alicloud/service_alicloud_ram_v2.go (974 lines of code) (raw):
package alicloud
import (
"fmt"
"strings"
"time"
"encoding/json"
"github.com/PaesslerAG/jsonpath"
"github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity"
"github.com/blues/jsonata-go"
"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
)
type RamServiceV2 struct {
client *connectivity.AliyunClient
}
// DescribeRamUserGroupAttachment <<< Encapsulated get interface for Ram UserGroupAttachment.
func (s *RamServiceV2) DescribeRamUserGroupAttachment(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
parts := strings.Split(id, ":")
if len(parts) != 2 {
err = WrapError(fmt.Errorf("invalid Resource Id %s. Expected parts' length %d, got %d", id, 2, len(parts)))
}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["GroupName"] = parts[0]
action := "ListUsersForGroup"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.Users.User[*]", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.Users.User[*]", response)
}
if len(v.([]interface{})) == 0 {
return object, WrapErrorf(NotFoundErr("UserGroupAttachment", id), NotFoundMsg, response)
}
result, _ := v.([]interface{})
for _, v := range result {
item := v.(map[string]interface{})
if fmt.Sprint(item["UserName"]) != parts[1] {
continue
}
return item, nil
}
return object, WrapErrorf(NotFoundErr("UserGroupAttachment", id), NotFoundMsg, response)
}
func (s *RamServiceV2) RamUserGroupAttachmentStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamUserGroupAttachment(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamUserGroupAttachment >>> Encapsulated.
// DescribeRamGroup <<< Encapsulated get interface for Ram Group.
func (s *RamServiceV2) DescribeRamGroup(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["GroupName"] = id
action := "GetGroup"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.Group"}) {
return object, WrapErrorf(NotFoundErr("Group", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.Group", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.Group", response)
}
return v.(map[string]interface{}), nil
}
func (s *RamServiceV2) RamGroupStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamGroup(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamGroup >>> Encapsulated.
// DescribeRamLoginProfile <<< Encapsulated get interface for Ram LoginProfile.
func (s *RamServiceV2) DescribeRamLoginProfile(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["UserName"] = id
action := "GetLoginProfile"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.User.LoginProfile"}) {
return object, WrapErrorf(NotFoundErr("LoginProfile", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.LoginProfile", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.LoginProfile", response)
}
return v.(map[string]interface{}), nil
}
func (s *RamServiceV2) RamLoginProfileStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamLoginProfile(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamLoginProfile >>> Encapsulated.
// DescribeRamSamlProvider <<< Encapsulated get interface for Ram SamlProvider.
func (s *RamServiceV2) DescribeRamSamlProvider(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["SAMLProviderName"] = id
action := "GetSAMLProvider"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ims", "2019-08-15", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.SAMLProvider"}) {
return object, WrapErrorf(NotFoundErr("SamlProvider", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.SAMLProvider", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.SAMLProvider", response)
}
return v.(map[string]interface{}), nil
}
func (s *RamServiceV2) RamSamlProviderStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamSamlProvider(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if field == "$.EncodedSAMLMetadataDocument" {
e := jsonata.MustCompile("$replace($.EncodedSAMLMetadataDocument, \"\n\", \"\")")
v, _ = e.Eval(object)
currentStatus = fmt.Sprint(v)
}
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamSamlProvider >>> Encapsulated.
// DescribeRamRolePolicyAttachment <<< Encapsulated get interface for Ram RolePolicyAttachment.
