diff --git a/CHANGELOG.md b/CHANGELOG.md index 111361c5fc7..b3ada88123d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,17 @@ +## 6.14.0 (October 16, 2024) + +### Added +- Support for OIDC Discovery in OKE +- Support for Support Cross region Backup copy & Replication for volumes encrypted with Customer KMS Keys +- Support for GenerateOnPremConnectorConfiguration resource in Data Safe +- Support for OIDC Auth Terraform +- Support for GoldenGate new deployment creation page and extended connectivity test results +- Support for DNSSEC +- Direct API support for OCI BSS +- Support for Desktop as a Service: Desktop Session Lifecycle Management +### Bug Fix +Fixed the timestamp issue to corrected form + ## 6.13.0 (October 09, 2024) ### Added diff --git a/examples/container_engine/oidc_authn_token_config/main.tf b/examples/container_engine/oidc_authn_token_config/main.tf new file mode 100644 index 00000000000..3a584431221 --- /dev/null +++ b/examples/container_engine/oidc_authn_token_config/main.tf @@ -0,0 +1,280 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +variable "tenancy_ocid" { +} + +variable "user_ocid" { +} + +variable "compartment_ocid" { +} + +variable "region" { + default = "us-ashburn-1" +} + +variable "kms_vault_id" { +} + +variable "compartment_id" { +} + +variable "cluster_cluster_pod_network_options_cni_type" { + default = "OCI_VCN_IP_NATIVE" +} + +variable "cluster_defined_tags_value" { + default = "value" +} + +variable "cluster_endpoint_config_is_public_ip_enabled" { + default = false +} + +variable "cluster_endpoint_config_nsg_ids" { + default = [] +} + +variable "cluster_freeform_tags" { + default = { "Department" = "Finance" } +} + +variable "cluster_image_policy_config_is_policy_enabled" { + default = false +} + +variable "cluster_kubernetes_version" { + default = "kubernetesVersion" +} + +variable "cluster_name" { + default = "name" +} + +variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { + default = true +} + +variable "cluster_options_add_ons_is_tiller_enabled" { + default = true +} + +variable "cluster_options_admission_controller_options_is_pod_security_policy_enabled" { + default = false +} + +variable "cluster_options_kubernetes_network_config_pods_cidr" { + default = "10.1.0.0/16" +} + +variable "cluster_options_kubernetes_network_config_services_cidr" { + default = "10.2.0.0/16" +} + +variable "cluster_options_open_id_connect_token_authentication_config_client_id" { + default = "client_id" +} + +variable "cluster_options_open_id_connect_token_authentication_config_is_open_id_connect_auth_enabled" { + default = true +} + +variable "cluster_options_open_id_connect_token_authentication_config_ca_certificate" { +} + +variable "cluster_options_open_id_connect_token_authentication_config_groups_claim" { + default = "groupsClaim" +} + +variable "cluster_options_open_id_connect_token_authentication_config_groups_prefix" { + default = "groupsPrefix" +} + +variable "cluster_options_open_id_connect_token_authentication_config_issuer_url" { + default = "https://url1.com" +} + +variable "cluster_options_open_id_connect_token_authentication_config_required_claims_key" { + default = "key" +} + +variable "cluster_options_open_id_connect_token_authentication_config_required_claims_value" { + default = "value" +} + +variable "cluster_options_open_id_connect_token_authentication_config_signing_algorithms" { + default = ["RS256"] +} + +variable "cluster_options_open_id_connect_token_authentication_config_username_claim" { + default = "sub" +} + +variable "cluster_options_open_id_connect_token_authentication_config_username_prefix" { + default = "oidc:" +} + +variable "cluster_options_persistent_volume_config_defined_tags_value" { + default = "value" +} + +variable "cluster_options_persistent_volume_config_freeform_tags" { + default = { "Department" = "Finance" } +} + +variable "cluster_options_service_lb_config_defined_tags_value" { + default = "value" +} + +variable "cluster_options_service_lb_config_freeform_tags" { + default = { "Department" = "Finance" } +} + +variable "cluster_options_service_lb_subnet_ids" { + default = [] +} + +variable "cluster_state" { + default = [] +} + +variable "cluster_type" { + default = "ENHANCED_CLUSTER" +} + + + +provider "oci" { + region = var.region + auth = "SecurityToken" + config_file_profile = "terraform-federation-test" +} + +variable defined_tag_namespace_name { + default = "test" +} + +resource "oci_core_vcn" "test_vcn" { + cidr_block = "10.0.0.0/16" + compartment_id = var.compartment_ocid + display_name = "tfVcnForClusters" +} + +resource "oci_core_internet_gateway" "test_ig" { + compartment_id = var.compartment_ocid + display_name = "tfClusterInternetGateway" + vcn_id = oci_core_vcn.test_vcn.id +} + +resource "oci_identity_tag_namespace" "tag-namespace1" { + #Required + compartment_id = var.tenancy_ocid + description = "example tag namespace" + name = var.defined_tag_namespace_name != "" ? var.defined_tag_namespace_name : "example-tag-namespace-all" + + is_retired = false +} + +resource "oci_core_route_table" "test_route_table" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.test_vcn.id + display_name = "tfClustersRouteTable" + + route_rules { + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = oci_core_internet_gateway.test_ig.id + } +} + +data "oci_identity_availability_domains" "test_availability_domains" { + compartment_id = var.tenancy_ocid +} + +data "oci_identity_availability_domain" "ad1" { + compartment_id = var.tenancy_ocid + ad_number = 1 +} + +data "oci_identity_availability_domain" "ad2" { + compartment_id = var.tenancy_ocid + ad_number = 2 +} + +resource "oci_core_subnet" "clusterSubnet_2" { + #Required + availability_domain = data.oci_identity_availability_domain.ad2.name + cidr_block = "10.0.21.0/24" + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.test_vcn.id + display_name = "tfSubNet1ForClusters" + + # Provider code tries to maintain compatibility with old versions. + security_list_ids = [oci_core_vcn.test_vcn.default_security_list_id] + route_table_id = oci_core_route_table.test_route_table.id +} + +resource "oci_containerengine_cluster" "test_cluster" { + #Required + compartment_id = var.compartment_ocid + kubernetes_version = "v1.28.2" + name = "tfTestCluster" + vcn_id = oci_core_vcn.test_vcn.id + + #Optional + # defined_tags = map(oci_identity_tag_namespace.tag-namespace1.name.oci_identity_tag.tag1.name, var.cluster_defined_tags_value) + + freeform_tags = var.cluster_freeform_tags + options { + + #Optional + add_ons { + + #Optional + is_kubernetes_dashboard_enabled = var.cluster_options_add_ons_is_kubernetes_dashboard_enabled + is_tiller_enabled = var.cluster_options_add_ons_is_tiller_enabled + } + admission_controller_options { + + #Optional + is_pod_security_policy_enabled = var.cluster_options_admission_controller_options_is_pod_security_policy_enabled + } + kubernetes_network_config { + + #Optional + pods_cidr = var.cluster_options_kubernetes_network_config_pods_cidr + services_cidr = var.cluster_options_kubernetes_network_config_services_cidr + } + open_id_connect_token_authentication_config { + #Required + is_open_id_connect_auth_enabled = var.cluster_options_open_id_connect_token_authentication_config_is_open_id_connect_auth_enabled + + #Optional + client_id = var.cluster_options_open_id_connect_token_authentication_config_client_id + issuer_url = var.cluster_options_open_id_connect_token_authentication_config_issuer_url + ca_certificate = var.cluster_options_open_id_connect_token_authentication_config_ca_certificate + groups_claim = var.cluster_options_open_id_connect_token_authentication_config_groups_claim + groups_prefix = var.cluster_options_open_id_connect_token_authentication_config_groups_prefix + required_claims { + + #Optional + key = var.cluster_options_open_id_connect_token_authentication_config_required_claims_key + value = var.cluster_options_open_id_connect_token_authentication_config_required_claims_value + } + signing_algorithms = var.cluster_options_open_id_connect_token_authentication_config_signing_algorithms + username_claim = var.cluster_options_open_id_connect_token_authentication_config_username_claim + username_prefix = var.cluster_options_open_id_connect_token_authentication_config_username_prefix + } + } + type = var.cluster_type +} + +data "oci_containerengine_clusters" "test_clusters" { + #Required + compartment_id = var.compartment_id + + #Optional + name = var.cluster_name + state = var.cluster_state +} \ No newline at end of file diff --git a/examples/container_engine/oidc_discovery/main.tf b/examples/container_engine/oidc_discovery/main.tf new file mode 100644 index 00000000000..bd095456012 --- /dev/null +++ b/examples/container_engine/oidc_discovery/main.tf @@ -0,0 +1,229 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +variable "tenancy_ocid" { +} + +variable "user_ocid" { +} + +variable "compartment_ocid" { +} + +variable "region" { + default = "us-ashburn-1" +} + +variable "kms_vault_id" { +} + +variable "compartment_id" { +} + +variable "cluster_cluster_pod_network_options_cni_type" { + default = "OCI_VCN_IP_NATIVE" +} + +variable "cluster_defined_tags_value" { + default = "value" +} + +variable "cluster_endpoint_config_is_public_ip_enabled" { + default = false +} + +variable "cluster_endpoint_config_nsg_ids" { + default = [] +} + +variable "cluster_freeform_tags" { + default = { "Department" = "Finance" } +} + +variable "cluster_image_policy_config_is_policy_enabled" { + default = false +} + +variable "cluster_kubernetes_version" { + default = "v1.30.1" +} + +variable "cluster_name" { + default = "oidc-discovery-example" +} + +variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { + default = false +} + +variable "cluster_options_add_ons_is_tiller_enabled" { + default = false +} + +variable "cluster_options_admission_controller_options_is_pod_security_policy_enabled" { + default = false +} + +variable "cluster_options_open_id_connect_discovery_is_open_id_connect_discovery_enabled" { + default = false +} + +variable "cluster_options_kubernetes_network_config_pods_cidr" { + default = "10.1.0.0/16" +} + +variable "cluster_options_kubernetes_network_config_services_cidr" { + default = "10.2.0.0/16" +} + +variable "cluster_options_persistent_volume_config_defined_tags_value" { + default = "value" +} + +variable "cluster_options_persistent_volume_config_freeform_tags" { + default = { "Department" = "Finance" } +} + +variable "cluster_options_service_lb_config_defined_tags_value" { + default = "value" +} + +variable "cluster_options_service_lb_config_freeform_tags" { + default = { "Department" = "Finance" } +} + +variable "cluster_options_service_lb_subnet_ids" { + default = [] +} + +variable "cluster_state" { + default = [] +} + +// enhanced cluster is required for OIDC Discovery to be enabled +variable "cluster_type" { + default = "ENHANCED_CLUSTER" +} + + + +provider "oci" { + region = var.region + auth = "SecurityToken" + config_file_profile = "terraform-federation-test" +} + +variable defined_tag_namespace_name { + default = "test" +} + +resource "oci_core_vcn" "test_vcn" { + cidr_block = "10.0.0.0/16" + compartment_id = var.compartment_ocid + display_name = "tfVcnForClusters" +} + +resource "oci_core_internet_gateway" "test_ig" { + compartment_id = var.compartment_ocid + display_name = "tfClusterInternetGateway" + vcn_id = oci_core_vcn.test_vcn.id +} + +resource "oci_identity_tag_namespace" "tag-namespace1" { + #Required + compartment_id = var.tenancy_ocid + description = "example tag namespace" + name = var.defined_tag_namespace_name != "" ? var.defined_tag_namespace_name : "example-tag-namespace-all" + + is_retired = false +} + +resource "oci_core_route_table" "test_route_table" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.test_vcn.id + display_name = "tfClustersRouteTable" + + route_rules { + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = oci_core_internet_gateway.test_ig.id + } +} + +data "oci_identity_availability_domains" "test_availability_domains" { + compartment_id = var.tenancy_ocid +} + +data "oci_identity_availability_domain" "ad1" { + compartment_id = var.tenancy_ocid + ad_number = 1 +} + +data "oci_identity_availability_domain" "ad2" { + compartment_id = var.tenancy_ocid + ad_number = 2 +} + +resource "oci_core_subnet" "clusterSubnet_2" { + #Required + availability_domain = data.oci_identity_availability_domain.ad2.name + cidr_block = "10.0.21.0/24" + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.test_vcn.id + display_name = "tfSubNet1ForClusters" + + + # Provider code tries to maintain compatibility with old versions. + security_list_ids = [oci_core_vcn.test_vcn.default_security_list_id] + route_table_id = oci_core_route_table.test_route_table.id +} + +resource "oci_containerengine_cluster" "test_cluster" { + #Required + compartment_id = var.compartment_ocid + kubernetes_version = var.cluster_kubernetes_version + name = "tfTestCluster" + vcn_id = oci_core_vcn.test_vcn.id + type = var.cluster_type + + #Optional + # defined_tags = map(oci_identity_tag_namespace.tag-namespace1.name.oci_identity_tag.tag1.name, var.cluster_defined_tags_value) + + freeform_tags = var.cluster_freeform_tags + + options { + + #Optional + add_ons { + + #Optional + is_kubernetes_dashboard_enabled = var.cluster_options_add_ons_is_kubernetes_dashboard_enabled + is_tiller_enabled = var.cluster_options_add_ons_is_tiller_enabled + } + admission_controller_options { + + #Optional + is_pod_security_policy_enabled = var.cluster_options_admission_controller_options_is_pod_security_policy_enabled + } + kubernetes_network_config { + + #Optional + pods_cidr = var.cluster_options_kubernetes_network_config_pods_cidr + services_cidr = var.cluster_options_kubernetes_network_config_services_cidr + } + + open_id_connect_discovery { + #Optional + is_open_id_connect_discovery_enabled = var.cluster_options_open_id_connect_discovery_is_open_id_connect_discovery_enabled + } + } +} + +data "oci_containerengine_clusters" "test_clusters" { + #Required + compartment_id = var.compartment_id + + #Optional + name = var.cluster_name + state = var.cluster_state +} \ No newline at end of file diff --git a/examples/datasafe/generate_on_prem_connector_configuration/generate_on_prem_connector_configuration.tf b/examples/datasafe/generate_on_prem_connector_configuration/generate_on_prem_connector_configuration.tf new file mode 100644 index 00000000000..9959d7c91ca --- /dev/null +++ b/examples/datasafe/generate_on_prem_connector_configuration/generate_on_prem_connector_configuration.tf @@ -0,0 +1,28 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +variable "generate_on_prem_connector_configuration_password" { + default = "BEstrO0ng_#1111" +} + + + +provider "oci" { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +resource "oci_data_safe_generate_on_prem_connector_configuration" "test_generate_on_prem_connector_configuration" { + #Required + on_prem_connector_id = oci_data_safe_on_prem_connector.test_on_prem_connector.id + password = var.generate_on_prem_connector_configuration_password +} \ No newline at end of file diff --git a/examples/desktops/desktop_pool/session_lifecycle_management/desktops-session-lifecycle-management-phx.auto.tfvars.example b/examples/desktops/desktop_pool/session_lifecycle_management/desktops-session-lifecycle-management-phx.auto.tfvars.example new file mode 100644 index 00000000000..66dacf3388d --- /dev/null +++ b/examples/desktops/desktop_pool/session_lifecycle_management/desktops-session-lifecycle-management-phx.auto.tfvars.example @@ -0,0 +1,26 @@ +# OCI config profile +config_file_profile="terraform-federation-test" + +# region (us-phoenix-1, ca-toronto-1, etc) +region="us-phoenix-1" + +# Secure Desktops with Shape Flexibility Example Configuration + +compartment_id = "" + +desktop_pool_vcn_id = "" +desktop_pool_subnet_id = "" +desktop_pool_image_id = "" +desktop_pool_image_name = "" +desktop_pool_backup_policy_id = "" +desktop_pool_contact_details = "test%40example.com" +desktop_pool_shape_config_baseline_ocpu_utilization = "BASELINE_1_2" +desktop_pool_shape_config_memory_in_gbs = 4 +desktop_pool_shape_config_ocpus = 2 +desktop_pool_use_dedicated_vm_host = "FALSE" + +desktop_pool_session_lifecycle_actions_disconnect_action = "STOP" +desktop_pool_session_lifecycle_actions_disconnect_grace_period_in_minutes = 60 + +desktop_pool_session_lifecycle_actions_inactivity_action = "DISCONNECT" +desktop_pool_session_lifecycle_actions_inactivity_grace_period_in_minutes = 60 \ No newline at end of file diff --git a/examples/desktops/desktop_pool/session_lifecycle_management/main.tf b/examples/desktops/desktop_pool/session_lifecycle_management/main.tf new file mode 100644 index 00000000000..f2b00308a6e --- /dev/null +++ b/examples/desktops/desktop_pool/session_lifecycle_management/main.tf @@ -0,0 +1,122 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + + +resource "oci_desktops_desktop_pool" "test_desktop_pool" { + #Required + compartment_id = var.compartment_id + display_name = var.desktop_pool_display_name + contact_details = var.desktop_pool_contact_details + + are_privileged_users = var.desktop_pool_are_privileged_users + availability_domain = data.oci_identity_availability_domain.ad.name + + network_configuration { + #Required + subnet_id = var.desktop_pool_subnet_id + vcn_id = var.desktop_pool_vcn_id + } + + device_policy { + #Required + audio_mode = var.desktop_pool_device_policy_audio_mode + cdm_mode = var.desktop_pool_device_policy_cdm_mode + clipboard_mode = var.desktop_pool_device_policy_clipboard_mode + is_display_enabled = var.desktop_pool_device_policy_is_display_enabled + is_keyboard_enabled = var.desktop_pool_device_policy_is_keyboard_enabled + is_pointer_enabled = var.desktop_pool_device_policy_is_pointer_enabled + is_printing_enabled = var.desktop_pool_device_policy_is_printing_enabled + } + + image { + #Required + image_id = var.desktop_pool_image_id + image_name = var.desktop_pool_image_name + } + + # Important: Availability policy can not be set when DISCONNECT Session Lifecycle Action is being set but + # "availability_policy" element without start nor stop schedules needs to be present + availability_policy { + } + + is_storage_enabled = var.desktop_pool_is_storage_enabled + storage_backup_policy_id = var.desktop_pool_backup_policy_id + storage_size_in_gbs = var.desktop_pool_storage_size_in_gbs + + shape_name = var.desktop_pool_shape_name + standby_size = var.desktop_pool_standby_size + maximum_size = var.desktop_pool_maximum_size + + #Optional + # defined_tags = map(oci_identity_tag_namespace.tag-namespace1.name.oci_identity_tag.tag1.name, var.desktop_pool_defined_tags_value) + # description = var.desktop_pool_description + # freeform_tags = var.desktop_pool_freeform_tags + # nsg_ids = var.desktop_pool_nsg_ids + # time_start_scheduled = var.desktop_pool_time_start_scheduled + # time_stop_scheduled = var.desktop_pool_time_stop_scheduled + session_lifecycle_actions { + + #Optional : + # Important: Disconnect lifecycle can only be set when "availability_policy" schedules are not been set + disconnect { + #Required + action = var.desktop_pool_session_lifecycle_actions_disconnect_action + #Optional + grace_period_in_minutes = var.desktop_pool_session_lifecycle_actions_disconnect_grace_period_in_minutes + } + inactivity { + #Required + action = var.desktop_pool_session_lifecycle_actions_inactivity_action + #Optional + grace_period_in_minutes = var.desktop_pool_session_lifecycle_actions_inactivity_grace_period_in_minutes + } + } + +} + +data "oci_desktops_desktop_pools" "test_desktop_pools_datasource" { + #Required + compartment_id = var.compartment_id + + #Optional + # availability_domain = data.oci_identity_availability_domain.ad.name + # display_name = var.desktop_pool_display_name + id = oci_desktops_desktop_pool.test_desktop_pool.id + # state = var.desktop_pool_state +} + +data "oci_desktops_desktop_pool" "test_desktop_pool_datasource" { + #Required + desktop_pool_id = oci_desktops_desktop_pool.test_desktop_pool.id +} + +data "oci_desktops_desktop_pool_desktops" "test_desktop_pool_desktops_datasource" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_id + desktop_pool_id = oci_desktops_desktop_pool.test_desktop_pool.id +} + +data "oci_desktops_desktop_pool_volumes" "test_desktop_pool_volumes_datasource" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_id + desktop_pool_id = oci_desktops_desktop_pool.test_desktop_pool.id + #Optional + # display_name = var.desktop_pool_display_name + # state = var.desktop_pool_state +} + +data "oci_identity_availability_domain" "ad" { + compartment_id = var.tenancy_ocid + ad_number = 1 +} + +data "oci_desktops_desktops" "test_desktops_datasource" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_id + desktop_pool_id = oci_desktops_desktop_pool.test_desktop_pool.id + state = "ACTIVE" +} + +data "oci_desktops_desktop" "test_desktop_datasource" { + desktop_id = data.oci_desktops_desktop_pool_desktops.test_desktop_pool_desktops_datasource.desktop_pool_desktop_collection.0.items.0.desktop_id +} diff --git a/examples/desktops/desktop_pool/session_lifecycle_management/outputs.tf b/examples/desktops/desktop_pool/session_lifecycle_management/outputs.tf new file mode 100644 index 00000000000..31ee709a166 --- /dev/null +++ b/examples/desktops/desktop_pool/session_lifecycle_management/outputs.tf @@ -0,0 +1,21 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +output "desktop_pool_id" { + value = [data.oci_desktops_desktop_pools.test_desktop_pools_datasource.desktop_pool_collection.0.items.*.id] +} + +# Output the desktop IDs of the desktop pool +output "desktop_pool_desktop_ids" { + value = [data.oci_desktops_desktop_pool_desktops.test_desktop_pool_desktops_datasource.desktop_pool_desktop_collection.0.items.*.desktop_id] +} + +# Output the volume IDs of the desktop pool +output "desktop_pool_volume_ids" { + value = [data.oci_desktops_desktop_pool_volumes.test_desktop_pool_volumes_datasource.desktop_pool_volume_collection.0.items.*.id] +} + +# Output the desktop IDs of the desktop pool +output "desktop_ids" { + value = [data.oci_desktops_desktops.test_desktops_datasource.desktop_collection.0.items.*.id] +} \ No newline at end of file diff --git a/examples/desktops/desktop_pool/session_lifecycle_management/provider.tf b/examples/desktops/desktop_pool/session_lifecycle_management/provider.tf new file mode 100644 index 00000000000..ed3dfb3e510 --- /dev/null +++ b/examples/desktops/desktop_pool/session_lifecycle_management/provider.tf @@ -0,0 +1,15 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +variable "config_file_profile" { +} + +provider "oci" { + auth = "SecurityToken" + config_file_profile = var.config_file_profile + region = var.region +} + +provider "local" { + version = ">=1.3.0" # Need this version of the local provider to support base64 encoded inputs +} diff --git a/examples/desktops/desktop_pool/session_lifecycle_management/variables.tf b/examples/desktops/desktop_pool/session_lifecycle_management/variables.tf new file mode 100644 index 00000000000..6e4937bcb5a --- /dev/null +++ b/examples/desktops/desktop_pool/session_lifecycle_management/variables.tf @@ -0,0 +1,171 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} +variable "compartment_id" {} + +variable "desktop_pool_are_privileged_users" { + description = "" + default = false +} + +variable "desktop_pool_description" { + description = "" + default = "Pool Description" +} + +variable "desktop_pool_contact_details" { + description = "" + default = "" +} + +variable "desktop_pool_device_policy_audio_mode" { + description = "" + default = "NONE" +} + +variable "desktop_pool_device_policy_cdm_mode" { + description = "" + default = "NONE" +} + +variable "desktop_pool_device_policy_clipboard_mode" { + description = "" + default = "NONE" +} + +variable "desktop_pool_device_policy_is_display_enabled" { + description = "" + default = false +} + +variable "desktop_pool_device_policy_is_keyboard_enabled" { + description = "" + default = false +} + +variable "desktop_pool_device_policy_is_pointer_enabled" { + description = "" + default = false +} + +variable "desktop_pool_device_policy_is_printing_enabled" { + description = "" + default = false +} + +variable "desktop_pool_display_name" { + description = "" + default = "testPool1" +} + +variable "desktop_pool_freeform_tags" { + description = "" + type = map(string) + + default = { + Test = "Test" + } +} + +variable "desktop_pool_standby_size" { + description = "" + default = 2 +} + +variable "desktop_pool_maximum_size" { + description = "" + default = 10 +} + +variable "desktop_pool_nsg_ids" { + description = "" + type = set(string) + default = null +} + +variable "desktop_pool_is_storage_enabled" { + description = "" + default = true +} + +variable "desktop_pool_backup_policy_id" { + description = "" + default = "" +} + +variable "desktop_pool_storage_size_in_gbs" { + description = "" + default = 50 +} + +variable "desktop_pool_vcn_id" { + description = "" +} + +variable "desktop_pool_subnet_id" { + description = "" +} + +variable "desktop_pool_shape_name" { + description = "" + default = "Flex Low" +} + +variable "desktop_pool_image_id" { + description = "" +} + +variable "desktop_pool_image_name" { + description = "" +} + +variable "desktop_pool_start_schedule_cron_expr" { + description = "" + default = "0 10 8 ? * 1" +} + +variable "desktop_pool_start_schedule_timezone" { + description = "" + default = "MST" +} + +variable "desktop_pool_stop_schedule_cron_expr" { + description = "" + default = "0 20 18 ? * 5" +} + +variable "desktop_pool_stop_schedule_timezone" { + description = "" + default = "MST" +} + +variable "desktop_pool_session_lifecycle_actions_disconnect_action" { + description = "" + default = "NONE" +} + +variable "desktop_pool_session_lifecycle_actions_inactivity_action" { + description = "" + default = "NONE" +} + +variable "desktop_pool_session_lifecycle_actions_disconnect_grace_period_in_minutes" { + description = "" + default = 60 +} + +variable "desktop_pool_session_lifecycle_actions_inactivity_grace_period_in_minutes" { + description = "" + default = 60 +} + + +variable "desktop_pool_state" { + description = "" + default = "ACTIVE" +} diff --git a/examples/dns/dnssec/provider.tf b/examples/dns/dnssec/provider.tf new file mode 100644 index 00000000000..bb3802a42bc --- /dev/null +++ b/examples/dns/dnssec/provider.tf @@ -0,0 +1,33 @@ +// Copyright (c) 2017, 2023, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +/* + * Provider config for dns sample + */ + +variable "tenancy_ocid" { +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "compartment_ocid" { +} + +variable "region" { +} + +provider "oci" { + region = var.region + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path +} + diff --git a/examples/dns/dnssec/zone.tf b/examples/dns/dnssec/zone.tf new file mode 100644 index 00000000000..cc3f9888559 --- /dev/null +++ b/examples/dns/dnssec/zone.tf @@ -0,0 +1,83 @@ +// Copyright (c) 2017, 2023, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +/* + * This file demonstrates initial setup of a dnssec enabled zone when the zone's + * parent zone is in OCI. It does not demonstrate setting up dnssec for the parent + * zone or handle rotating the dnssec key versions. + */ + +resource "random_string" "random_prefix" { + length = 4 + numeric = false + special = false +} + +resource "oci_dns_zone" "dnssec_parent_zone" { + compartment_id = var.compartment_ocid + name = "${data.oci_identity_tenancy.tenancy.name}-${random_string.random_prefix.result}-tf-example-dnssec-parent.oci-dns" + zone_type = "PRIMARY" + scope = "GLOBAL" + dnssec_state = "ENABLED" +} + +resource "oci_dns_zone" "dnssec_child_zone" { + compartment_id = var.compartment_ocid + name = "child.