diff --git a/common/common_volcengine_limit.go b/common/common_volcengine_limit.go
index 386a799b..e4228f2b 100644
--- a/common/common_volcengine_limit.go
+++ b/common/common_volcengine_limit.go
@@ -43,6 +43,10 @@ func init() {
Limiter: rate.NewLimiter(4, 10),
Semaphore: semaphore.NewWeighted(10),
},
+ "storage_ebs.DescribeVolumes.2020-04-01": {
+ Limiter: rate.NewLimiter(10, 30),
+ Semaphore: semaphore.NewWeighted(30),
+ },
}
}
diff --git a/common/common_volcengine_version.go b/common/common_volcengine_version.go
index 0b9c1868..2bd22e88 100644
--- a/common/common_volcengine_version.go
+++ b/common/common_volcengine_version.go
@@ -2,5 +2,5 @@ package common
const (
TerraformProviderName = "terraform-provider-volcengine"
- TerraformProviderVersion = "0.0.151"
+ TerraformProviderVersion = "0.0.152"
)
diff --git a/example/dataRdsPostgresqlAllowlists/main.tf b/example/dataRdsPostgresqlAllowlists/main.tf
new file mode 100644
index 00000000..96e2d1b8
--- /dev/null
+++ b/example/dataRdsPostgresqlAllowlists/main.tf
@@ -0,0 +1,3 @@
+data "volcengine_rds_postgresql_allowlists" "foo" {
+
+}
diff --git a/example/rdsPostgresqlAllowlist/main.tf b/example/rdsPostgresqlAllowlist/main.tf
new file mode 100644
index 00000000..d999de76
--- /dev/null
+++ b/example/rdsPostgresqlAllowlist/main.tf
@@ -0,0 +1,6 @@
+resource "volcengine_rds_postgresql_allowlist" "foo" {
+ allow_list_name = "acc-test-allowlist"
+ allow_list_desc = "acc-test"
+ allow_list_type = "IPv4"
+ allow_list = ["192.168.0.0/24", "192.168.1.0/24"]
+}
diff --git a/example/rdsPostgresqlAllowlistAssociate/main.tf b/example/rdsPostgresqlAllowlistAssociate/main.tf
new file mode 100644
index 00000000..7197b777
--- /dev/null
+++ b/example/rdsPostgresqlAllowlistAssociate/main.tf
@@ -0,0 +1,53 @@
+data "volcengine_zones" "foo" {
+}
+
+resource "volcengine_vpc" "foo" {
+ vpc_name = "acc-test-vpc"
+ cidr_block = "172.16.0.0/16"
+}
+
+resource "volcengine_subnet" "foo" {
+ subnet_name = "acc-test-subnet"
+ cidr_block = "172.16.0.0/24"
+ zone_id = data.volcengine_zones.foo.zones[0].id
+ vpc_id = volcengine_vpc.foo.id
+}
+
+
+resource "volcengine_rds_postgresql_instance" "foo" {
+ db_engine_version = "PostgreSQL_12"
+ node_spec = "rds.postgres.1c2g"
+ primary_zone_id = data.volcengine_zones.foo.zones[0].id
+ secondary_zone_id = data.volcengine_zones.foo.zones[0].id
+ storage_space = 40
+ subnet_id = volcengine_subnet.foo.id
+ instance_name = "acc-test-postgresql"
+ charge_info {
+ charge_type = "PostPaid"
+ }
+ project_name = "default"
+ tags {
+ key = "tfk1"
+ value = "tfv1"
+ }
+ parameters {
+ name = "auto_explain.log_analyze"
+ value = "off"
+ }
+ parameters {
+ name = "auto_explain.log_format"
+ value = "text"
+ }
+}
+
+resource "volcengine_rds_postgresql_allowlist" "foo" {
+ allow_list_name = "acc-test-allowlist"
+ allow_list_desc = "acc-test"
+ allow_list_type = "IPv4"
+ allow_list = ["192.168.0.0/24", "192.168.1.0/24"]
+}
+
+resource "volcengine_rds_postgresql_allowlist_associate" "foo" {
+ instance_id = volcengine_rds_postgresql_instance.foo.id
+ allow_list_id = volcengine_rds_postgresql_allowlist.foo.id
+}
diff --git a/volcengine/cen/cen_service_route_entry/resource_volcengine_cen_service_route_entry.go b/volcengine/cen/cen_service_route_entry/resource_volcengine_cen_service_route_entry.go
index 9c8f4ce2..0e9472d7 100644
--- a/volcengine/cen/cen_service_route_entry/resource_volcengine_cen_service_route_entry.go
+++ b/volcengine/cen/cen_service_route_entry/resource_volcengine_cen_service_route_entry.go
@@ -76,7 +76,7 @@ func ResourceVolcengineCenServiceRouteEntry() *schema.Resource {
Description: "Publishing scope of cloud service access routes. Valid values are `LocalDCGW`(default), `Custom`.",
},
"publish_to_instances": {
- Type: schema.TypeList,
+ Type: schema.TypeSet,
Optional: true,
MaxItems: 100,
Description: "The publish instances. A maximum of 100 can be uploaded in one request. This field needs to be filled in when the `publish_mode` is `Custom`.",
diff --git a/volcengine/cen/cen_service_route_entry/resource_volcengine_cen_service_route_entry_test.go b/volcengine/cen/cen_service_route_entry/resource_volcengine_cen_service_route_entry_test.go
index 9e1eaaca..73d5cb72 100644
--- a/volcengine/cen/cen_service_route_entry/resource_volcengine_cen_service_route_entry_test.go
+++ b/volcengine/cen/cen_service_route_entry/resource_volcengine_cen_service_route_entry_test.go
@@ -80,10 +80,10 @@ func TestAccVolcengineCenServiceRouteEntryResource_Basic(t *testing.T) {
resource.TestCheckResourceAttr(acc.ResourceId, "publish_mode", "Custom"),
resource.TestCheckResourceAttr(acc.ResourceId, "service_region_id", "cn-beijing"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.#", "2"),
- resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.0.instance_type", "VPC"),
- resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.0.instance_region_id", "cn-beijing"),
- resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.1.instance_type", "VPC"),
- resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.1.instance_region_id", "cn-beijing"),
+ volcengine.TestCheckTypeSetElemNestedAttrs(acc.ResourceId, "publish_to_instances.*", map[string]string{
+ "instance_type": "VPC",
+ "instance_region_id": "cn-beijing",
+ }),
resource.TestCheckResourceAttrSet(acc.ResourceId, "cen_id"),
resource.TestCheckResourceAttrSet(acc.ResourceId, "service_vpc_id"),
),
@@ -158,10 +158,10 @@ func TestAccVolcengineCenServiceRouteEntryResource_Update(t *testing.T) {
resource.TestCheckResourceAttr(acc.ResourceId, "publish_mode", "Custom"),
resource.TestCheckResourceAttr(acc.ResourceId, "service_region_id", "cn-beijing"),
resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.#", "2"),
- resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.0.instance_type", "VPC"),
- resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.0.instance_region_id", "cn-beijing"),
- resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.1.instance_type", "VPC"),
- resource.TestCheckResourceAttr(acc.ResourceId, "publish_to_instances.1.instance_region_id", "cn-beijing"),
+ volcengine.TestCheckTypeSetElemNestedAttrs(acc.ResourceId, "publish_to_instances.*", map[string]string{
+ "instance_type": "VPC",
+ "instance_region_id": "cn-beijing",
+ }),
resource.TestCheckResourceAttrSet(acc.ResourceId, "cen_id"),
resource.TestCheckResourceAttrSet(acc.ResourceId, "service_vpc_id"),
),
diff --git a/volcengine/cen/cen_service_route_entry/service_volcengine_cen_service_route_entry.go b/volcengine/cen/cen_service_route_entry/service_volcengine_cen_service_route_entry.go
index 479488e7..3ae337c9 100644
--- a/volcengine/cen/cen_service_route_entry/service_volcengine_cen_service_route_entry.go
+++ b/volcengine/cen/cen_service_route_entry/service_volcengine_cen_service_route_entry.go
@@ -208,7 +208,7 @@ func (s *VolcengineCenServiceRouteEntryService) ModifyResource(resourceData *sch
},
BeforeCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (bool, error) {
mode := d.Get("publish_mode").(string)
- instances := d.Get("publish_to_instances").([]interface{})
+ instances := d.Get("publish_to_instances").(*schema.Set).List()
if mode == "Custom" && len(instances) == 0 {
return false, fmt.Errorf("public_to_instances must exist when publish_mode is Custom")
}
diff --git a/volcengine/ecs/ecs_instance/data_source_volcengine_ecs_instances.go b/volcengine/ecs/ecs_instance/data_source_volcengine_ecs_instances.go
index fa3757e1..397d8ca2 100644
--- a/volcengine/ecs/ecs_instance/data_source_volcengine_ecs_instances.go
+++ b/volcengine/ecs/ecs_instance/data_source_volcengine_ecs_instances.go
@@ -54,6 +54,11 @@ func DataSourceVolcengineEcsInstances() *schema.Resource {
Optional: true,
Description: "The charge type of ECS instance.",
},
+ "instance_name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The name of ECS instance. This field support fuzzy query.",
+ },
"name_regex": {
Type: schema.TypeString,
Optional: true,
diff --git a/volcengine/ecs/ecs_launch_template/resource_volcengine_ecs_launch_template.go b/volcengine/ecs/ecs_launch_template/resource_volcengine_ecs_launch_template.go
index 6a781ade..43848a9f 100644
--- a/volcengine/ecs/ecs_launch_template/resource_volcengine_ecs_launch_template.go
+++ b/volcengine/ecs/ecs_launch_template/resource_volcengine_ecs_launch_template.go
@@ -85,6 +85,7 @@ func ResourceVolcengineEcsLaunchTemplate() *schema.Resource {
"suffix_index": {
Type: schema.TypeInt,
Optional: true,
+ Computed: true,
Description: "The index of the ordered suffix.",
},
"key_pair_name": {
