-
Notifications
You must be signed in to change notification settings - Fork 76
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[APIGW] new resource `resource/opentelekomcloud_apigw_acl_policy_asso…
…ciate_v2` (#2496) [APIGW] new resource `resource/opentelekomcloud_apigw_acl_policy_associate_v2` Summary of the Pull Request PR Checklist Refers to: #2403 Tests added/passed. Documentation updated. Schema updated. Release notes added. Acceptance Steps Performed === RUN TestAccAclPolicyAssociate_basic === PAUSE TestAccAclPolicyAssociate_basic === CONT TestAccAclPolicyAssociate_basic --- PASS: TestAccAclPolicyAssociate_basic (500.15s) PASS Process finished with the exit code 0 Reviewed-by: Vladimir Vshivkov Reviewed-by: Aloento
- Loading branch information
1 parent
1c47cb0
commit f89b2f2
Showing
6 changed files
with
443 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
--- | ||
subcategory: "APIGW" | ||
--- | ||
|
||
# opentelekomcloud_apigw_acl_policy_associate_v2 | ||
|
||
Use this resource to bind the APIs to the ACL policy within OpenTelekomCloud. | ||
|
||
-> An ACL policy can only create one `opentelekomcloud_apigw_acl_policy_associate_v2` resource. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
variable "gateway_id" {} | ||
variable "policy_id" {} | ||
variable "api_publish_ids" { | ||
type = list(string) | ||
} | ||
resource "opentelekomcloud_apigw_acl_policy_associate_v2" "test" { | ||
gateway_id = var.gateway_id | ||
policy_id = var.policy_id | ||
publish_ids = var.api_publish_ids | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
* `gateway_id` - (Required, String, ForceNew) Specifies the ID of the dedicated gateway instance to which the APIs and the | ||
ACL policy belong. Changing this will create a new resource. | ||
|
||
* `policy_id` - (Required, String, ForceNew) Specifies the ACL Policy ID for APIs binding. | ||
Changing this will create a new resource. | ||
|
||
* `publish_ids` - (Required, List) Specifies the publishing IDs corresponding to the APIs bound by the ACL policy. | ||
|
||
## Attribute Reference | ||
|
||
In addition to all arguments above, the following attributes are exported: | ||
|
||
* `id` - Resource ID. The format is `<gateway_id>/<policy_id>`. | ||
|
||
* `region` - Specifies the region where the dedicated instance and the throttling policy are located. | ||
|
||
## Import | ||
|
||
Associate resources can be imported using their `policy_id` and the APIG gateway instance ID to which the policy | ||
belongs, separated by a slash, e.g. | ||
|
||
```bash | ||
$ terraform import huaweicloud_apig_acl_policy_associate.test <gateway_id>/<policy_id> | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
175 changes: 175 additions & 0 deletions
175
...komcloud/acceptance/apigw/resource_opentelekomcloud_apigw_acl_policy_associate_v2_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,175 @@ | ||
package acceptance | ||
|
||
import ( | ||
"fmt" | ||
"testing" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform" | ||
golangsdk "github.com/opentelekomcloud/gophertelekomcloud" | ||
acls "github.com/opentelekomcloud/gophertelekomcloud/openstack/apigw/v2/acl" | ||
"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/acceptance/common" | ||
"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/acceptance/env" | ||
"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/common/cfg" | ||
) | ||
|
||
const resourceApigwAssociateAclName = "opentelekomcloud_apigw_acl_policy_associate_v2.associate" | ||
|
||
func getAclPolicyAssociateFunc(config *cfg.Config, state *terraform.ResourceState) (interface{}, error) { | ||
client, err := config.APIGWV2Client(env.OS_REGION_NAME) | ||
if err != nil { | ||
return nil, fmt.Errorf("error creating APIG v2 client: %s", err) | ||
} | ||
opt := acls.ListBoundOpts{ | ||
GatewayID: state.Primary.Attributes["gateway_id"], | ||
ID: state.Primary.Attributes["policy_id"], | ||
} | ||
resp, err := acls.ListAPIBoundPolicy(client, opt) | ||
if len(resp) < 1 { | ||
return nil, golangsdk.ErrDefault404{} | ||
} | ||
return resp, err | ||
} | ||
|
||
func TestAccAclPolicyAssociate_basic(t *testing.T) { | ||
var apiDetails []acls.ApiAcl | ||
name := fmt.Sprintf("apigw_acc_acl%s", acctest.RandString(10)) | ||
rc := common.InitResourceCheck( | ||
resourceApigwAssociateAclName, | ||
&apiDetails, | ||
getAclPolicyAssociateFunc, | ||
) | ||
|
||
resource.ParallelTest(t, resource.TestCase{ | ||
PreCheck: func() { | ||
common.TestAccPreCheck(t) | ||
}, | ||
ProviderFactories: common.TestAccProviderFactories, | ||
CheckDestroy: rc.CheckResourceDestroy(), | ||
Steps: []resource.TestStep{ | ||
{ | ||
Config: testAccAclPolicyAssociate_basic(name), | ||
Check: resource.ComposeTestCheckFunc( | ||
