feat(tco): [123456789] support provision role configuration (#3046)

* support provision role configuration

* add changelog

---------

Co-authored-by: mikatong <[email protected]>

Author: tongyiming

.changelog/3046.txt

@@ -0,0 +1,7 @@
+```release-note:new-data-source
+tencentcloud_role_configuration_provisionings
+```
+
+```release-note:new-resource
+tencentcloud_provision_role_configuration_operation
+```

tencentcloud/provider.go

@@ -1120,6 +1120,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_organization_org_share_unit_resources":        tco.DataSourceTencentCloudOrganizationOrgShareUnitResources(),
 			"tencentcloud_organization_org_share_units":                 tco.DataSourceTencentCloudOrganizationOrgShareUnits(),
 			"tencentcloud_organization_org_share_unit_members":          tco.DataSourceTencentCloudOrganizationOrgShareUnitMembers(),
+			"tencentcloud_role_configuration_provisionings":             tco.DataSourceTencentCloudRoleConfigurationProvisionings(),
 			"tencentcloud_pts_scenario_with_jobs":                       pts.DataSourceTencentCloudPtsScenarioWithJobs(),
 			"tencentcloud_cam_list_attached_user_policy":                cam.DataSourceTencentCloudCamListAttachedUserPolicy(),
 			"tencentcloud_cam_secret_last_used_time":                    cam.DataSourceTencentCloudCamSecretLastUsedTime(),
@@ -1873,6 +1874,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_identity_center_scim_credential_status":                                   tco.ResourceTencentCloudIdentityCenterScimCredentialStatus(),
 			"tencentcloud_identity_center_scim_credential":                                          tco.ResourceTencentCloudIdentityCenterScimCredential(),
 			"tencentcloud_identity_center_scim_synchronization_status":                              tco.ResourceTencentCloudIdentityCenterScimSynchronizationStatus(),
+			"tencentcloud_provision_role_configuration_operation":                                   tco.ResourceTencentCloudProvisionRoleConfigurationOperation(),
 			"tencentcloud_dbbrain_sql_filter":                                                       dbbrain.ResourceTencentCloudDbbrainSqlFilter(),
 			"tencentcloud_dbbrain_security_audit_log_export_task":                                   dbbrain.ResourceTencentCloudDbbrainSecurityAuditLogExportTask(),
 			"tencentcloud_dbbrain_db_diag_report_task":                                              dbbrain.ResourceTencentCloudDbbrainDbDiagReportTask(),

tencentcloud/provider.md

@@ -1710,6 +1710,7 @@ Tencent Cloud Organization (TCO)
     tencentcloud_organization_org_share_unit_resources
     tencentcloud_organization_org_share_units
     tencentcloud_organization_org_share_unit_members
+    tencentcloud_role_configuration_provisionings
   Resource
     tencentcloud_organization_instance
     tencentcloud_organization_org_node
@@ -1744,6 +1745,7 @@ Tencent Cloud Organization (TCO)
     tencentcloud_organization_org_share_unit_resource
     tencentcloud_accept_join_share_unit_invitation_operation
     tencentcloud_reject_join_share_unit_invitation_operation
+    tencentcloud_provision_role_configuration_operation
 
