resource/alicloud_cloud_firewall_instance: Adds new attributes cfw_ac…

…count and account_number, and removes the attribute cfw_service
aliyun · Aug 28, 2023 · 8e9f99d · 8e9f99d
1 parent 01f4cbf
commit 8e9f99d
Show file tree

Hide file tree

Showing 3 changed files with 264 additions and 109 deletions.
diff --git a/alicloud/resource_alicloud_cloud_firewall_instance.go b/alicloud/resource_alicloud_cloud_firewall_instance.go
@@ -9,7 +9,6 @@ import (
 	"github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
-	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
 )
 
 func resourceAlicloudCloudFirewallInstance() *schema.Resource {
@@ -26,12 +25,12 @@ func resourceAlicloudCloudFirewallInstance() *schema.Resource {
 				Type:         schema.TypeString,
 				Required:     true,
 				ForceNew:     true,
-				ValidateFunc: validation.StringInSlice([]string{"Subscription"}, false),
+				ValidateFunc: StringInSlice([]string{"Subscription"}, false),
 			},
 			"period": {
 				Type:         schema.TypeInt,
 				Required:     true,
-				ValidateFunc: validation.IntInSlice([]int{1, 3, 6, 12, 24, 36}),
+				ValidateFunc: IntInSlice([]int{1, 3, 6, 12, 24, 36}),
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
 					if v, ok := d.GetOk("payment_type"); ok && v.(string) == "Subscription" {
 						return false
@@ -42,7 +41,37 @@ func resourceAlicloudCloudFirewallInstance() *schema.Resource {
 			"renew_period": {
 				Type:         schema.TypeInt,
 				Optional:     true,
-				ValidateFunc: validation.IntBetween(1, 12),
+				ValidateFunc: IntInSlice([]int{1, 12, 2, 3, 6}),
+				Computed:     true,
+				Deprecated:   "Attribute 'renew_period' has been deprecated since 1.209.1. Using 'renewal_duration' instead.",
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if v, ok := d.GetOk("payment_type"); ok && v.(string) == "Subscription" {
+						if v, ok := d.GetOk("renewal_status"); ok && v.(string) == "AutoRenewal" {
+							return false
+						}
+					}
+					return true
+				},
+			},
+			"renewal_duration": {
+				Type:         schema.TypeInt,
+				Optional:     true,
+				ValidateFunc: IntInSlice([]int{1, 12, 2, 3, 6}),
+				Computed:     true,
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if v, ok := d.GetOk("payment_type"); ok && v.(string) == "Subscription" {
+						if v, ok := d.GetOk("renewal_status"); ok && v.(string) == "AutoRenewal" {
+							return false
+						}
+					}
+					return true
+				},
+				ConflictsWith: []string{"renew_period"},
+			},
+			"renewal_duration_unit": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: StringInSlice([]string{"Month", "Year"}, false),
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
 					if v, ok := d.GetOk("payment_type"); ok && v.(string) == "Subscription" {
 						if v, ok := d.GetOk("renewal_status"); ok && v.(string) == "AutoRenewal" {
@@ -56,7 +85,7 @@ func resourceAlicloudCloudFirewallInstance() *schema.Resource {
 				Type:         schema.TypeString,
 				Optional:     true,
 				Computed:     true,
-				ValidateFunc: validation.StringInSlice([]string{"AutoRenewal", "ManualRenewal"}, false),
+				ValidateFunc: StringInSlice([]string{"AutoRenewal", "ManualRenewal", "NotRenewal"}, false),
 				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
 					if v, ok := d.GetOk("payment_type"); ok && v.(string) == "Subscription" {
 						return false
@@ -70,22 +99,50 @@ func resourceAlicloudCloudFirewallInstance() *schema.Resource {
 			},
 			"cfw_service": {
 				Type:     schema.TypeBool,
-				Required: true,
+				Optional: true,
+				Removed:  "Attribute 'cfw_service' does not support longer, and it has been removed since v1.209.1",
+			},
+			"cfw_account": {
+				Type:     schema.TypeBool,
+				Optional: true,
+			},
+			"account_number": {
+				Type:         schema.TypeInt,
+				Optional:     true,
+				ValidateFunc: IntBetween(1, 1000),
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if v, ok := d.GetOk("cfw_account"); ok && v.(bool) {
+						return false
+					}
+					return true
+				},
 			},
 			"fw_vpc_number": {
 				Type:         schema.TypeInt,
 				Optional:     true,
-				ValidateFunc: validation.IntBetween(2, 500),
+				ValidateFunc: IntBetween(2, 500),
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if v, ok := d.GetOk("spec"); ok && v.(string) == "premium_version" {
+						return true
+					}
+					return false
+				},
 			},
 			"ip_number": {
 				Type:         schema.TypeInt,
 				Required:     true,
-				ValidateFunc: validation.IntBetween(20, 4000),
+				ValidateFunc: IntBetween(20, 4000),
 			},
 			"cfw_log_storage": {
 				Type:         schema.TypeInt,
-				Required:     true,
-				ValidateFunc: validation.IntBetween(1000, 500000),
+				Optional:     true,
+				ValidateFunc: IntBetween(1000, 500000),
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if v, ok := d.GetOk("cfw_log"); ok && v.(bool) {
+						return false
+					}
+					return true
+				},
 			},
 			"cfw_log": {
 				Type:     schema.TypeBool,
@@ -94,26 +151,22 @@ func resourceAlicloudCloudFirewallInstance() *schema.Resource {
 			"band_width": {
 				Type:         schema.TypeInt,
 				Required:     true,
-				ValidateFunc: validation.IntBetween(10, 15000),
+				ValidateFunc: IntBetween(10, 15000),
 			},
 			"instance_count": {
 				Type:         schema.TypeInt,
 				Optional:     true,
-				ValidateFunc: validation.IntBetween(5, 5000),
+				ValidateFunc: IntBetween(5, 5000),
 			},
 			"spec": {
 				Type:         schema.TypeString,
 				Required:     true,
-				ValidateFunc: validation.StringInSlice([]string{"premium_version", "enterprise_version", "ultimate_version"}, false),
+				ValidateFunc: StringInSlice([]string{"premium_version", "enterprise_version", "ultimate_version"}, false),
 			},
 			"create_time": {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"renewal_duration_unit": {
-				Type:     schema.TypeString,
-				Computed: true,
-			},
 			"status": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -129,7 +182,7 @@ func resourceAlicloudCloudFirewallInstance() *schema.Resource {
 			"modify_type": {
 				Type:         schema.TypeString,
 				Optional:     true,
-				ValidateFunc: validation.StringInSlice([]string{"Downgrade", "Upgrade"}, false),
+				ValidateFunc: StringInSlice([]string{"Downgrade", "Upgrade"}, false),
 			},
 		},
 	}
@@ -159,11 +212,16 @@ func resourceAlicloudCloudFirewallInstanceCreate(d *schema.ResourceData, meta in
 		request["RenewalStatus"] = v
 	}
 
