hashicorp · bcmdarroch · Jun 15, 2021 · Jun 10, 2021 · Jun 10, 2021 · Jun 11, 2021
@@ -39,6 +39,7 @@ resource "hcp_vault_cluster" "example" {
 - **id** (String) The ID of this resource.
 - **min_vault_version** (String) The minimum Vault version to use when creating the cluster. If not specified, it is defaulted to the version that is currently recommended by HCP.
 - **public_endpoint** (Boolean) Denotes that the cluster has a public endpoint. Defaults to false.
+- **tier** (String) Tier of the HCP Vault cluster. Valid options for tiers - `development`, `standard_small`, `standard_medium`, `standard_large`
 - **timeouts** (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
 
 ### Read-Only
@@ -49,7 +50,6 @@ resource "hcp_vault_cluster" "example" {
 - **organization_id** (String) The ID of the organization this HCP Vault cluster is located in.
 - **project_id** (String) The ID of the project this HCP Vault cluster is located in.
 - **region** (String) The region where the HCP Vault cluster is located.
-- **tier** (String) The tier that the HCP Vault cluster will be provisioned as.  Only 'development' is available at this time.
 - **vault_private_endpoint_url** (String) The private URL for the Vault cluster.
 - **vault_public_endpoint_url** (String) The public URL for the Vault cluster. This will be empty if `public_endpoint` is `false`.
 - **vault_version** (String) The Vault version of the cluster.

@@ -3,6 +3,7 @@ package provider
 import (
 	"context"
 	"log"
+	"strings"
 	"time"
 
 	sharedmodels "github.com/hashicorp/hcp-sdk-go/clients/cloud-shared/v1/models"
@@ -56,6 +57,17 @@ func resourceVaultCluster() *schema.Resource {
 				ForceNew:         true,
 				ValidateDiagFunc: validateSlugID,
 			},
+			"tier": {
+				Description:      "Tier of the HCP Vault cluster. Valid options for tiers - `development`, `standard_small`, `standard_medium`, `standard_large`",
+				Type:             schema.TypeString,
+				Optional:         true,
+				ForceNew:         true,
+				Computed:         true,
+				ValidateDiagFunc: validateVaultClusterTier,
+				DiffSuppressFunc: func(_, old, new string, _ *schema.ResourceData) bool {
+					return strings.ToLower(old) == strings.ToLower(new)
+				},
+			},
 			// optional fields
 			"public_endpoint": {
 				Description: "Denotes that the cluster has a public endpoint. Defaults to false.",
@@ -72,12 +84,6 @@ func resourceVaultCluster() *schema.Resource {
 				ForceNew:         true,
 			},
 			// computed outputs
-			// TODO: once more tiers are supported and can be changed by users, make this a required input.
-			"tier": {
-				Description: "The tier that the HCP Vault cluster will be provisioned as.  Only 'development' is available at this time.",
-				Type:        schema.TypeString,
-				Computed:    true,
-			},
 			"organization_id": {
 				Description: "The ID of the organization this HCP Vault cluster is located in.",
 				Type:        schema.TypeString,
@@ -169,17 +175,15 @@ func resourceVaultClusterCreate(ctx context.Context, d *schema.ResourceData, met
 
 	publicEndpoint := d.Get("public_endpoint").(bool)
 
-	// TODO: Tier is hard-coded for now, but eventually will be required input on the resource.
-	tier := vaultmodels.HashicorpCloudVault20201125TierDEV
-
 	log.Printf("[INFO] Creating Vault cluster (%s)", clusterID)
 
 	vaultCuster := &vaultmodels.HashicorpCloudVault20201125InputCluster{
 		Config: &vaultmodels.HashicorpCloudVault20201125InputClusterConfig{
 			VaultConfig: &vaultmodels.HashicorpCloudVault20201125VaultConfig{
 				InitialVersion: vaultVersion,
 			},
-			Tier: tier,
+			//TODO: HashicorpCloudVault20201125Tier still hardcoded as in consul
+			Tier: vaultmodels.HashicorpCloudVault20201125Tier(strings.ToUpper(d.Get("tier").(string))),
 			NetworkConfig: &vaultmodels.HashicorpCloudVault20201125InputNetworkConfig{
 				NetworkID:        hvn.ID,
 				PublicIpsEnabled: publicEndpoint,