${oci_dns_zone.dnssec_parent_zone.name}" + zone_type = "PRIMARY" + scope = "GLOBAL" + dnssec_state = "ENABLED" +} + +resource "oci_dns_rrset" "parent_zone_ns_rrset" { + zone_name_or_id = oci_dns_zone.dnssec_parent_zone.id + domain = oci_dns_zone.dnssec_child_zone.name + rtype = "NS" + + items { + domain = oci_dns_zone.dnssec_child_zone.name + rtype = "NS" + rdata = oci_dns_zone.dnssec_child_zone.nameservers[0].hostname + ttl = 86400 + } +} + +locals { + ksk = oci_dns_zone.dnssec_child_zone.dnssec_config[0].ksk_dnssec_key_versions[0] +} + +resource "oci_dns_rrset" "parent_zone_ds_rrset" { + zone_name_or_id = oci_dns_zone.dnssec_parent_zone.id + domain = oci_dns_zone.dnssec_child_zone.name + rtype = "DS" + + items { + domain = oci_dns_zone.dnssec_child_zone.name + rtype = "DS" + rdata = local.ksk.ds_data[0].rdata + ttl = 86400 + } + + lifecycle { + ignore_changes = [ + items, + ] + } +} + +resource "oci_dns_zone_promote_dnssec_key_version" "promote_dnssec_key_version" { + dnssec_key_version_uuid = local.ksk.uuid + zone_id = oci_dns_zone.dnssec_child_zone.id + scope = "GLOBAL" + depends_on = [oci_dns_rrset.parent_zone_ds_rrset] + lifecycle { + ignore_changes = [ + dnssec_key_version_uuid, + ] + } +} + +data "oci_identity_tenancy" "tenancy" { + tenancy_id = var.tenancy_ocid +} + diff --git a/examples/dns/global/zone.tf b/examples/dns/global/zone.tf index 555ad57bb3e..bc3160d5b3f 100644 --- a/examples/dns/global/zone.tf +++ b/examples/dns/global/zone.tf @@ -46,6 +46,20 @@ resource "oci_dns_zone" "zone3" { zone_type = "PRIMARY" } +resource "oci_dns_zone" "zone4" { + compartment_id = var.compartment_ocid + name = "${data.oci_identity_tenancy.tenancy.name}-${random_string.random_prefix.result}-tf-example-primary.oci-dns4" + zone_type = "PRIMARY" + scope = "GLOBAL" + dnssec_state = "ENABLED" +} + +resource "oci_dns_zone_stage_dnssec_key_version" "stage_dnssec_key_version" { + predecessor_dnssec_key_version_uuid = oci_dns_zone.zone4.dnssec_config[0].zsk_dnssec_key_versions[0].uuid + zone_id = oci_dns_zone.zone4.id + scope = "GLOBAL" +} + data "oci_dns_zones" "zs" { compartment_id = var.compartment_ocid name_contains = "example" diff --git a/examples/goldengate/Deployment/main.tf b/examples/goldengate/Deployment/main.tf index 2b8425e44dd..734c06ea89f 100644 --- a/examples/goldengate/Deployment/main.tf +++ b/examples/goldengate/Deployment/main.tf @@ -9,6 +9,7 @@ variable "objectstorage_bucket_name" {} variable "objectstorage_namespace" {} variable password_secret_id {} variable identity_domain_id {} +variable group_id {} variable "deployment_cpu_core_count" { default = 1 @@ -106,6 +107,9 @@ resource "oci_golden_gate_deployment" "test_deployment" { admin_password = var.deployment_ogg_data_admin_password admin_username = var.deployment_ogg_data_admin_username deployment_name = var.deployment_ogg_data_deployment_name + group_to_roles_mapping { + security_group_id = var.group_id + } } locks {} } diff --git a/examples/logging/identity/identity.tf b/examples/logging/identity/identity.tf index 352214f561d..3fcca5f93a6 100644 --- a/examples/logging/identity/identity.tf +++ b/examples/logging/identity/identity.tf @@ -11,43 +11,4 @@ variable "log_group_freeform_tags" { default = { "Department" = "Finance" } -} - -variable "tag_namespace_description" { - default = "Just a test" -} - -variable "tag_namespace_name" { - default = "tf-testexamples-tag-namespace" -} - -resource "oci_identity_tag_namespace" "tag-namespace1" { - #Required - compartment_id = var.compartment_id - description = var.tag_namespace_description - name = var.tag_namespace_name -} - -resource "oci_identity_tag" "tag1" { - #Required - description = "tf example tag" - name = "tf-example-tag" - tag_namespace_id = oci_identity_tag_namespace.tag-namespace1.id -} - -resource "oci_identity_tag" "tag2" { - #Required - description = "tf example tag 2" - name = "tf-example-tag-2" - tag_namespace_id = oci_identity_tag_namespace.tag-namespace1.id -} - -output "tag_namespace1_name" { - value = oci_identity_tag_namespace.tag-namespace1.name -} -output "tag1_name" { - value = oci_identity_tag.tag1.name -} -output "tag2_name" { - value = oci_identity_tag.tag2.name } \ No newline at end of file diff --git a/examples/logging/log/log.tf b/examples/logging/log/log.tf index 92196cb80ef..407210b4aae 100644 --- a/examples/logging/log/log.tf +++ b/examples/logging/log/log.tf @@ -57,8 +57,7 @@ variable "test_log_group_id" {} variable "test_log_name" { default = "tf-exampleLog" } -variable "tag_namespace1_name" {} -variable "tag2_name" {} + resource "oci_logging_log" "test_log" { #Required @@ -84,9 +83,6 @@ resource "oci_logging_log" "test_log" { compartment_id = "ocid1.compartment.oc1..aaaaaaaa4rv5j2vzbrwaztnzvtu7kgswtigms4llcbylelylsqt2l3kl7gaa" }*/ - defined_tags = { - "${var.tag_namespace1_name}.${var.tag2_name}" = var.defined_tags_value - } freeform_tags = var.freeform_tags_value is_enabled = "false" retention_duration = "30" diff --git a/examples/logging/log_agent_configuration/log_agent_configuration.tf b/examples/logging/log_agent_configuration/log_agent_configuration.tf index 725ca0693d6..ef7f73c956d 100644 --- a/examples/logging/log_agent_configuration/log_agent_configuration.tf +++ b/examples/logging/log_agent_configuration/log_agent_configuration.tf @@ -1,6 +1,7 @@ // Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. // Licensed under the Mozilla Public License v2.0 + variable "compartment_id" {} variable "unified_agent_configuration_defined_tags_value" { @@ -174,8 +175,7 @@ variable "unified_agent_configuration_state" { variable "log_group_defined_tags_value" { default = "value2" } -variable "tag_namespace1_name" {} -variable "tag1_name" {} + variable "test_log_group_id" {} variable "test_log_id" {} @@ -238,10 +238,6 @@ resource "oci_logging_unified_agent_configuration" "test_unified_agent_configura } } - #Optional - defined_tags = { - "${var.tag_namespace1_name}.${var.tag1_name}" = var.log_group_defined_tags_value - } description = var.unified_agent_configuration_description display_name = var.unified_agent_configuration_display_name freeform_tags = var.unified_agent_configuration_freeform_tags @@ -330,9 +326,6 @@ resource "oci_logging_unified_agent_configuration" "test_unified_agent_configura } #Optional - defined_tags = { - "${var.tag_namespace1_name}.${var.tag1_name}" = var.log_group_defined_tags_value - } description = var.unified_agent_configuration_description display_name = "test_unified_agent_configuration_1" freeform_tags = var.unified_agent_configuration_freeform_tags @@ -374,7 +367,7 @@ resource "oci_logging_unified_agent_configuration" "test_unified_agent_configura source { name = "kubernetes_source" scrape_targets { - k8s_namespace = "kube_system" + k8s_namespace = "kube-system" resource_group = "tf-test-resource-group" resource_type = "PODS" service_name = "kubernetes" @@ -390,9 +383,6 @@ resource "oci_logging_unified_agent_configuration" "test_unified_agent_configura } #Optional - defined_tags = { - "${var.tag_namespace1_name}.${var.tag1_name}" = var.log_group_defined_tags_value - } description = var.unified_agent_configuration_description display_name = "test_unified_agent_configuration_monitoring_KUBERNETES" freeform_tags = var.unified_agent_configuration_freeform_tags @@ -463,9 +453,6 @@ resource "oci_logging_unified_agent_configuration" "test_unified_agent_configura } #Optional - defined_tags = { - "${var.tag_namespace1_name}.${var.tag1_name}" = var.log_group_defined_tags_value - } description = var.unified_agent_configuration_description display_name = "test_unified_agent_configuration_monitoring_TAIL" freeform_tags = var.unified_agent_configuration_freeform_tags @@ -510,9 +497,6 @@ resource "oci_logging_unified_agent_configuration" "test_unified_agent_configura } #Optional - defined_tags = { - "${var.tag_namespace1_name}.${var.tag1_name}" = var.log_group_defined_tags_value - } description = var.unified_agent_configuration_description display_name = "test_unified_agent_configuration_monitoring_URL" freeform_tags = var.unified_agent_configuration_freeform_tags diff --git a/examples/logging/log_group/log_group.tf b/examples/logging/log_group/log_group.tf index 7a0d85ff3b9..693106cb5a9 100644 --- a/examples/logging/log_group/log_group.tf +++ b/examples/logging/log_group/log_group.tf @@ -18,9 +18,6 @@ variable "freeform_tags_value" { } } -variable "tag_namespace1_name" {} -variable "tag2_name" {} - variable "compartment_id" {} variable "log_group_name" { @@ -34,9 +31,7 @@ resource "oci_logging_log_group" "test_log_group" { #Optional description = "description" - defined_tags = { - "${var.tag_namespace1_name}.${var.tag2_name}" = var.defined_tags_value - } + freeform_tags = var.freeform_tags_value lifecycle { diff --git a/examples/logging/log_rule/log_rule.tf b/examples/logging/log_rule/log_rule.tf index a349d06c1e0..c30899f95dd 100644 --- a/examples/logging/log_rule/log_rule.tf +++ b/examples/logging/log_rule/log_rule.tf @@ -1,7 +1,5 @@ variable "compartment_id" {} -variable "tag_namespace1_name" {} -variable "tag1_name" {} variable "defined_tags_value" { default = "defined_tags_value" @@ -21,9 +19,6 @@ resource "oci_logging_log" "test_log" { resource "oci_logging_log_rule" "test_log_rule" { compartment_id = var.compartment_id custom_log_id = oci_logging_log.test_log.id - defined_tags = { - "${var.tag_namespace1_name}.${var.tag1_name}" = var.defined_tags_value - } description = "description2" display_name = "logRuleTFExampleName" freeform_tags = { diff --git a/examples/logging/log_saved_search/log_saved_search.tf b/examples/logging/log_saved_search/log_saved_search.tf index e039da2472d..1eb77d300cb 100644 --- a/examples/logging/log_saved_search/log_saved_search.tf +++ b/examples/logging/log_saved_search/log_saved_search.tf @@ -13,8 +13,6 @@ variable "log_group_defined_tags_value" { default = "tf-value-group" } variable "compartment_id" {} -variable "tag_namespace1_name" {} -variable "tag1_name" {} variable "test_log_saved_search_name" { default = "tf-exampleLogSavedSearch" } @@ -26,9 +24,6 @@ resource "oci_logging_log_saved_search" "test_log_saved_search" { query = "exampleQuery" #Optional - defined_tags = { - "${var.tag_namespace1_name}.${var.tag1_name}" = var.log_group_defined_tags_value - } description = "description" freeform_tags = var.log_saved_search_freeform_tags diff --git a/examples/logging/main.tf b/examples/logging/main.tf index 03c37392769..faa5533f20f 100644 --- a/examples/logging/main.tf +++ b/examples/logging/main.tf @@ -7,10 +7,11 @@ locals { region = "us-phoenix-1" tenancy_ocid = "ocid1.tenancy.oc1..aaaaaaaa4s2hncj4oaulmf5tz4yfeska6fya4gkd5jsg3fmlgq7pprgr7wiq" - user_ocid = "ocid1.user.oc1..aaaaaaaa5mxx5f6ltt5w6soekhzetsymtgntbjijmikyc4kqpbau2xfwnsva" - fingerprint = "1e:84:e8:12:08:55:af:2e:51:5e:2a:57:41:ab:fd:c9" - private_key_path = "/Users/shxi/.oci/oci_api_key.pem" + user_ocid = "ocid1.user.oc1..aaaaaaaark6yo7jgevogxohlgerphpr6lreunmmsovjdkhmujnuj2urix5aq" + fingerprint = "16:9a:cf:f4:78:3f:ba:fd:67:fc:74:30:72:e8:e7:11" + private_key_path = "/Users/zhenyao/.oci/oci_api_key.pem" } + module "identity" { source = "./identity" compartment_id = var.compartment_ocid @@ -19,29 +20,21 @@ module "identity" { module "log_group" { source = "./log_group" compartment_id = var.compartment_ocid - tag2_name = module.identity.tag2_name - tag_namespace1_name = module.identity.tag_namespace1_name } module "log" { source = "./log" test_log_group_id = module.log_group.test_log_group_id - tag2_name = module.identity.tag2_name - tag_namespace1_name = module.identity.tag_namespace1_name } module "log_saved_search" { source = "./log_saved_search" compartment_id = var.compartment_ocid - tag1_name = module.identity.tag1_name - tag_namespace1_name = module.identity.tag_namespace1_name } module "log_agent_configuration" { source = "./log_agent_configuration" compartment_id = var.compartment_ocid - tag1_name = module.identity.tag1_name - tag_namespace1_name = module.identity.tag_namespace1_name test_log_id = module.log.test_log_id test_log_group_id = module.log_group.test_log_group_id -} +} \ No newline at end of file diff --git a/examples/logging/provider.tf b/examples/logging/provider.tf index facaf92d9d9..c710ac87ebb 100644 --- a/examples/logging/provider.tf +++ b/examples/logging/provider.tf @@ -7,18 +7,23 @@ // These variables would commonly be defined as environment variables or sourced in a .env file variable "tenancy_ocid" { + default = "ocid1.tenancy.oc1..aaaaaaaa4s2hncj4oaulmf5tz4yfeska6fya4gkd5jsg3fmlgq7pprgr7wiq" } variable "user_ocid" { + default = "ocid1.user.oc1..aaaaaaaark6yo7jgevogxohlgerphpr6lreunmmsovjdkhmujnuj2urix5aq" } variable "fingerprint" { + default = "16:9a:cf:f4:78:3f:ba:fd:67:fc:74:30:72:e8:e7:11" } variable "private_key_path" { + default = "/Users/zhenyao/.oci/oci_api_key.pem" } variable "compartment_ocid" { + default = "ocid1.compartment.oc1..aaaaaaaajdgiuoxrwem3326sihqitq3rf62hg4bq255hzchqwszx2xz4zega" } variable "region" { diff --git a/examples/storage/block/corevolume/boot_volume.tf b/examples/storage/block/corevolume/boot_volume.tf new file mode 100644 index 00000000000..8e44808601a --- /dev/null +++ b/examples/storage/block/corevolume/boot_volume.tf @@ -0,0 +1,87 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +# This example creates a new boot volume from an existing instance + +variable "boot_vol_first_backup_ocid" { +} + +variable "boot_vol_second_backup_ocid" { +} + +variable "instance_image_ocid" { +} + +resource "oci_core_boot_volume" "test_boot_volume_from_source_boot_volume" { + availability_domain = oci_core_instance.test_instance.availability_domain + compartment_id = oci_core_instance.test_instance.compartment_id + + source_details { + #Required + id = oci_core_instance.test_instance.boot_volume_id + type = "bootVolume" + } +} + +resource "oci_core_boot_volume" "test_create_delta_restored_boot_volume" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_ocid + display_name = "tf-delta-restored-boot-volume-1" + size_in_gbs = "56" + source_details { + first_backup_id = var.boot_vol_first_backup_ocid + second_backup_id = var.boot_vol_second_backup_ocid + change_block_size_in_bytes = 4096 + type = "bootVolumeBackupDelta" + } +} + +resource "oci_core_instance" "test_instance" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_ocid + display_name = "TestInstance" + shape = "VM.Standard2.1" + + create_vnic_details { + subnet_id = oci_core_subnet.test_subnet.id + display_name = "Primaryvnic" + assign_public_ip = true + hostname_label = "testinstance" + } + + source_details { + source_type = "image" + source_id = var.instance_image_ocid + } + + timeouts { + create = "60m" + } +} + +resource "oci_core_vcn" "test_vcn" { + cidr_block = "10.1.0.0/16" + compartment_id = var.compartment_ocid + display_name = "TestVcn" + dns_label = "testvcn" +} + +resource "oci_core_subnet" "test_subnet" { + availability_domain = data.oci_identity_availability_domain.ad.name + cidr_block = "10.1.20.0/24" + display_name = "TestSubnet" + dns_label = "testsubnet" + security_list_ids = [oci_core_vcn.test_vcn.default_security_list_id] + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.test_vcn.id + route_table_id = oci_core_vcn.test_vcn.default_route_table_id + dhcp_options_id = oci_core_vcn.test_vcn.default_dhcp_options_id +} + +output "boot_volume_from_instance_outputs" { + value = { + boot_volume_from_instance = oci_core_instance.test_instance.boot_volume_id + boot_volume_from_source_boot_volume_id = oci_core_boot_volume.test_boot_volume_from_source_boot_volume.id + } +} + diff --git a/examples/storage/block/corevolume/volume.tf b/examples/storage/block/corevolume/volume.tf new file mode 100644 index 00000000000..205b38311d5 --- /dev/null +++ b/examples/storage/block/corevolume/volume.tf @@ -0,0 +1,55 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +variable "tenancy_ocid" { +} + +variable "auth" { +} + +variable "config_file_profile" { +} + +variable "region" { +} + +variable "compartment_ocid" { +} + +variable "destination_region" { +} + +variable "vol_first_backup_ocid" { +} + +variable "vol_second_backup_ocid" { +} + +provider "oci" { + auth = var.auth + config_file_profile = var.config_file_profile + region = var.region +} + +data "oci_identity_availability_domain" "ad" { + compartment_id = var.tenancy_ocid + ad_number = 1 +} + +resource "oci_core_volume" "test_create_volume" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_ocid + display_name = "tf-volume-1" + size_in_gbs = "50" +} + +resource "oci_core_volume" "test_create_delta_restored_volume" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_ocid + display_name = "tf-delta-restored-volume-1" + size_in_gbs = "50" + source_details { + first_backup_id = var.vol_first_backup_ocid + second_backup_id = var.vol_second_backup_ocid + change_block_size_in_bytes = 4096 + type = "volumeBackupDelta" + } +} \ No newline at end of file diff --git a/examples/storage/block/volume_replica/main.tf b/examples/storage/block/volume_replica/main.tf new file mode 100644 index 00000000000..7017faa856d --- /dev/null +++ b/examples/storage/block/volume_replica/main.tf @@ -0,0 +1,36 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +variable "tenancy_ocid" { +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "region" { +} + +variable "compartment_ocid" { +} + + +data "oci_identity_availability_domain" "ad" { + compartment_id = var.tenancy_ocid + ad_number = 1 +} + +provider "oci" { +# version = "6.9.0" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region + +} \ No newline at end of file diff --git a/examples/storage/block/volume_replica/volume_replica_kms.tf b/examples/storage/block/volume_replica/volume_replica_kms.tf new file mode 100644 index 00000000000..e91c1c95d98 --- /dev/null +++ b/examples/storage/block/volume_replica/volume_replica_kms.tf @@ -0,0 +1,31 @@ + +resource "oci_core_volume" "test_volume_with_required_parameter" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_ocid +} + +variable "kms_key_ocid_cross_region" { + default = "" +} +resource "oci_core_volume" "test_volume_with_optional_parameter" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_ocid + display_name = "test_volume" + + // please find allowed other region's availability_domain and hardcode here + block_volume_replicas { + availability_domain = data.oci_identity_availability_domain.ad.name + display_name = "test_replicas" + } + + // if you want delete volume and this volume has replicas, please disable replicas at first, set this "block_volume_replicas_deletion" to true + block_volume_replicas_deletion = true + +} + +output "volume" { + value = { + test_volume_with_required_parameter = oci_core_volume.test_volume_with_required_parameter.id + test_volume_with_optional_parameter = oci_core_volume.test_volume_with_optional_parameter.id + } +} diff --git a/examples/zips/adm.zip b/examples/zips/adm.zip index 3f439ea30b6..a3250cfb88b 100644 Binary files a/examples/zips/adm.zip and b/examples/zips/adm.zip differ diff --git a/examples/zips/aiAnomalyDetection.zip b/examples/zips/aiAnomalyDetection.zip index 4be727965e3..9ee9915b9a5 100644 Binary files a/examples/zips/aiAnomalyDetection.zip and b/examples/zips/aiAnomalyDetection.zip differ diff --git a/examples/zips/aiDocument.zip b/examples/zips/aiDocument.zip index 8b87c6632de..e4f07238ec9 100644 Binary files a/examples/zips/aiDocument.zip and b/examples/zips/aiDocument.zip differ diff --git a/examples/zips/aiLanguage.zip b/examples/zips/aiLanguage.zip index 3e9f629defb..f6c952f09ee 100644 Binary files a/examples/zips/aiLanguage.zip and b/examples/zips/aiLanguage.zip differ diff --git a/examples/zips/aiVision.zip b/examples/zips/aiVision.zip index a95312e3fc1..fc8e12547a4 100644 Binary files a/examples/zips/aiVision.zip and b/examples/zips/aiVision.zip differ diff --git a/examples/zips/always_free.zip b/examples/zips/always_free.zip index 65a841b1506..95eb8721e2c 100644 Binary files a/examples/zips/always_free.zip and b/examples/zips/always_free.zip differ diff --git a/examples/zips/analytics.zip b/examples/zips/analytics.zip index eda56c30aee..5262ca4c3e9 100644 Binary files a/examples/zips/analytics.zip and b/examples/zips/analytics.zip differ diff --git a/examples/zips/announcements_service.zip b/examples/zips/announcements_service.zip index e7cc861d097..9bbcd0c47d6 100644 Binary files a/examples/zips/announcements_service.zip and b/examples/zips/announcements_service.zip differ diff --git a/examples/zips/api_gateway.zip b/examples/zips/api_gateway.zip index 69616813a98..df5d193012c 100644 Binary files a/examples/zips/api_gateway.zip and b/examples/zips/api_gateway.zip differ diff --git a/examples/zips/apm.zip b/examples/zips/apm.zip index 31c421a73f8..244bf68015b 100644 Binary files a/examples/zips/apm.zip and b/examples/zips/apm.zip differ diff --git a/examples/zips/appmgmt_control.zip b/examples/zips/appmgmt_control.zip index 91720018f4b..69102157839 100644 Binary files a/examples/zips/appmgmt_control.zip and b/examples/zips/appmgmt_control.zip differ diff --git a/examples/zips/artifacts.zip b/examples/zips/artifacts.zip index 52c9f520d55..c781aab2ab3 100644 Binary files a/examples/zips/artifacts.zip and b/examples/zips/artifacts.zip differ diff --git a/examples/zips/audit.zip b/examples/zips/audit.zip index 1ebf243aafd..b2fbe7d1b75 100644 Binary files a/examples/zips/audit.zip and b/examples/zips/audit.zip differ diff --git a/examples/zips/autoscaling.zip b/examples/zips/autoscaling.zip index 692d72005af..dff8e3cd9f7 100644 Binary files a/examples/zips/autoscaling.zip and b/examples/zips/autoscaling.zip differ diff --git a/examples/zips/bastion.zip b/examples/zips/bastion.zip index c9469f9e74f..9564047446b 100644 Binary files a/examples/zips/bastion.zip and b/examples/zips/bastion.zip differ diff --git a/examples/zips/big_data_service.zip b/examples/zips/big_data_service.zip index 856ee36c9e6..4c6be6b7d4e 100644 Binary files a/examples/zips/big_data_service.zip and b/examples/zips/big_data_service.zip differ diff --git a/examples/zips/blockchain.zip b/examples/zips/blockchain.zip index 055bdae6529..503556c5a57 100644 Binary files a/examples/zips/blockchain.zip and b/examples/zips/blockchain.zip differ diff --git a/examples/zips/budget.zip b/examples/zips/budget.zip index 684e8264678..d2d6c349069 100644 Binary files a/examples/zips/budget.zip and b/examples/zips/budget.zip differ diff --git a/examples/zips/capacity_management.zip b/examples/zips/capacity_management.zip index c2a644d4b03..0a9a99d413e 100644 Binary files a/examples/zips/capacity_management.zip and b/examples/zips/capacity_management.zip differ diff --git a/examples/zips/certificatesManagement.zip b/examples/zips/certificatesManagement.zip index ec8e16a317e..f305ac35859 100644 Binary files a/examples/zips/certificatesManagement.zip and b/examples/zips/certificatesManagement.zip differ diff --git a/examples/zips/cloudBridge.zip b/examples/zips/cloudBridge.zip index 5c81a4c789b..4408b41db22 100644 Binary files a/examples/zips/cloudBridge.zip and b/examples/zips/cloudBridge.zip differ diff --git a/examples/zips/cloudMigrations.zip b/examples/zips/cloudMigrations.zip index c393a31b7d2..fb109fef696 100644 Binary files a/examples/zips/cloudMigrations.zip and b/examples/zips/cloudMigrations.zip differ diff --git a/examples/zips/cloudguard.zip b/examples/zips/cloudguard.zip index ce90dfc6cad..680a6027f22 100644 Binary files a/examples/zips/cloudguard.zip and b/examples/zips/cloudguard.zip differ diff --git a/examples/zips/cluster_placement_groups.zip b/examples/zips/cluster_placement_groups.zip index 83a32b30cef..96cbf2b7779 100644 Binary files a/examples/zips/cluster_placement_groups.zip and b/examples/zips/cluster_placement_groups.zip differ diff --git a/examples/zips/compute.zip b/examples/zips/compute.zip index 985de942dc6..3160dcaa7bb 100644 Binary files a/examples/zips/compute.zip and b/examples/zips/compute.zip differ diff --git a/examples/zips/computecloudatcustomer.zip b/examples/zips/computecloudatcustomer.zip index 97748d6278d..94ad93a3683 100644 Binary files a/examples/zips/computecloudatcustomer.zip and b/examples/zips/computecloudatcustomer.zip differ diff --git a/examples/zips/computeinstanceagent.zip b/examples/zips/computeinstanceagent.zip index 8ad2f02dca1..4da76e2ba8f 100644 Binary files a/examples/zips/computeinstanceagent.zip and b/examples/zips/computeinstanceagent.zip differ diff --git a/examples/zips/concepts.zip b/examples/zips/concepts.zip index bfa208f5d33..6fc0fdda86d 100644 Binary files a/examples/zips/concepts.zip and b/examples/zips/concepts.zip differ diff --git a/examples/zips/container_engine.zip b/examples/zips/container_engine.zip index 29194c6e375..95313b28ddd 100644 Binary files a/examples/zips/container_engine.zip and b/examples/zips/container_engine.zip differ diff --git a/examples/zips/container_instances.zip b/examples/zips/container_instances.zip index 08c26d450d0..c797a1de4f5 100644 Binary files a/examples/zips/container_instances.zip and b/examples/zips/container_instances.zip differ diff --git a/examples/zips/database.zip b/examples/zips/database.zip index 5e7ebdc4294..6bdad235daa 100644 Binary files a/examples/zips/database.zip and b/examples/zips/database.zip differ diff --git a/examples/zips/databaseTools.zip b/examples/zips/databaseTools.zip index 9833ed544f9..b451ba5d968 100644 Binary files a/examples/zips/databaseTools.zip and b/examples/zips/databaseTools.zip differ diff --git a/examples/zips/databasemanagement.zip b/examples/zips/databasemanagement.zip index ba81589d316..a5aa3cfefe4 100644 Binary files a/examples/zips/databasemanagement.zip and b/examples/zips/databasemanagement.zip differ diff --git a/examples/zips/databasemigration.zip b/examples/zips/databasemigration.zip index 640566d9273..e926fde8f3f 100644 Binary files a/examples/zips/databasemigration.zip and b/examples/zips/databasemigration.zip differ diff --git a/examples/zips/datacatalog.zip b/examples/zips/datacatalog.zip index