diff --git a/volcengine/iam/iam_role/resource_volcengine_iam_role.go b/volcengine/iam/iam_role/resource_volcengine_iam_role.go
index b1f16cbf..3de0a191 100644
--- a/volcengine/iam/iam_role/resource_volcengine_iam_role.go
+++ b/volcengine/iam/iam_role/resource_volcengine_iam_role.go
@@ -39,15 +39,18 @@ func ResourceVolcengineIamRole() *schema.Resource {
Required: true,
Description: "The trust policy document of the Role.",
DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
- oldMap := make(map[string]interface{})
- newMap := make(map[string]interface{})
+ if d.Id() != "" {
+ oldMap := make(map[string]interface{})
+ newMap := make(map[string]interface{})
- _ = json.Unmarshal([]byte(old), &oldMap)
- _ = json.Unmarshal([]byte(new), &newMap)
+ _ = json.Unmarshal([]byte(old), &oldMap)
+ _ = json.Unmarshal([]byte(new), &newMap)
- oldStr, _ := json.MarshalIndent(oldMap, "", "\t")
- newStr, _ := json.MarshalIndent(newMap, "", "\t")
- return string(oldStr) == string(newStr)
+ oldStr, _ := json.MarshalIndent(oldMap, "", "\t")
+ newStr, _ := json.MarshalIndent(newMap, "", "\t")
+ return string(oldStr) == string(newStr)
+ }
+ return false
},
},
"role_name": {
diff --git a/volcengine/provider.go b/volcengine/provider.go
index 2c983474..397aa575 100644
--- a/volcengine/provider.go
+++ b/volcengine/provider.go
@@ -88,6 +88,8 @@ import (
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_mssql/rds_mssql_region"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_mssql/rds_mssql_zone"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_account"
+ "github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_allowlist"
+ "github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_allowlist_associate"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_database"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_instance"
"github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_instance_readonly_node"
@@ -643,9 +645,10 @@ func Provider() terraform.ResourceProvider {
"volcengine_rds_mssql_backups": mssqlBackup.DataSourceVolcengineRdsMssqlBackups(),
// ================ Postgresql ================
- "volcengine_rds_postgresql_databases": rds_postgresql_database.DataSourceVolcengineRdsPostgresqlDatabases(),
- "volcengine_rds_postgresql_accounts": rds_postgresql_account.DataSourceVolcengineRdsPostgresqlAccounts(),
- "volcengine_rds_postgresql_instances": rds_postgresql_instance.DataSourceVolcengineRdsPostgresqlInstances(),
+ "volcengine_rds_postgresql_databases": rds_postgresql_database.DataSourceVolcengineRdsPostgresqlDatabases(),
+ "volcengine_rds_postgresql_accounts": rds_postgresql_account.DataSourceVolcengineRdsPostgresqlAccounts(),
+ "volcengine_rds_postgresql_instances": rds_postgresql_instance.DataSourceVolcengineRdsPostgresqlInstances(),
+ "volcengine_rds_postgresql_allowlists": rds_postgresql_allowlist.DataSourceVolcengineRdsPostgresqlAllowlists(),
// ================ Organization ================
"volcengine_organization_units": organization_unit.DataSourceVolcengineOrganizationUnits(),
@@ -946,6 +949,8 @@ func Provider() terraform.ResourceProvider {
"volcengine_rds_postgresql_account": rds_postgresql_account.ResourceVolcengineRdsPostgresqlAccount(),
"volcengine_rds_postgresql_instance": rds_postgresql_instance.ResourceVolcengineRdsPostgresqlInstance(),
"volcengine_rds_postgresql_instance_readonly_node": rds_postgresql_instance_readonly_node.ResourceVolcengineRdsPostgresqlInstanceReadonlyNode(),
+ "volcengine_rds_postgresql_allowlist": rds_postgresql_allowlist.ResourceVolcengineRdsPostgresqlAllowlist(),
+ "volcengine_rds_postgresql_allowlist_associate": rds_postgresql_allowlist_associate.ResourceVolcengineRdsPostgresqlAllowlistAssociate(),
// ================ Organization ================
"volcengine_organization_unit": organization_unit.ResourceVolcengineOrganizationUnit(),
diff --git a/volcengine/rds_mysql/allowlist/service_volcengine_rds_mysql_allowlist.go b/volcengine/rds_mysql/allowlist/service_volcengine_rds_mysql_allowlist.go
index 52cae93e..3d5ccaf0 100644
--- a/volcengine/rds_mysql/allowlist/service_volcengine_rds_mysql_allowlist.go
+++ b/volcengine/rds_mysql/allowlist/service_volcengine_rds_mysql_allowlist.go
@@ -95,7 +95,8 @@ func (s *VolcengineRdsMysqlAllowListService) ReadResource(resourceData *schema.R
id = s.ReadResourceId(resourceData.Id())
}
req := map[string]interface{}{
- "RegionId": s.Client.Region,
+ "RegionId": s.Client.Region,
+ "AllowListId": id,
}
results, err = s.ReadResources(req)
if err != nil {
@@ -108,6 +109,7 @@ func (s *VolcengineRdsMysqlAllowListService) ReadResource(resourceData *schema.R
}
if result["AllowListId"].(string) == id {
data = result
+ break
}
}
if len(data) == 0 {
diff --git a/volcengine/rds_postgresql/rds_postgresql_allowlist/data_source_volcengine_rds_postgresql_allowlists.go b/volcengine/rds_postgresql/rds_postgresql_allowlist/data_source_volcengine_rds_postgresql_allowlists.go
new file mode 100644
index 00000000..ba46e007
--- /dev/null
+++ b/volcengine/rds_postgresql/rds_postgresql_allowlist/data_source_volcengine_rds_postgresql_allowlists.go
@@ -0,0 +1,118 @@
+package rds_postgresql_allowlist
+
+import (
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+ ve "github.com/volcengine/terraform-provider-volcengine/common"
+)
+
+func DataSourceVolcengineRdsPostgresqlAllowlists() *schema.Resource {
+ return &schema.Resource{
+ Read: dataSourceVolcengineRdsPostgresqlAllowlistsRead,
+ Schema: map[string]*schema.Schema{
+ "instance_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The id of the postgresql Instance.",
+ },
+ "name_regex": {
+ Type: schema.TypeString,
+ Optional: true,
+ ValidateFunc: validation.StringIsValidRegExp,
+ Description: "A Name Regex of Resource.",
+ },
+ "output_file": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "File name where to save data source results.",
+ },
+ "total_count": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "The total count of query.",
+ },
+
+ "postgresql_allow_lists": {
+ Description: "The list of postgresql allowed list.",
+ Type: schema.TypeList,
+ Computed: true,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The id of the postgresql allow list.",
+ },
+ "allow_list_id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The id of the postgresql allow list.",
+ },
+ "allow_list_name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The name of the postgresql allow list.",
+ },
+ "allow_list_desc": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The description of the postgresql allow list.",
+ },
+ "allow_list_type": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The type of the postgresql allow list.",
+ },
+ "allow_list_ip_num": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "The total number of IP addresses (or address ranges) in the whitelist.",
+ },
+ "associated_instance_num": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "The total number of instances bound under the whitelist.",
+ },
+ "allow_list": {
+ Type: schema.TypeList,
+ Computed: true,
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ Description: "The IP address or a range of IP addresses in CIDR format.",
+ },
+ "associated_instances": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "The list of postgresql instances.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "instance_id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The id of the postgresql instance.",
+ },
+ "instance_name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The name of the postgresql instance.",
+ },
+ "vpc": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The id of the vpc.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ }
+}
+
+func dataSourceVolcengineRdsPostgresqlAllowlistsRead(d *schema.ResourceData, meta interface{}) error {
+ service := NewRdsPostgresqlAllowlistService(meta.(*ve.SdkClient))
+ return service.Dispatcher.Data(service, d, DataSourceVolcengineRdsPostgresqlAllowlists())
+}
diff --git a/volcengine/rds_postgresql/rds_postgresql_allowlist/resource_volcengine_rds_postgresql_allowlist.go b/volcengine/rds_postgresql/rds_postgresql_allowlist/resource_volcengine_rds_postgresql_allowlist.go
new file mode 100644
index 00000000..8f70fbe3
--- /dev/null
+++ b/volcengine/rds_postgresql/rds_postgresql_allowlist/resource_volcengine_rds_postgresql_allowlist.go
@@ -0,0 +1,134 @@
+package rds_postgresql_allowlist
+
+import (
+ "fmt"
+ "time"
+
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ ve "github.com/volcengine/terraform-provider-volcengine/common"
+)
+
+/*
+
+Import
+RdsPostgresqlAllowlist can be imported using the id, e.g.
