feat: resource mfaFlag

Author: WeiMengXS

tencentcloud/provider.go

@@ -234,6 +234,7 @@ Cloud Access Management(CAM)
 	tencentcloud_cam_role_sso
 	tencentcloud_cam_service_linked_role
 	tencentcloud_cam_user_saml_config
+	tencentcloud_cam_mfa_flag
 
 Customer Identity and Access Management(CIAM)
   Resource
@@ -3036,6 +3037,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_dlc_user":                                            resourceTencentCloudDlcUser(),
 			"tencentcloud_wedata_rule_template":                                resourceTencentCloudWedataRuleTemplate(),
 			"tencentcloud_ssl_commit_certificate_information":                  resourceTencentCloudSslCommitCertificateInformation(),
+			"tencentcloud_cam_mfa_flag":                                        resourceTencentCloudCamMfaFlag(),
 		},
 
 		ConfigureFunc: providerConfigure,

tencentcloud/resource_tc_cam_mfa_flag.go

@@ -0,0 +1,254 @@
+/*
+Provides a resource to create a cam mfa_flag
+
+Example Usage
+
+```hcl
+resource "tencentcloud_cam_mfa_flag" "mfa_flag" {
+  op_uin = 20003xxxxxxx
+  login_flag {
+		phone = 0
+		stoken = 1
+		wechat = 0
+
+  }
+  action_flag {
+		phone = 0
+		stoken = 1
+		wechat = 0
+  }
+}
+```
+
+Import
+
+cam mfa_flag can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_cam_mfa_flag.mfa_flag mfa_flag_id
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+	"log"
+	"strconv"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	cam "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cam/v20190116"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudCamMfaFlag() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudCamMfaFlagCreate,
+		Read:   resourceTencentCloudCamMfaFlagRead,
+		Update: resourceTencentCloudCamMfaFlagUpdate,
+		Delete: resourceTencentCloudCamMfaFlagDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"op_uin": {
+				Required:    true,
+				Type:        schema.TypeInt,
+				Description: "Operate uin.",
+			},
+
+			"login_flag": {
+				Optional:    true,
+				Type:        schema.TypeList,
+				MaxItems:    1,
+				Description: "Login flag setting.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"phone": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Phone.",
+						},
+						"stoken": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Soft token.",
+						},
+						"wechat": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Wechat.",
+						},
+					},
+				},
+			},
+
+			"action_flag": {
+				Optional:    true,
+				Type:        schema.TypeList,
+				MaxItems:    1,
+				Description: "Action flag setting.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"phone": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Phone.",
+						},
+						"stoken": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Soft token.",
+						},
+						"wechat": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "Wechat.",
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func resourceTencentCloudCamMfaFlagCreate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_cam_mfa_flag.create")()
+	defer inconsistentCheck(d, meta)()
+	var opUin int
+
+	if v, ok := d.GetOk("op_uin"); ok {
+		opUin = v.(int)
+	}
+	d.SetId(strconv.Itoa(opUin))
+	return resourceTencentCloudCamMfaFlagUpdate(d, meta)
+}
+
+func resourceTencentCloudCamMfaFlagRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_cam_mfa_flag.read")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	service := CamService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	loginFlag, actionFlag, err := service.DescribeCamMfaFlagById(ctx)
+	if err != nil {
+		return err
+	}
+
+	if loginFlag == nil && actionFlag == nil {
+		log.Printf("[WARN]%s resource `CamMfaFlag` not found, please check if it has been deleted.\n", logId)
+		return nil
+	}
+
+	if loginFlag != nil {
+		loginFlagMap := map[string]interface{}{}
+
+		if loginFlag.Phone != nil {
+			loginFlagMap["phone"] = loginFlag.Phone
+		}
+
+		if loginFlag.Stoken != nil {
+			loginFlagMap["stoken"] = loginFlag.Stoken
+		}
+
+		if loginFlag.Wechat != nil {
+			loginFlagMap["wechat"] = loginFlag.Wechat
+		}
+
+		_ = d.Set("login_flag", []interface{}{loginFlagMap})
+	}
+
+	if actionFlag != nil {
+		actionFlagMap := map[string]interface{}{}
+
+		if actionFlag.Phone != nil {
+			actionFlagMap["phone"] = actionFlag.Phone
+		}
+
+		if actionFlag.Stoken != nil {
+			actionFlagMap["stoken"] = actionFlag.Stoken
+		}
+
+		if actionFlag.Wechat != nil {
+			actionFlagMap["wechat"] = actionFlag.Wechat
+		}
+
+		_ = d.Set("action_flag", []interface{}{actionFlagMap})
+	}
+
+	return nil
+}
+
+func resourceTencentCloudCamMfaFlagUpdate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_cam_mfa_flag.update")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+	opUin := d.Id()
+	request := cam.NewSetMfaFlagRequest()
+	uin, err := strconv.Atoi(opUin)
+	if err != nil {
+		return err
+	}
+	request.OpUin = common.Uint64Ptr(uint64(uin))
+
+	if d.HasChange("login_flag") {
+		if dMap, ok := helper.InterfacesHeadMap(d, "login_flag"); ok {
+			loginActionMfaFlag := cam.LoginActionMfaFlag{}
+			if v, ok := dMap["phone"]; ok {
+				loginActionMfaFlag.Phone = helper.IntUint64(v.(int))
+			}
+			if v, ok := dMap["stoken"]; ok {
+				loginActionMfaFlag.Stoken = helper.IntUint64(v.(int))
+			}
+			if v, ok := dMap["wechat"]; ok {
+				loginActionMfaFlag.Wechat = helper.IntUint64(v.(int))
+			}
+			request.LoginFlag = &loginActionMfaFlag
+		}
+	}
+
+	if d.HasChange("action_flag") {
+		if dMap, ok := helper.InterfacesHeadMap(d, "action_flag"); ok {
+			loginActionMfaFlag := cam.LoginActionMfaFlag{}
+			if v, ok := dMap["phone"]; ok {
+				loginActionMfaFlag.Phone = helper.IntUint64(v.(int))
+			}
+			if v, ok := dMap["stoken"]; ok {
+				loginActionMfaFlag.Stoken = helper.IntUint64(v.(int))
+			}
+			if v, ok := dMap["wechat"]; ok {
+				loginActionMfaFlag.Wechat = helper.IntUint64(v.(int))
+			}
+			request.ActionFlag = &loginActionMfaFlag
+		}
+	}
+
+	err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(*TencentCloudClient).apiV3Conn.UseCamClient().SetMfaFlag(request)
+		if e != nil {
+			return retryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+		return nil
+	})
+	if err != nil {
+		log.Printf("[CRITAL]%s update cam mfaFlag failed, reason:%+v", logId, err)
+		return err
+	}
+
+	return resourceTencentCloudCamMfaFlagRead(d, meta)
+}
+
+func resourceTencentCloudCamMfaFlagDelete(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_cam_mfa_flag.delete")()
+	defer inconsistentCheck(d, meta)()
+
+	return nil
+}

