New Data Source: alicloud_ram_system_policys.

Author: ChenHanZhang

alicloud/data_source_alicloud_ram_system_policys.go

@@ -0,0 +1,191 @@
+// Package alicloud. This file is generated automatically. Please do not modify it manually, thank you!
+package alicloud
+
+import (
+	"fmt"
+	"regexp"
+	"time"
+
+	"github.com/PaesslerAG/jsonpath"
+	util "github.com/alibabacloud-go/tea-utils/service"
+	"github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+)
+
+func dataSourceAliCloudRamSystemPolicys() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceAliCloudRamSystemPolicyRead,
+		Schema: map[string]*schema.Schema{
+			"ids": {
+				Type:     schema.TypeList,
+				Optional: true,
+				ForceNew: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Computed: true,
+			},
+			"name_regex": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.ValidateRegexp,
+				ForceNew:     true,
+			},
+			"names": {
+				Type:     schema.TypeList,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Computed: true,
+			},
+			"policys": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"attachment_count": {
+							Type:     schema.TypeInt,
+							Computed: true,
+						},
+						"create_time": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"description": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"policy_name": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"policy_type": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"update_date": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"id": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+			"output_file": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+			},
+		},
+	}
+}
+
+func dataSourceAliCloudRamSystemPolicyRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*connectivity.AliyunClient)
+
+	var objects []map[string]interface{}
+	var nameRegex *regexp.Regexp
+	if v, ok := d.GetOk("name_regex"); ok {
+		r, err := regexp.Compile(v.(string))
+		if err != nil {
+			return WrapError(err)
+		}
+		nameRegex = r
+	}
+
+	idsMap := make(map[string]string)
+	if v, ok := d.GetOk("ids"); ok {
+		for _, vv := range v.([]interface{}) {
+			if vv == nil {
+				continue
+			}
+			idsMap[vv.(string)] = vv.(string)
+		}
+	}
+
+	var request map[string]interface{}
+	var response map[string]interface{}
+	var query map[string]interface{}
+	action := "ListPolicies"
+	var err error
+	request = make(map[string]interface{})
+	query = make(map[string]interface{})
+	request["PolicyType"] = "System"
+	runtime := util.RuntimeOptions{}
+	runtime.SetAutoretry(true)
+	request["MaxResults"] = PageSizeLarge
+	for {
+		wait := incrementalWait(3*time.Second, 5*time.Second)
+		err = resource.Retry(d.Timeout(schema.TimeoutUpdate), func() *resource.RetryError {
+			response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
+
+			if err != nil {
+				if NeedRetry(err) {
+					wait()
+					return resource.RetryableError(err)
+				}
+				return resource.NonRetryableError(err)
+			}
+			addDebug(action, response, request)
+			return nil
+		})
+		if err != nil {
+			return WrapErrorf(err, DefaultErrorMsg, d.Id(), action, AlibabaCloudSdkGoERROR)
+		}
+
+		resp, _ := jsonpath.Get("$.Policies.Policy[*]", response)
+
+		result, _ := resp.([]interface{})
+		for _, v := range result {
+			item := v.(map[string]interface{})
+			if nameRegex != nil && !nameRegex.MatchString(fmt.Sprint(item["PolicyName"])) {
+				continue
+			}
+			objects = append(objects, item)
+		}
+
+		if nextToken, ok := response["Marker"].(string); ok && nextToken != "" {
+			request["Marker"] = nextToken
+		} else {
+			break
+		}
+	}
+
+	ids := make([]string, 0)
+	names := make([]interface{}, 0)
+	s := make([]map[string]interface{}, 0)
+	for _, objectRaw := range objects {
+		mapping := map[string]interface{}{}
+
+		mapping["id"] = objectRaw[""]
+
+		mapping["attachment_count"] = objectRaw["AttachmentCount"]
+		mapping["create_time"] = objectRaw["CreateDate"]
+		mapping["description"] = objectRaw["Description"]
+		mapping["policy_name"] = objectRaw["PolicyName"]
+		mapping["policy_type"] = objectRaw["PolicyType"]
+		mapping["update_date"] = objectRaw["UpdateDate"]
+
+		ids = append(ids, fmt.Sprint(mapping["id"]))
+		names = append(names, objectRaw[""])
+		s = append(s, mapping)
+	}
+
+	d.SetId(dataResourceIdHash(ids))
+	if err := d.Set("ids", ids); err != nil {
+		return WrapError(err)
+	}
+
+	if err := d.Set("names", names); err != nil {
+		return WrapError(err)
+	}
+	if err := d.Set("policys", s); err != nil {
+		return WrapError(err)
+	}
+
+	if output, ok := d.GetOk("output_file"); ok && output.(string) != "" {
+		writeToFile(output.(string), s)
+	}
+	return nil
+}