c7c654f9f8b..6273b6ac43a 100644 Binary files a/examples/zips/datacatalog.zip and b/examples/zips/datacatalog.zip differ diff --git a/examples/zips/dataflow.zip b/examples/zips/dataflow.zip index 10aa81fa15d..77e505cbcc2 100644 Binary files a/examples/zips/dataflow.zip and b/examples/zips/dataflow.zip differ diff --git a/examples/zips/dataintegration.zip b/examples/zips/dataintegration.zip index 1ed9eaedc78..cbc0926621c 100644 Binary files a/examples/zips/dataintegration.zip and b/examples/zips/dataintegration.zip differ diff --git a/examples/zips/datalabeling.zip b/examples/zips/datalabeling.zip index 26cbc5d072c..2fd55903bb3 100644 Binary files a/examples/zips/datalabeling.zip and b/examples/zips/datalabeling.zip differ diff --git a/examples/zips/datasafe.zip b/examples/zips/datasafe.zip index 725b00f1b82..fc969db2466 100644 Binary files a/examples/zips/datasafe.zip and b/examples/zips/datasafe.zip differ diff --git a/examples/zips/datascience.zip b/examples/zips/datascience.zip index 78e2f1757f1..cb642046188 100644 Binary files a/examples/zips/datascience.zip and b/examples/zips/datascience.zip differ diff --git a/examples/zips/delegation_management.zip b/examples/zips/delegation_management.zip index 5ef007ffeee..1d894f32b86 100644 Binary files a/examples/zips/delegation_management.zip and b/examples/zips/delegation_management.zip differ diff --git a/examples/zips/demand_signal.zip b/examples/zips/demand_signal.zip index 0008f3f5ca4..f22732b8d11 100644 Binary files a/examples/zips/demand_signal.zip and b/examples/zips/demand_signal.zip differ diff --git a/examples/zips/desktops.zip b/examples/zips/desktops.zip index b617d8b49bc..daced576eca 100644 Binary files a/examples/zips/desktops.zip and b/examples/zips/desktops.zip differ diff --git a/examples/zips/devops.zip b/examples/zips/devops.zip index 5d501c120e3..8fd7459cfaa 100644 Binary files a/examples/zips/devops.zip and b/examples/zips/devops.zip differ diff --git a/examples/zips/disaster_recovery.zip b/examples/zips/disaster_recovery.zip index c4a7103ccc1..cf05d451acd 100644 Binary files a/examples/zips/disaster_recovery.zip and b/examples/zips/disaster_recovery.zip differ diff --git a/examples/zips/dns.zip b/examples/zips/dns.zip index f6ed50b31fd..bfb14cbc20f 100644 Binary files a/examples/zips/dns.zip and b/examples/zips/dns.zip differ diff --git a/examples/zips/em_warehouse.zip b/examples/zips/em_warehouse.zip index 321ba5c3dd8..f3b7fdea08a 100644 Binary files a/examples/zips/em_warehouse.zip and b/examples/zips/em_warehouse.zip differ diff --git a/examples/zips/email.zip b/examples/zips/email.zip index 42d9c65af08..b9160177222 100644 Binary files a/examples/zips/email.zip and b/examples/zips/email.zip differ diff --git a/examples/zips/events.zip b/examples/zips/events.zip index 12ad5607576..1113f2cb8f3 100644 Binary files a/examples/zips/events.zip and b/examples/zips/events.zip differ diff --git a/examples/zips/fast_connect.zip b/examples/zips/fast_connect.zip index e7403c631fa..cbeee5589d7 100644 Binary files a/examples/zips/fast_connect.zip and b/examples/zips/fast_connect.zip differ diff --git a/examples/zips/fleet_apps_management.zip b/examples/zips/fleet_apps_management.zip index 70185aad7a5..6a9bc9febbb 100644 Binary files a/examples/zips/fleet_apps_management.zip and b/examples/zips/fleet_apps_management.zip differ diff --git a/examples/zips/fleetsoftwareupdate.zip b/examples/zips/fleetsoftwareupdate.zip index 092cd437d2d..3b839fe367a 100644 Binary files a/examples/zips/fleetsoftwareupdate.zip and b/examples/zips/fleetsoftwareupdate.zip differ diff --git a/examples/zips/functions.zip b/examples/zips/functions.zip index 2986c98916a..230d21933c5 100644 Binary files a/examples/zips/functions.zip and b/examples/zips/functions.zip differ diff --git a/examples/zips/fusionapps.zip b/examples/zips/fusionapps.zip index 382024c54ad..18aecb50f8e 100644 Binary files a/examples/zips/fusionapps.zip and b/examples/zips/fusionapps.zip differ diff --git a/examples/zips/generative_ai.zip b/examples/zips/generative_ai.zip index 7a9e88eaea0..da2fcd90bb8 100644 Binary files a/examples/zips/generative_ai.zip and b/examples/zips/generative_ai.zip differ diff --git a/examples/zips/globally_distributed_database.zip b/examples/zips/globally_distributed_database.zip index 76529038e4c..457a52c317e 100644 Binary files a/examples/zips/globally_distributed_database.zip and b/examples/zips/globally_distributed_database.zip differ diff --git a/examples/zips/goldengate.zip b/examples/zips/goldengate.zip index 62fd5f1bd4b..8aca4f72d7e 100644 Binary files a/examples/zips/goldengate.zip and b/examples/zips/goldengate.zip differ diff --git a/examples/zips/health_checks.zip b/examples/zips/health_checks.zip index fbbb2979bcf..f465e53aa6d 100644 Binary files a/examples/zips/health_checks.zip and b/examples/zips/health_checks.zip differ diff --git a/examples/zips/id6.zip b/examples/zips/id6.zip index 1ebb638e43e..e0015eae19a 100644 Binary files a/examples/zips/id6.zip and b/examples/zips/id6.zip differ diff --git a/examples/zips/identity.zip b/examples/zips/identity.zip index b3a2811ea84..94db8065ff8 100644 Binary files a/examples/zips/identity.zip and b/examples/zips/identity.zip differ diff --git a/examples/zips/identity_data_plane.zip b/examples/zips/identity_data_plane.zip index 2faba2606a6..52880caeb27 100644 Binary files a/examples/zips/identity_data_plane.zip and b/examples/zips/identity_data_plane.zip differ diff --git a/examples/zips/identity_domains.zip b/examples/zips/identity_domains.zip index ffbc27a857c..5d86ee79f7c 100644 Binary files a/examples/zips/identity_domains.zip and b/examples/zips/identity_domains.zip differ diff --git a/examples/zips/integration.zip b/examples/zips/integration.zip index 11e8b8c4a42..359d9bdd14d 100644 Binary files a/examples/zips/integration.zip and b/examples/zips/integration.zip differ diff --git a/examples/zips/jms.zip b/examples/zips/jms.zip index b2027d95b89..21c79a20748 100644 Binary files a/examples/zips/jms.zip and b/examples/zips/jms.zip differ diff --git a/examples/zips/jms_java_downloads.zip b/examples/zips/jms_java_downloads.zip index 65b5cd429c4..f501d2301ab 100644 Binary files a/examples/zips/jms_java_downloads.zip and b/examples/zips/jms_java_downloads.zip differ diff --git a/examples/zips/kms.zip b/examples/zips/kms.zip index f3c2f4c26df..ffc2b606a51 100644 Binary files a/examples/zips/kms.zip and b/examples/zips/kms.zip differ diff --git a/examples/zips/license_manager.zip b/examples/zips/license_manager.zip index 20f8f16fb99..a1b16e8dae7 100644 Binary files a/examples/zips/license_manager.zip and b/examples/zips/license_manager.zip differ diff --git a/examples/zips/limits.zip b/examples/zips/limits.zip index b8a61897842..ec5cb4ef854 100644 Binary files a/examples/zips/limits.zip and b/examples/zips/limits.zip differ diff --git a/examples/zips/load_balancer.zip b/examples/zips/load_balancer.zip index 8d1a6adec6a..993208b0af5 100644 Binary files a/examples/zips/load_balancer.zip and b/examples/zips/load_balancer.zip differ diff --git a/examples/zips/log_analytics.zip b/examples/zips/log_analytics.zip index 8b3ac9a8f31..73010542c74 100644 Binary files a/examples/zips/log_analytics.zip and b/examples/zips/log_analytics.zip differ diff --git a/examples/zips/logging.zip b/examples/zips/logging.zip index 0462c329235..112d44eb9f8 100644 Binary files a/examples/zips/logging.zip and b/examples/zips/logging.zip differ diff --git a/examples/zips/management_agent.zip b/examples/zips/management_agent.zip index 8ba33eeb00c..c6d49a3864c 100644 Binary files a/examples/zips/management_agent.zip and b/examples/zips/management_agent.zip differ diff --git a/examples/zips/management_dashboard.zip b/examples/zips/management_dashboard.zip index 4ba05777cc9..5a84d50b19c 100644 Binary files a/examples/zips/management_dashboard.zip and b/examples/zips/management_dashboard.zip differ diff --git a/examples/zips/marketplace.zip b/examples/zips/marketplace.zip index 208c6cf85cc..c4757c9c2cf 100644 Binary files a/examples/zips/marketplace.zip and b/examples/zips/marketplace.zip differ diff --git a/examples/zips/media_services.zip b/examples/zips/media_services.zip index 4f68bc81440..cde8e58171a 100644 Binary files a/examples/zips/media_services.zip and b/examples/zips/media_services.zip differ diff --git a/examples/zips/metering_computation.zip b/examples/zips/metering_computation.zip index 8ab5d34ad35..c95281545ff 100644 Binary files a/examples/zips/metering_computation.zip and b/examples/zips/metering_computation.zip differ diff --git a/examples/zips/monitoring.zip b/examples/zips/monitoring.zip index 9e118620265..5d9a4d7292d 100644 Binary files a/examples/zips/monitoring.zip and b/examples/zips/monitoring.zip differ diff --git a/examples/zips/mysql.zip b/examples/zips/mysql.zip index 696ce03d2c6..409424400a8 100644 Binary files a/examples/zips/mysql.zip and b/examples/zips/mysql.zip differ diff --git a/examples/zips/network_firewall.zip b/examples/zips/network_firewall.zip index 1dc57a900bd..6bff6c15753 100644 Binary files a/examples/zips/network_firewall.zip and b/examples/zips/network_firewall.zip differ diff --git a/examples/zips/network_load_balancer.zip b/examples/zips/network_load_balancer.zip index 57f47415466..1a89afbd3a4 100644 Binary files a/examples/zips/network_load_balancer.zip and b/examples/zips/network_load_balancer.zip differ diff --git a/examples/zips/networking.zip b/examples/zips/networking.zip index 055b121ebe8..dd722aa236e 100644 Binary files a/examples/zips/networking.zip and b/examples/zips/networking.zip differ diff --git a/examples/zips/nosql.zip b/examples/zips/nosql.zip index 193c9fb35f9..eb3c3536edb 100644 Binary files a/examples/zips/nosql.zip and b/examples/zips/nosql.zip differ diff --git a/examples/zips/notifications.zip b/examples/zips/notifications.zip index c3b79863a31..eadd6bebab5 100644 Binary files a/examples/zips/notifications.zip and b/examples/zips/notifications.zip differ diff --git a/examples/zips/object_storage.zip b/examples/zips/object_storage.zip index dc0859f2730..bcc8e6e5fc2 100644 Binary files a/examples/zips/object_storage.zip and b/examples/zips/object_storage.zip differ diff --git a/examples/zips/ocvp.zip b/examples/zips/ocvp.zip index c5a7e13e0ef..e04e070da53 100644 Binary files a/examples/zips/ocvp.zip and b/examples/zips/ocvp.zip differ diff --git a/examples/zips/onesubscription.zip b/examples/zips/onesubscription.zip index c39512ea86e..422f8a57a04 100644 Binary files a/examples/zips/onesubscription.zip and b/examples/zips/onesubscription.zip differ diff --git a/examples/zips/opa.zip b/examples/zips/opa.zip index 6be8dabe8f4..b802cbaad53 100644 Binary files a/examples/zips/opa.zip and b/examples/zips/opa.zip differ diff --git a/examples/zips/opensearch.zip b/examples/zips/opensearch.zip index b549154d7ab..5e3e9b17104 100644 Binary files a/examples/zips/opensearch.zip and b/examples/zips/opensearch.zip differ diff --git a/examples/zips/operator_access_control.zip b/examples/zips/operator_access_control.zip index 597a7ff7d57..a00dbf99e2f 100644 Binary files a/examples/zips/operator_access_control.zip and b/examples/zips/operator_access_control.zip differ diff --git a/examples/zips/opsi.zip b/examples/zips/opsi.zip index fec3b94e56e..b47e2c97116 100644 Binary files a/examples/zips/opsi.zip and b/examples/zips/opsi.zip differ diff --git a/examples/zips/optimizer.zip b/examples/zips/optimizer.zip index b542a07ad4e..4e084d458ef 100644 Binary files a/examples/zips/optimizer.zip and b/examples/zips/optimizer.zip differ diff --git a/examples/zips/oracle_cloud_vmware_solution.zip b/examples/zips/oracle_cloud_vmware_solution.zip index c01549c97b6..1cd4047c7a8 100644 Binary files a/examples/zips/oracle_cloud_vmware_solution.zip and b/examples/zips/oracle_cloud_vmware_solution.zip differ diff --git a/examples/zips/oracle_content_experience.zip b/examples/zips/oracle_content_experience.zip index 01913b236f5..46ae9de5b26 100644 Binary files a/examples/zips/oracle_content_experience.zip and b/examples/zips/oracle_content_experience.zip differ diff --git a/examples/zips/oracle_digital_assistant.zip b/examples/zips/oracle_digital_assistant.zip index 2aa506884d6..c209eb2998b 100644 Binary files a/examples/zips/oracle_digital_assistant.zip and b/examples/zips/oracle_digital_assistant.zip differ diff --git a/examples/zips/os_management_hub.zip b/examples/zips/os_management_hub.zip index f40668e2582..b942d2eafe7 100644 Binary files a/examples/zips/os_management_hub.zip and b/examples/zips/os_management_hub.zip differ diff --git a/examples/zips/osmanagement.zip b/examples/zips/osmanagement.zip index 3bce6187b30..f3bbd6f541e 100644 Binary files a/examples/zips/osmanagement.zip and b/examples/zips/osmanagement.zip differ diff --git a/examples/zips/osp_gateway.zip b/examples/zips/osp_gateway.zip index 2020702268d..4e84655a59e 100644 Binary files a/examples/zips/osp_gateway.zip and b/examples/zips/osp_gateway.zip differ diff --git a/examples/zips/osub_billing_schedule.zip b/examples/zips/osub_billing_schedule.zip index ede4513aa00..df9c27ae417 100644 Binary files a/examples/zips/osub_billing_schedule.zip and b/examples/zips/osub_billing_schedule.zip differ diff --git a/examples/zips/osub_organization_subscription.zip b/examples/zips/osub_organization_subscription.zip index 5920a5dfc83..df86242e848 100644 Binary files a/examples/zips/osub_organization_subscription.zip and b/examples/zips/osub_organization_subscription.zip