feat(postgresql): [122205050] add new resource

.changelog/3183.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+tencentcloud_postgresql_instance_ssl_config
+```

tencentcloud/provider.go

@@ -1567,6 +1567,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_postgresql_clone_db_instance":                                             postgresql.ResourceTencentCloudPostgresqlCloneDbInstance(),
 			"tencentcloud_postgresql_instance_network_access":                                       postgresql.ResourceTencentCloudPostgresqlInstanceNetworkAccess(),
 			"tencentcloud_postgresql_parameters":                                                    postgresql.ResourceTencentCloudPostgresqlParameters(),
+			"tencentcloud_postgresql_instance_ssl_config":                                           postgresql.ResourceTencentCloudPostgresqlInstanceSslConfig(),
 			"tencentcloud_sqlserver_instance":                                                       sqlserver.ResourceTencentCloudSqlserverInstance(),
 			"tencentcloud_sqlserver_db":                                                             sqlserver.ResourceTencentCloudSqlserverDB(),
 			"tencentcloud_sqlserver_account":                                                        sqlserver.ResourceTencentCloudSqlserverAccount(),

tencentcloud/provider.md

@@ -916,6 +916,7 @@ tencentcloud_postgresql_apply_parameter_template_operation
 tencentcloud_postgresql_clone_db_instance
 tencentcloud_postgresql_instance_network_access
 tencentcloud_postgresql_parameters
+tencentcloud_postgresql_instance_ssl_config
 
 TencentDB for Redis(crs)
 Data Source

tencentcloud/services/postgresql/resource_tc_postgresql_instance_network_access.go

@@ -128,7 +128,7 @@ func resourceTencentCloudPostgresqlInstanceNetworkAccessCreate(d *schema.Resourc
 		if e != nil {
 			return tccommon.RetryError(e)
 		} else {
-			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, flowRequest.GetAction(), flowRequest.ToJsonString(), result.ToJsonString())
 		}
 