+```
+$ terraform import volcengine_rds_postgresql_allowlist.default resource_id
+```
+
+*/
+
+func ResourceVolcengineRdsPostgresqlAllowlist() *schema.Resource {
+ resource := &schema.Resource{
+ Create: resourceVolcengineRdsPostgresqlAllowlistCreate,
+ Read: resourceVolcengineRdsPostgresqlAllowlistRead,
+ Update: resourceVolcengineRdsPostgresqlAllowlistUpdate,
+ Delete: resourceVolcengineRdsPostgresqlAllowlistDelete,
+ Importer: &schema.ResourceImporter{
+ State: schema.ImportStatePassthrough,
+ },
+ Timeouts: &schema.ResourceTimeout{
+ Create: schema.DefaultTimeout(30 * time.Minute),
+ Update: schema.DefaultTimeout(30 * time.Minute),
+ Delete: schema.DefaultTimeout(30 * time.Minute),
+ },
+ Schema: map[string]*schema.Schema{
+ "allow_list_name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "The name of the postgresql allow list.",
+ },
+ "allow_list_desc": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The description of the postgresql allow list.",
+ },
+ "allow_list_type": {
+ Type: schema.TypeString,
+ Optional: true,
+ Computed: true,
+ ForceNew: true,
+ Description: "The type of IP address in the whitelist. Currently only `IPv4` addresses are supported.",
+ },
+ "allow_list": {
+ Type: schema.TypeSet,
+ Required: true,
+ MinItems: 1,
+ MaxItems: 300,
+ Set: schema.HashString,
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ Description: "Enter an IP address or a range of IP addresses in CIDR format.",
+ },
+
+ // computed fields
+ "associated_instance_num": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "The total number of instances bound under the whitelist.",
+ },
+ "associated_instances": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "The list of postgresql instances.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "instance_id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The id of the postgresql instance.",
+ },
+ "instance_name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The name of the postgresql instance.",
+ },
+ "vpc": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The id of the vpc.",
+ },
+ },
+ },
+ },
+ },
+ }
+ return resource
+}
+
+func resourceVolcengineRdsPostgresqlAllowlistCreate(d *schema.ResourceData, meta interface{}) (err error) {
+ service := NewRdsPostgresqlAllowlistService(meta.(*ve.SdkClient))
+ err = service.Dispatcher.Create(service, d, ResourceVolcengineRdsPostgresqlAllowlist())
+ if err != nil {
+ return fmt.Errorf("error on creating rds_postgresql_allowlist %q, %s", d.Id(), err)
+ }
+ return resourceVolcengineRdsPostgresqlAllowlistRead(d, meta)
+}
+
+func resourceVolcengineRdsPostgresqlAllowlistRead(d *schema.ResourceData, meta interface{}) (err error) {
+ service := NewRdsPostgresqlAllowlistService(meta.(*ve.SdkClient))
+ err = service.Dispatcher.Read(service, d, ResourceVolcengineRdsPostgresqlAllowlist())
+ if err != nil {
+ return fmt.Errorf("error on reading rds_postgresql_allowlist %q, %s", d.Id(), err)
+ }
+ return err
+}
+
+func resourceVolcengineRdsPostgresqlAllowlistUpdate(d *schema.ResourceData, meta interface{}) (err error) {
+ service := NewRdsPostgresqlAllowlistService(meta.(*ve.SdkClient))
+ err = service.Dispatcher.Update(service, d, ResourceVolcengineRdsPostgresqlAllowlist())
+ if err != nil {
+ return fmt.Errorf("error on updating rds_postgresql_allowlist %q, %s", d.Id(), err)
+ }
+ return resourceVolcengineRdsPostgresqlAllowlistRead(d, meta)
+}
+
+func resourceVolcengineRdsPostgresqlAllowlistDelete(d *schema.ResourceData, meta interface{}) (err error) {
+ service := NewRdsPostgresqlAllowlistService(meta.(*ve.SdkClient))
+ err = service.Dispatcher.Delete(service, d, ResourceVolcengineRdsPostgresqlAllowlist())
+ if err != nil {
+ return fmt.Errorf("error on deleting rds_postgresql_allowlist %q, %s", d.Id(), err)
+ }
+ return err
+}
diff --git a/volcengine/rds_postgresql/rds_postgresql_allowlist/service_volcengine_rds_postgresql_allowlist.go b/volcengine/rds_postgresql/rds_postgresql_allowlist/service_volcengine_rds_postgresql_allowlist.go
new file mode 100644
index 00000000..32e97932
--- /dev/null
+++ b/volcengine/rds_postgresql/rds_postgresql_allowlist/service_volcengine_rds_postgresql_allowlist.go
@@ -0,0 +1,303 @@
+package rds_postgresql_allowlist
+
+import (
+ "errors"
+ "fmt"
+ "strings"
+ "time"
+
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ ve "github.com/volcengine/terraform-provider-volcengine/common"
+ "github.com/volcengine/terraform-provider-volcengine/logger"
+)
+
+type VolcengineRdsPostgresqlAllowlistService struct {
+ Client *ve.SdkClient
+ Dispatcher *ve.Dispatcher
+}
+
+func NewRdsPostgresqlAllowlistService(c *ve.SdkClient) *VolcengineRdsPostgresqlAllowlistService {
+ return &VolcengineRdsPostgresqlAllowlistService{
+ Client: c,
+ Dispatcher: &ve.Dispatcher{},
+ }
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) GetClient() *ve.SdkClient {
+ return s.Client
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) ReadResources(m map[string]interface{}) (data []interface{}, err error) {
+ var (
+ resp *map[string]interface{}
+ results interface{}
+ ok bool
+ allowListId string
+ )
+ return ve.WithSimpleQuery(m, func(condition map[string]interface{}) ([]interface{}, error) {
+ if condition != nil {
+ condition["RegionId"] = s.Client.Region
+ }
+
+ action := "DescribeAllowLists"
+ logger.Debug(logger.ReqFormat, action, condition)
+ if condition == nil {
+ resp, err = s.Client.UniversalClient.DoCall(getUniversalInfo(action), nil)
+ if err != nil {
+ return data, err
+ }
+ } else {
+ resp, err = s.Client.UniversalClient.DoCall(getUniversalInfo(action), &condition)
+ if err != nil {
+ return data, err
+ }
+ }
+ results, err = ve.ObtainSdkValue("Result.AllowLists", *resp)
+ if err != nil {
+ return data, err
+ }
+ if results == nil {
+ results = []interface{}{}
+ }
+ if data, ok = results.([]interface{}); !ok {
+ return data, errors.New("Result.AllowLists is not slice ")
+ }
+
+ if id, exist := condition["AllowListId"]; exist {
+ allowListId = id.(string)
+ }
+ for _, ele := range data {
+ allowList, ok := ele.(map[string]interface{})
+ if !ok {
+ return data, fmt.Errorf("The value of the Result.AllowLists is not map ")
+ }
+
+ if allowListId == "" || allowListId == allowList["AllowListId"].(string) {
+ query := map[string]interface{}{
+ "AllowListId": allowList["AllowListId"],
+ }
+ action = "DescribeAllowListDetail"
+ logger.Debug(logger.ReqFormat, action, query)
+ resp, err = s.Client.UniversalClient.DoCall(getUniversalInfo(action), &query)
+ if err != nil {
+ return data, err
+ }
+ logger.Debug(logger.RespFormat, action, query, *resp)
+ instances, err := ve.ObtainSdkValue("Result.AssociatedInstances", *resp)
+ if err != nil {
+ return data, err
+ }
+ allowList["AssociatedInstances"] = instances
+ allowListIp, err := ve.ObtainSdkValue("Result.AllowList", *resp)
+ if err != nil {
+ return data, err
+ }
+ allowListIpArr := strings.Split(allowListIp.(string), ",")
+ allowList["AllowList"] = allowListIpArr
+ }
+ }
+ return data, err
+ })
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) ReadResource(resourceData *schema.ResourceData, id string) (data map[string]interface{}, err error) {
