Merge pull request #674 from tencentcloudstack/fix/cam_user_id_field

fix: cam role user - modify argument field 'id' to 'name'

Author: Kagashino

tencentcloud/data_source_tc_cam_group_memberships.go

@@ -47,6 +47,15 @@ func dataSourceTencentCloudCamGroupMemberships() *schema.Resource {
 							Description: "ID of CAM group.",
 						},
 						"user_ids": {
+							Type:     schema.TypeSet,
+							Computed: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+							Deprecated: "It has been deprecated from version 1.59.5. Use `user_names` instead.",
+							Description: "ID set of the CAM group members.",
+						},
+						"user_names": {
 							Type:     schema.TypeSet,
 							Computed: true,
 							Elem: &schema.Schema{
@@ -89,6 +98,7 @@ func dataSourceTencentCloudCamGroupMembershipsRead(d *schema.ResourceData, meta
 	mapping := map[string]interface{}{
 		"group_id": groupId,
 		"user_ids": memberships,
+		"user_names": memberships,
 	}
 	groupList = append(groupList, mapping)
 	ids = append(ids, groupId)

tencentcloud/resource_tc_cam_group_membership.go

@@ -6,7 +6,7 @@ Example Usage
 ```hcl
 resource "tencentcloud_cam_group_membership" "foo" {
   group_id = tencentcloud_cam_group.foo.id
-  user_ids = [tencentcloud_cam_user.foo.id, tencentcloud_cam_user.bar.id]
+  user_names = [tencentcloud_cam_user.foo.name, tencentcloud_cam_user.bar.name]
 }
 ```
 
@@ -51,12 +51,23 @@ func resourceTencentCloudCamGroupMembership() *schema.Resource {
 			},
 			"user_ids": {
 				Type:     schema.TypeSet,
-				Required: true,
+				Optional: true,
+				AtLeastOneOf: []string{"user_ids", "user_names"},
 				Elem: &schema.Schema{
 					Type: schema.TypeString,
 				},
+				Deprecated: "It has been deprecated from version 1.59.5. Use `user_names` instead.",
 				Description: "ID set of the CAM group members.",
 			},
+			"user_names": {
+				Type:     schema.TypeSet,
+				Optional: true,
+				AtLeastOneOf: []string{"user_ids", "user_names"},
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Description: "User name set as ID of the CAM group members.",
+			},
 		},
 	}
 }
@@ -67,8 +78,11 @@ func resourceTencentCloudCamGroupMembershipCreate(d *schema.ResourceData, meta i
 	logId := getLogId(contextNil)
 
 	groupId := d.Get("group_id").(string)
-	members := d.Get("user_ids").(*schema.Set).List()
-	err := addUsersToGroup(members, groupId, meta)
+	members, _, err := getUserIds(d)
+	if err != nil {
+		return err
+	}
+	err = addUsersToGroup(members.List(), groupId, meta)
 	if err != nil {
 		log.Printf("[CRITAL]%s create CAM group membership failed, reason:%s\n", logId, err.Error())
 		return err
@@ -132,7 +146,11 @@ func resourceTencentCloudCamGroupMembershipRead(d *schema.ResourceData, meta int
 	//this may cause problems when there are members in two dimensions array
 	//need to read state of the tfstate file to clear the relationships
 	//in this situation, import action is not supported
-	stateMembers := d.Get("user_ids").(*schema.Set)
+	stateMembers, usingNames, err := getUserIds(d)
+	if err != nil {
+		stateMembers = &schema.Set{}
+	}
+	memberResult := make([]*string, 0)
 	if stateMembers.Len() != 0 {
 		//the old state exist
 		//create a new membership with state
@@ -142,9 +160,15 @@ func resourceTencentCloudCamGroupMembershipRead(d *schema.ResourceData, meta int
 				exactMembers = append(exactMembers, v)
 			}
 		}
-		_ = d.Set("user_ids", exactMembers)
+		memberResult = exactMembers
 	} else {
-		_ = d.Set("user_ids", members)
+		memberResult = members
+	}
+
+	if usingNames {
+		_ = d.Set("user_names", memberResult)
+	} else {
+		_ = d.Set("user_ids", memberResult)
 	}
 	_ = d.Set("group_id", groupId)
 
