diff --git a/alicloud/connectivity/client.go b/alicloud/connectivity/client.go index 46d94522bfb1..2a6c540bb76e 100644 --- a/alicloud/connectivity/client.go +++ b/alicloud/connectivity/client.go @@ -744,6 +744,12 @@ func (client *AliyunClient) WithRamClient(do func(*ram.Client) (interface{}, err ramconn.AppendUserAgent(Module, client.config.ConfigurationSource) ramconn.AppendUserAgent(TerraformTraceId, client.config.TerraformTraceId) client.ramconn = ramconn + } else { + err := client.ramconn.InitWithOptions(client.config.RegionId, client.getSdkConfig(), client.config.getAuthCredential(true)) + if err != nil { + return nil, fmt.Errorf("unable to initialize the RAM client: %#v", err) + } + } return do(client.ramconn) @@ -5942,3 +5948,63 @@ func (client *AliyunClient) NewPaiClient() (*roa.Client, error) { } return conn, nil } + +type ossCredentials struct { + client *AliyunClient +} + +func (defCre *ossCredentials) GetAccessKeyID() string { + value, err := defCre.client.teaSdkConfig.Credential.GetAccessKeyId() + if err == nil && value != nil { + return *value + } + return defCre.client.config.AccessKey +} + +func (defCre *ossCredentials) GetAccessKeySecret() string { + value, err := defCre.client.teaSdkConfig.Credential.GetAccessKeySecret() + if err == nil && value != nil { + return *value + } + return defCre.client.config.SecretKey +} + +func (defCre *ossCredentials) GetSecurityToken() string { + value, err := defCre.client.teaSdkConfig.Credential.GetSecurityToken() + if err == nil && value != nil { + return *value + } + return defCre.client.config.SecurityToken +} + +type ossCredentialsProvider struct { + client *AliyunClient +} + +func (defBuild *ossCredentialsProvider) GetCredentials() oss.Credentials { + return &ossCredentials{client: defBuild.client} +} + +func (client *AliyunClient) GetRetryTimeout(defaultTimeout time.Duration) time.Duration { + + maxRetryTimeout := client.config.MaxRetryTimeout + if maxRetryTimeout != 0 { + return time.Duration(maxRetryTimeout) * time.Second + } + + return defaultTimeout +} + +func (client *AliyunClient) GenRoaParam(action, method, version, path string) *openapi.Params { + return &openapi.Params{ + Action: tea.String(action), + Version: tea.String(version), + Protocol: tea.String(client.config.Protocol), + Pathname: tea.String(path), + Method: tea.String(method), + AuthType: tea.String("AK"), + Style: tea.String("ROA"), + ReqBodyType: tea.String("formData"), + BodyType: tea.String("json"), + } +} diff --git a/alicloud/data_source_alicloud_ram_policies.go b/alicloud/data_source_alicloud_ram_policies.go index 6095016de407..436952a014fe 100644 --- a/alicloud/data_source_alicloud_ram_policies.go +++ b/alicloud/data_source_alicloud_ram_policies.go @@ -6,7 +6,6 @@ import ( "time" "github.com/PaesslerAG/jsonpath" - util "github.com/alibabacloud-go/tea-utils/service" "github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" @@ -167,10 +166,7 @@ func dataSourceAlicloudRamPoliciesRead(d *schema.ResourceData, meta interface{}) } } var response map[string]interface{} - conn, err := client.NewRamClient() - if err != nil { - return WrapError(err) - } + var err error // policies for user if userNameOk { userAction := "ListPoliciesForUser" @@ -178,11 +174,9 @@ func dataSourceAlicloudRamPoliciesRead(d *schema.ResourceData, meta interface{}) "UserName": userName, } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutRead), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(userAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, userRequest, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", userAction, nil, userRequest, true) if err != nil { if NeedRetry(err) { wait() @@ -214,11 +208,9 @@ func dataSourceAlicloudRamPoliciesRead(d *schema.ResourceData, meta interface{}) "GroupName": groupName, } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutRead), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(groupAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, groupRequest, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", groupAction, nil, groupRequest, true) if err != nil { if NeedRetry(err) { wait() @@ -249,11 +241,9 @@ func dataSourceAlicloudRamPoliciesRead(d *schema.ResourceData, meta