+ var (
+ results []interface{}
+ )
+ if id == "" {
+ id = s.ReadResourceId(resourceData.Id())
+ }
+ req := map[string]interface{}{
+ "RegionId": s.Client.Region,
+ "AllowListId": id,
+ }
+ results, err = s.ReadResources(req)
+ if err != nil {
+ return data, err
+ }
+ for _, v := range results {
+ result, ok := v.(map[string]interface{})
+ if !ok {
+ return data, errors.New("Value is not map ")
+ }
+ if result["AllowListId"].(string) == id {
+ data = result
+ break
+ }
+ }
+ if len(data) == 0 {
+ return data, fmt.Errorf("rds_postgresql_allowlist %s not exist ", id)
+ }
+ return data, err
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) RefreshResourceState(resourceData *schema.ResourceData, target []string, timeout time.Duration, id string) *resource.StateChangeConf {
+ return &resource.StateChangeConf{}
+}
+
+func (VolcengineRdsPostgresqlAllowlistService) WithResourceResponseHandlers(d map[string]interface{}) []ve.ResourceResponseHandler {
+ handler := func() (map[string]interface{}, map[string]ve.ResponseConvert, error) {
+ return d, map[string]ve.ResponseConvert{
+ "VPC": {
+ TargetField: "vpc",
+ },
+ }, nil
+ }
+ return []ve.ResourceResponseHandler{handler}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) CreateResource(resourceData *schema.ResourceData, resource *schema.Resource) []ve.Callback {
+ callback := ve.Callback{
+ Call: ve.SdkCall{
+ Action: "CreateAllowList",
+ ConvertMode: ve.RequestConvertAll,
+ ContentType: ve.ContentTypeJson,
+ Convert: map[string]ve.RequestConvert{
+ "allow_list": {
+ Ignore: true,
+ },
+ },
+ BeforeCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (bool, error) {
+ var allowStrings []string
+ allowListsSet := d.Get("allow_list").(*schema.Set)
+ for _, v := range allowListsSet.List() {
+ allowStrings = append(allowStrings, v.(string))
+ }
+ allowLists := strings.Join(allowStrings, ",")
+ logger.Debug(logger.ReqFormat, call.Action, call.SdkParam, allowLists)
+ (*call.SdkParam)["AllowList"] = allowLists
+ return true, nil
+ },
+ ExecuteCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (*map[string]interface{}, error) {
+ logger.Debug(logger.RespFormat, call.Action, call.SdkParam)
+ resp, err := s.Client.UniversalClient.DoCall(getUniversalInfo(call.Action), call.SdkParam)
+ logger.Debug(logger.RespFormat, call.Action, resp, err)
+ return resp, err
+ },
+ AfterCall: func(d *schema.ResourceData, client *ve.SdkClient, resp *map[string]interface{}, call ve.SdkCall) error {
+ id, _ := ve.ObtainSdkValue("Result.AllowListId", *resp)
+ d.SetId(id.(string))
+ return nil
+ },
+ },
+ }
+ return []ve.Callback{callback}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) ModifyResource(resourceData *schema.ResourceData, resource *schema.Resource) []ve.Callback {
+ callback := ve.Callback{
+ Call: ve.SdkCall{
+ Action: "ModifyAllowList",
+ ConvertMode: ve.RequestConvertInConvert,
+ ContentType: ve.ContentTypeJson,
+ Convert: map[string]ve.RequestConvert{
+ "allow_list_name": {
+ TargetField: "AllowListName",
+ ForceGet: true,
+ },
+ "allow_list_desc": {
+ TargetField: "AllowListDesc",
+ },
+ "allow_list": {
+ Ignore: true,
+ },
+ },
+ BeforeCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (bool, error) {
+ var allowStrings []string
+ allowListsSet := d.Get("allow_list").(*schema.Set)
+ for _, v := range allowListsSet.List() {
+ allowStrings = append(allowStrings, v.(string))
+ }
+ allowLists := strings.Join(allowStrings, ",")
+ logger.Debug(logger.ReqFormat, call.Action, call.SdkParam, allowLists)
+ (*call.SdkParam)["AllowList"] = allowLists
+
+ (*call.SdkParam)["AllowListId"] = d.Id()
+ (*call.SdkParam)["ModifyMode"] = "Cover"
+ (*call.SdkParam)["ApplyInstanceNum"] = d.Get("associated_instance_num")
+ return true, nil
+ },
+ ExecuteCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (*map[string]interface{}, error) {
+ logger.Debug(logger.ReqFormat, call.Action, call.SdkParam)
+ resp, err := s.Client.UniversalClient.DoCall(getUniversalInfo(call.Action), call.SdkParam)
+ logger.Debug(logger.RespFormat, call.Action, resp, err)
+ return resp, err
+ },
+ },
+ }
+ return []ve.Callback{callback}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) RemoveResource(resourceData *schema.ResourceData, r *schema.Resource) []ve.Callback {
+ callback := ve.Callback{
+ Call: ve.SdkCall{
+ Action: "DeleteAllowList",
+ ConvertMode: ve.RequestConvertIgnore,
+ ContentType: ve.ContentTypeJson,
+ SdkParam: &map[string]interface{}{
+ "AllowListId": resourceData.Id(),
+ },
+ ExecuteCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (*map[string]interface{}, error) {
+ logger.Debug(logger.RespFormat, call.Action, call.SdkParam)
+ return s.Client.UniversalClient.DoCall(getUniversalInfo(call.Action), call.SdkParam)
+ },
+ AfterCall: func(d *schema.ResourceData, client *ve.SdkClient, resp *map[string]interface{}, call ve.SdkCall) error {
+ return ve.CheckResourceUtilRemoved(d, s.ReadResource, 5*time.Minute)
+ },
+ CallError: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall, baseErr error) error {
+ //出现错误后重试
+ return resource.Retry(15*time.Minute, func() *resource.RetryError {
+ _, callErr := s.ReadResource(d, "")
+ if callErr != nil {
+ if ve.ResourceNotFoundError(callErr) {
+ return nil
+ } else {
+ return resource.NonRetryableError(fmt.Errorf("error on reading rds postgre allow list on delete %q, %w", d.Id(), callErr))
+ }
+ }
+ _, callErr = call.ExecuteCall(d, client, call)
+ if callErr == nil {
+ return nil
+ }
+ return resource.RetryableError(callErr)
+ })
+ },
+ },
+ }
+ return []ve.Callback{callback}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) DatasourceResources(*schema.ResourceData, *schema.Resource) ve.DataSourceInfo {
+ return ve.DataSourceInfo{
+ NameField: "AllowListName",
+ IdField: "AllowListId",
+ CollectField: "postgresql_allow_lists",
+ ResponseConverts: map[string]ve.ResponseConvert{
+ "AllowListId": {
+ TargetField: "id",
+ KeepDefault: true,
+ },
+ "AllowListIPNum": {
+ TargetField: "allow_list_ip_num",
+ },
+ "VPC": {
+ TargetField: "vpc",
+ },
+ },
+ }
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistService) ReadResourceId(id string) string {
+ return id
+}
+
+func getUniversalInfo(actionName string) ve.UniversalInfo {
+ return ve.UniversalInfo{
+ ServiceName: "rds_postgresql",
+ Version: "2022-01-01",
+ HttpMethod: ve.POST,
+ ContentType: ve.ApplicationJSON,
+ Action: actionName,
+ }
+}
diff --git a/volcengine/rds_postgresql/rds_postgresql_allowlist_associate/resource_volcengine_rds_postgresql_allowlist_associate.go b/volcengine/rds_postgresql/rds_postgresql_allowlist_associate/resource_volcengine_rds_postgresql_allowlist_associate.go
new file mode 100644
index 00000000..70759e19
--- /dev/null
+++ b/volcengine/rds_postgresql/rds_postgresql_allowlist_associate/resource_volcengine_rds_postgresql_allowlist_associate.go
@@ -0,0 +1,103 @@
+package rds_postgresql_allowlist_associate
+
+import (
+ "fmt"
+ "strings"
+ "time"
+
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ ve "github.com/volcengine/terraform-provider-volcengine/common"
+)
+
+/*
+
+Import
+RdsPostgresqlAllowlistAssociate can be imported using the instance_id:allow_list_id, e.g.
