huaweicloud · ShiChangkuo · Sep 7, 2020 · Sep 4, 2020
diff --git a/go.mod b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/hashicorp/errwrap v1.0.0
 	github.com/hashicorp/go-cleanhttp v0.5.1
 	github.com/hashicorp/terraform-plugin-sdk v1.13.0
-	github.com/huaweicloud/golangsdk v0.0.0-20200903081431-238a36e8008f
+	github.com/huaweicloud/golangsdk v0.0.0-20200903084211-415083cf6693
 	github.com/jen20/awspolicyequivalence v0.0.0-20170831201602-3d48364a137a
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/smartystreets/goconvey v0.0.0-20190222223459-a17d461953aa // indirect

diff --git a/go.sum b/go.sum
@@ -133,6 +133,8 @@ github.com/huaweicloud/golangsdk v0.0.0-20200829051431-68dcb72fe133 h1:Z8PaF9gDd
 github.com/huaweicloud/golangsdk v0.0.0-20200829051431-68dcb72fe133/go.mod h1:WQBcHRNX9shz3928lWEvstQJtAtYI7ks6XlgtRT9Tcw=
 github.com/huaweicloud/golangsdk v0.0.0-20200903081431-238a36e8008f h1:imdlLlhXvu75/KmtmNyjyP9IOU//Ny1FzDNs/eSobs0=
 github.com/huaweicloud/golangsdk v0.0.0-20200903081431-238a36e8008f/go.mod h1:fcOI5u+0f62JtJd7zkCch/Z57BNC6bhqb32TKuiF4r0=
+github.com/huaweicloud/golangsdk v0.0.0-20200903084211-415083cf6693 h1:JlNEEK+aDdw1TlnQnwMPDBpSL3oJNbcDEuUkwn+Qpt0=
+github.com/huaweicloud/golangsdk v0.0.0-20200903084211-415083cf6693/go.mod h1:fcOI5u+0f62JtJd7zkCch/Z57BNC6bhqb32TKuiF4r0=
 github.com/jen20/awspolicyequivalence v0.0.0-20170831201602-3d48364a137a h1:FyS/ubzBR5xJlnJGRTwe7GUHpJOR4ukYK3y+LFNffuA=
 github.com/jen20/awspolicyequivalence v0.0.0-20170831201602-3d48364a137a/go.mod h1:uoIMjNxUfXi48Ci40IXkPRbghZ1vbti6v9LCbNqRgHY=
 github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=

diff --git a/huaweicloud/resource_huaweicloud_dcs_instance_v1.go b/huaweicloud/resource_huaweicloud_dcs_instance_v1.go
@@ -7,8 +7,10 @@ import (
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
 	"github.com/huaweicloud/golangsdk"
 	"github.com/huaweicloud/golangsdk/openstack/dcs/v1/instances"
+	"github.com/huaweicloud/golangsdk/openstack/dcs/v2/whitelists"
 )
 
 func resourceDcsInstanceV1() *schema.Resource {
@@ -35,6 +37,9 @@ func resourceDcsInstanceV1() *schema.Resource {
 				Type:     schema.TypeString,
 				Required: true,
 				ForceNew: true,
+				ValidateFunc: validation.StringInSlice([]string{
+					"Redis", "Memcached",
+				}, true),
 			},
 			"engine_version": {
 				Type:     schema.TypeString,
@@ -62,15 +67,16 @@ func resourceDcsInstanceV1() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
-			"security_group_id": {
-				Type:     schema.TypeString,
-				Required: true,
-			},
 			"subnet_id": {
 				Type:     schema.TypeString,
 				Required: true,
 				ForceNew: true,
 			},
+			"security_group_id": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ExactlyOneOf: []string{"security_group_id", "whitelists"},
+			},
 			"available_zones": {
 				Type:     schema.TypeList,
 				Required: true,
@@ -118,6 +124,29 @@ func resourceDcsInstanceV1() *schema.Resource {
 				Elem:     &schema.Schema{Type: schema.TypeInt},
 				ForceNew: true,
 			},
+			"whitelist_enable": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  true,
+			},
+			"whitelists": {
+				Type:     schema.TypeSet,
+				Optional: true,
+				MaxItems: 4,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"group_name": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+						"ip_address": {
+							Type:     schema.TypeList,
+							Required: true,
+							Elem:     &schema.Schema{Type: schema.TypeString},
+						},
+					},
+				},
+			},
 			"order_id": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -134,10 +163,6 @@ func resourceDcsInstanceV1() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"port": {
-				Type:     schema.TypeString,
-				Computed: true,
-			},
 			"resource_spec_code": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -162,6 +187,10 @@ func resourceDcsInstanceV1() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"port": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
 		},
 	}
 }
@@ -188,6 +217,46 @@ func getInstanceBackupPolicy(d *schema.ResourceData) *instances.InstanceBackupPo
 	return instanceBackupPolicy
 }
 