differ diff --git a/examples/zips/osub_subscription.zip b/examples/zips/osub_subscription.zip index ebe73eba4ee..94e38b5c1c5 100644 Binary files a/examples/zips/osub_subscription.zip and b/examples/zips/osub_subscription.zip differ diff --git a/examples/zips/osub_usage.zip b/examples/zips/osub_usage.zip index e80e5e61ace..b0a39258004 100644 Binary files a/examples/zips/osub_usage.zip and b/examples/zips/osub_usage.zip differ diff --git a/examples/zips/pic.zip b/examples/zips/pic.zip index b3e3fc8873b..69bb53ab84f 100644 Binary files a/examples/zips/pic.zip and b/examples/zips/pic.zip differ diff --git a/examples/zips/psql.zip b/examples/zips/psql.zip index 43b317fb12b..4bf4d2a23ac 100644 Binary files a/examples/zips/psql.zip and b/examples/zips/psql.zip differ diff --git a/examples/zips/queue.zip b/examples/zips/queue.zip index 96ab6bf49e2..08f385fcb89 100644 Binary files a/examples/zips/queue.zip and b/examples/zips/queue.zip differ diff --git a/examples/zips/recovery.zip b/examples/zips/recovery.zip index 11c4d3b6691..0c5ed2587b6 100644 Binary files a/examples/zips/recovery.zip and b/examples/zips/recovery.zip differ diff --git a/examples/zips/redis.zip b/examples/zips/redis.zip index b02b6bc388b..c1f8aa8ded9 100644 Binary files a/examples/zips/redis.zip and b/examples/zips/redis.zip differ diff --git a/examples/zips/resourcemanager.zip b/examples/zips/resourcemanager.zip index 46aff4aaa23..ab6ca6f3052 100644 Binary files a/examples/zips/resourcemanager.zip and b/examples/zips/resourcemanager.zip differ diff --git a/examples/zips/resourcescheduler.zip b/examples/zips/resourcescheduler.zip index 2387625103d..b675a1dbe2d 100644 Binary files a/examples/zips/resourcescheduler.zip and b/examples/zips/resourcescheduler.zip differ diff --git a/examples/zips/security_attribute.zip b/examples/zips/security_attribute.zip index 7e93b609797..bcc936a1f1e 100644 Binary files a/examples/zips/security_attribute.zip and b/examples/zips/security_attribute.zip differ diff --git a/examples/zips/serviceManagerProxy.zip b/examples/zips/serviceManagerProxy.zip index b39a9059c44..de2490f78d4 100644 Binary files a/examples/zips/serviceManagerProxy.zip and b/examples/zips/serviceManagerProxy.zip differ diff --git a/examples/zips/service_catalog.zip b/examples/zips/service_catalog.zip index 5563f7da1b1..8c392ce5d78 100644 Binary files a/examples/zips/service_catalog.zip and b/examples/zips/service_catalog.zip differ diff --git a/examples/zips/service_connector_hub.zip b/examples/zips/service_connector_hub.zip index 5577643038c..333866dfbe0 100644 Binary files a/examples/zips/service_connector_hub.zip and b/examples/zips/service_connector_hub.zip differ diff --git a/examples/zips/service_mesh.zip b/examples/zips/service_mesh.zip index 7435847ac01..c1cf559f689 100644 Binary files a/examples/zips/service_mesh.zip and b/examples/zips/service_mesh.zip differ diff --git a/examples/zips/stack_monitoring.zip b/examples/zips/stack_monitoring.zip index d36253ed820..1cbbe5ee5c8 100644 Binary files a/examples/zips/stack_monitoring.zip and b/examples/zips/stack_monitoring.zip differ diff --git a/examples/zips/storage.zip b/examples/zips/storage.zip index fe8e7886f18..af5543585ce 100644 Binary files a/examples/zips/storage.zip and b/examples/zips/storage.zip differ diff --git a/examples/zips/streaming.zip b/examples/zips/streaming.zip index 29dfbba18ae..e7c64035c98 100644 Binary files a/examples/zips/streaming.zip and b/examples/zips/streaming.zip differ diff --git a/examples/zips/usage_proxy.zip b/examples/zips/usage_proxy.zip index e4ff959ec78..eea0ade28ff 100644 Binary files a/examples/zips/usage_proxy.zip and b/examples/zips/usage_proxy.zip differ diff --git a/examples/zips/vault_secret.zip b/examples/zips/vault_secret.zip index d433c99f591..01b06d383c7 100644 Binary files a/examples/zips/vault_secret.zip and b/examples/zips/vault_secret.zip differ diff --git a/examples/zips/vbs_inst.zip b/examples/zips/vbs_inst.zip index 56a3a174aa9..3e7e6680d87 100644 Binary files a/examples/zips/vbs_inst.zip and b/examples/zips/vbs_inst.zip differ diff --git a/examples/zips/visual_builder.zip b/examples/zips/visual_builder.zip index f2158a633eb..1d949a9689c 100644 Binary files a/examples/zips/visual_builder.zip and b/examples/zips/visual_builder.zip differ diff --git a/examples/zips/vn_monitoring.zip b/examples/zips/vn_monitoring.zip index aff4d28b71b..024120fab0b 100644 Binary files a/examples/zips/vn_monitoring.zip and b/examples/zips/vn_monitoring.zip differ diff --git a/examples/zips/vulnerability_scanning_service.zip b/examples/zips/vulnerability_scanning_service.zip index e8ff392b703..9321be369f9 100644 Binary files a/examples/zips/vulnerability_scanning_service.zip and b/examples/zips/vulnerability_scanning_service.zip differ diff --git a/examples/zips/web_app_acceleration.zip b/examples/zips/web_app_acceleration.zip index 2b463a0b443..a8e087cea4c 100644 Binary files a/examples/zips/web_app_acceleration.zip and b/examples/zips/web_app_acceleration.zip differ diff --git a/examples/zips/web_app_firewall.zip b/examples/zips/web_app_firewall.zip index a7c033ac282..2938e0f8e6d 100644 Binary files a/examples/zips/web_app_firewall.zip and b/examples/zips/web_app_firewall.zip differ diff --git a/examples/zips/web_application_acceleration_and_security.zip b/examples/zips/web_application_acceleration_and_security.zip index 48cecb2247e..de799a08641 100644 Binary files a/examples/zips/web_application_acceleration_and_security.zip and b/examples/zips/web_application_acceleration_and_security.zip differ diff --git a/examples/zips/zpr.zip b/examples/zips/zpr.zip index 761ac635ddb..e1e8386602a 100644 Binary files a/examples/zips/zpr.zip and b/examples/zips/zpr.zip differ diff --git a/go.mod b/go.mod index 5eeb3205e16..b86a75c2ec8 100644 --- a/go.mod +++ b/go.mod @@ -52,7 +52,7 @@ require ( github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/oklog/run v1.0.0 // indirect - github.com/oracle/oci-go-sdk/v65 v65.75.0 + github.com/oracle/oci-go-sdk/v65 v65.76.0 github.com/pmezard/go-difflib v1.0.0 // indirect github.com/sony/gobreaker v0.5.0 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect @@ -68,6 +68,6 @@ require ( ) // Uncomment this line to get OCI Go SDK from local source instead of github -replace github.com/oracle/oci-go-sdk/v65 v65.75.0 => ./vendor/github.com/oracle/oci-go-sdk +//replace github.com/oracle/oci-go-sdk => ../../oracle/oci-go-sdk go 1.21 diff --git a/go.sum b/go.sum index 1cccc9418da..bffe12df610 100644 --- a/go.sum +++ b/go.sum @@ -140,6 +140,8 @@ github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/oracle/oci-go-sdk/v65 v65.76.0 h1:mecdD9at/CMaQNEkcC5aMUR9aBF3brdiEyVkDRu/qVc= +github.com/oracle/oci-go-sdk/v65 v65.76.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0= github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4= github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= diff --git a/internal/globalvar/version.go b/internal/globalvar/version.go index 76b8c73d713..5449ac4fdf4 100644 --- a/internal/globalvar/version.go +++ b/internal/globalvar/version.go @@ -7,9 +7,9 @@ import ( "log" ) -const Version = "6.13.0" +const Version = "6.14.0" -const ReleaseDate = "2024-10-12" +const ReleaseDate = "2024-10-20" func PrintVersion() { log.Printf("[INFO] terraform-provider-oci %s\n", Version) diff --git a/internal/integrationtest/containerengine_cluster_test.go b/internal/integrationtest/containerengine_cluster_test.go index 8b30461fdc8..2b4d4f6f0b4 100644 --- a/internal/integrationtest/containerengine_cluster_test.go +++ b/internal/integrationtest/containerengine_cluster_test.go @@ -63,16 +63,16 @@ var ( "kubernetes_version": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_containerengine_cluster_option.test_cluster_option.kubernetes_versions[length(data.oci_containerengine_cluster_option.test_cluster_option.kubernetes_versions)-2]}`, Update: `${data.oci_containerengine_cluster_option.test_cluster_option.kubernetes_versions[length(data.oci_containerengine_cluster_option.test_cluster_option.kubernetes_versions)-1]}`}, "name": acctest.Representation{RepType: acctest.Required, Create: `name`, Update: `name2`}, "vcn_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_core_vcn.test_vcn.id}`}, - "cluster_pod_network_options": acctest.RepresentationGroup{RepType: acctest.Optional, Group: clusterClusterPodNetworkOptionsRepresentation}, + "cluster_pod_network_options": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterClusterPodNetworkOptionsRepresentation}, "defined_tags": acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`}, "endpoint_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterEndpointConfigRepresentation}, "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, "image_policy_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterImagePolicyConfigRepresentation}, "kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${lookup(data.oci_kms_keys.test_keys_dependency.keys[0], "id")}`}, - "type": acctest.Representation{RepType: acctest.Optional, Create: `BASIC_CLUSTER`, Update: `ENHANCED_CLUSTER`}, + "type": acctest.Representation{RepType: acctest.Optional, Create: `ENHANCED_CLUSTER`, Update: `ENHANCED_CLUSTER`}, "options": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsRepresentation}, } - clusterClusterPodNetworkOptionsRepresentation = map[string]interface{}{ + ContainerengineClusterClusterPodNetworkOptionsRepresentation = map[string]interface{}{ "cni_type": acctest.Representation{RepType: acctest.Required, Create: `OCI_VCN_IP_NATIVE`}, } ContainerengineClusterEndpointConfigRepresentation = map[string]interface{}{ @@ -84,11 +84,14 @@ var ( "key_details": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterImagePolicyConfigKeyDetailsRepresentation}, } ContainerengineClusterOptionsRepresentation = map[string]interface{}{ - "add_ons": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsAddOnsRepresentation}, - "kubernetes_network_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsKubernetesNetworkConfigRepresentation}, - "persistent_volume_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsPersistentVolumeConfigRepresentation}, - "service_lb_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsServiceLbConfigRepresentation}, - "service_lb_subnet_ids": acctest.Representation{RepType: acctest.Optional, Create: []string{`${oci_core_subnet.clusterSubnet_1.id}`, `${oci_core_subnet.clusterSubnet_2.id}`}}, + "add_ons": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsAddOnsRepresentation}, + "admission_controller_options": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsAdmissionControllerOptionsRepresentation}, + "kubernetes_network_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsKubernetesNetworkConfigRepresentation}, + "open_id_connect_token_authentication_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsOpenIdConnectTokenAuthenticationConfigRepresentation}, + "open_id_connect_discovery": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsOpenIdConnectDiscoveryRepresentation}, + "persistent_volume_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsPersistentVolumeConfigRepresentation}, + "service_lb_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsServiceLbConfigRepresentation}, + "service_lb_subnet_ids": acctest.Representation{RepType: acctest.Optional, Create: []string{`${oci_core_subnet.clusterSubnet_1.id}`, `${oci_core_subnet.clusterSubnet_2.id}`}}, } ContainerengineClusterImagePolicyConfigKeyDetailsRepresentation = map[string]interface{}{ "kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${lookup(data.oci_kms_keys.test_keys_dependency_RSA.keys[0], "id")}`}, @@ -97,10 +100,28 @@ var ( "is_kubernetes_dashboard_enabled": acctest.Representation{RepType: acctest.Optional, Create: `true`}, "is_tiller_enabled": acctest.Representation{RepType: acctest.Optional, Create: `true`}, } + ContainerengineClusterOptionsAdmissionControllerOptionsRepresentation = map[string]interface{}{ + "is_pod_security_policy_enabled": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `false`}, + } ContainerengineClusterOptionsKubernetesNetworkConfigRepresentation = map[string]interface{}{ "pods_cidr": acctest.Representation{RepType: acctest.Optional, Create: `10.1.0.0/16`}, "services_cidr": acctest.Representation{RepType: acctest.Optional, Create: `10.2.0.0/16`}, } + ContainerengineClusterOptionsOpenIdConnectTokenAuthenticationConfigRepresentation = map[string]interface{}{ + "is_open_id_connect_auth_enabled": acctest.Representation{RepType: acctest.Required, Create: `true`, Update: `false`}, + "ca_certificate": acctest.Representation{RepType: acctest.Optional, Create: `LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUY5RENDQTl5Z0F3SUJBZ0lVYjZUaGdGNThwZVR0QkQ3Q2dyWlVNbDRXMWZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZQXhDekFKQmdOVkJBWVRBbGhZTVJJd0VBWURWUVFJREFsVGRHRjBaVTVoYldVeEVUQVBCZ05WQkFjTQpDRU5wZEhsT1lXMWxNUlF3RWdZRFZRUUtEQXREYjIxd1lXNTVUbUZ0WlRFYk1Ca0dBMVVFQ3d3U1EyOXRjR0Z1CmVWTmxZM1JwYjI1T1lXMWxNUmN3RlFZRFZRUUREQTR4TlRBdU1UTTJMak0zTGpJME16QWVGdzB5TkRBME1ETXcKTWpVMU1qQmFGdzB6TkRBME1ERXdNalUxTWpCYU1JR0FNUXN3Q1FZRFZRUUdFd0pZV0RFU01CQUdBMVVFQ0F3SgpVM1JoZEdWT1lXMWxNUkV3RHdZRFZRUUhEQWhEYVhSNVRtRnRaVEVVTUJJR0ExVUVDZ3dMUTI5dGNHRnVlVTVoCmJXVXhHekFaQmdOVkJBc01Fa052YlhCaGJubFRaV04wYVc5dVRtRnRaVEVYTUJVR0ExVUVBd3dPTVRVd0xqRXoKTmk0ek55NHlORE13Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQ0R3QXdnZ0lLQW9JQ0FRRFBmWGFUaXE4ZAp3VW1QZjNNWUdZUnRYVlliUzhRblUzeGNUdnpqeExxRTlIZnVPUUgyVFBna0wvbjBQUTVvZnFURnlMRjd3Z1BvCks5Wmx2dG1mUzhNRUlsU1doUFdSWWpuNDRYVXhOVjBhTldUWi80bWFYcUlXOUM1aC9xaEhiVU1IbTAwNzZkQjMKby9GaTBEZnpwN3JDTGhZeTJUaG5oc1BOWXYzcFljVlNDbVFZVVpUNlh6eVR5Ym4vY3IvY2tTYXRWTkZKNEQ3UwpLK2xxdEtzNzF3bkMzTjhQd2xZemFyOWFaMnNlSmNrSXZRWWtKZ3phcktZK0hYTkg3SVZKa0h2N3QyY1NJdGJvClRUVTJHVE5icEJyK05YSFZlaWo0THpsZWdER0dPWkFjYWEwS094YWoxNXNISFlQSVBJYlZ2NXMwVXVodkVyUEIKOFUxRjVhRFU0L0MrbW9Lc3EwTlpEcDZNSkphZ1lBazEvUzduRCtXbEExem5rMzRyYXl0U2FDdDdFK1JTMlR2YQpaRkExQWFNNmlBVXp1eEY3ZWtnejhzZ1lZd0drMnJZTFRzQm9IdHloeUkxM0FwMVBlL3ROSVQxaHlYdmQzVzVICmFtQ09PSnFkYUFkYU1xR2g0V25lemZ6UjZUY2NHNmpaekVqV2N0amEyWXlPVlZaaWlRWWllajA2S1VYazI4U2wKUVlGamNXak53c0s5b1U4OFRFbkJ6U0FPZ29OVXBITkxEeFVzRHhEMDBuQm9aS2U2aExFVmFMckRiSEdzdU5MSgo1TDd3WE1xdUZIQ2RjUUhhTzMxTnp5UllrTGw3UUtiSkRvZjNWNzBQMmRtbXhDdU5ybTkwWFNoZ3o3L2xHK0krCnFiUkRVT21Pcjc1dmxvZEFDODB4SU5tKzZLcEdJcXVGaVFJREFRQUJvMlF3WWpBZEJnTlZIUTRFRmdRVU4zK0gKa3Z5SW9KVFVLSTlFNEFweTFSbEc3bjh3SHdZRFZSMGpCQmd3Rm9BVU4zK0hrdnlJb0pUVUtJOUU0QXB5MVJsRwo3bjh3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFQQmdOVkhSRUVDREFHaHdTV2lDWHpNQTBHQ1NxR1NJYjNEUUVCCkN3VUFBNElDQVFDQjR4SEljOG81MlpFaHoyYVJoNUl0QTdYeUs4bjdROVRqODJiTjZPaFB1ZDg0MDRNbUFldHIKNFAzTUtadWlJNDRIeUVZQ2tSenFNVXVRNS9yd2JJNU1iUStBN1Z3dEpDdjRMZEZjOEsxRnZKcEo0c2lXaWwzMgpaQ0YyS052elB6Vm1NVVc4QkZFSVFMMnIvdWhrelc2V2FvWHVVZTV0NkE3UDJIL1lYU3JvRUdDZGZDOGQ3TWo5CkppN1Nxc3BYTUM2WlNvZmhQUFZMTUtRWk44REh5SXorUlJHZS8zYkw2S2ZMUXpuZDJ4UzJVcVZ3eGIweERjZ04KK0lrNGRCcjdqS1Z1N3cwTjJvcUo5V2ZmVjgxRFV1OWgwZjROeGcxakc1bWlCZHRTU1dTWEdqNHlLRmdvWnJwTApMZEdGRGdiUFh1QjZLWGVBY3N1M21hRjZrOXBsU29WeFU1cC9zdGRVSXMycFphTmdsdzh2UmJxWFM3cXFKT0V2Ck5RSmZPcEszN2JrMjBCS1lsQ2NXUWxGVjFmejdRdUFJdS9hK0NlUXFwUXhGUVk5SmFsYStNWDFxaDRIYWJUNHgKNGNOaktBNC9pNVhkYkdaTUFJQVhxN2tnNVlSc2xyQmQ5ZFNaM0FMUVVocEppZ01TOFhDY1htQUZrcnR2Tm81YgplWXNjM1AyT0hnRjQ3a3Z1N00rUWdDNU43RkJvNkhSdkNLY1dwRG5oSVprd2JsRkRsVW1iejBicHJLRDVqc01wCi93dDl3OUhaWEFsOTRtU1JLeTFJdmFvMHdndEYzNW9Sait1eXpxRUl2RVdkMmpvc21LTmtGWGlXMU5lbGNrUnUKT1FjdFBNN3BJbHZ6ZWh2U3BENTVWN09NbHhLZHArMTQ0cVMrbDB2UStOUGJSMk91TkNZa1lBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=`}, + "client_id": acctest.Representation{RepType: acctest.Optional, Create: `${oci_containerengine_client.test_client.id}`}, + "groups_claim": acctest.Representation{RepType: acctest.Optional, Create: `groupsClaim`}, + "groups_prefix": acctest.Representation{RepType: acctest.Optional, Create: `groupsPrefix`}, + "issuer_url": acctest.Representation{RepType: acctest.Optional, Create: `https://url1.com`}, + "required_claims": acctest.RepresentationGroup{RepType: acctest.Optional, Group: ContainerengineClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsRepresentation}, + "signing_algorithms": acctest.Representation{RepType: acctest.Optional, Create: []string{`RS256`}}, + "username_claim": acctest.Representation{RepType: acctest.Optional, Create: `sub`}, + "username_prefix": acctest.Representation{RepType: acctest.Optional, Create: `oidc:`}, + } + ContainerengineClusterOptionsOpenIdConnectDiscoveryRepresentation = map[string]interface{}{ + "is_open_id_connect_discovery_enabled": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `true`}, + } ContainerengineClusterOptionsPersistentVolumeConfigRepresentation = map[string]interface{}{ "defined_tags": acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`}, "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, @@ -109,6 +130,10 @@ var ( "defined_tags": acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`}, "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, } + ContainerengineClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsRepresentation = map[string]interface{}{ + "key": acctest.Representation{RepType: acctest.Optional, Create: `key`}, + "value": acctest.Representation{RepType: acctest.Optional, Create: `value`}, + } ContainerengineClusterResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_core_subnet", "clusterSubnet_1", acctest.Required, acctest.Create, acctest.RepresentationCopyWithNewProperties(CoreSubnetRepresentation, map[string]interface{}{"availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${lower("${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}")}`}, "cidr_block": acctest.Representation{RepType: acctest.Required, Create: `10.0.20.0/24`}, "dns_label": acctest.Representation{RepType: acctest.Required, Create: `cluster1`}})) + acctest.GenerateResourceFromRepresentationMap("oci_core_subnet", "clusterSubnet_2", acctest.Required, acctest.Create, acctest.RepresentationCopyWithNewProperties(CoreSubnetRepresentation, map[string]interface{}{"availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${lower("${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}")}`}, "cidr_block": acctest.Representation{RepType: acctest.Required, Create: `10.0.21.0/24`}, "dns_label": acctest.Representation{RepType: acctest.Required, Create: `cluster2`}})) + @@ -184,17 +209,31 @@ func TestContainerengineClusterResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "options.0.add_ons.#", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.add_ons.0.is_kubernetes_dashboard_enabled", "true"), resource.TestCheckResourceAttr(resourceName, "options.0.add_ons.0.is_tiller_enabled", "true"), - resource.TestCheckResourceAttr(resourceName, "options.0.admission_controller_options.#", "1"), - resource.TestCheckResourceAttr(resourceName, "options.0.admission_controller_options.0.is_pod_security_policy_enabled", "false"), resource.TestCheckResourceAttr(resourceName, "options.0.kubernetes_network_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.kubernetes_network_config.0.pods_cidr", "10.1.0.0/16"), resource.TestCheckResourceAttr(resourceName, "options.0.kubernetes_network_config.0.services_cidr", "10.2.0.0/16"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "options.0.open_id_connect_token_authentication_config.0.ca_certificate"), + resource.TestCheckResourceAttrSet(resourceName, "options.0.open_id_connect_token_authentication_config.0.client_id"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.groups_claim", "groupsClaim"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.groups_prefix", "groupsPrefix"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.is_open_id_connect_auth_enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.issuer_url", "https://url1.com"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.required_claims.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.required_claims.0.key", "key"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.required_claims.0.value", "value"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.signing_algorithms.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.username_claim", "RS256"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.0.username_prefix", "oidc:"), + resource.TestCheckResourceAttr(resourceName, "options.0.admission_controller_options.0.is_pod_security_policy_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_discovery.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_discovery.0.is_open_id_connect_discovery_enabled", "false"), resource.TestCheckResourceAttr(resourceName, "options.0.persistent_volume_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.persistent_volume_config.0.freeform_tags.%", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.service_lb_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.service_lb_config.0.freeform_tags.%", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.service_lb_subnet_ids.#", "2"), - resource.TestCheckResourceAttr(resourceName, "type", "BASIC_CLUSTER"), + resource.TestCheckResourceAttr(resourceName, "type", "ENHANCED_CLUSTER"), resource.TestCheckResourceAttrSet(resourceName, "vcn_id"), func(s *terraform.State) (err error) { @@ -233,11 +272,13 @@ func TestContainerengineClusterResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "options.0.add_ons.#", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.add_ons.0.is_kubernetes_dashboard_enabled", "true"), resource.TestCheckResourceAttr(resourceName, "options.0.add_ons.0.is_tiller_enabled", "true"), - resource.TestCheckResourceAttr(resourceName, "options.0.admission_controller_options.#", "1"), - resource.TestCheckResourceAttr(resourceName, "options.0.admission_controller_options.0.is_pod_security_policy_enabled", "false"), resource.TestCheckResourceAttr(resourceName, "options.0.kubernetes_network_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.kubernetes_network_config.0.pods_cidr", "10.1.0.0/16"), resource.TestCheckResourceAttr(resourceName, "options.0.kubernetes_network_config.0.services_cidr", "10.2.0.0/16"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_token_authentication_config.#", "0"), + resource.TestCheckResourceAttr(resourceName, "options.0.admission_controller_options.0.is_pod_security_policy_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_discovery.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.open_id_connect_discovery.0.is_open_id_connect_discovery_enabled", "true"), resource.TestCheckResourceAttr(resourceName, "options.0.persistent_volume_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.persistent_volume_config.0.freeform_tags.%", "1"), resource.TestCheckResourceAttr(resourceName, "options.0.service_lb_config.#", "1"), @@ -286,11 +327,25 @@ func TestContainerengineClusterResource_basic(t *testing.T) { resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.add_ons.#", "1"), resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.add_ons.0.is_kubernetes_dashboard_enabled", "true"), resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.add_ons.0.is_tiller_enabled", "true"), - resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.admission_controller_options.#", "1"), - resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.admission_controller_options.0.is_pod_security_policy_enabled", "false"), resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.kubernetes_network_config.#", "1"), resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.kubernetes_network_config.0.pods_cidr", "10.1.0.0/16"), resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.kubernetes_network_config.0.services_cidr", "10.2.0.0/16"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.#", "1"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.ca_certificate", "caCertificate2"), + resource.TestCheckResourceAttrSet(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.client_id"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.groups_claim", "groupsClaim2"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.groups_prefix", "groupsPrefix2"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.is_open_id_connect_auth_enabled", "true"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.issuer_url", "issuerUrl2"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.required_claims.#", "1"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.required_claims.0.key", "key2"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.required_claims.0.value", "value2"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.signing_algorithms.#", "1"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.username_claim", "usernameClaim2"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_token_authentication_config.0.username_prefix", "usernamePrefix2"), + resource.TestCheckResourceAttr(resourceName, "options.0.admission_controller_options.0.is_pod_security_policy_enabled", "false"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_discovery.#", "1"), + resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.open_id_connect_discovery.0.is_open_id_connect_discovery_enabled", "true"), resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.persistent_volume_config.#", "1"), resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.persistent_volume_config.0.freeform_tags.%", "1"), resource.TestCheckResourceAttr(datasourceName, "clusters.0.options.0.service_lb_config.