@@ -158,26 +182,8 @@ func resourceTencentCloudCamGroupMembershipUpdate(d *schema.ResourceData, meta i
 
 	groupId := d.Id()
 
-	if d.HasChange("user_ids") {
-		o, n := d.GetChange("user_ids")
-		os := o.(*schema.Set)
-		ns := n.(*schema.Set)
-		add := ns.Difference(os).List()
-		remove := os.Difference(ns).List()
-		if len(remove) > 0 {
-			oErr := removeUsersFromGroup(remove, groupId, meta)
-			if oErr != nil {
-				log.Printf("[CRITAL]%s update CAM group membership failed, reason:%s\n", logId, oErr.Error())
-				return oErr
-			}
-		}
-		if len(add) > 0 {
-			nErr := addUsersToGroup(add, groupId, meta)
-			if nErr != nil {
-				log.Printf("[CRITAL]%s update CAM group membership failed, reason:%s\n", logId, nErr.Error())
-				return nErr
-			}
-		}
+	if err := processChange(d, groupId, logId, meta); err != nil {
+		return err
 	}
 
 	return resourceTencentCloudCamGroupMembershipRead(d, meta)
@@ -188,8 +194,12 @@ func resourceTencentCloudCamGroupMembershipDelete(d *schema.ResourceData, meta i
 
 	logId := getLogId(contextNil)
 	groupId := d.Get("group_id").(string)
-	members := d.Get("user_ids").(*schema.Set).List()
-	err := removeUsersFromGroup(members, groupId, meta)
+	userIds, _, err := getUserIds(d)
+	if err != nil {
+		return err
+	}
+	members := userIds.List()
+	err = removeUsersFromGroup(members, groupId, meta)
 	if err != nil {
 		log.Printf("[CRITAL]%s delete CAM group failed, reason:%s\n", logId, err.Error())
 		return err
@@ -320,3 +330,49 @@ func removeUsersFromGroup(members []interface{}, groupId string, meta interface{
 	}
 	return nil
 }
+
+func getUserIds(d *schema.ResourceData) (data *schema.Set, usingNames bool, errRet error) {
+	names, hasNames := d.GetOk("user_names")
+	ids, hasIds := d.GetOk("user_ids")
+
+	if hasNames {
+		return names.(*schema.Set), true, nil
+	} else if hasIds {
+		return ids.(*schema.Set), false, nil
+	}
+	return nil, true, fmt.Errorf("no user names provided")
+}
+
+func processChange(d *schema.ResourceData, groupId string, logId string, meta interface{}) error {
+	var (
+		o interface{}
+		n interface{}
+	)
+	if d.HasChange("user_names") {
+		o, n = d.GetChange("user_names")
+	} else if d.HasChange("user_ids") {
+		o, n = d.GetChange("user_ids")
+	} else {
+		return nil
+	}
+
+	os := o.(*schema.Set)
+	ns := n.(*schema.Set)
+	add := ns.Difference(os).List()
+	remove := os.Difference(ns).List()
+	if len(remove) > 0 {
+		oErr := removeUsersFromGroup(remove, groupId, meta)
+		if oErr != nil {
+			log.Printf("[CRITAL]%s update CAM group membership failed, reason:%s\n", logId, oErr.Error())
+			return oErr
+		}
+	}
+	if len(add) > 0 {
+		nErr := addUsersToGroup(add, groupId, meta)
+		if nErr != nil {
+			log.Printf("[CRITAL]%s update CAM group membership failed, reason:%s\n", logId, nErr.Error())
+			return nErr
+		}
+	}
+	return nil
+}