+func getDcsInstanceWhitelist(d *schema.ResourceData) whitelists.WhitelistOpts {
+	groupsRaw := d.Get("whitelists").(*schema.Set).List()
+	whitelitGroups := make([]whitelists.WhitelistGroupOpts, len(groupsRaw))
+	for i, v := range groupsRaw {
+		groups := v.(map[string]interface{})
+
+		ipRaw := groups["ip_address"].([]interface{})
+		ipList := make([]string, len(ipRaw))
+		for j, ip := range ipRaw {
+			ipList[j] = ip.(string)
+		}
+
+		whitelitGroups[i] = whitelists.WhitelistGroupOpts{
+			GroupName: groups["group_name"].(string),
+			IPList:    ipList,
+		}
+	}
+
+	enable := d.Get("whitelist_enable").(bool)
+	if len(groupsRaw) == 0 {
+		enable = false
+	}
+
+	return whitelists.WhitelistOpts{
+		Enable: &enable,
+		Groups: whitelitGroups,
+	}
+}
+
+func flattenDcsInstanceWhitelist(object *whitelists.Whitelist) interface{} {
+	whilteList := make([]map[string]interface{}, len(object.Groups))
+	for i, group := range object.Groups {
+		whilteList[i] = map[string]interface{}{
+			"group_name": group.GroupName,
+			"ip_address": group.IPList,
+		}
+	}
+	return whilteList
+}
+
 func resourceDcsInstancesV1Create(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
 	dcsV1Client, err := config.dcsV1Client(GetRegion(d, config))
@@ -243,6 +312,18 @@ func resourceDcsInstancesV1Create(d *schema.ResourceData, meta interface{}) erro
 	// Store the instance ID now
 	d.SetId(v.InstanceID)
 
+	// set whitelist
+	dcsV2Client, err := config.initServiceClient("dcs", GetRegion(d, config), "v2")
+	whitelistOpts := getDcsInstanceWhitelist(d)
+	log.Printf("[DEBUG] Create whitelist options: %#v", whitelistOpts)
+
+	if *whitelistOpts.Enable {
+		err = whitelists.Put(dcsV2Client, d.Id(), whitelistOpts).ExtractErr()
+		if err != nil {
+			return fmt.Errorf("Error creating whitelist for instance (%s): %s", d.Id(), err)
+		}
+	}
+
 	return resourceDcsInstancesV1Read(d, meta)
 }
 
@@ -267,6 +348,7 @@ func resourceDcsInstancesV1Read(d *schema.ResourceData, meta interface{}) error
 	d.Set("capacity", v.Capacity)
 	d.Set("used_memory", v.UsedMemory)
 	d.Set("max_memory", v.MaxMemory)
+	d.Set("ip", v.IP)
 	d.Set("port", v.Port)
 	d.Set("status", v.Status)
 	d.Set("description", v.Description)
@@ -287,39 +369,56 @@ func resourceDcsInstancesV1Read(d *schema.ResourceData, meta interface{}) error
 	d.Set("maintain_end", v.MaintainEnd)
 	d.Set("access_user", v.AccessUser)
 
+	dcsV2Client, err := config.initServiceClient("dcs", GetRegion(d, config), "v2")
+	object, err := whitelists.Get(dcsV2Client, d.Id()).Extract()
+
+	enable := object.Enable
+	// change enable to true when none whitelist groups exists
+	if len(object.Groups) == 0 {
+		enable = true
+	}
+	d.Set("whitelist_enable", enable)
+	err = d.Set("whitelists", flattenDcsInstanceWhitelist(object))
+	if err != nil {
+		return fmt.Errorf("Error setting whitelists for DCS instance, err: %s", err)
+	}
+
 	return nil
 }
 
 func resourceDcsInstancesV1Update(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	dcsV1Client, err := config.dcsV1Client(GetRegion(d, config))
-	if err != nil {
-		return fmt.Errorf("Error updating HuaweiCloud dcs instance client: %s", err)
-	}
-	var updateOpts instances.UpdateOpts
-	if d.HasChange("name") {
-		updateOpts.Name = d.Get("name").(string)
-	}
-	if d.HasChange("description") {
+
+	if d.HasChanges("name", "description", "security_group_id", "maintain_begin", "maintain_end") {
+		dcsV1Client, err := config.dcsV1Client(GetRegion(d, config))
+		if err != nil {
+			return fmt.Errorf("Error updating HuaweiCloud dcs instance client: %s", err)
+		}
+
 		description := d.Get("description").(string)
-		updateOpts.Description = &description
-	}
-	if d.HasChange("maintain_begin") {
-		maintain_begin := d.Get("maintain_begin").(string)
-		updateOpts.MaintainBegin = maintain_begin
-	}
-	if d.HasChange("maintain_end") {
-		maintain_end := d.Get("maintain_end").(string)
-		updateOpts.MaintainEnd = maintain_end
-	}
-	if d.HasChange("security_group_id") {
-		security_group_id := d.Get("security_group_id").(string)
-		updateOpts.SecurityGroupID = security_group_id
+		updateOpts := instances.UpdateOpts{
+			Name:            d.Get("name").(string),
+			Description:     &description,
+			MaintainBegin:   d.Get("maintain_begin").(string),
+			MaintainEnd:     d.Get("maintain_end").(string),
+			SecurityGroupID: d.Get("security_group_id").(string),
+		}
+
+		err = instances.Update(dcsV1Client, d.Id(), updateOpts).Err
+		if err != nil {
+			return fmt.Errorf("Error updating HuaweiCloud Dcs Instance: %s", err)
+		}
 	}
 
-	err = instances.Update(dcsV1Client, d.Id(), updateOpts).Err
-	if err != nil {
-		return fmt.Errorf("Error updating HuaweiCloud Dcs Instance: %s", err)
+	if d.HasChange("whitelists") {
+		dcsV2Client, err := config.initServiceClient("dcs", GetRegion(d, config), "v2")
+		whitelistOpts := getDcsInstanceWhitelist(d)
+		log.Printf("[DEBUG] update whitelist options: %#v", whitelistOpts)
+
+		err = whitelists.Put(dcsV2Client, d.Id(), whitelistOpts).ExtractErr()
+		if err != nil {
+			return fmt.Errorf("Error updating whitelist for instance (%s): %s", d.Id(), err)
+		}
 	}
 
 	return resourceDcsInstancesV1Read(d, meta)