rc.CheckResourceExists(), | ||
resource.TestCheckResourceAttrSet(resourceApigwAssociateAclName, "gateway_id"), | ||
resource.TestCheckResourceAttrSet(resourceApigwAssociateAclName, "policy_id"), | ||
resource.TestCheckResourceAttr(resourceApigwAssociateAclName, "publish_ids.#", "1"), | ||
), | ||
}, | ||
{ | ||
Config: testAccAclPolicyAssociate_update(name), | ||
Check: resource.ComposeTestCheckFunc( | ||
rc.CheckResourceExists(), | ||
resource.TestCheckResourceAttrSet(resourceApigwAssociateAclName, "gateway_id"), | ||
resource.TestCheckResourceAttrSet(resourceApigwAssociateAclName, "policy_id"), | ||
resource.TestCheckResourceAttr(resourceApigwAssociateAclName, "publish_ids.#", "1"), | ||
), | ||
}, | ||
{ | ||
ResourceName: resourceApigwAssociateAclName, | ||
ImportState: true, | ||
ImportStateVerify: true, | ||
ImportStateIdFunc: testAccAclPolicyAssociateImportStateFunc(resourceApigwAssociateAclName), | ||
}, | ||
}, | ||
}) | ||
} | ||
|
||
func testAccAclPolicyAssociateImportStateFunc(rName string) resource.ImportStateIdFunc { | ||
return func(s *terraform.State) (string, error) { | ||
rs, ok := s.RootModule().Resources[rName] | ||
if !ok { | ||
return "", fmt.Errorf("resource (%s) not found: %s", rName, rs) | ||
} | ||
if rs.Primary.Attributes["gateway_id"] == "" || rs.Primary.Attributes["policy_id"] == "" { | ||
return "", fmt.Errorf("invalid format specified for import ID, want '<gateway_id>/<policy_id>', but got '%s/%s'", | ||
rs.Primary.Attributes["gateway_id"], rs.Primary.Attributes["policy_id"]) | ||
} | ||
return fmt.Sprintf("%s/%s", rs.Primary.Attributes["gateway_id"], rs.Primary.Attributes["policy_id"]), nil | ||
} | ||
} | ||
|
||
func testAccAclPolicyAssociate_basic(name string) string { | ||
relatedConfig := testAccApigwApi_basic(testAccApigwApi_base(name), name) | ||
return fmt.Sprintf(` | ||
%[1]s | ||
resource "opentelekomcloud_apigw_api_publishment_v2" "pub_one" { | ||
gateway_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
environment_id = opentelekomcloud_apigw_environment_v2.env.id | ||
api_id = opentelekomcloud_apigw_api_v2.api.id | ||
} | ||
resource "opentelekomcloud_apigw_environment_v2" "env_two" { | ||
name = "second_env_%[2]s" | ||
instance_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
description = "test description" | ||
} | ||
resource "opentelekomcloud_apigw_api_publishment_v2" "pub_two" { | ||
gateway_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
environment_id = opentelekomcloud_apigw_environment_v2.env_two.id | ||
api_id = opentelekomcloud_apigw_api_v2.api.id | ||
} | ||
resource "opentelekomcloud_apigw_acl_policy_v2" "ip_rule" { | ||
gateway_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
name = "%[2]s_rule_ip" | ||
type = "PERMIT" | ||
entity_type = "IP" | ||
value = "10.201.33.4,10.30.2.15" | ||
} | ||
resource "opentelekomcloud_apigw_acl_policy_associate_v2" "associate" { | ||
gateway_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
policy_id = opentelekomcloud_apigw_acl_policy_v2.ip_rule.id | ||
publish_ids = [ | ||
opentelekomcloud_apigw_api_publishment_v2.pub_one.publish_id | ||
] | ||
} | ||
`, relatedConfig, name) | ||
} | ||
|
||
func testAccAclPolicyAssociate_update(name string) string { | ||
relatedConfig := testAccApigwApi_basic(testAccApigwApi_base(name), name) | ||
return fmt.Sprintf(` | ||
%[1]s | ||
resource "opentelekomcloud_apigw_api_publishment_v2" "pub_one" { | ||
gateway_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
environment_id = opentelekomcloud_apigw_environment_v2.env.id | ||
api_id = opentelekomcloud_apigw_api_v2.api.id | ||
} | ||
resource "opentelekomcloud_apigw_environment_v2" "env_two" { | ||
name = "second_env_%[2]s" | ||
instance_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
description = "test description" | ||
} | ||
resource "opentelekomcloud_apigw_api_publishment_v2" "pub_two" { | ||
gateway_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
environment_id = opentelekomcloud_apigw_environment_v2.env_two.id | ||
api_id = opentelekomcloud_apigw_api_v2.api.id | ||
} | ||
resource "opentelekomcloud_apigw_acl_policy_v2" "ip_rule" { | ||
gateway_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
name = "%[2]s_rule_ip" | ||
type = "PERMIT" | ||
entity_type = "IP" | ||
value = "10.201.33.4,10.30.2.15" | ||
} | ||
resource "opentelekomcloud_apigw_acl_policy_associate_v2" "associate" { | ||
gateway_id = opentelekomcloud_apigw_gateway_v2.gateway.id | ||
policy_id = opentelekomcloud_apigw_acl_policy_v2.ip_rule.id | ||
publish_ids = [ | ||
opentelekomcloud_apigw_api_publishment_v2.pub_two.publish_id | ||
] | ||
} | ||
`, relatedConfig, name) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.