feat(dbss): add new resource to manage RDS database bind DBSS instance (

#5877)

docs/resources/dbss_rds_database.md

@@ -0,0 +1,131 @@
+---
+subcategory: "Database Security Service (DBSS)"
+layout: "huaweicloud"
+page_title: "HuaweiCloud: huaweicloud_dbss_rds_database"
+description: |-
+  Manage the resource of adding RDS database to DBS instance within HuaweiCloud.
+---
+
+# huaweicloud_dbss_rds_database
+
+Manage the resource of adding RDS database to DBS instance within HuaweiCloud.
+
+-> Before adding the RDS database to the DBSS instance, the DBSS instance `status` must be **ACTIVE**.
+
+## Example Usage
+
+```hcl
+variable "instance_id" {}
+variable "rds_id" {}
+variable "type" {}
+
+resource "huaweicloud_dbss_rds_database" "test" {
+  instance_id = var.instance_id
+  rds_id      = var.rds_id
+  type        = var.type
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `region` - (Optional, String, ForceNew) Specifies the region in which to create the resource.
+  If omitted, the provider-level region will be used. Changing this parameter will create a new resource.
+
+* `instance_id` - (Required, String, ForceNew) Specifies the DBSS instance ID.
+  Changing this parameter will create a new resource.
+
+* `rds_id` - (Required, String, ForceNew) Specifies the RDS instance ID.
+  Changing this parameter will create a new resource.
+
+* `type` - (Required, String, ForceNew) Specifies the RDS database type.
+  The valid values are as follows:
+  + **MYSQL**
+  + **ORACLE**
+  + **POSTGRESQL**
+  + **SQLSERVER**
+  + **DAMENG**
+  + **TAURUS**
+  + **DWS**
+  + **KINGBASE**
+  + **MARIADB**
+  + **GAUSSDBOPENGAUSS**
+
+  Changing this parameter will create a new resource.
+
+* `status` - (Optional, String) Specifies the audit status of the RDS database.
+  The valid values are as follows:
+  + **ON**
+  + **OFF**
+
+  After an RDS database is associated with the DBSS instance, the audit status is **OFF** by default.
+
+* `lts_audit_switch` - (Optional, Int) Specifies whether to disable LTS audit.
+  The valid values are as follows:
+  + `1`: Indicates disable.
+  + `0`: Remain unchanged. (In this case, the value can also be an integer other than `1`).
+
+  -> This parameter is used in the DWS database scenario. If you do not need to close it,
+    there is no need to set this field.
+
+## Attribute Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - The resource ID.
+
+* `db_id` - The database ID.
+
+* `name` - The database name.
+
+* `version` - The database version.
+
+* `charset` - The database character set.
+  The value can be **GBK** or **UTF8**
+
+* `ip` - The database IP address.
+
+* `port` - The database port.
+
+* `os` - The database operation system.
+
+* `instance_name` - The database instance name.
+
+* `audit_status` - The database running status.
+  The value can be **ACTIVE**, **SHUTOFF** or **ERROR**.
+
+* `agent_url` - The unique ID of the agent.
+
+* `db_classification` - The classification of the database.
+  The value can be **RDS** (RDS database) or **ECS** (self-built database).
+
+* `rds_audit_switch_mismatch` - Whether the audit switch status of the RDS instance is match.
+  When the database audit function is enabled and the log upload function on RDS is disabled, the value is **true**.
+
+## Import
+
+The resource can be imported using the related `instance_id` and their `id`, separated by a slash (/), e.g.
+
+```bash
+$ terraform import huaweicloud_dbss_rds_database.test <instance_id>/<id>
+```
+
+Note that the imported state may not be identical to your resource definition, due to some attributes missing from the
+API response.
+The missing attributes include: `lts_audit_switch`.
+It is generally recommended running `terraform plan` after importing the resource.
+You can then decide if changes should be applied to the instance, or the resource definition should be updated to align
+with the instance. Also, you can ignore changes as below.
+
+```hcl
+resource "huaweicloud_dbss_rds_database" "test" {
+  ...
+
+  lifecycle {
+    ignore_changes = [
+      lts_audit_switch,
+    ]
+  }
+}
+```

huaweicloud/provider.go

@@ -1461,6 +1461,7 @@ func Provider() *schema.Provider {
 
 			"huaweicloud_dbss_audit_risk_rule_action": dbss.ResourceRiskRuleAction(),
 			"huaweicloud_dbss_instance":               dbss.ResourceInstance(),
+			"huaweicloud_dbss_rds_database":           dbss.ResourceAddRdsDatabase(),
 
 			"huaweicloud_dc_virtual_gateway":            dc.ResourceVirtualGateway(),
 			"huaweicloud_dc_virtual_interface":          dc.ResourceVirtualInterface(),

huaweicloud/services/acceptance/dbss/resource_huaweicloud_dbss_rds_database_test.go