interface{}) "RoleName": roleName, } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutRead), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(roleAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, roleRequest, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", roleAction, nil, roleRequest, true) if err != nil { if NeedRetry(err) { wait() @@ -278,11 +268,9 @@ func dataSourceAlicloudRamPoliciesRead(d *schema.ResourceData, meta interface{}) } for { - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutRead), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, true) if err != nil { if NeedRetry(err) { wait() @@ -369,11 +357,9 @@ func dataSourceAlicloudRamPoliciesRead(d *schema.ResourceData, meta interface{}) "PolicyName": id, "PolicyType": object["PolicyType"], } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutRead), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, true) if err != nil { if NeedRetry(err) { wait() diff --git a/alicloud/resource_alicloud_ram_policy.go b/alicloud/resource_alicloud_ram_policy.go index 7d1af7564839..b01a67007883 100644 --- a/alicloud/resource_alicloud_ram_policy.go +++ b/alicloud/resource_alicloud_ram_policy.go @@ -6,7 +6,6 @@ import ( "time" "github.com/PaesslerAG/jsonpath" - util "github.com/alibabacloud-go/tea-utils/service" "github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" @@ -141,12 +140,9 @@ func resourceAlicloudRamPolicy() *schema.Resource { func resourceAlicloudRamPolicyCreate(d *schema.ResourceData, meta interface{}) error { client := meta.(*connectivity.AliyunClient) var response map[string]interface{} + var err error action := "CreatePolicy" request := make(map[string]interface{}) - conn, err := client.NewRamClient() - if err != nil { - return WrapError(err) - } if v, ok := d.GetOk("description"); ok { request["Description"] = v } @@ -173,11 +169,9 @@ func resourceAlicloudRamPolicyCreate(d *schema.ResourceData, meta interface{}) e request["PolicyName"] = v } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutCreate), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, false) if err != nil { if NeedRetry(err) { wait() @@ -230,6 +224,7 @@ func resourceAlicloudRamPolicyRead(d *schema.ResourceData, meta interface{}) err func resourceAlicloudRamPolicyUpdate(d *schema.ResourceData, meta interface{}) error { client := meta.(*connectivity.AliyunClient) var response map[string]interface{} + var err error update := false request := map[string]interface{}{ "PolicyName": d.Id(), @@ -256,15 +251,9 @@ func resourceAlicloudRamPolicyUpdate(d *schema.ResourceData, meta interface{}) e request["RotateStrategy"] = d.Get("rotate_strategy") } action := "CreatePolicyVersion" - conn, err := client.NewRamClient() - if err != nil { - return WrapError(err) - } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutUpdate), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, false) if err != nil { if NeedRetry(err) { wait() @@ -285,10 +274,7 @@ func resourceAlicloudRamPolicyDelete(d *schema.ResourceData, meta interface{}) e client := meta.(*connectivity.AliyunClient) action := "DeletePolicy" var response map[string]interface{} - conn, err := client.NewRamClient() - if err != nil { - return WrapError(err) - } + var err error request := map[string]interface{}{ "PolicyName": d.Id(), } @@ -299,11 +285,9 @@ func resourceAlicloudRamPolicyDelete(d *schema.ResourceData, meta interface{}) e "PolicyType": "Custom", } listAction := "ListEntitiesForPolicy" - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutDelete), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(listAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, listRequest, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", listAction, nil, listRequest, true) if err != nil { if NeedRetry(err) { wait() @@ -330,11 +314,9 @@ func resourceAlicloudRamPolicyDelete(d *schema.ResourceData, meta interface{}) e "UserName": v.(map[string]interface{})["UserName"], "PolicyType": "Custom", } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutDelete), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(userAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, userRequest, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", userAction, nil, userRequest, true) if err != nil { if NeedRetry(err) { wait() @@ -365,11 +347,9 @@ func resourceAlicloudRamPolicyDelete(d *schema.ResourceData, meta interface{}) e "GroupName": v.