+```
+$ terraform import volcengine_rds_postgresql_allowlist_associate.default resource_id
+```
+
+*/
+
+func ResourceVolcengineRdsPostgresqlAllowlistAssociate() *schema.Resource {
+ resource := &schema.Resource{
+ Create: resourceVolcengineRdsPostgresqlAllowlistAssociateCreate,
+ Read: resourceVolcengineRdsPostgresqlAllowlistAssociateRead,
+ Delete: resourceVolcengineRdsPostgresqlAllowlistAssociateDelete,
+ Importer: &schema.ResourceImporter{
+ State: allowListAssociateImporter,
+ },
+ Timeouts: &schema.ResourceTimeout{
+ Create: schema.DefaultTimeout(30 * time.Minute),
+ Delete: schema.DefaultTimeout(30 * time.Minute),
+ },
+ Schema: map[string]*schema.Schema{
+ "instance_id": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ Description: "The id of the postgresql instance.",
+ },
+ "allow_list_id": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ Description: "The id of the postgresql allow list.",
+ },
+ },
+ }
+ return resource
+}
+
+func resourceVolcengineRdsPostgresqlAllowlistAssociateCreate(d *schema.ResourceData, meta interface{}) (err error) {
+ service := NewRdsPostgresqlAllowlistAssociateService(meta.(*ve.SdkClient))
+ err = service.Dispatcher.Create(service, d, ResourceVolcengineRdsPostgresqlAllowlistAssociate())
+ if err != nil {
+ return fmt.Errorf("error on creating rds_postgresql_allowlist_associate %q, %s", d.Id(), err)
+ }
+ return resourceVolcengineRdsPostgresqlAllowlistAssociateRead(d, meta)
+}
+
+func resourceVolcengineRdsPostgresqlAllowlistAssociateRead(d *schema.ResourceData, meta interface{}) (err error) {
+ service := NewRdsPostgresqlAllowlistAssociateService(meta.(*ve.SdkClient))
+ err = service.Dispatcher.Read(service, d, ResourceVolcengineRdsPostgresqlAllowlistAssociate())
+ if err != nil {
+ return fmt.Errorf("error on reading rds_postgresql_allowlist_associate %q, %s", d.Id(), err)
+ }
+ return err
+}
+
+func resourceVolcengineRdsPostgresqlAllowlistAssociateUpdate(d *schema.ResourceData, meta interface{}) (err error) {
+ service := NewRdsPostgresqlAllowlistAssociateService(meta.(*ve.SdkClient))
+ err = service.Dispatcher.Update(service, d, ResourceVolcengineRdsPostgresqlAllowlistAssociate())
+ if err != nil {
+ return fmt.Errorf("error on updating rds_postgresql_allowlist_associate %q, %s", d.Id(), err)
+ }
+ return resourceVolcengineRdsPostgresqlAllowlistAssociateRead(d, meta)
+}
+
+func resourceVolcengineRdsPostgresqlAllowlistAssociateDelete(d *schema.ResourceData, meta interface{}) (err error) {
+ service := NewRdsPostgresqlAllowlistAssociateService(meta.(*ve.SdkClient))
+ err = service.Dispatcher.Delete(service, d, ResourceVolcengineRdsPostgresqlAllowlistAssociate())
+ if err != nil {
+ return fmt.Errorf("error on deleting rds_postgresql_allowlist_associate %q, %s", d.Id(), err)
+ }
+ return err
+}
+
+func allowListAssociateImporter(data *schema.ResourceData, i interface{}) ([]*schema.ResourceData, error) {
+ var err error
+ items := strings.Split(data.Id(), ":")
+ if len(items) != 2 {
+ return []*schema.ResourceData{data}, fmt.Errorf("import id must be of the form InstanceId:AllowListId")
+ }
+ err = data.Set("instance_id", items[0])
+ if err != nil {
+ return []*schema.ResourceData{data}, err
+ }
+ err = data.Set("allow_list_id", items[1])
+ if err != nil {
+ return []*schema.ResourceData{data}, err
+ }
+ return []*schema.ResourceData{data}, nil
+}
diff --git a/volcengine/rds_postgresql/rds_postgresql_allowlist_associate/service_volcengine_rds_postgresql_allowlist_associate.go b/volcengine/rds_postgresql/rds_postgresql_allowlist_associate/service_volcengine_rds_postgresql_allowlist_associate.go
new file mode 100644
index 00000000..665d162d
--- /dev/null
+++ b/volcengine/rds_postgresql/rds_postgresql_allowlist_associate/service_volcengine_rds_postgresql_allowlist_associate.go
@@ -0,0 +1,196 @@
+package rds_postgresql_allowlist_associate
+
+import (
+ "errors"
+ "fmt"
+ "strings"
+ "time"
+
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ ve "github.com/volcengine/terraform-provider-volcengine/common"
+ "github.com/volcengine/terraform-provider-volcengine/logger"
+ "github.com/volcengine/terraform-provider-volcengine/volcengine/rds_postgresql/rds_postgresql_instance"
+)
+
+type VolcengineRdsPostgresqlAllowlistAssociateService struct {
+ Client *ve.SdkClient
+ Dispatcher *ve.Dispatcher
+}
+
+func NewRdsPostgresqlAllowlistAssociateService(c *ve.SdkClient) *VolcengineRdsPostgresqlAllowlistAssociateService {
+ return &VolcengineRdsPostgresqlAllowlistAssociateService{
+ Client: c,
+ Dispatcher: &ve.Dispatcher{},
+ }
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) GetClient() *ve.SdkClient {
+ return s.Client
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) ReadResources(m map[string]interface{}) (data []interface{}, err error) {
+ return nil, nil
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) ReadResource(resourceData *schema.ResourceData, id string) (data map[string]interface{}, err error) {
+ var (
+ results interface{}
+ resultsMap map[string]interface{}
+ instanceMap map[string]interface{}
+ instances []interface{}
+ ok bool
+ )
+ if id == "" {
+ id = s.ReadResourceId(resourceData.Id())
+ }
+ ids := strings.Split(id, ":")
+ if len(ids) != 2 {
+ return data, fmt.Errorf("invalid postgresql allowlist associate id: %v", id)
+ }
+
+ req := map[string]interface{}{
+ "AllowListId": ids[1],
+ }
+ action := "DescribeAllowListDetail"
+ resp, err := s.Client.UniversalClient.DoCall(getUniversalInfo(action), &req)
+ if err != nil {
+ return data, err
+ }
+ results, err = ve.ObtainSdkValue("Result", *resp)
+ if err != nil {
+ return data, err
+ }
+ if resultsMap, ok = results.(map[string]interface{}); !ok {
+ return resultsMap, errors.New("Value is not map ")
+ }
+ if len(resultsMap) == 0 {
+ return resultsMap, fmt.Errorf("Rds Postgresql allowlist %s not exist ", ids[1])
+ }
+ logger.Debug(logger.ReqFormat, action, resultsMap)
+ instances = resultsMap["AssociatedInstances"].([]interface{})
+ logger.Debug(logger.ReqFormat, action, instances)
+ for _, instance := range instances {
+ if instanceMap, ok = instance.(map[string]interface{}); !ok {
+ return data, errors.New("instance is not map ")
+ }
+ if len(instanceMap) == 0 {
+ continue
+ }
+ if instanceMap["InstanceId"].(string) == ids[0] {
+ data = resultsMap
+ break
+ }
+ }
+ if len(data) == 0 {
+ return data, fmt.Errorf("rds_postgresql_allowlist_associate %s not exist ", id)
+ }
+ return data, err