tencentcloud/resource_tc_cam_group_membership_test.go

@@ -20,14 +20,14 @@ func TestAccTencentCloudCamGroupMembership_basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckCamGroupMembershipExists("tencentcloud_cam_group_membership.group_membership_basic"),
 					resource.TestCheckResourceAttrSet("tencentcloud_cam_group_membership.group_membership_basic", "group_id"),
-					resource.TestCheckResourceAttr("tencentcloud_cam_group_membership.group_membership_basic", "user_ids.#", "1"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_group_membership.group_membership_basic", "user_names.#", "1"),
 				),
 			}, {
 				Config: testAccCamGroupMembership_update,
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckCamGroupMembershipExists("tencentcloud_cam_group_membership.group_membership_basic"),
 					resource.TestCheckResourceAttrSet("tencentcloud_cam_group_membership.group_membership_basic", "group_id"),
-					resource.TestCheckResourceAttr("tencentcloud_cam_group_membership.group_membership_basic", "user_ids.#", "1"),
+					resource.TestCheckResourceAttr("tencentcloud_cam_group_membership.group_membership_basic", "user_names.#", "1"),
 				),
 			},
 			{
@@ -106,7 +106,7 @@ resource "tencentcloud_cam_user" "foo" {
 
 resource "tencentcloud_cam_group_membership" "group_membership_basic" {
   group_id = tencentcloud_cam_group.group_basic.id
-  user_ids = [tencentcloud_cam_user.foo.id,]
+  user_names = [tencentcloud_cam_user.foo.id]
 }
 `
 
@@ -131,6 +131,6 @@ resource "tencentcloud_cam_user" "user_basic" {
 
 resource "tencentcloud_cam_group_membership" "group_membership_basic" {
   group_id = tencentcloud_cam_group.group_basic.id
-  user_ids = [tencentcloud_cam_user.user_basic.id]
+  user_names = [tencentcloud_cam_user.user_basic.id]
 }
 `

tencentcloud/resource_tc_cam_user_policy_attachment.go

@@ -44,10 +44,19 @@ func resourceTencentCloudCamUserPolicyAttachment() *schema.Resource {
 		Schema: map[string]*schema.Schema{
 			"user_id": {
 				Type:        schema.TypeString,
-				Required:    true,
+				Optional:    true,
 				ForceNew:    true,
+				AtLeastOneOf: []string{"user_name", "user_id"},
+				Deprecated: "It has been deprecated from version 1.59.5. Use `user_name` instead.",
 				Description: "ID of the attached CAM user.",
 			},
+			"user_name": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				ForceNew:    true,
+				AtLeastOneOf: []string{"user_name", "user_id"},
+				Description: "Name of the attached CAM user as uniq key.",
+			},
 			"policy_id": {
 				Type:        schema.TypeString,
 				Required:    true,
@@ -84,12 +93,15 @@ func resourceTencentCloudCamUserPolicyAttachmentCreate(d *schema.ResourceData, m
 	logId := getLogId(contextNil)
 	ctx := context.WithValue(context.TODO(), logIdKey, logId)
 
-	userId := d.Get("user_id").(string)
+	userId, _, err := getUserId(d)
+	if err != nil {
+		return err
+	}
 	policyId := d.Get("policy_id").(string)
 	camService := CamService{
 		client: meta.(*TencentCloudClient).apiV3Conn,
 	}
-	err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+	err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
 		e := camService.AddUserPolicyAttachment(ctx, userId, policyId)
 		if e != nil {
 			log.Printf("[CRITAL]%s reason[%s]\n", logId, e.Error())
@@ -161,7 +173,7 @@ func resourceTencentCloudCamUserPolicyAttachmentRead(d *schema.ResourceData, met
 	if e != nil {
 		return e
 	}
-	_ = d.Set("user_id", userId)
+	_ = d.Set("user_name", userId)
 	_ = d.Set("policy_id", strconv.Itoa(int(policyId)))
 	_ = d.Set("policy_name", *instance.PolicyName)
 	_ = d.Set("create_time", *instance.AddTime)
@@ -196,3 +208,14 @@ func resourceTencentCloudCamUserPolicyAttachmentDelete(d *schema.ResourceData, m
 