func (s *RamServiceV2) DescribeRamRolePolicyAttachment(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
parts := strings.Split(id, ":")
if len(parts) != 4 {
err = WrapError(fmt.Errorf("invalid Resource Id %s. Expected parts' length %d, got %d", id, 3, len(parts)))
}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["RoleName"] = parts[3]
action := "ListPoliciesForRole"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.Role"}) {
return object, WrapErrorf(NotFoundErr("RolePolicyAttachment", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.Policies.Policy[*]", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.Policies.Policy[*]", response)
}
if len(v.([]interface{})) == 0 {
return object, WrapErrorf(NotFoundErr("RolePolicyAttachment", id), NotFoundMsg, response)
}
result, _ := v.([]interface{})
for _, v := range result {
item := v.(map[string]interface{})
if fmt.Sprint(item["PolicyName"]) != parts[1] {
continue
}
if fmt.Sprint(item["PolicyType"]) != parts[2] {
continue
}
return item, nil
}
return object, WrapErrorf(NotFoundErr("RolePolicyAttachment", id), NotFoundMsg, response)
}
func (s *RamServiceV2) RamRolePolicyAttachmentStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamRolePolicyAttachment(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamRolePolicyAttachment >>> Encapsulated.
// DescribeRamSystemPolicy <<< Encapsulated get interface for Ram SystemPolicy.
func (s *RamServiceV2) DescribeRamSystemPolicy(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["PolicyName"] = id
request["PolicyType"] = "System"
action := "GetPolicy"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.Policy"}) {
return object, WrapErrorf(NotFoundErr("SystemPolicy", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
return response, nil
}
func (s *RamServiceV2) RamSystemPolicyStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamSystemPolicy(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamSystemPolicy >>> Encapsulated.
// DescribeRamPolicy <<< Encapsulated get interface for Ram Policy.
func (s *RamServiceV2) DescribeRamPolicy(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["PolicyName"] = id
request["PolicyType"] = "Custom"
action := "GetPolicy"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.Policy"}) {
return object, WrapErrorf(NotFoundErr("Policy", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
return response, nil
}
func (s *RamServiceV2) DescribePolicyListTagResources(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["ResourceType"] = "policy"
request["ResourceNames"] = "[\"" + id + "\"]"
action := "ListTagResources"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
return response, nil
}
func (s *RamServiceV2) RamPolicyStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamPolicy(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
func (s *RamServiceV2) AssemblePolicyDocument(document []interface{}, version string) (string, error) {
var statements []PolicyStatement
for _, v := range document {
doc := v.(map[string]interface{})
actions := expandStringList(doc["action"].([]interface{}))
resources := expandStringList(doc["resource"].([]interface{}))
statement := PolicyStatement{
Effect: Effect(doc["effect"].(string)),
Action: actions,
Resource: resources,
}
statements = append(statements, statement)
}
policy := Policy{
Version: version,
Statement: statements,
}
data, err := json.Marshal(policy)
if err != nil {
return "", WrapError(err)
}
return string(data), nil
}
func (s *RamServiceV2) ParsePolicyDocument(policyDocument string) (statement []map[string]interface{}, version string, err error) {
policy := Policy{}
err = json.Unmarshal([]byte(policyDocument), &policy)
if err != nil {
err = WrapError(err)
return
}
version = policy.Version
statement = make([]map[string]interface{}, 0, len(policy.Statement))
for _, v := range policy.Statement {
item := make(map[string]interface{})
item["effect"] = v.Effect
if val, ok := v.Action.([]interface{}); ok {
item["action"] = val
} else {
item["action"] = []interface{}{v.Action}
}
if val, ok := v.Resource.([]interface{}); ok {
item["resource"] = val
} else {
item["resource"] = []interface{}{v.Resource}
}
statement = append(statement, item)
}
return
}
// DescribeRamPolicy >>> Encapsulated.
// SetResourceTags <<< Encapsulated tag function for Ram.