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) RefreshResourceState(resourceData *schema.ResourceData, target []string, timeout time.Duration, id string) *resource.StateChangeConf {
+ return &resource.StateChangeConf{}
+}
+
+func (VolcengineRdsPostgresqlAllowlistAssociateService) WithResourceResponseHandlers(d map[string]interface{}) []ve.ResourceResponseHandler {
+ handler := func() (map[string]interface{}, map[string]ve.ResponseConvert, error) {
+ return d, nil, nil
+ }
+ return []ve.ResourceResponseHandler{handler}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) CreateResource(resourceData *schema.ResourceData, resource *schema.Resource) []ve.Callback {
+ callback := ve.Callback{
+ Call: ve.SdkCall{
+ Action: "AssociateAllowList",
+ ConvertMode: ve.RequestConvertIgnore,
+ ContentType: ve.ContentTypeJson,
+ Convert: map[string]ve.RequestConvert{},
+ ExecuteCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (*map[string]interface{}, error) {
+ instanceId := d.Get("instance_id").(string)
+ allowListId := d.Get("allow_list_id").(string)
+ (*call.SdkParam)["InstanceIds"] = []string{instanceId}
+ (*call.SdkParam)["AllowListIds"] = []string{allowListId}
+
+ logger.Debug(logger.RespFormat, call.Action, call.SdkParam)
+ resp, err := s.Client.UniversalClient.DoCall(getUniversalInfo(call.Action), call.SdkParam)
+ logger.Debug(logger.RespFormat, call.Action, resp, err)
+ return resp, err
+ },
+ AfterCall: func(d *schema.ResourceData, client *ve.SdkClient, resp *map[string]interface{}, call ve.SdkCall) error {
+ instanceId := d.Get("instance_id").(string)
+ allowListId := d.Get("allow_list_id").(string)
+ d.SetId(fmt.Sprint(instanceId, ":", allowListId))
+ return nil
+ },
+ LockId: func(d *schema.ResourceData) string {
+ return d.Get("instance_id").(string)
+ },
+ ExtraRefresh: map[ve.ResourceService]*ve.StateRefresh{
+ rds_postgresql_instance.NewRdsPostgresqlInstanceService(s.Client): {
+ Target: []string{"Running"},
+ Timeout: resourceData.Timeout(schema.TimeoutCreate),
+ ResourceId: resourceData.Get("instance_id").(string),
+ },
+ },
+ },
+ }
+ return []ve.Callback{callback}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) ModifyResource(resourceData *schema.ResourceData, resource *schema.Resource) []ve.Callback {
+ return []ve.Callback{}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) RemoveResource(resourceData *schema.ResourceData, r *schema.Resource) []ve.Callback {
+ callback := ve.Callback{
+ Call: ve.SdkCall{
+ Action: "DisassociateAllowList",
+ ConvertMode: ve.RequestConvertIgnore,
+ ContentType: ve.ContentTypeJson,
+ ExecuteCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (*map[string]interface{}, error) {
+ ids := strings.Split(d.Id(), ":")
+ if len(ids) != 2 {
+ return nil, fmt.Errorf("invalid postgresql allowlist associate id: %v", d.Id())
+ }
+ (*call.SdkParam)["InstanceIds"] = []string{ids[0]}
+ (*call.SdkParam)["AllowListIds"] = []string{ids[1]}
+
+ logger.Debug(logger.RespFormat, call.Action, call.SdkParam)
+ return s.Client.UniversalClient.DoCall(getUniversalInfo(call.Action), call.SdkParam)
+ },
+ AfterCall: func(d *schema.ResourceData, client *ve.SdkClient, resp *map[string]interface{}, call ve.SdkCall) error {
+ return ve.CheckResourceUtilRemoved(d, s.ReadResource, 5*time.Minute)
+ },
+ LockId: func(d *schema.ResourceData) string {
+ return d.Get("instance_id").(string)
+ },
+ ExtraRefresh: map[ve.ResourceService]*ve.StateRefresh{
+ rds_postgresql_instance.NewRdsPostgresqlInstanceService(s.Client): {
+ Target: []string{"Running"},
+ Timeout: resourceData.Timeout(schema.TimeoutCreate),
+ ResourceId: resourceData.Get("instance_id").(string),
+ },
+ },
+ },
+ }
+ return []ve.Callback{callback}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) DatasourceResources(*schema.ResourceData, *schema.Resource) ve.DataSourceInfo {
+ return ve.DataSourceInfo{}
+}
+
+func (s *VolcengineRdsPostgresqlAllowlistAssociateService) ReadResourceId(id string) string {
+ return id
+}
+
+func getUniversalInfo(actionName string) ve.UniversalInfo {
+ return ve.UniversalInfo{
+ ServiceName: "rds_postgresql",
+ Version: "2022-01-01",
+ HttpMethod: ve.POST,
+ ContentType: ve.ApplicationJSON,
+ Action: actionName,
+ }
+}
diff --git a/volcengine/tos/bucket_policy/resource_volcengine_tos_bucket_policy.go b/volcengine/tos/bucket_policy/resource_volcengine_tos_bucket_policy.go
index 775dd65a..63331a0d 100644
--- a/volcengine/tos/bucket_policy/resource_volcengine_tos_bucket_policy.go
+++ b/volcengine/tos/bucket_policy/resource_volcengine_tos_bucket_policy.go
@@ -53,7 +53,7 @@ func ResourceVolcengineTosBucketPolicy() *schema.Resource {
Type: schema.TypeString,
Required: true,
DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
- if k == "policy" {
+ if k == "policy" && d.Id() != "" {
om := map[string]interface{}{}
nm := map[string]interface{}{}
_ = json.Unmarshal([]byte(old), &om)
diff --git a/volcengine/tos/bucket_policy/service_volcengine_tos_bucket_policy.go b/volcengine/tos/bucket_policy/service_volcengine_tos_bucket_policy.go
index f818fcf1..02fcb46b 100644
--- a/volcengine/tos/bucket_policy/service_volcengine_tos_bucket_policy.go
+++ b/volcengine/tos/bucket_policy/service_volcengine_tos_bucket_policy.go
@@ -133,7 +133,7 @@ func (s *VolcengineTosBucketPolicyService) putBucketPolicy(data *schema.Resource
},
},
BeforeCall: func(d *schema.ResourceData, client *ve.SdkClient, call ve.SdkCall) (bool, error) {
- j := (*call.SdkParam)[ve.BypassParam].(map[string]interface{})["Policy"]
+ j := d.Get("policy")
data := map[string]interface{}{}
err := json.Unmarshal([]byte(j.(string)), &data)
if err != nil {
diff --git a/volcengine/transit_router/route_table_association/service_volcengine_transit_router_route_table_association.go b/volcengine/transit_router/route_table_association/service_volcengine_transit_router_route_table_association.go
index c50d8809..74960966 100644
--- a/volcengine/transit_router/route_table_association/service_volcengine_transit_router_route_table_association.go
+++ b/volcengine/transit_router/route_table_association/service_volcengine_transit_router_route_table_association.go
@@ -144,6 +144,15 @@ func (v *VolcengineTRRouteTableAssociationService) CreateResource(data *schema.R
Target: []string{"Available"},
Timeout: data.Timeout(schema.TimeoutCreate),
},
+ LockId: func(d *schema.ResourceData) string {
+ attachmentId := d.Get("transit_router_attachment_id").(string)
+ trId, err := v.describeTransitRouterId(attachmentId)
+ if err != nil {
