 @@ func ResourceVolcengineListener() *schema.Resource {
 				Description: "The name of the Listener.",
 			},
 			"protocol": {
-				Type:         schema.TypeString,
-				Required:     true,
-				ForceNew:     true,
-				Description:  "The protocol of the Listener. Optional choice contains `TCP`, `UDP`, `HTTP`, `HTTPS`.",
-				ValidateFunc: validation.StringInSlice([]string{"TCP", "UDP", "HTTP", "HTTPS"}, false),
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The protocol of the Listener. Optional choice contains `TCP`, `UDP`, `HTTP`, `HTTPS`.",
 			},
 			"port": {
 				Type:        schema.TypeInt,
@@ -65,18 +64,16 @@ func ResourceVolcengineListener() *schema.Resource {
 				Description: "The port receiving request of the Listener, the value range in 1~65535.",
 			},
 			"scheduler": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Computed:     true,
-				Description:  "The scheduling algorithm of the Listener. Optional choice contains `wrr`, `wlc`, `sh`.",
-				ValidateFunc: validation.StringInSlice([]string{"wrr", "wlc", "sh"}, false),
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: "The scheduling algorithm of the Listener. Optional choice contains `wrr`, `wlc`, `sh`.",
 			},
 			"enabled": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Computed:     true,
-				Description:  "The enable status of the Listener. Optional choice contains `on`, `off`.",
-				ValidateFunc: validation.StringInSlice([]string{"on", "off"}, false),
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: "The enable status of the Listener. Optional choice contains `on`, `off`.",
 			},
 			"established_timeout": {
 				Type:        schema.TypeInt,
@@ -95,18 +92,16 @@ func ResourceVolcengineListener() *schema.Resource {
 				Description: "The server group id associated with the listener.",
 			},
 			"acl_status": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Computed:     true,
-				Description:  "The enable status of Acl. Optional choice contains `on`, `off`.",
-				ValidateFunc: validation.StringInSlice([]string{"on", "off"}, false),
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: "The enable status of Acl. Optional choice contains `on`, `off`.",
 			},
 			"acl_type": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Computed:     true,
-				Description:  "The type of the Acl. Optional choice contains `white`, `black`.",
-				ValidateFunc: validation.StringInSlice([]string{"white", "black"}, false),
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: "The type of the Acl. Optional choice contains `white`, `black`.",
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
 					return d.Get("acl_status").(string) == "off"
 				},
@@ -135,54 +130,76 @@ func ResourceVolcengineListener() *schema.Resource {
 				Description: "The bandwidth of the Listener. Unit: Mbps. Default is -1, indicating that the Listener does not specify a speed limit.",
 			},
 			"proxy_protocol_type": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Default:      "off",
-				ValidateFunc: validation.StringInSlice([]string{"off", "standard"}, false),
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "off",
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
 					return d.Get("protocol").(string) != "TCP" && d.Get("protocol").(string) != "UDP"
 				},
 				Description: "Whether to enable proxy protocol. Valid values: `off`, `standard`. Default is `off`.\n" +
 					"This filed is valid only when the value of field `protocol` is `TCP` or `UDP`.",
 			},
 			"persistence_type": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Default:      "off",
-				ValidateFunc: validation.StringInSlice([]string{"off", "source_ip"}, false),
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "off",
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
-					return d.Get("protocol").(string) != "TCP" && d.Get("protocol").(string) != "UDP"
+					persistenceType := d.Get("persistence_type").(string)
+					if persistenceType == "off" {
+						return false
+					}
+					protocol := d.Get("protocol").(string)
+					if persistenceType == "source_ip" && (protocol == "TCP" || protocol == "UDP") {
+						return false
+					}
+					scheduler := d.Get("scheduler").(string)
+					if (persistenceType == "insert" || persistenceType == "server") &&
+						(protocol == "HTTP" || protocol == "HTTPS") && scheduler == "wrr" {
+						return false
+					}
+					return true
 				},
-				Description: "The persistence type of the Listener. Valid values: `off`, `source_ip`. Default is `off`.\n" +
-					"This filed is valid only when the value of field `protocol` is `TCP` or `UDP`.",
+				Description: "The persistence type of the Listener. Valid values: `off`, `source_ip`, `insert`, `server`. Default is `off`.\n" +
+					"`source_ip`: Represents the source IP address, only effective for TCP/UDP protocols. " +
+					"`insert`: means implanting a cookie, only effective for HTTP/HTTPS protocol and when the scheduler is `wrr`. " +
+					"`server`: Indicates rewriting cookies, only effective for HTTP/HTTPS protocols and when the scheduler is `wrr`.",
 			},
 			"persistence_timeout": {
-				Type:         schema.TypeInt,
-				Optional:     true,
-				Default:      1000,
-				ValidateFunc: validation.IntBetween(1, 3600),
+				Type:     schema.TypeInt,
+				Optional: true,
+				Default:  1000,