(map[string]interface{})["GroupName"], "PolicyType": "Custom", } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutDelete), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(groupAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, groupRequest, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", groupAction, nil, groupRequest, true) if err != nil { if NeedRetry(err) { wait() @@ -400,11 +380,9 @@ func resourceAlicloudRamPolicyDelete(d *schema.ResourceData, meta interface{}) e "RoleName": v.(map[string]interface{})["RoleName"], "PolicyType": "Custom", } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutDelete), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(roleAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, roleRequest, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", roleAction, nil, roleRequest, true) if err != nil { if NeedRetry(err) { wait() @@ -429,11 +407,9 @@ func resourceAlicloudRamPolicyDelete(d *schema.ResourceData, meta interface{}) e "PolicyType": "Custom", } listVersionsAction := "ListPolicyVersions" - runtime = util.RuntimeOptions{} - runtime.SetAutoretry(true) wait = incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(client.GetRetryTimeout(d.Timeout(schema.TimeoutDelete)), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(listVersionsAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, listVersionsRequest, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", listVersionsAction, nil, listVersionsRequest, true) if err != nil { if NeedRetry(err) { wait() @@ -462,11 +438,9 @@ func resourceAlicloudRamPolicyDelete(d *schema.ResourceData, meta interface{}) e "PolicyName": d.Id(), "VersionId": v.(map[string]interface{})["VersionId"], } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutDelete), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(versionAction), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, versionRequest, &util.RuntimeOptions{}) + response, err = client.RpcPost("Ram", "2015-05-01", versionAction, nil, versionRequest, false) if err != nil { if NeedRetry(err) { wait() @@ -482,11 +456,9 @@ func resourceAlicloudRamPolicyDelete(d *schema.ResourceData, meta interface{}) e } } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 5*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutDelete), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, false) if err != nil { if IsExpectedErrors(err, []string{"DeleteConflict.Policy.Group", "DeleteConflict.Policy.User", "DeleteConflict.Policy.Version", "DeleteConflict.Role.Policy"}) || NeedRetry(err) { wait() diff --git a/alicloud/resource_alicloud_ram_policy_test.go b/alicloud/resource_alicloud_ram_policy_test.go index 091b04d22c70..9e8fee687bae 100644 --- a/alicloud/resource_alicloud_ram_policy_test.go +++ b/alicloud/resource_alicloud_ram_policy_test.go @@ -8,8 +8,6 @@ import ( "time" "github.com/PaesslerAG/jsonpath" - util "github.com/alibabacloud-go/tea-utils/service" - "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity" @@ -35,10 +33,6 @@ func testSweepRamPolicies(region string) error { return WrapError(err) } client := rawClient.(*connectivity.AliyunClient) - conn, err := client.NewRamClient() - if err != nil { - return WrapError(err) - } action := "ListPolicies" request := map[string]interface{}{ "PolicyType": "Custom", @@ -52,9 +46,7 @@ func testSweepRamPolicies(region string) error { var response map[string]interface{} sweeped := false for { - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, true) if err != nil { return WrapErrorf(err, DataDefaultErrorMsg, "alicloud_ram_policies", action, AlibabaCloudSdkGoERROR) } @@ -88,7 +80,7 @@ func testSweepRamPolicies(region string) error { request := map[string]interface{}{ "PolicyName": name, } - _, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &util.RuntimeOptions{}) + _, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, true) if err != nil { log.Printf("[ERROR] Failed to delete Ram Policy (%s): %s", name, err) } @@ -369,18 +361,12 @@ func testAccCheckRamPolicyDestroy(s *terraform.State) error { client := testAccProvider.Meta().