+ logger.DebugInfo("LockId get transit_router_id error: ", err)
+ return ""
+ }
+ return trId
+ },
},
}
return []ve.Callback{callback}
@@ -187,6 +196,15 @@ func (v *VolcengineTRRouteTableAssociationService) RemoveResource(data *schema.R
AfterCall: func(d *schema.ResourceData, client *ve.SdkClient, resp *map[string]interface{}, call ve.SdkCall) error {
return ve.CheckResourceUtilRemoved(d, v.ReadResource, 3*time.Minute)
},
+ LockId: func(d *schema.ResourceData) string {
+ attachmentId := d.Get("transit_router_attachment_id").(string)
+ trId, err := v.describeTransitRouterId(attachmentId)
+ if err != nil {
+ logger.DebugInfo("LockId get transit_router_id error: ", err)
+ return ""
+ }
+ return trId
+ },
},
}
return []ve.Callback{callback}
@@ -202,6 +220,38 @@ func (v *VolcengineTRRouteTableAssociationService) ReadResourceId(s string) stri
return s
}
+func (v *VolcengineTRRouteTableAssociationService) describeTransitRouterId(attachmentId string) (string, error) {
+ action := "DescribeTransitRouterAttachments"
+ req := map[string]interface{}{
+ "TransitRouterAttachmentIds.1": attachmentId,
+ }
+ resp, err := v.Client.UniversalClient.DoCall(getUniversalInfo(action), &req)
+ if err != nil {
+ return "", err
+ }
+ logger.Debug(logger.RespFormat, action, req, *resp)
+ results, err := ve.ObtainSdkValue("Result.TransitRouterAttachments", *resp)
+ if err != nil {
+ return "", err
+ }
+ if results == nil {
+ results = []interface{}{}
+ }
+ trAttachments, ok := results.([]interface{})
+ if !ok {
+ return "", errors.New("Result.TransitRouterAttachments is not Slice")
+ }
+ if len(trAttachments) == 0 {
+ return "", fmt.Errorf("TransitRouterAttachments %s not exist", attachmentId)
+ }
+ trAttachment, ok := trAttachments[0].(map[string]interface{})
+ if !ok {
+ return "", errors.New("The value of Result.TransitRouterAttachments is not map ")
+ }
+ trId := trAttachment["TransitRouterId"].(string)
+ return trId, nil
+}
+
func NewTRRouteTableAssociationService(c *ve.SdkClient) *VolcengineTRRouteTableAssociationService {
return &VolcengineTRRouteTableAssociationService{
Client: c,
diff --git a/volcengine/transit_router/route_table_propagation/service_volcengine_transit_router_route_table_propagation.go b/volcengine/transit_router/route_table_propagation/service_volcengine_transit_router_route_table_propagation.go
index 0d2d52a7..b202f195 100644
--- a/volcengine/transit_router/route_table_propagation/service_volcengine_transit_router_route_table_propagation.go
+++ b/volcengine/transit_router/route_table_propagation/service_volcengine_transit_router_route_table_propagation.go
@@ -144,6 +144,15 @@ func (v *VolcengineTRRouteTablePropagationService) CreateResource(data *schema.R
Target: []string{"Available"},
Timeout: data.Timeout(schema.TimeoutCreate),
},
+ LockId: func(d *schema.ResourceData) string {
+ attachmentId := d.Get("transit_router_attachment_id").(string)
+ trId, err := v.describeTransitRouterId(attachmentId)
+ if err != nil {
+ logger.DebugInfo("LockId get transit_router_id error: ", err)
+ return ""
+ }
+ return trId
+ },
},
}
return []ve.Callback{callback}
@@ -187,6 +196,15 @@ func (v *VolcengineTRRouteTablePropagationService) RemoveResource(data *schema.R
AfterCall: func(d *schema.ResourceData, client *ve.SdkClient, resp *map[string]interface{}, call ve.SdkCall) error {
return ve.CheckResourceUtilRemoved(d, v.ReadResource, 3*time.Minute)
},
+ LockId: func(d *schema.ResourceData) string {
+ attachmentId := d.Get("transit_router_attachment_id").(string)
+ trId, err := v.describeTransitRouterId(attachmentId)
+ if err != nil {
+ logger.DebugInfo("LockId get transit_router_id error: ", err)
+ return ""
+ }
+ return trId
+ },
},
}
return []ve.Callback{callback}
@@ -202,6 +220,38 @@ func (v *VolcengineTRRouteTablePropagationService) ReadResourceId(s string) stri
return s
}
+func (v *VolcengineTRRouteTablePropagationService) describeTransitRouterId(attachmentId string) (string, error) {
+ action := "DescribeTransitRouterAttachments"
+ req := map[string]interface{}{
+ "TransitRouterAttachmentIds.1": attachmentId,
+ }
+ resp, err := v.Client.UniversalClient.DoCall(getUniversalInfo(action), &req)
+ if err != nil {
+ return "", err
+ }
+ logger.Debug(logger.RespFormat, action, req, *resp)
+ results, err := ve.ObtainSdkValue("Result.TransitRouterAttachments", *resp)
+ if err != nil {
+ return "", err
+ }
+ if results == nil {
+ results = []interface{}{}
+ }
+ trAttachments, ok := results.([]interface{})
+ if !ok {
+ return "", errors.New("Result.TransitRouterAttachments is not Slice")
+ }
+ if len(trAttachments) == 0 {
+ return "", fmt.Errorf("TransitRouterAttachments %s not exist", attachmentId)
+ }
+ trAttachment, ok := trAttachments[0].(map[string]interface{})
+ if !ok {
+ return "", errors.New("The value of Result.TransitRouterAttachments is not map ")
+ }
+ trId := trAttachment["TransitRouterId"].(string)
+ return trId, nil
+}
+
func NewTRRouteTablePropagationService(c *ve.SdkClient) *VolcengineTRRouteTablePropagationService {
return &VolcengineTRRouteTablePropagationService{
Client: c,
diff --git a/volcengine/vpc/subnet/service_volcengine_subnet.go b/volcengine/vpc/subnet/service_volcengine_subnet.go
index 478c5ffa..65254c17 100644
--- a/volcengine/vpc/subnet/service_volcengine_subnet.go
+++ b/volcengine/vpc/subnet/service_volcengine_subnet.go
@@ -106,10 +106,21 @@ func (s *VolcengineSubnetService) RefreshResourceState(resourceData *schema.Reso
failStates []string
)
failStates = append(failStates, "Error")
- demo, err = s.ReadResource(resourceData, id)
- if err != nil {
+
+ if err = resource.Retry(5*time.Minute, func() *resource.RetryError {
+ demo, err = s.ReadResource(resourceData, id)
+ if err != nil {
+ if ve.ResourceNotFoundError(err) {
+ return resource.RetryableError(err)
+ } else {
+ return resource.NonRetryableError(err)
+ }
+ }
+ return nil
+ }); err != nil {
return nil, "", err
}
+
status, err = ve.ObtainSdkValue("Status", demo)
if err != nil {
return nil, "", err
diff --git a/website/docs/d/ecs_instances.html.markdown b/website/docs/d/ecs_instances.html.markdown
index 51ddc1c3..28e5faa6 100644
--- a/website/docs/d/ecs_instances.html.markdown
+++ b/website/docs/d/ecs_instances.html.markdown
@@ -71,6 +71,7 @@ The following arguments are supported:
* `hpc_cluster_id` - (Optional) The hpc cluster ID of ECS instance.
* `ids` - (Optional) A list of ECS instance IDs.
* `instance_charge_type` - (Optional) The charge type of ECS instance.