alicloud/data_source_alicloud_ram_system_policys_test.go

@@ -0,0 +1,67 @@
+package alicloud
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+)
+
+func TestAccAlicloudRamSystemPolicyDataSource(t *testing.T) {
+	testAccPreCheckWithRegions(t, true, []connectivity.Region{"cn-hangzhou"})
+	rand := acctest.RandIntRange(1000000, 9999999)
+
+	allConf := dataSourceTestAccConfig{
+		existConfig: testAccCheckAlicloudRamSystemPolicySourceConfig(rand, map[string]string{
+			"name_regex": `"^AdministratorAccess$"`,
+		}),
+		fakeConfig: testAccCheckAlicloudRamSystemPolicySourceConfig(rand, map[string]string{
+			"name_regex": `"AdministratorAccessInvalid"`,
+		}),
+	}
+
+	RamSystemPolicyCheckInfo.dataSourceTestCheck(t, rand, allConf)
+}
+
+var existRamSystemPolicyMapFunc = func(rand int) map[string]string {
+	return map[string]string{
+		"policys.#":                  "1",
+		"policys.0.policy_type":      "System",
+		"policys.0.update_date":      CHECKSET,
+		"policys.0.description":      CHECKSET,
+		"policys.0.attachment_count": CHECKSET,
+		"policys.0.policy_name":      CHECKSET,
+		"policys.0.create_time":      CHECKSET,
+	}
+}
+
+var fakeRamSystemPolicyMapFunc = func(rand int) map[string]string {
+	return map[string]string{
+		"policys.#": "0",
+	}
+}
+
+var RamSystemPolicyCheckInfo = dataSourceAttr{
+	resourceId:   "data.alicloud_ram_system_policys.default",
+	existMapFunc: existRamSystemPolicyMapFunc,
+	fakeMapFunc:  fakeRamSystemPolicyMapFunc,
+}
+
+func testAccCheckAlicloudRamSystemPolicySourceConfig(rand int, attrMap map[string]string) string {
+	var pairs []string
+	for k, v := range attrMap {
+		pairs = append(pairs, k+" = "+v)
+	}
+	config := fmt.Sprintf(`
+variable "name" {
+	default = "tf-testAccRamSystemPolicy%d"
+}
+
+data "alicloud_ram_system_policys" "default" {
+%s
+}
+`, rand, strings.Join(pairs, "\n   "))
+	return config
+}

alicloud/provider.go

@@ -174,6 +174,7 @@ func Provider() terraform.ResourceProvider {
 			},
 		},
 		DataSourcesMap: map[string]*schema.Resource{
+			"alicloud_ram_system_policys":                  dataSourceAliCloudRamSystemPolicys(),
 			"alicloud_esa_sites":                           dataSourceAliCloudEsaSites(),
 			"alicloud_cloud_firewall_nat_firewalls":        dataSourceAliCloudCloudFirewallNatFirewalls(),
 			"alicloud_cloud_firewall_vpc_cen_tr_firewalls": dataSourceAliCloudCloudFirewallVpcCenTrFirewalls(),

alicloud/service_alicloud_ram_v2.go

@@ -414,4 +414,72 @@ func (s *RamServiceV2) RamRolePolicyAttachmentStateRefreshFunc(id string, field
 	}
 }
 