(*connectivity.AliyunClient) // Try to find the policy - conn, err := client.NewRamClient() - if err != nil { - return WrapError(err) - } action := "GetPolicy" request := map[string]interface{}{ "PolicyName": rs.Primary.ID, "PolicyType": "Custom", } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) - _, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + _, err := client.RpcPost("Ram", "2015-05-01", action, nil, request, true) if err != nil && !IsExpectedErrors(err, []string{"EntityNotExist.Policy"}) { return WrapError(err) } diff --git a/alicloud/resource_alicloud_ram_role.go b/alicloud/resource_alicloud_ram_role.go index 03dfa406659f..39a55fa9611d 100644 --- a/alicloud/resource_alicloud_ram_role.go +++ b/alicloud/resource_alicloud_ram_role.go @@ -3,8 +3,6 @@ package alicloud import ( "time" - util "github.com/alibabacloud-go/tea-utils/service" - "github.com/aliyun/alibaba-cloud-sdk-go/sdk/requests" "github.com/aliyun/alibaba-cloud-sdk-go/services/ram" "github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity" @@ -138,6 +136,7 @@ func resourceAlicloudRamRoleUpdate(d *schema.ResourceData, meta interface{}) err client := meta.(*connectivity.AliyunClient) ramService := RamService{client} var response map[string]interface{} + var err error update := false request := map[string]interface{}{ "RoleName": d.Id(), @@ -163,15 +162,9 @@ func resourceAlicloudRamRoleUpdate(d *schema.ResourceData, meta interface{}) err } if update { action := "UpdateRole" - conn, err := client.NewRamClient() - if err != nil { - return WrapError(err) - } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 3*time.Second) err = resource.Retry(d.Timeout(schema.TimeoutUpdate), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, false) if err != nil { if NeedRetry(err) { wait() diff --git a/alicloud/resource_alicloud_ram_user.go b/alicloud/resource_alicloud_ram_user.go index da5d1d00bf8a..8b21ae31a6c3 100644 --- a/alicloud/resource_alicloud_ram_user.go +++ b/alicloud/resource_alicloud_ram_user.go @@ -117,8 +117,8 @@ func resourceAlicloudRamUserCreate(d *schema.ResourceData, meta interface{}) err func resourceAlicloudRamUserUpdate(d *schema.ResourceData, meta interface{}) error { client := meta.(*connectivity.AliyunClient) var response map[string]interface{} + var err error update := false - request := map[string]interface{}{ "UserName": d.Get("name"), "NewUserName": d.Get("name"), @@ -173,16 +173,9 @@ func resourceAlicloudRamUserUpdate(d *schema.ResourceData, meta interface{}) err if update { action := "UpdateUser" - conn, err := client.NewRamClient() - if err != nil { - return WrapError(err) - } - - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) wait := incrementalWait(3*time.Second, 5*time.Second) err = resource.Retry(client.GetRetryTimeout(d.Timeout(schema.TimeoutUpdate)), func() *resource.RetryError { - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, false) if err != nil { if NeedRetry(err) { wait() diff --git a/alicloud/service_alicloud_ram.go b/alicloud/service_alicloud_ram.go index 1300fea3844b..bc832e941217 100644 --- a/alicloud/service_alicloud_ram.go +++ b/alicloud/service_alicloud_ram.go @@ -523,20 +523,15 @@ func (s *RamService) WaitForRamAccessKey(id, useName string, status Status, time } func (s *RamService) DescribeRamPolicy(id string) (object map[string]interface{}, err error) { + client := s.client var response map[string]interface{} - conn, err := s.client.NewRamClient() - if err != nil { - return nil, WrapError(err) - } action := "GetPolicy" request := map[string]interface{}{ "RegionId": s.client.RegionId, "PolicyName": id, "PolicyType": "Custom", } - runtime := util.RuntimeOptions{} - runtime.SetAutoretry(true) - response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2015-05-01"), StringPointer("AK"), nil, request, &runtime) + response, err = client.RpcPost("Ram", "2015-05-01", action, nil, request, true) if err != nil { if IsExpectedErrors(err, []string{"EntityNotExist.Policy"}) { err = WrapErrorf(Error(GetNotFoundMessage("RamPolicy", id)), NotFoundMsg, ProviderERROR) diff --git a/website/docs/d/ram_policies.html.markdown b/website/docs/d/ram_policies.html.markdown index 7be87e3a108b..a1fedba0c991 100644 --- a/website/docs/d/ram_policies.html.markdown +++ b/website/docs/d/ram_policies.html.markdown @@ -16,15 +16,51 @@ This data source provides a list of RAM policies in an Alibaba Cloud account acc ## Example Usage ```terraform +resource "alicloud_ram_group" "group" { + name = "groupName-${random_integer.default.result}" + comments = "this is a group comments." +} + +resource "random_integer" "default" { + min = 10000 + max = 99999 +} + +resource "alicloud_ram_policy" "policy" { + policy_name = "tf-example-${random_integer.default.result}" + policy_document = <