 		if result == nil || result.Response == nil || result.Response.TaskSet == nil {

tencentcloud/services/postgresql/resource_tc_postgresql_instance_ssl_config.go

@@ -0,0 +1,194 @@
+package postgresql
+
+import (
+	"context"
+	"fmt"
+	"log"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	postgresv20170312 "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/postgres/v20170312"
+
+	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func ResourceTencentCloudPostgresqlInstanceSslConfig() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudPostgresqlInstanceSslConfigCreate,
+		Read:   resourceTencentCloudPostgresqlInstanceSslConfigRead,
+		Update: resourceTencentCloudPostgresqlInstanceSslConfigUpdate,
+		Delete: resourceTencentCloudPostgresqlInstanceSslConfigDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"db_instance_id": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "Postgres instance ID.",
+			},
+
+			"ssl_enabled": {
+				Type:        schema.TypeBool,
+				Required:    true,
+				Description: "Enable or disable SSL. true: enable; false: disable.",
+			},
+
+			"connect_address": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "The unique connection address protected by SSL certificate, which can be set as the internal and external IP address if it is the primary instance; If it is a read-only instance, it can be set as the instance IP or read-only group IP. This parameter is mandatory when enabling SSL or modifying SSL protected connection addresses; When SSL is turned off, this parameter will be ignored.",
+			},
+
+			"ca_url": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Cloud root certificate download link.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudPostgresqlInstanceSslConfigCreate(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_postgresql_instance_ssl_config.create")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	var dbInsntaceId string
+	if v, ok := d.GetOk("db_instance_id"); ok {
+		dbInsntaceId = v.(string)
+	}
+
+	d.SetId(dbInsntaceId)
+
+	return resourceTencentCloudPostgresqlInstanceSslConfigUpdate(d, meta)
+}
+
+func resourceTencentCloudPostgresqlInstanceSslConfigRead(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_postgresql_instance_ssl_config.read")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	var (
+		logId        = tccommon.GetLogId(tccommon.ContextNil)
+		ctx          = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+		service      = PostgresqlService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+		dbInsntaceId = d.Id()
+	)
+
+	respData, err := service.DescribePostgresqlInstanceSslConfigById(ctx, dbInsntaceId)
+	if err != nil {
+		return err
+	}
+
+	if respData == nil {
+		d.SetId("")
+		log.Printf("[WARN]%s resource `postgresql_instance_ssl_config` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		return nil
+	}
+
+	_ = d.Set("db_instance_id", dbInsntaceId)
+
+	if respData.SSLEnabled != nil {
+		_ = d.Set("ssl_enabled", respData.SSLEnabled)
+	}
+
+	if respData.ConnectAddress != nil {
+		_ = d.Set("connect_address", respData.ConnectAddress)
+	}
+
+	if respData.CAUrl != nil {
+		_ = d.Set("ca_url", respData.CAUrl)
+	}
+
+	return nil
+}
+
+func resourceTencentCloudPostgresqlInstanceSslConfigUpdate(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_postgresql_instance_ssl_config.update")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	var (
+		logId        = tccommon.GetLogId(tccommon.ContextNil)
+		ctx          = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+		dbInsntaceId = d.Id()
+	)
+
+	request := postgresv20170312.NewModifyDBInstanceSSLConfigRequest()
+	response := postgresv20170312.NewModifyDBInstanceSSLConfigResponse()
+	request.DBInstanceId = helper.String(dbInsntaceId)
+
+	if v, ok := d.GetOkExists("ssl_enabled"); ok {
+		request.SSLEnabled = helper.Bool(v.(bool))
+	}
+
+	if v, ok := d.GetOk("connect_address"); ok {
+		request.ConnectAddress = helper.String(v.(string))
+	}
+
+	err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UsePostgresV20170312Client().ModifyDBInstanceSSLConfigWithContext(ctx, request)
+		if e != nil {
+			return tccommon.RetryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+
+		if result == nil || result.Response == nil {
+			return resource.NonRetryableError(fmt.Errorf("Update postgresql instance ssl config failed, Response is nil."))
+		}
+
+		response = result
+		return nil
+	})
+
+	if err != nil {
+		log.Printf("[CRITAL]%s update postgresql instance ssl config failed, reason:%+v", logId, err)
+		return err
+	}
+
+	if response.Response.TaskId == nil {
+		return fmt.Errorf("TaksId is nil.")
+	}
+
+	// wait
+	taskId := *response.Response.TaskId
+	taskRequest := postgresv20170312.NewDescribeTasksRequest()
+	taskRequest.TaskId = helper.Int64Uint64(taskId)
+	err = resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UsePostgresqlV20170312Client().DescribeTasksWithContext(ctx, taskRequest)
+		if e != nil {
+			return tccommon.RetryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, taskRequest.GetAction(), taskRequest.ToJsonString(), result.ToJsonString())
+		}
+
+		if result == nil || result.Response == nil || result.Response.TaskSet == nil {
+			return resource.NonRetryableError(fmt.Errorf("Describe tasks failed, Response is nil."))
+		}
+
+		if len(result.Response.TaskSet) == 0 {
+			return resource.RetryableError(fmt.Errorf("wait TaskSet init."))
+		}
+
+		if result.Response.TaskSet[0].Status != nil && *result.Response.TaskSet[0].Status == "Success" {
+			return nil
+		}
+
+		return resource.RetryableError(fmt.Errorf("postgresql instance ssl config is running, status is %s.", *result.Response.TaskSet[0].Status))
+	})
+
+	if err != nil {
+		log.Printf("[CRITAL]%s update postgresql instance ssl config, reason:%+v", logId, err)
+		return err
+	}
+
+	return resourceTencentCloudPostgresqlInstanceSslConfigRead(d, meta)
+}
+
+func resourceTencentCloudPostgresqlInstanceSslConfigDelete(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("resource.tencentcloud_postgresql_instance_ssl_config.delete")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	return nil
+}

tencentcloud/services/postgresql/resource_tc_postgresql_instance_ssl_config.md

@@ -0,0 +1,32 @@
+Provides a resource to create a postgres instance ssl config
+
+~> **NOTE:** If `ssl_enabled` is `false`, Please do not set `connect_address` field.
+
+Example Usage
+
+Enable ssl config
+
+```hcl
+resource "tencentcloud_postgresql_instance_ssl_config" "example" {
+  db_instance_id  = "postgres-5wux9sub"
+  ssl_enabled     = true
+  connect_address = "10.0.0.12"
+}
+```
+
+Disable ssl config
+
+```hcl
+resource "tencentcloud_postgresql_instance_ssl_config" "example" {
+  db_instance_id  = "postgres-5wux9sub"
+  ssl_enabled     = false
+}
+```
+
+Import
+
+postgres instance ssl config can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_postgresql_instance_ssl_config.example postgres-5wux9sub
+```

tencentcloud/services/postgresql/resource_tc_postgresql_instance_ssl_config_test.go