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					return d.Get("persistence_type").(string) != "source_ip" && d.Get("persistence_type").(string) != "insert"
+				},
+				Description: "The persistence timeout of the Listener. Unit: second. Default is `1000`. When PersistenceType is configured as source_ip, " +
+					"the value range is 1-3600. When PersistenceType is configured as insert, the value range is 1-86400. " +
+					"This filed is valid only when the value of field `persistence_type` is `source_ip` or `insert`.",
+			},
+			"cookie": {
+				Type:     schema.TypeString,
+				Optional: true,
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
-					return (d.Get("protocol").(string) != "TCP" && d.Get("protocol").(string) != "UDP") || d.Get("persistence_type").(string) != "source_ip"
+					return d.Get("persistence_type").(string) != "server"
 				},
-				Description: "The persistence timeout of the Listener. Unit: second. Valid value range is `1-3600`. Default is `1000`.\n" +
-					"This filed is valid only when the value of field `persistence_type` is `source_ip`.",
+				Description: "The name of the cookie for session persistence configured on the backend server. " +
+					"When PersistenceType is configured as `server`, " +
+					"this parameter is required. When PersistenceType is configured as any other value, " +
+					"this parameter is not effective.",
 			},
 			"connection_drain_enabled": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Default:      "off",
-				ValidateFunc: validation.StringInSlice([]string{"off", "on"}, false),
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "off",
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
 					return d.Get("protocol").(string) != "TCP" && d.Get("protocol").(string) != "UDP"
 				},
 				Description: "Whether to enable connection drain of the Listener. Valid values: `off`, `on`. Default is `off`.\n" +
 					"This filed is valid only when the value of field `protocol` is `TCP` or `UDP`.",
 			},
 			"connection_drain_timeout": {
-				Type:         schema.TypeInt,
-				Optional:     true,
-				Computed:     true,
-				ValidateFunc: validation.IntBetween(1, 900),
+				Type:     schema.TypeInt,
+				Optional: true,
+				Computed: true,
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
 					return (d.Get("protocol").(string) != "TCP" && d.Get("protocol").(string) != "UDP") || d.Get("connection_drain_enabled").(string) != "on"
 				},

diff --git a/volcengine/ecs/ecs_iam_role_attachment/resource_volcengine_iam_role_attachment.go b/volcengine/ecs/ecs_iam_role_attachment/resource_volcengine_iam_role_attachment.go
@@ -0,0 +1,91 @@
+package ecs_iam_role_attachment
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	ve "github.com/volcengine/terraform-provider-volcengine/common"
+)
+
+/*
+
+Import
+IamRoleAttachment can be imported using the iam_role_name:instance_id, e.g.
+```
+$ terraform import volcengine_iam_role_attachment.default role_name:instance_id
+```
+
+*/
+
+func ResourceVolcengineIamRoleAttachment() *schema.Resource {
+	resource := &schema.Resource{
+		Create: resourceVolcengineIamRoleAttachmentCreate,
+		Read:   resourceVolcengineIamRoleAttachmentRead,
+		Delete: resourceVolcengineIamRoleAttachmentDelete,
+		Importer: &schema.ResourceImporter{
+			State: iamRoleAttachmentImporter,
+		},
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(30 * time.Minute),
+			Delete: schema.DefaultTimeout(30 * time.Minute),
+		},
+		Schema: map[string]*schema.Schema{
+			"iam_role_name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The name of the iam role.",
+			},
+			"instance_id": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The id of the ecs instance.",
+			},
+		},
+	}
+	return resource
+}
+
+func resourceVolcengineIamRoleAttachmentCreate(d *schema.ResourceData, meta interface{}) (err error) {
+	service := NewIamRoleAttachmentService(meta.(*ve.SdkClient))
+	err = service.Dispatcher.Create(service, d, ResourceVolcengineIamRoleAttachment())
+	if err != nil {
+		return fmt.Errorf("error on creating iam_role_attachment %q, %s", d.Id(), err)
+	}
+	return resourceVolcengineIamRoleAttachmentRead(d, meta)
+}
+
+func resourceVolcengineIamRoleAttachmentRead(d *schema.ResourceData, meta interface{}) (err error) {
+	service := NewIamRoleAttachmentService(meta.(*ve.SdkClient))
+	err = service.Dispatcher.Read(service, d, ResourceVolcengineIamRoleAttachment())
+	if err != nil {
+		return fmt.Errorf("error on reading iam_role_attachment %q, %s", d.Id(), err)
+	}
+	return err
+}
+
+func resourceVolcengineIamRoleAttachmentDelete(d *schema.ResourceData, meta interface{}) (err error) {
+	service := NewIamRoleAttachmentService(meta.(*ve.SdkClient))
+	err = service.Dispatcher.Delete(service, d, ResourceVolcengineIamRoleAttachment())
+	if err != nil {
+		return fmt.Errorf("error on deleting iam_role_attachment %q, %s", d.Id(), err)
+	}
+	return err
+}
+
+var iamRoleAttachmentImporter = func(data *schema.ResourceData, i interface{}) ([]*schema.ResourceData, error) {
+	items := strings.Split(data.Id(), ":")
+	if len(items) != 2 {
+		return []*schema.ResourceData{data}, fmt.Errorf("import id must split with ':'")
+	}
+	if err := data.Set("iam_role_name", items[0]); err != nil {
+		return []*schema.ResourceData{data}, err
+	}
+	if err := data.Set("instance_id", items[1]); err != nil {
+		return []*schema.ResourceData{data}, err
+	}
+	return []*schema.ResourceData{data}, nil
+}