-	if v, ok := d.GetOk("renewal_duration"); ok {
+	if v, ok := d.GetOk("renew_period"); ok {
+		request["RenewPeriod"] = v
+	} else if v, ok := d.GetOk("renewal_duration"); ok {
 		request["RenewPeriod"] = v
 	} else if v, ok := d.GetOk("renewal_status"); ok && v.(string) == "AutoRenewal" {
 		return WrapError(fmt.Errorf("attribute '%s' is required when '%s' is %v ", "renewal_duration", "renewal_status", d.Get("renewal_status")))
 	}
+	if v, ok := d.GetOk("renewal_status"); ok {
+		request["RenewalStatus"] = v
+	}
 	if v, ok := d.GetOk("logistics"); ok {
 		request["Logistics"] = v
 	}
@@ -185,14 +243,12 @@ func resourceAlicloudCloudFirewallInstanceCreate(d *schema.ResourceData, meta in
 		"Code":  "CfwLog",
 		"Value": d.Get("cfw_log"),
 	})
-	parameterMapList = append(parameterMapList, map[string]interface{}{
-		"Code":  "CfwLogStorage",
-		"Value": d.Get("cfw_log_storage"),
-	})
-	parameterMapList = append(parameterMapList, map[string]interface{}{
-		"Code":  "CfwService",
-		"Value": d.Get("cfw_service"),
-	})
+	if v, ok := d.GetOk("cfw_log_storage"); ok {
+		parameterMapList = append(parameterMapList, map[string]interface{}{
+			"Code":  "CfwLogStorage",
+			"Value": v,
+		})
+	}
 	if v, ok := d.GetOk("fw_vpc_number"); ok {
 		parameterMapList = append(parameterMapList, map[string]interface{}{
 			"Code":  "FwVpcNumber",
@@ -243,7 +299,7 @@ func resourceAlicloudCloudFirewallInstanceRead(d *schema.ResourceData, meta inte
 	bssOpenApiService := BssOpenApiService{client}
 	getQueryInstanceObject, err := bssOpenApiService.QueryAvailableInstance(d.Id())
 	if err != nil {
-		if NotFoundError(err) {
+		if !d.IsNewResource() && NotFoundError(err) {
 			log.Printf("[DEBUG] Resource alicloud_cloud_firewall_instance bssOpenApiService.QueryAvailableInstance Failed!!! %s", err)
 			d.SetId("")
 			return nil
@@ -253,8 +309,10 @@ func resourceAlicloudCloudFirewallInstanceRead(d *schema.ResourceData, meta inte
 	d.Set("create_time", getQueryInstanceObject["CreateTime"])
 	d.Set("renewal_status", getQueryInstanceObject["RenewStatus"])
 	d.Set("renewal_duration_unit", convertCloudFirewallInstanceRenewalDurationUnitResponse(getQueryInstanceObject["RenewalDurationUnit"]))
+	d.Set("renewal_duration", getQueryInstanceObject["RenewalDuration"])
+	d.Set("renew_period", getQueryInstanceObject["RenewalDuration"])
 	d.Set("status", getQueryInstanceObject["Status"])
-	d.Set("subscription_type", getQueryInstanceObject["SubscriptionType"])
+	d.Set("payment_type", getQueryInstanceObject["SubscriptionType"])
 	d.Set("end_time", getQueryInstanceObject["EndTime"])
 	return nil
 }
@@ -267,46 +325,74 @@ func resourceAlicloudCloudFirewallInstanceUpdate(d *schema.ResourceData, meta in
 	var response map[string]interface{}
 	d.Partial(true)
 	update := false
-	renewInstancerequest := map[string]interface{}{
-		"InstanceId": d.Id(),
+	setRenewalReq := map[string]interface{}{
+		"InstanceIDs": d.Id(),
 	}
 