func (s *RamServiceV2) SetResourceTags(d *schema.ResourceData, resourceType string) error {
if d.HasChange("tags") {
var action string
var err error
client := s.client
var request map[string]interface{}
var response map[string]interface{}
query := make(map[string]interface{})
added, removed := parsingTags(d)
removedTagKeys := make([]string, 0)
for _, v := range removed {
if !ignoredTags(v, "") {
removedTagKeys = append(removedTagKeys, v)
}
}
if len(removedTagKeys) > 0 {
action = "UntagResources"
request = make(map[string]interface{})
query = make(map[string]interface{})
request["ResourceNames"] = "[\"" + d.Id() + "\"]"
request["ResourceType"] = resourceType
for i, key := range removedTagKeys {
request[fmt.Sprintf("TagKey.%d", i+1)] = key
}
request["TagKeys"] = convertListToJsonString(convertListStringToListInterface(removedTagKeys))
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(d.Timeout(schema.TimeoutUpdate), func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
return WrapErrorf(err, DefaultErrorMsg, d.Id(), action, AlibabaCloudSdkGoERROR)
}
}
if len(added) > 0 {
action = "TagResources"
request = make(map[string]interface{})
query = make(map[string]interface{})
request["ResourceNames"] = "[\"" + d.Id() + "\"]"
request["ResourceType"] = resourceType
tagMaps := make([]map[string]interface{}, 0)
for key, value := range added {
tagMap := map[string]interface{}{}
tagMap["Key"] = key
tagMap["Value"] = value
tagMaps = append(tagMaps, tagMap)
}
tagMapsJSON, err := convertListMapToJsonString(tagMaps)
if err != nil {
return WrapError(err)
}
request["Tag"] = tagMapsJSON
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(d.Timeout(schema.TimeoutUpdate), func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
return WrapErrorf(err, DefaultErrorMsg, d.Id(), action, AlibabaCloudSdkGoERROR)
}
}
}
return nil
}
// SetResourceTags >>> tag function encapsulated.
// DescribeRamAccessKey <<< Encapsulated get interface for Ram AccessKey.
func (s *RamServiceV2) DescribeRamAccessKey(id, userName string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["UserName"] = userName
action := "ListAccessKeys"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.User"}) {
return object, WrapErrorf(NotFoundErr("AccessKey", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.AccessKeys.AccessKey[*]", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.AccessKeys.AccessKey[*]", response)
}
if len(v.([]interface{})) == 0 {
return object, WrapErrorf(NotFoundErr("AccessKey", id), NotFoundMsg, response)
}
result, _ := v.([]interface{})
for _, v := range result {
item := v.(map[string]interface{})
if fmt.Sprint(item["AccessKeyId"]) != id {
continue
}
return item, nil
}
return object, WrapErrorf(NotFoundErr("AccessKey", id), NotFoundMsg, response)
}
// DescribeRamAccessKey >>> Encapsulated.
// DescribeRamUserPolicyAttachment <<< Encapsulated get interface for Ram UserPolicyAttachment.
func (s *RamServiceV2) DescribeRamUserPolicyAttachment(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
parts := strings.Split(id, ":")
if len(parts) != 4 {
err = WrapError(fmt.Errorf("invalid Resource Id %s. Expected parts' length %d, got %d", id, 3, len(parts)))
}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["UserName"] = parts[3]
action := "ListPoliciesForUser"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.User"}) {
return object, WrapErrorf(NotFoundErr("UserPolicyAttachment", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.Policies.Policy[*]", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.Policies.Policy[*]", response)
}
if len(v.([]interface{})) == 0 {
return object, WrapErrorf(NotFoundErr("UserPolicyAttachment", id), NotFoundMsg, response)
}
result, _ := v.([]interface{})
for _, v := range result {
item := v.(map[string]interface{})
if fmt.Sprint(item["PolicyName"]) != parts[1] {
continue
}
if fmt.Sprint(item["PolicyType"]) != parts[2] {
continue
}
return item, nil
}
return object, WrapErrorf(NotFoundErr("UserPolicyAttachment", id), NotFoundMsg, response)
}
func (s *RamServiceV2) RamUserPolicyAttachmentStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamUserPolicyAttachment(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamUserPolicyAttachment >>> Encapsulated.