 TDSQL-C for PostgreSQL(TDCPG)
   Data Source

tencentcloud/services/tco/data_source_tc_role_configuration_provisionings.go

@@ -0,0 +1,217 @@
+package tco
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	organization "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/organization/v20210331"
+
+	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func DataSourceTencentCloudRoleConfigurationProvisionings() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceTencentCloudRoleConfigurationProvisioningsRead,
+		Schema: map[string]*schema.Schema{
+			"zone_id": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: "Space ID.",
+			},
+
+			"role_configuration_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Permission configuration ID.",
+			},
+
+			"target_type": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Type of the synchronized target account of the Tencent Cloud Organization. ManagerUin: admin account; MemberUin: member account.",
+			},
+
+			"target_uin": {
+				Type:        schema.TypeInt,
+				Optional:    true,
+				Description: "UIN of the synchronized target account of the Tencent Cloud Organization.",
+			},
+
+			"deployment_status": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Deployed: Deployment succeeded; DeployedRequired: Redeployment required; DeployFailed: Deployment failed.",
+			},
+
+			"filter": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Search by configuration name is supported.",
+			},
+
+			"role_configuration_provisionings": {
+				Type:        schema.TypeList,
+				Computed:    true,
+				Description: "Department member account list.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"deployment_status": {
+							Type:        schema.TypeString,
+							Optional:    true,
+							Description: "Deployed: Deployment succeeded; DeployedRequired: Redeployment required; DeployFailed: Deployment failed.",
+						},
+						"role_configuration_id": {
+							Type:        schema.TypeString,
+							Optional:    true,
+							Description: "Permission configuration ID.",
+						},
+						"role_configuration_name": {
+							Type:        schema.TypeString,
+							Optional:    true,
+							Description: "Permission configuration name.",
+						},
+						"target_uin": {
+							Type:        schema.TypeInt,
+							Optional:    true,
+							Description: "UIN of the target account of the Tencent Cloud Organization.",
+						},
+						"target_name": {
+							Type:        schema.TypeString,
+							Optional:    true,
+							Description: "Name of the target account of the Tencent Cloud Organization.",
+						},
+						"create_time": {
+							Type:        schema.TypeString,
+							Optional:    true,
+							Description: "Creation time.",
+						},
+						"update_time": {
+							Type:        schema.TypeString,
+							Optional:    true,
+							Description: "Modification time.",
+						},
+						"target_type": {
+							Type:        schema.TypeString,
+							Optional:    true,
+							Description: "Type of the synchronized target account of the Tencent Cloud Organization. ManagerUin: admin account; MemberUin: member account.",
+						},
+					},
+				},
+			},
+
+			"result_output_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Used to save results.",
+			},
+		},
+	}
+}
+
+func dataSourceTencentCloudRoleConfigurationProvisioningsRead(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("data_source.tencentcloud_role_configuration_provisionings.read")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	logId := tccommon.GetLogId(nil)
+	ctx := tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+
+	service := OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+
+	paramMap := make(map[string]interface{})
+	if v, ok := d.GetOk("zone_id"); ok {
+		paramMap["ZoneId"] = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("role_configuration_id"); ok {
+		paramMap["RoleConfigurationId"] = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("target_type"); ok {
+		paramMap["TargetType"] = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOkExists("target_uin"); ok {
+		paramMap["TargetUin"] = helper.IntInt64(v.(int))
+	}
+
+	if v, ok := d.GetOk("deployment_status"); ok {
+		paramMap["DeploymentStatus"] = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("filter"); ok {
+		paramMap["Filter"] = helper.String(v.(string))
+	}
+
+	var roleConfigurationProvisionings []*organization.RoleConfigurationProvisionings
+	err := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+		result, e := service.DescribeRoleConfigurationProvisioningsByFilter(ctx, paramMap)
+		if e != nil {
+			return tccommon.RetryError(e)
+		}
+		roleConfigurationProvisionings = result
+		return nil
+	})
+	if err != nil {
+		return err
+	}
+
+	var ids []string
+	roleConfigurationProvisioningsList := make([]map[string]interface{}, 0, len(roleConfigurationProvisionings))
+	if roleConfigurationProvisionings != nil {
+		for _, roleConfigurationProvisionings := range roleConfigurationProvisionings {
+			roleConfigurationProvisioningsMap := map[string]interface{}{}
+
+			var roleConfigurationId string
+			if roleConfigurationProvisionings.DeploymentStatus != nil {
+				roleConfigurationProvisioningsMap["deployment_status"] = roleConfigurationProvisionings.DeploymentStatus
+			}
+
+			if roleConfigurationProvisionings.RoleConfigurationId != nil {
+				roleConfigurationProvisioningsMap["role_configuration_id"] = roleConfigurationProvisionings.RoleConfigurationId
+				roleConfigurationId = *roleConfigurationProvisionings.RoleConfigurationId
+			}
+
+			if roleConfigurationProvisionings.RoleConfigurationName != nil {
+				roleConfigurationProvisioningsMap["role_configuration_name"] = roleConfigurationProvisionings.RoleConfigurationName
+			}
+
+			if roleConfigurationProvisionings.TargetUin != nil {
+				roleConfigurationProvisioningsMap["target_uin"] = roleConfigurationProvisionings.TargetUin
+			}
+
+			if roleConfigurationProvisionings.TargetName != nil {
+				roleConfigurationProvisioningsMap["target_name"] = roleConfigurationProvisionings.TargetName
+			}
+
+			if roleConfigurationProvisionings.CreateTime != nil {
+				roleConfigurationProvisioningsMap["create_time"] = roleConfigurationProvisionings.CreateTime
+			}
+
+			if roleConfigurationProvisionings.UpdateTime != nil {
+				roleConfigurationProvisioningsMap["update_time"] = roleConfigurationProvisionings.UpdateTime
+			}
+
+			if roleConfigurationProvisionings.TargetType != nil {
+				roleConfigurationProvisioningsMap["target_type"] = roleConfigurationProvisionings.TargetType
+			}
+
+			ids = append(ids, roleConfigurationId)
+			roleConfigurationProvisioningsList = append(roleConfigurationProvisioningsList, roleConfigurationProvisioningsMap)
+		}
+
+		_ = d.Set("role_configuration_provisionings", roleConfigurationProvisioningsList)
+	}
+
+	d.SetId(helper.DataResourceIdsHash(ids))
+
+	output, ok := d.GetOk("result_output_file")
+	if ok && output.(string) != "" {
+		if e := tccommon.WriteToFile(output.(string), d); e != nil {
+			return e
+		}
+	}
+
+	return nil
+}

tencentcloud/services/tco/data_source_tc_role_configuration_provisionings.md

@@ -0,0 +1,10 @@
+Use this data source to query detailed information of organization role_configuration_provisionings
+
+Example Usage
+
+```hcl
+data "tencentcloud_role_configuration_provisionings" "role_configuration_provisionings" {
+  zone_id               = "xxxxxx"
+  role_configuration_id = "xxxxxx"
+}
+```

tencentcloud/services/tco/data_source_tc_role_configuration_provisionings_test.go

@@ -0,0 +1,36 @@
+package tco_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudRoleConfigurationProvisioningsDataSource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			tcacctest.AccPreCheck(t)
+		},
+		Providers: tcacctest.AccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccRoleConfigurationProvisioningsDataSource,
+				Check: resource.ComposeTestCheckFunc(
+					tcacctest.AccCheckTencentCloudDataSourceID("data.tencentcloud_role_configuration_provisionings.role_configuration_provisionings"),
+					resource.TestCheckResourceAttr("data.tencentcloud_role_configuration_provisionings.role_configuration_provisionings", "role_configuration_provisionings.#", "1"),
+				),
+			},
+		},
+	})
+}
+
+const testAccRoleConfigurationProvisioningsDataSource = testAccProvisionRoleConfigurationOperation + `
+data "tencentcloud_role_configuration_provisionings" "role_configuration_provisionings" {
+  zone_id               = "z-s64jh54hbcra"
+  role_configuration_id = tencentcloud_identity_center_role_configuration.identity_center_role_configuration.role_configuration_id
+  depends_on            = [tencentcloud_provision_role_configuration_operation.provision_role_configuration_operation]
+}
+`