@@ -0,0 +1,158 @@
+package dbss
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/config"
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/acceptance"
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/dbss"
+)
+
+func getAddRdsDatabaseFunc(conf *config.Config, state *terraform.ResourceState) (interface{}, error) {
+	client, err := conf.NewServiceClient("dbss", acceptance.HW_REGION_NAME)
+	if err != nil {
+		return nil, fmt.Errorf("error creating DBSS client: %s", err)
+	}
+	return dbss.GetDatabaseList(client, state.Primary.Attributes["instance_id"], state.Primary.ID)
+}
+
+func TestAccAddRdsDatabase_basic(t *testing.T) {
+	var (
+		addRdsDatabase interface{}
+		rName          = "huaweicloud_dbss_rds_database.test"
+		name           = acceptance.RandomAccResourceName()
+	)
+
+	rc := acceptance.InitResourceCheck(
+		rName,
+		&addRdsDatabase,
+		getAddRdsDatabaseFunc,
+	)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acceptance.TestAccPreCheck(t)
+		},
+		ProviderFactories: acceptance.TestAccProviderFactories,
+		CheckDestroy:      rc.CheckResourceDestroy(),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAddRdsDatabase_basic(name),
+				Check: resource.ComposeTestCheckFunc(
+					rc.CheckResourceExists(),
+					resource.TestCheckResourceAttrPair(rName, "instance_id", "huaweicloud_dbss_instance.test", "instance_id"),
+					resource.TestCheckResourceAttrPair(rName, "rds_id", "huaweicloud_rds_instance.test", "id"),
+					resource.TestCheckResourceAttr(rName, "type", "MYSQL"),
+					resource.TestCheckResourceAttr(rName, "status", "ON"),
+					resource.TestCheckResourceAttrSet(rName, "db_id"),
+					resource.TestCheckResourceAttrSet(rName, "name"),
+					resource.TestCheckResourceAttrSet(rName, "version"),
+					resource.TestCheckResourceAttrSet(rName, "charset"),
+					resource.TestCheckResourceAttrSet(rName, "ip"),
+					resource.TestCheckResourceAttrSet(rName, "port"),
+					resource.TestCheckResourceAttrSet(rName, "os"),
+					resource.TestCheckResourceAttrSet(rName, "instance_name"),
+					resource.TestCheckResourceAttrSet(rName, "db_classification"),
+				),
+			},
+			{
+				Config: testAccAddRdsDatabase_update(name),
+				Check: resource.ComposeTestCheckFunc(
+					rc.CheckResourceExists(),
+					resource.TestCheckResourceAttr(rName, "status", "OFF"),
+				),
+			},
+			{
+				ResourceName:      rName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"lts_audit_switch",
+				},
+				ImportStateIdFunc: testAccAddRdsDatabaseImportState(rName),
+			},
+		},
+	})
+}
+
+// Before test, you need to set the default security group rule, enable `3306` port
+func testAccAddRdsDatabase_base(name string) string {
+	return fmt.Sprintf(`
+%[1]s
+
+data "huaweicloud_rds_flavors" "test" {
+  db_type       = "MySQL"
+  db_version    = "8.0"
+  instance_mode = "single"
+  group_type    = "dedicated"
+  vcpus         = 4
+}
+
+resource "huaweicloud_rds_instance" "test" {
+  name              = "%[2]s"
+  flavor            = data.huaweicloud_rds_flavors.test.flavors[0].name
+  security_group_id = data.huaweicloud_networking_secgroup.test.id
+  subnet_id         = data.huaweicloud_vpc_subnet.test.id
+  vpc_id            = data.huaweicloud_vpc.test.id
+  availability_zone = [data.huaweicloud_availability_zones.test.names[0]]
+
+  db {
+    type    = "MySQL"
+    version = "8.0"
+  }
+
+  volume {
+    type = "CLOUDSSD"
+    size = 100
+  }
+}
+`, testInstance_basic(name), name)
+}
+
+func testAccAddRdsDatabase_basic(name string) string {
+	return fmt.Sprintf(`
+%[1]s
+
+resource "huaweicloud_dbss_rds_database" "test" {
+  instance_id = huaweicloud_dbss_instance.test.instance_id
+  rds_id      = huaweicloud_rds_instance.test.id
+  type        = "MYSQL"
+  status      = "ON"
+}
+`, testAccAddRdsDatabase_base(name))
+}
+
+func testAccAddRdsDatabase_update(name string) string {
+	return fmt.Sprintf(`
+%[1]s
+
+resource "huaweicloud_dbss_rds_database" "test" {
+  instance_id = huaweicloud_dbss_instance.test.instance_id
+  rds_id      = huaweicloud_rds_instance.test.id
+  type        = "MYSQL"
+  status      = "OFF"
+}
+`, testAccAddRdsDatabase_base(name))
+}
+
+func testAccAddRdsDatabaseImportState(rName string) resource.ImportStateIdFunc {
+	return func(s *terraform.State) (string, error) {
+		var instanceId, rdsId string
+		rs, ok := s.RootModule().Resources[rName]
+		if !ok {
+			return "", fmt.Errorf("resource (%s) not found", rName)
+		}
+
+		instanceId = rs.Primary.Attributes["instance_id"]
+		rdsId = rs.Primary.ID
+		if instanceId == "" || rdsId == "" {
+			return "", fmt.Errorf("invalid format specified for import ID, want '<instance_id>/<id>', but got '%s/%s'",
+				instanceId, rdsId)
+		}
+		return fmt.Sprintf("%s/%s", instanceId, rdsId), nil
+	}
+}