// DescribeRamGroupPolicyAttachment <<< Encapsulated get interface for Ram GroupPolicyAttachment.
func (s *RamServiceV2) DescribeRamGroupPolicyAttachment(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
parts := strings.Split(id, ":")
if len(parts) != 4 {
err = WrapError(fmt.Errorf("invalid Resource Id %s. Expected parts' length %d, got %d", id, 3, len(parts)))
}
request = make(map[string]interface{})
query = make(map[string]interface{})
request["GroupName"] = parts[3]
action := "ListPoliciesForGroup"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
if IsExpectedErrors(err, []string{"EntityNotExist.Group"}) {
return object, WrapErrorf(NotFoundErr("GroupPolicyAttachment", id), NotFoundMsg, response)
}
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.Policies.Policy[*]", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.Policies.Policy[*]", response)
}
if len(v.([]interface{})) == 0 {
return object, WrapErrorf(NotFoundErr("GroupPolicyAttachment", id), NotFoundMsg, response)
}
result, _ := v.([]interface{})
for _, v := range result {
item := v.(map[string]interface{})
if fmt.Sprint(item["PolicyName"]) != parts[1] {
continue
}
if fmt.Sprint(item["PolicyType"]) != parts[2] {
continue
}
return item, nil
}
return object, WrapErrorf(NotFoundErr("GroupPolicyAttachment", id), NotFoundMsg, response)
}
func (s *RamServiceV2) RamGroupPolicyAttachmentStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamGroupPolicyAttachment(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamGroupPolicyAttachment >>> Encapsulated.
// DescribeRamAccountAlias <<< Encapsulated get interface for Ram AccountAlias.
func (s *RamServiceV2) DescribeRamAccountAlias(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
action := "GetAccountAlias"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ram", "2015-05-01", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
return response, nil
}
func (s *RamServiceV2) RamAccountAliasStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamAccountAlias(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamAccountAlias >>> Encapsulated.
// DescribeRamPasswordPolicy <<< Encapsulated get interface for Ram PasswordPolicy.
func (s *RamServiceV2) DescribeRamPasswordPolicy(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
action := "GetPasswordPolicy"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ims", "2019-08-15", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.PasswordPolicy", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.PasswordPolicy", response)
}
return v.(map[string]interface{}), nil
}
func (s *RamServiceV2) RamPasswordPolicyStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamPasswordPolicy(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamPasswordPolicy >>> Encapsulated.
// DescribeRamSecurityPreference <<< Encapsulated get interface for Ram SecurityPreference.
func (s *RamServiceV2) DescribeRamSecurityPreference(id string) (object map[string]interface{}, err error) {
client := s.client
var request map[string]interface{}
var response map[string]interface{}
var query map[string]interface{}
request = make(map[string]interface{})
query = make(map[string]interface{})
action := "GetSecurityPreference"
wait := incrementalWait(3*time.Second, 5*time.Second)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
response, err = client.RpcPost("Ims", "2019-08-15", action, query, request, true)
if err != nil {
if NeedRetry(err) {
wait()
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
addDebug(action, response, request)
if err != nil {
return object, WrapErrorf(err, DefaultErrorMsg, id, action, AlibabaCloudSdkGoERROR)
}
v, err := jsonpath.Get("$.SecurityPreference", response)
if err != nil {
return object, WrapErrorf(err, FailedGetAttributeMsg, id, "$.SecurityPreference", response)
}
return v.(map[string]interface{}), nil
}
func (s *RamServiceV2) RamSecurityPreferenceStateRefreshFunc(id string, field string, failStates []string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
object, err := s.DescribeRamSecurityPreference(id)
if err != nil {
if NotFoundError(err) {
return object, "", nil
}
return nil, "", WrapError(err)
}
v, err := jsonpath.Get(field, object)
currentStatus := fmt.Sprint(v)
if strings.HasPrefix(field, "#") {
v, _ := jsonpath.Get(strings.TrimPrefix(field, "#"), object)
if v != nil {
currentStatus = "#CHECKSET"
}
}
for _, failState := range failStates {
if currentStatus == failState {
return object, currentStatus, WrapError(Error(FailedToReachTargetStatus, currentStatus))
}
}
return object, currentStatus, nil
}
}
// DescribeRamSecurityPreference >>> Encapsulated.