tencentcloud/resource_tc_cam_mfa_flag_test.go

@@ -0,0 +1,48 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccTencentCloudCamMfaFlagResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCamMfaFlag,
+				Check:  resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_cam_mfa_flag.mfa_flag", "id")),
+			},
+			{
+				ResourceName:      "tencentcloud_cam_mfa_flag.mfa_flag",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+const testAccCamMfaFlag = `
+data "tencentcloud_user_info" "info"{}
+
+resource "tencentcloud_cam_mfa_flag" "mfa_flag" {
+  op_uin = data.tencentcloud_user_info.info.uin
+  login_flag {
+		phone = 0
+		stoken = 1
+		wechat = 0
+
+  }
+  action_flag {
+		phone = 0
+		stoken = 1
+		wechat = 0
+  }
+}
+
+`

tencentcloud/resource_tc_ssl_commit_certificate_information.go

@@ -46,12 +46,13 @@ package tencentcloud
 
 import (
 	"context"
+	"log"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/errors"
 	ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
 	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
-	"log"
 )
 
 func resourceTencentCloudSslCommitCertificateInformation() *schema.Resource {

tencentcloud/resource_tc_ssl_commit_certificate_information_test.go

@@ -1,8 +1,9 @@
 package tencentcloud
 
 import (
-	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 )
 
 func TestAccTencentCloudSslCommitCertificateInformationResource_basic(t *testing.T) {

tencentcloud/service_tencentcloud_cam.go

@@ -1355,3 +1355,32 @@ func (me *CamService) DeleteCamUserSamlConfigById(ctx context.Context) (errRet e
 
 	return
 }
+
+func (me *CamService) DescribeCamMfaFlagById(ctx context.Context) (loginFlag *cam.LoginActionFlag, actionFlag *cam.LoginActionFlag, errRet error) {
+	logId := getLogId(ctx)
+
+	request := cam.NewDescribeSafeAuthFlagRequest()
+
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+		}
+	}()
+
+	ratelimit.Check(request.GetAction())
+
+	response, err := me.client.UseCamClient().DescribeSafeAuthFlag(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+	if response.Response.ActionFlag == nil && response.Response.LoginFlag == nil {
+		return
+	}
+
+	loginFlag = response.Response.LoginFlag
+	actionFlag = response.Response.ActionFlag
+	return
+}