-// DescribeRamRolePolicyAttachment >>> Encapsulated.
+// DescribeRamRolePolicyAttachment >>> Encapsulated.
+
+// DescribeRamSystemPolicy <<< Encapsulated get interface for Ram SystemPolicy.
+func (s *RamServiceV2) DescribeRamSystemPolicy(id string) (object map[string]interface{}, err error) {
+	client := s.client
+	var request map[string]interface{}
+	var response map[string]interface{}
+	var query map[string]interface{}
+	request = make(map[string]interface{})
+	query = make(map[string]interface{})
+	request["PolicyName"] = id
+
+	request["PolicyType"] = "System"
+	action := "GetPolicy"
+
+	wait := incrementalWait(3*time.Second, 5*time.Second)
+	err = resource.Retry(1*time.Minute, func() *resource.RetryError {
+		response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
+
+		if err != nil {
+			if NeedRetry(err) {
+				wait()
+				return resource.RetryableError(err)
+			}
+			return resource.NonRetryableError(err)
+		}
+		return nil
+	})
+	addDebug(action, response, request)
+	if err != nil {
+		if IsExpectedErrors(err, []string{"EntityNotExist.Policy"}) {
+			return object, WrapErrorf(Error(GetNotFoundMessage("SystemPolicy", id)), NotFoundMsg, response)
+		}
+		return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
+	}
+
+	return response, nil
+}
+
+func (s *RamServiceV2) RamSystemPolicyStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
+	return func() (interface{}, string, error) {
+		object, err := s.DescribeRamSystemPolicy(id)
+		if err != nil {
+			if NotFoundError(err) {
+				return object, "", nil
+			}
+			return nil, "", WrapError(err)
+		}
+
+		v, err := jsonpath.Get(field, object)
+		currentStatus := fmt.Sprint(v)
+
+		if strings.HasPrefix(field, "#") {
+			v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
+			if v != nil {
+				currentStatus = "#CHECKSET"
+			}
+		}
+
+		for _, failState := range failStates {
+			if currentStatus == failState {
+				return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
+			}
+		}
+		return object, currentStatus, nil
+	}
+}
+
+// DescribeRamSystemPolicy >>> Encapsulated.

website/docs/d/ram_system_policys.html.markdown

@@ -0,0 +1,56 @@
+---
+subcategory: "RAM"
+layout: "alicloud"
+page_title: "Alicloud: alicloud_ram_system_policys"
+sidebar_current: "docs-alicloud-datasource-ram-system-policys"
+description: |-
+  Provides a list of Ram System Policy owned by an Alibaba Cloud account.
+---
+
+# alicloud_ram_system_policys
+
+This data source provides Ram System Policy available to the user.[What is System Policy](https://next.api.alibabacloud.com/document/Ram/2015-05-01/GetPolicy)
+
+-> **NOTE:** Available since v1.245.0.
+
+## Example Usage
+
+```terraform
+variable "name" {
+  default = "terraform-example"
+}
+
+provider "alicloud" {
+  region = "cn-hangzhou"
+}
+
+data "alicloud_ram_system_policys" "default" {
+  name_regex = "^AdministratorAccess$"
+}
+
+output "alicloud_ram_system_policy_example_id" {
+  value = data.alicloud_ram_system_policys.default.policys.0.id
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+* `ids` - (Optional, ForceNew, Computed) A list of System Policy IDs.
+* `name_regex` - (Optional, ForceNew) A regex string to filter results by Group Metric Rule name.
+* `output_file` - (Optional, ForceNew) File name where to save data source results (after running `terraform plan`).
+
+
+## Attributes Reference
+
+The following attributes are exported in addition to the arguments listed above:
+* `ids` - A list of System Policy IDs.
+* `names` - A list of name of System Policys.
+* `policys` - A list of System Policy Entries. Each element contains the following attributes:
+  * `attachment_count` - Number of references.
+  * `create_time` - Creation time.
+  * `description` - The permission policy description.
+  * `policy_name` - The permission policy name.
+  * `policy_type` - Permission policy type.
+  * `update_date` - Modification time.
+  * `id` - The ID of the resource supplied above.