@@ -0,0 +1,33 @@
+package postgresql_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudPostgresqlInstanceSslConfigResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			tcacctest.AccPreCheck(t)
+		},
+		Providers: tcacctest.AccProviders,
+		Steps: []resource.TestStep{{
+			Config: testAccPostgresqlInstanceSslConfig,
+			Check:  resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_postgresql_instance_ssl_config.postgresql_instance_ssl_config", "id")),
+		}, {
+			ResourceName:      "tencentcloud_postgresql_instance_ssl_config.postgresql_instance_ssl_config",
+			ImportState:       true,
+			ImportStateVerify: true,
+		}},
+	})
+}
+
+const testAccPostgresqlInstanceSslConfig = `
+
+resource "tencentcloud_postgresql_instance_ssl_config" "postgresql_instance_ssl_config" {
+}
+`

tencentcloud/services/postgresql/service_tencentcloud_postgresql.go

@@ -2286,3 +2286,28 @@ func (me *PostgresqlService) DescribePostgresqlParametersById(ctx context.Contex
 	ret = response.Response
 	return
 }
+
+func (me *PostgresqlService) DescribePostgresqlInstanceSslConfigById(ctx context.Context, dbInsntaceId string) (ret *postgresv20170312.DescribeDBInstanceSSLConfigResponseParams, errRet error) {
+	logId := tccommon.GetLogId(ctx)
+
+	request := postgresv20170312.NewDescribeDBInstanceSSLConfigRequest()
+	request.DBInstanceId = helper.String(dbInsntaceId)
+
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+		}
+	}()
+
+	ratelimit.Check(request.GetAction())
+
+	response, err := me.client.UsePostgresqlV20170312Client().DescribeDBInstanceSSLConfig(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+	ret = response.Response
+	return
+}

website/docs/r/postgresql_instance_ssl_config.html.markdown

@@ -0,0 +1,60 @@
+---
+subcategory: "TencentDB for PostgreSQL(PostgreSQL)"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_postgresql_instance_ssl_config"
+sidebar_current: "docs-tencentcloud-resource-postgresql_instance_ssl_config"
+description: |-
+  Provides a resource to create a postgres instance ssl config
+---
+
+# tencentcloud_postgresql_instance_ssl_config
+
+Provides a resource to create a postgres instance ssl config
+
+~> **NOTE:** If `ssl_enabled` is `false`, Please do not set `connect_address` field.
+
+## Example Usage
+
+### Enable ssl config
+
+```hcl
+resource "tencentcloud_postgresql_instance_ssl_config" "example" {
+  db_instance_id  = "postgres-5wux9sub"
+  ssl_enabled     = true
+  connect_address = "10.0.0.12"
+}
+```
+
+### Disable ssl config
+
+```hcl
+resource "tencentcloud_postgresql_instance_ssl_config" "example" {
+  db_instance_id = "postgres-5wux9sub"
+  ssl_enabled    = false
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `db_instance_id` - (Required, String, ForceNew) Postgres instance ID.
+* `ssl_enabled` - (Required, Bool) Enable or disable SSL. true: enable; false: disable.
+* `connect_address` - (Optional, String) The unique connection address protected by SSL certificate, which can be set as the internal and external IP address if it is the primary instance; If it is a read-only instance, it can be set as the instance IP or read-only group IP. This parameter is mandatory when enabling SSL or modifying SSL protected connection addresses; When SSL is turned off, this parameter will be ignored.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - ID of the resource.
+* `ca_url` - Cloud root certificate download link.
+
+
+## Import
+
+postgres instance ssl config can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_postgresql_instance_ssl_config.example postgres-5wux9sub
+```
+

website/tencentcloud.erb

@@ -6060,6 +6060,9 @@
                                 <li>
                                     <a href="/docs/providers/tencentcloud/r/postgresql_instance_network_access.html">tencentcloud_postgresql_instance_network_access</a>
                                 </li>
+                                <li>
+                                    <a href="/docs/providers/tencentcloud/r/postgresql_instance_ssl_config.html">tencentcloud_postgresql_instance_ssl_config</a>
+                                </li>
                                 <li>
                                     <a href="/docs/providers/tencentcloud/r/postgresql_isolate_db_instance_operation.html">tencentcloud_postgresql_isolate_db_instance_operation</a>
                                 </li>