-	if d.HasChange("renew_period") && !d.IsNewResource() {
+	if !d.IsNewResource() && d.HasChange("renewal_status") {
 		update = true
-		renewInstancerequest["RenewPeriod"] = d.Get("renew_period")
 	}
+	if v, ok := d.GetOk("renewal_status"); ok {
+		setRenewalReq["RenewalStatus"] = v
+	}
+	if !d.IsNewResource() && d.HasChange("renew_period") {
+		update = true
+	}
+	if v, ok := d.GetOk("renew_period"); ok {
+		setRenewalReq["RenewalPeriod"] = v
+	}
+
+	if !d.IsNewResource() && d.HasChange("renewal_duration") {
+		update = true
+	}
+
+	if v, ok := d.GetOk("renewal_duration"); ok {
+		setRenewalReq["RenewalPeriod"] = v
+	}
+
+	if !d.IsNewResource() && d.HasChange("renewal_duration_unit") {
+		update = true
+	}
+	if v, ok := d.GetOk("renewal_duration_unit"); ok {
+		setRenewalReq["RenewalPeriodUnit"] = convertCloudFirewallInstanceRenewalDurationUnitRequest(v.(string))
+	} else if v, ok := d.GetOk("renewal_status"); ok && v.(string) == "AutoRenewal" {
+		return WrapError(fmt.Errorf("attribute '%s' is required when '%s' is %v ", "renewal_duration_unit", "renewal_status", d.Get("renewal_status")))
+	}
+
+	setRenewalReq["SubscriptionType"] = d.Get("payment_type")
+	setRenewalReq["ProductCode"] = "vipcloudfw"
+	setRenewalReq["ProductType"] = "vipcloudfw"
+
 	if update {
-		action := "RenewInstance"
-		renewInstancerequest["ClientToken"] = buildClientToken(action)
-		renewInstancerequest["ProductCode"] = "vipcloudfw"
-		renewInstancerequest["ProductType"] = "vipcloudfw"
-		runtime := util.RuntimeOptions{}
-		runtime.SetAutoretry(true)
+		action := "SetRenewal"
 		wait := incrementalWait(3*time.Second, 3*time.Second)
 		err = resource.Retry(d.Timeout(schema.TimeoutUpdate), func() *resource.RetryError {
-			response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2017-12-14"), StringPointer("AK"), nil, renewInstancerequest, &runtime)
+			response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2017-12-14"), StringPointer("AK"), nil, setRenewalReq, &util.RuntimeOptions{})
 			if err != nil {
 				if NeedRetry(err) {
 					wait()
 					return resource.RetryableError(err)
 				}
 				if IsExpectedErrors(err, []string{"NotApplicable"}) {
-					renewInstancerequest["ProductCode"] = "cfw"
-					renewInstancerequest["ProductType"] = "cfw_pre_intl"
 					conn.Endpoint = String(connectivity.BssOpenAPIEndpointInternational)
+					setRenewalReq["ProductType"] = "cfw_pre_intl"
 					return resource.RetryableError(err)
 				}
 				return resource.NonRetryableError(err)
 			}
 			return nil
 		})
-		addDebug(action, response, renewInstancerequest)
+		addDebug(action, response, setRenewalReq)
 		if err != nil {
 			return WrapErrorf(err, DefaultErrorMsg, d.Id(), action, AlibabaCloudSdkGoERROR)
 		}
 		if fmt.Sprint(response["Code"]) != "Success" {
 			return WrapError(fmt.Errorf("%s failed, response: %v", action, response))
 		}
+		d.SetPartial("renewal_status")
+		d.SetPartial("payment_type")
+		d.SetPartial("renewal_duration")
+		d.SetPartial("renewal_duration_unit")
 	}
 