 	return nil
 }
+
+func getUserId(d *schema.ResourceData) (value string, usingName bool, err error) {
+	name, hasName := d.GetOk("user_name")
+	id, hasId := d.GetOk("user_id")
+	if hasName {
+		return name.(string), true, nil
+	} else if hasId {
+		return id.(string), false, nil
+	}
+	return "", false, fmt.Errorf("no user name provided")
+}

tencentcloud/resource_tc_cam_user_policy_attachment_test.go

@@ -19,7 +19,7 @@ func TestAccTencentCloudCamUserPolicyAttachment_basic(t *testing.T) {
 				Config: testAccCamUserPolicyAttachment_basic,
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckCamUserPolicyAttachmentExists("tencentcloud_cam_user_policy_attachment.user_policy_attachment_basic"),
-					resource.TestCheckResourceAttrSet("tencentcloud_cam_user_policy_attachment.user_policy_attachment_basic", "user_id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_cam_user_policy_attachment.user_policy_attachment_basic", "user_name"),
 					resource.TestCheckResourceAttrSet("tencentcloud_cam_user_policy_attachment.user_policy_attachment_basic", "policy_id"),
 				),
 			},
@@ -100,7 +100,7 @@ resource "tencentcloud_cam_policy" "policy" {
 }
 
 resource "tencentcloud_cam_user_policy_attachment" "user_policy_attachment_basic" {
-  user_id   = tencentcloud_cam_user.user.id
+  user_name   = tencentcloud_cam_user.user.name
   policy_id = tencentcloud_cam_policy.policy.id
 }
 `

website/docs/d/cam_group_memberships.html.markdown

@@ -32,6 +32,7 @@ In addition to all arguments above, the following attributes are exported:
 
 * `membership_list` - A list of CAM group membership. Each element contains the following attributes:
   * `group_id` - ID of CAM group.
-  * `user_ids` - ID set of the CAM group members.
+  * `user_ids` - (**Deprecated**) It has been deprecated from version 1.59.5. Use `user_names` instead. ID set of the CAM group members.
+  * `user_names` - ID set of the CAM group members.
 
 

website/docs/r/cam_group_membership.html.markdown

@@ -15,8 +15,8 @@ Provides a resource to create a CAM group membership.
 
 ```hcl
 resource "tencentcloud_cam_group_membership" "foo" {
-  group_id = tencentcloud_cam_group.foo.id
-  user_ids = [tencentcloud_cam_user.foo.id, tencentcloud_cam_user.bar.id]
+  group_id   = tencentcloud_cam_group.foo.id
+  user_names = [tencentcloud_cam_user.foo.name, tencentcloud_cam_user.bar.name]
 }
 ```
 
@@ -25,7 +25,8 @@ resource "tencentcloud_cam_group_membership" "foo" {
 The following arguments are supported:
 
 * `group_id` - (Required) ID of CAM group.
-* `user_ids` - (Required) ID set of the CAM group members.
+* `user_ids` - (Optional, **Deprecated**) It has been deprecated from version 1.59.5. Use `user_names` instead. ID set of the CAM group members.
+* `user_names` - (Optional) User name set as ID of the CAM group members.
 
 ## Attributes Reference
 

website/docs/r/cam_user_policy_attachment.html.markdown

@@ -25,7 +25,8 @@ resource "tencentcloud_cam_user_policy_attachment" "foo" {
 The following arguments are supported:
 
 * `policy_id` - (Required, ForceNew) ID of the policy.
-* `user_id` - (Required, ForceNew) ID of the attached CAM user.
+* `user_id` - (Optional, ForceNew, **Deprecated**) It has been deprecated from version 1.59.5. Use `user_name` instead. ID of the attached CAM user.
+* `user_name` - (Optional, ForceNew) Name of the attached CAM user as uniq key.
 
 ## Attributes Reference