+* `instance_name` - (Optional) The name of ECS instance. This field support fuzzy query.
* `key_pair_name` - (Optional) The key pair name of ECS instance.
* `name_regex` - (Optional) A Name Regex of ECS instance.
* `output_file` - (Optional) File name where to save data source results.
diff --git a/website/docs/d/rds_postgresql_allowlists.html.markdown b/website/docs/d/rds_postgresql_allowlists.html.markdown
new file mode 100644
index 00000000..9a0e7c85
--- /dev/null
+++ b/website/docs/d/rds_postgresql_allowlists.html.markdown
@@ -0,0 +1,40 @@
+---
+subcategory: "RDS_POSTGRESQL"
+layout: "volcengine"
+page_title: "Volcengine: volcengine_rds_postgresql_allowlists"
+sidebar_current: "docs-volcengine-datasource-rds_postgresql_allowlists"
+description: |-
+ Use this data source to query detailed information of rds postgresql allowlists
+---
+# volcengine_rds_postgresql_allowlists
+Use this data source to query detailed information of rds postgresql allowlists
+## Example Usage
+```hcl
+data "volcengine_rds_postgresql_allowlists" "foo" {
+
+}
+```
+## Argument Reference
+The following arguments are supported:
+* `instance_id` - (Optional) The id of the postgresql Instance.
+* `name_regex` - (Optional) A Name Regex of Resource.
+* `output_file` - (Optional) File name where to save data source results.
+
+## Attributes Reference
+In addition to all arguments above, the following attributes are exported:
+* `postgresql_allow_lists` - The list of postgresql allowed list.
+ * `allow_list_desc` - The description of the postgresql allow list.
+ * `allow_list_id` - The id of the postgresql allow list.
+ * `allow_list_ip_num` - The total number of IP addresses (or address ranges) in the whitelist.
+ * `allow_list_name` - The name of the postgresql allow list.
+ * `allow_list_type` - The type of the postgresql allow list.
+ * `allow_list` - The IP address or a range of IP addresses in CIDR format.
+ * `associated_instance_num` - The total number of instances bound under the whitelist.
+ * `associated_instances` - The list of postgresql instances.
+ * `instance_id` - The id of the postgresql instance.
+ * `instance_name` - The name of the postgresql instance.
+ * `vpc` - The id of the vpc.
+ * `id` - The id of the postgresql allow list.
+* `total_count` - The total count of query.
+
+
diff --git a/website/docs/r/rds_postgresql_allowlist.html.markdown b/website/docs/r/rds_postgresql_allowlist.html.markdown
new file mode 100644
index 00000000..3be72289
--- /dev/null
+++ b/website/docs/r/rds_postgresql_allowlist.html.markdown
@@ -0,0 +1,42 @@
+---
+subcategory: "RDS_POSTGRESQL"
+layout: "volcengine"
+page_title: "Volcengine: volcengine_rds_postgresql_allowlist"
+sidebar_current: "docs-volcengine-resource-rds_postgresql_allowlist"
+description: |-
+ Provides a resource to manage rds postgresql allowlist
+---
+# volcengine_rds_postgresql_allowlist
+Provides a resource to manage rds postgresql allowlist
+## Example Usage
+```hcl
+resource "volcengine_rds_postgresql_allowlist" "foo" {
+ allow_list_name = "acc-test-allowlist"
+ allow_list_desc = "acc-test"
+ allow_list_type = "IPv4"
+ allow_list = ["192.168.0.0/24", "192.168.1.0/24"]
+}
+```
+## Argument Reference
+The following arguments are supported:
+* `allow_list_name` - (Required) The name of the postgresql allow list.
+* `allow_list` - (Required) Enter an IP address or a range of IP addresses in CIDR format.
+* `allow_list_desc` - (Optional) The description of the postgresql allow list.
+* `allow_list_type` - (Optional, ForceNew) The type of IP address in the whitelist. Currently only `IPv4` addresses are supported.
+
+## Attributes Reference
+In addition to all arguments above, the following attributes are exported:
+* `id` - ID of the resource.
+* `associated_instance_num` - The total number of instances bound under the whitelist.
+* `associated_instances` - The list of postgresql instances.
+ * `instance_id` - The id of the postgresql instance.
+ * `instance_name` - The name of the postgresql instance.
+ * `vpc` - The id of the vpc.
+
+
+## Import
+RdsPostgresqlAllowlist can be imported using the id, e.g.
+```
+$ terraform import volcengine_rds_postgresql_allowlist.default resource_id
+```
+
diff --git a/website/docs/r/rds_postgresql_allowlist_associate.html.markdown b/website/docs/r/rds_postgresql_allowlist_associate.html.markdown
new file mode 100644
index 00000000..9eabbbee
--- /dev/null
+++ b/website/docs/r/rds_postgresql_allowlist_associate.html.markdown
@@ -0,0 +1,83 @@
+---
+subcategory: "RDS_POSTGRESQL"
+layout: "volcengine"
+page_title: "Volcengine: volcengine_rds_postgresql_allowlist_associate"
+sidebar_current: "docs-volcengine-resource-rds_postgresql_allowlist_associate"
+description: |-
+ Provides a resource to manage rds postgresql allowlist associate
+---
+# volcengine_rds_postgresql_allowlist_associate
+Provides a resource to manage rds postgresql allowlist associate
+## Example Usage
+```hcl
+data "volcengine_zones" "foo" {
+}
+
+resource "volcengine_vpc" "foo" {
+ vpc_name = "acc-test-vpc"
+ cidr_block = "172.16.0.0/16"
+}
+
+resource "volcengine_subnet" "foo" {
+ subnet_name = "acc-test-subnet"
+ cidr_block = "172.16.0.0/24"
+ zone_id = data.volcengine_zones.foo.zones[0].id
+ vpc_id = volcengine_vpc.foo.id
+}
+
+
+resource "volcengine_rds_postgresql_instance" "foo" {
+ db_engine_version = "PostgreSQL_12"
+ node_spec = "rds.postgres.1c2g"
+ primary_zone_id = data.volcengine_zones.foo.zones[0].id
+ secondary_zone_id = data.volcengine_zones.foo.zones[0].id
+ storage_space = 40
+ subnet_id = volcengine_subnet.foo.id
+ instance_name = "acc-test-postgresql"
+ charge_info {
+ charge_type = "PostPaid"
+ }
+ project_name = "default"
+ tags {
+ key = "tfk1"
+ value = "tfv1"
+ }
+ parameters {
+ name = "auto_explain.log_analyze"
+ value = "off"
+ }
+ parameters {
+ name = "auto_explain.log_format"
+ value = "text"
+ }
+}
+
+resource "volcengine_rds_postgresql_allowlist" "foo" {
+ allow_list_name = "acc-test-allowlist"
+ allow_list_desc = "acc-test"
+ allow_list_type = "IPv4"
+ allow_list = ["192.168.0.0/24", "192.168.1.0/24"]
+}
+
+resource "volcengine_rds_postgresql_allowlist_associate" "foo" {
+ instance_id = volcengine_rds_postgresql_instance.foo.id
+ allow_list_id = volcengine_rds_postgresql_allowlist.foo.id
+}
+```
+## Argument Reference
+The following arguments are supported:
+* `allow_list_id` - (Required, ForceNew) The id of the postgresql allow list.
+* `instance_id` - (Required, ForceNew) The id of the postgresql instance.
+
+## Attributes Reference
+In addition to all arguments above, the following attributes are exported:
+* `id` - ID of the resource.
+
+
+
+## Import
+RdsPostgresqlAllowlistAssociate can be imported using the instance_id:allow_list_id, e.g.
+```
+$ terraform import volcengine_rds_postgresql_allowlist_associate.default resource_id
+```
+
diff --git a/website/volcengine.erb b/website/volcengine.erb
index 317fa5bf..b53c5a1c 100644
--- a/website/volcengine.erb
+++ b/website/volcengine.erb
@@ -1306,6 +1306,9 @@
rds_postgresql_accounts
+
+ rds_postgresql_allowlists
+
rds_postgresql_databases
@@ -1323,6 +1326,12 @@
rds_postgresql_account
+
+ rds_postgresql_allowlist
+
+
+ rds_postgresql_allowlist_associate
+
rds_postgresql_database