@@ -14,10 +14,11 @@ resource "hcp_hvn" "test" {
 	cloud_provider = "aws"
 	region         = "us-west-2"
 }
-	
+
 resource "hcp_vault_cluster" "test" {
 	cluster_id            = "test-vault-cluster"
 	hvn_id                = hcp_hvn.test.hvn_id
+	tier 									= "standard_small"
 }
 
 resource "hcp_vault_cluster_admin_token" "test" {

@@ -20,6 +20,7 @@ resource "hcp_hvn" "test" {
 resource "hcp_vault_cluster" "test" {
 	cluster_id            = "test-vault-cluster"
 	hvn_id                = hcp_hvn.test.hvn_id
+	tier									= "standard_small"
 }
 
 data "hcp_vault_cluster" "test" {
@@ -45,7 +46,7 @@ func TestAccVaultCluster(t *testing.T) {
 					testAccCheckVaultClusterExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "cluster_id", "test-vault-cluster"),
 					resource.TestCheckResourceAttr(resourceName, "hvn_id", "test-hvn"),
-					resource.TestCheckResourceAttr(resourceName, "tier", "DEV"),
+					resource.TestCheckResourceAttr(resourceName, "tier", "STANDARD_SMALL"),
 					resource.TestCheckResourceAttr(resourceName, "cloud_provider", "aws"),
 					resource.TestCheckResourceAttr(resourceName, "region", "us-west-2"),
 					resource.TestCheckResourceAttr(resourceName, "public_endpoint", "false"),
@@ -79,7 +80,7 @@ func TestAccVaultCluster(t *testing.T) {
 					testAccCheckVaultClusterExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "cluster_id", "test-vault-cluster"),
 					resource.TestCheckResourceAttr(resourceName, "hvn_id", "test-hvn"),
-					resource.TestCheckResourceAttr(resourceName, "tier", "DEV"),
+					resource.TestCheckResourceAttr(resourceName, "tier", "STANDARD_SMALL"),
 					resource.TestCheckResourceAttr(resourceName, "cloud_provider", "aws"),
 					resource.TestCheckResourceAttr(resourceName, "region", "us-west-2"),
 					resource.TestCheckResourceAttr(resourceName, "public_endpoint", "false"),

@@ -8,6 +8,7 @@ import (
 	"github.com/go-openapi/strfmt"
 	"github.com/hashicorp/go-cty/cty"
 	consulmodels "github.com/hashicorp/hcp-sdk-go/clients/cloud-consul-service/preview/2021-02-04/models"
+	vaultmodels "github.com/hashicorp/hcp-sdk-go/clients/cloud-vault-service/preview/2020-11-25/models"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
@@ -148,3 +149,22 @@ func validateConsulClusterSize(v interface{}, path cty.Path) diag.Diagnostics {
 
 	return diagnostics
 }
+
+func validateVaultClusterTier(v interface{}, path cty.Path) diag.Diagnostics {
+	var diagnostics diag.Diagnostics
+
+	err := vaultmodels.HashicorpCloudVault20201125Tier(strings.ToUpper(v.(string))).Validate(strfmt.Default)
+	if err != nil {
+		enumList := regexp.MustCompile(`\[.*\]`).FindString(err.Error())
+		expectedEnumList := strings.ToLower(enumList)
+		msg := fmt.Sprintf("expected %v to be one of: %v", v, expectedEnumList)
+		diagnostics = append(diagnostics, diag.Diagnostic{
+			Severity:      diag.Error,
+			Summary:       msg,
+			Detail:        msg + " (value is case-insensitive).",
+			AttributePath: path,
+		})
+	}
+
+	return diagnostics
+}