 	update = false
@@ -317,24 +403,33 @@ func resourceAlicloudCloudFirewallInstanceUpdate(d *schema.ResourceData, meta in
 	modifyInstanceRequest["ProductCode"] = "vipcloudfw"
 	modifyInstanceRequest["SubscriptionType"] = d.Get("payment_type")
 	parameterMapList := make([]map[string]interface{}, 0)
-	if d.HasChange("cfw_service") {
+
+	if d.HasChange("cfw_account") {
+		update = true
+	}
+	parameterMapList = append(parameterMapList, map[string]interface{}{
+		"Code":  "CfwAccount",
+		"Value": d.Get("cfw_account"),
+	})
+
+	if d.HasChange("account_number") {
 		update = true
 	}
-	if v, ok := d.GetOk("cfw_service"); ok {
+	if v, ok := d.GetOk("account_number"); ok {
 		parameterMapList = append(parameterMapList, map[string]interface{}{
-			"Code":  "CfwService",
+			"Code":  "AccountNum",
 			"Value": v,
 		})
 	}
 
 	if d.HasChange("fw_vpc_number") {
 		update = true
-	}
-	if v, ok := d.GetOk("fw_vpc_number"); ok {
-		parameterMapList = append(parameterMapList, map[string]interface{}{
-			"Code":  "FwVpcNumber",
-			"Value": v,
-		})
+		if v, ok := d.GetOk("fw_vpc_number"); ok {
+			parameterMapList = append(parameterMapList, map[string]interface{}{
+				"Code":  "FwVpcNumber",
+				"Value": v,
+			})
+		}
 	}
 	if d.HasChange("ip_number") {
 		update = true
@@ -425,7 +520,7 @@ func resourceAlicloudCloudFirewallInstanceUpdate(d *schema.ResourceData, meta in
 			return WrapError(fmt.Errorf("%s failed, response: %v", action, response))
 		}
 		d.SetPartial("payment_type")
-		d.SetPartial("cfw_service")
+		//d.SetPartial("cfw_service")
 		d.SetPartial("fw_vpc_number")
 		d.SetPartial("ip_number")
 		d.SetPartial("cfw_log_storage")
@@ -463,3 +558,13 @@ func convertCloudFirewallInstanceRenewalDurationUnitResponse(source interface{})
 	}
 	return source
 }
+
+func convertCloudFirewallInstanceRenewalDurationUnitRequest(source interface{}) interface{} {
+	switch source {
+	case "Month":
+		return "M"
+	case "Year":
+		return "Y"
+	}
+	return source
+}