#", "1"), diff --git a/internal/integrationtest/core_block_volume_replica_test.go b/internal/integrationtest/core_block_volume_replica_test.go index 341d5436d44..f16ce2a8056 100644 --- a/internal/integrationtest/core_block_volume_replica_test.go +++ b/internal/integrationtest/core_block_volume_replica_test.go @@ -38,7 +38,7 @@ var ( //hardcode availability_domain here to meet the cross region replicas requirement CoreBlockDependenceVolumeBlockVolumeReplicasRepresentation = map[string]interface{}{ - "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `KvuH:US-ASHBURN-AD-1`}, + "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `pjBI:US-ASHBURN-AD-1`}, "display_name": acctest.Representation{RepType: acctest.Optional, Create: `displayName`}, } diff --git a/internal/integrationtest/core_boot_volume_replica_test.go b/internal/integrationtest/core_boot_volume_replica_test.go index 4fd81f31afb..d6986c438fc 100644 --- a/internal/integrationtest/core_boot_volume_replica_test.go +++ b/internal/integrationtest/core_boot_volume_replica_test.go @@ -39,7 +39,7 @@ var ( "boot_volume_replicas_deletion": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `true`}, } CoreCoreBootVolumeDependenceBootVolumeReplicasRepresentation = map[string]interface{}{ - "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `KvuH:US-ASHBURN-AD-1`}, + "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `pjBI:US-ASHBURN-AD-1`}, "display_name": acctest.Representation{RepType: acctest.Optional, Create: `displayName`}, } CoreBootVolumeReplicaResourceConfig = CoreBootVolumeResourceDependencies @@ -56,7 +56,6 @@ func TestCoreBootVolumeReplicaResource_basic(t *testing.T) { compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) resourceName := "oci_core_boot_volume.test_boot_volume" - acctest.SaveConfigContent("", "", "", t) acctest.ResourceTest(t, nil, []resource.TestStep{ diff --git a/internal/integrationtest/core_boot_volume_test.go b/internal/integrationtest/core_boot_volume_test.go index c0f62d1965f..47898236b29 100644 --- a/internal/integrationtest/core_boot_volume_test.go +++ b/internal/integrationtest/core_boot_volume_test.go @@ -37,19 +37,34 @@ var ( BootVolumeResourceConfig = CoreBootVolumeResourceDependencies + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Optional, acctest.Update, CoreBootVolumeRepresentation) + BootVolumeDeltaRestoreResourceConfig = CoreBootVolumeDeltaRestoreResourceDependencies + + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Required, acctest.Update, CoreDeltaRestoreBootVolumeRepresentation) + + BootVolumeDeltaRestoredRequiredOnlyResource = CoreBootVolumeDeltaRestoreResourceDependencies + + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Required, acctest.Create, CoreDeltaRestoreBootVolumeRepresentation) + CoreCoreBootVolumeSingularDataSourceRepresentation = map[string]interface{}{ "boot_volume_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_core_boot_volume.test_boot_volume.id}`}, } + CoreIgnoreSystemTagsChangesRepresentation = map[string]interface{}{ + "ignore_changes": acctest.Representation{RepType: acctest.Required, Create: []string{`defined_tags`, `freeform_tags`}}, + } + CoreCoreBootVolumeDataSourceRepresentation = map[string]interface{}{ "availability_domain": acctest.Representation{RepType: acctest.Optional, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, "compartment_id": acctest.Representation{RepType: acctest.Optional, Create: `${var.compartment_id}`}, - "filter": acctest.RepresentationGroup{RepType: acctest.Required, Group: CoreBootVolumeDataSourceFilterRepresentation}} + "filter": acctest.RepresentationGroup{RepType: acctest.Required, Group: CoreBootVolumeDataSourceFilterRepresentation}, + } CoreBootVolumeDataSourceFilterRepresentation = map[string]interface{}{ "name": acctest.Representation{RepType: acctest.Required, Create: `id`}, "values": acctest.Representation{RepType: acctest.Required, Create: []string{`${oci_core_boot_volume.test_boot_volume.id}`}}, } + IgnoreSystemTagsChangesRep = map[string]interface{}{ + "ignore_changes": acctest.Representation{RepType: acctest.Required, Create: []string{`system_tags`, `defined_tags`, `freeform_tags`, `xrc_kms_key_id`}}, + } + CoreBootVolumeRepresentation = map[string]interface{}{ "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, @@ -64,11 +79,36 @@ var ( "vpus_per_gb": acctest.Representation{RepType: acctest.Optional, Create: `10`, Update: `10`}, "autotune_policies": acctest.RepresentationGroup{RepType: acctest.Optional, Group: CoreBootVolumeAutotunePoliciesRepresentation}, "is_auto_tune_enabled": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `false`}, + "xrc_kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${lookup(data.oci_kms_keys.test_keys_dependency.keys[0], "id")}`}, + "lifecycle": acctest.RepresentationGroup{RepType: acctest.Required, Group: IgnoreSystemTagsChangesRep}, } + + CoreDeltaRestoreBootVolumeRepresentation = map[string]interface{}{ + "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, + "source_details": acctest.RepresentationGroup{RepType: acctest.Required, Group: CoreBootVolumeSourceDeltaDetailsRepresentation}, + "cluster_placement_group_id": acctest.Representation{RepType: acctest.Optional, Create: ``}, + "defined_tags": acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`}, + "display_name": acctest.Representation{RepType: acctest.Optional, Create: `deltaRestoredVolumeName`, Update: `deltaRestoredVolumeName2`}, + "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, + "kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${lookup(data.oci_kms_keys.test_keys_dependency.keys[0], "id")}`}, + "size_in_gbs": acctest.Representation{RepType: acctest.Optional, Create: `57`, Update: `58`}, + "vpus_per_gb": acctest.Representation{RepType: acctest.Optional, Create: `10`, Update: `10`}, + "autotune_policies": acctest.RepresentationGroup{RepType: acctest.Optional, Group: CoreBootVolumeAutotunePoliciesRepresentation}, + "is_auto_tune_enabled": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `false`}, + "lifecycle": acctest.RepresentationGroup{RepType: acctest.Required, Group: CoreIgnoreSystemTagsChangesRepresentation}, + } + CoreBootVolumeSourceDetailsRepresentation = map[string]interface{}{ "id": acctest.Representation{RepType: acctest.Required, Create: `${oci_core_instance.test_instance.boot_volume_id}`}, "type": acctest.Representation{RepType: acctest.Required, Create: `bootVolume`}, } + CoreBootVolumeSourceDeltaDetailsRepresentation = map[string]interface{}{ + "change_block_size_in_bytes": acctest.Representation{RepType: acctest.Optional, Create: `4096`}, + "first_backup_id": acctest.Representation{RepType: acctest.Required, Create: `${var.boot_vol_first_backup_id}`}, + "second_backup_id": acctest.Representation{RepType: acctest.Required, Create: `${var.boot_vol_second_backup_id}`}, + "type": acctest.Representation{RepType: acctest.Required, Create: `bootVolumeBackupDelta`}, + } CoreBootVolumeAutotunePoliciesRepresentation = map[string]interface{}{ "autotune_type": acctest.Representation{RepType: acctest.Required, Create: `PERFORMANCE_BASED`, Update: `PERFORMANCE_BASED`}, "max_vpus_per_gb": acctest.Representation{RepType: acctest.Optional, Create: `20`, Update: `30`}, @@ -76,6 +116,7 @@ var ( CoreBootVolumeBootVolumeReplicasRepresentation = map[string]interface{}{ "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`, Update: `availabilityDomain2`}, "display_name": acctest.Representation{RepType: acctest.Optional, Create: `displayName`, Update: `displayName2`}, + "xrr_kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${lookup(data.oci_kms_keys.test_keys_dependency.keys[0], "id")}`}, } CoreBootVolumeResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_core_subnet", "test_subnet", acctest.Required, acctest.Create, CoreSubnetRepresentation) + @@ -88,6 +129,17 @@ var ( AvailabilityDomainConfig + DefinedTagsDependencies + KeyResourceDependencyConfig + kmsKeyIdCreateVariableStr + kmsKeyIdUpdateVariableStr + + CoreBootVolumeDeltaRestoreResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_core_subnet", "test_subnet", acctest.Required, acctest.Create, CoreSubnetRepresentation) + + acctest.GenerateResourceFromRepresentationMap("oci_core_vcn", "test_vcn", acctest.Required, acctest.Create, CoreVcnRepresentation) + + utils.OciImageIdsVariable + + acctest.GenerateResourceFromRepresentationMap("oci_core_instance", "test_instance", acctest.Required, acctest.Create, CoreInstanceRepresentation) + + utils.VolumeBackupPolicyDependency + + SourceVolumeListDependency + + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "source_boot_volume", acctest.Required, acctest.Create, CoreDeltaRestoreBootVolumeRepresentation) + + AvailabilityDomainConfig + + DefinedTagsDependencies + + KeyResourceDependencyConfig + kmsKeyIdCreateVariableStr + kmsKeyIdUpdateVariableStr ) // issue-routing-tag: core/blockStorage @@ -317,6 +369,218 @@ func TestCoreBootVolumeResource_basic(t *testing.T) { Config: config + BootVolumeRequiredOnlyResource, ImportState: true, ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "backup_policy_id", + "cluster_placement_group_id", + "xrc_kms_key_id", + }, + ResourceName: resourceName, + }, + }) +} + +// issue-routing-tag: core/blockStorage +func TestCoreBootVolumeDeltaRestoreResource_basic(t *testing.T) { + httpreplay.SetScenario("TestCoreBootVolumeDeltaRestoreResource_basic") + defer httpreplay.SaveScenario() + + config := acctest.ProviderTestConfig() + + firstBackupId := utils.GetEnvSettingWithBlankDefault("boot_vol_first_backup_ocid") + firstBackupIdVariableStr := fmt.Sprintf("variable \"boot_vol_first_backup_id\" { default = \"%s\" }\n", firstBackupId) + + secondBackupId := utils.GetEnvSettingWithBlankDefault("boot_vol_second_backup_ocid") + secondBackupIdVariableStr := fmt.Sprintf("variable \"boot_vol_second_backup_id\" { default = \"%s\" }\n", secondBackupId) + + compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid") + compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) + + compartmentIdU := utils.GetEnvSettingWithDefault("compartment_id_for_update", compartmentId) + compartmentIdUVariableStr := fmt.Sprintf("variable \"compartment_id_for_update\" { default = \"%s\" }\n", compartmentIdU) + + resourceName := "oci_core_boot_volume.test_boot_volume" + datasourceName := "data.oci_core_boot_volumes.test_boot_volumes" + singularDatasourceName := "data.oci_core_boot_volume.test_boot_volume" + + var resId, resId2 string + // Save TF content to Create resource with optional properties. This has to be exactly the same as the config part in the "Create with optionals" step in the test. + acctest.SaveConfigContent(config+compartmentIdVariableStr+CoreBootVolumeDeltaRestoreResourceDependencies+firstBackupIdVariableStr+secondBackupIdVariableStr+ + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Optional, acctest.Create, CoreDeltaRestoreBootVolumeRepresentation), "core", "bootVolume", t) + + acctest.ResourceTest(t, testAccCheckCoreBootVolumeDestroy, []resource.TestStep{ + // verify Create + { + Config: config + compartmentIdVariableStr + CoreBootVolumeDeltaRestoreResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Optional, acctest.Create, CoreDeltaRestoreBootVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckNoResourceAttr(resourceName, "backup_policy_id"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(resourceName, "source_details.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source_details.0.type", "bootVolumeBackupDelta"), + + func(s *terraform.State) (err error) { + resId, err = acctest.FromInstanceState(s, resourceName, "id") + return err + }, + ), + }, + + // delete before next Create + { + Config: config + compartmentIdVariableStr + CoreBootVolumeDeltaRestoreResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr, + }, + // verify Create with optionals + { + Config: config + compartmentIdVariableStr + CoreBootVolumeDeltaRestoreResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Optional, acctest.Create, CoreDeltaRestoreBootVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "autotune_policies.#", "1"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.autotune_type", "PERFORMANCE_BASED"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.max_vpus_per_gb", "20"), + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(resourceName, "display_name", "deltaRestoredVolumeName"), + resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(resourceName, "kms_key_id"), + resource.TestCheckResourceAttr(resourceName, "size_in_gbs", "57"), + resource.TestCheckResourceAttrSet(resourceName, "size_in_mbs"), + resource.TestCheckResourceAttr(resourceName, "source_details.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source_details.0.type", "bootVolumeBackupDelta"), + resource.TestCheckResourceAttrSet(resourceName, "source_details.0.first_backup_id"), + resource.TestCheckResourceAttrSet(resourceName, "source_details.0.second_backup_id"), + resource.TestCheckResourceAttrSet(resourceName, "state"), + resource.TestCheckResourceAttrSet(resourceName, "time_created"), + resource.TestCheckResourceAttr(resourceName, "vpus_per_gb", "10"), + + func(s *terraform.State) (err error) { + resId, err = acctest.FromInstanceState(s, resourceName, "id") + if isEnableExportCompartment, _ := strconv.ParseBool(utils.GetEnvSettingWithDefault("enable_export_compartment", "true")); isEnableExportCompartment { + if errExport := resourcediscovery.TestExportCompartmentWithResourceName(&resId, &compartmentId, resourceName); errExport != nil { + return errExport + } + } + return err + }, + ), + }, + + // verify Update to the compartment (the compartment will be switched back in the next step) + { + Config: config + compartmentIdVariableStr + compartmentIdUVariableStr + CoreBootVolumeDeltaRestoreResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Optional, acctest.Create, + acctest.RepresentationCopyWithNewProperties(CoreDeltaRestoreBootVolumeRepresentation, map[string]interface{}{ + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id_for_update}`}, + })), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "autotune_policies.#", "1"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.autotune_type", "PERFORMANCE_BASED"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.max_vpus_per_gb", "20"), + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentIdU), + resource.TestCheckResourceAttr(resourceName, "display_name", "deltaRestoredVolumeName"), + resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(resourceName, "kms_key_id"), + resource.TestCheckResourceAttr(resourceName, "size_in_gbs", "57"), + resource.TestCheckResourceAttrSet(resourceName, "size_in_mbs"), + resource.TestCheckResourceAttr(resourceName, "source_details.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source_details.0.type", "bootVolumeBackupDelta"), + resource.TestCheckResourceAttrSet(resourceName, "source_details.0.first_backup_id"), + resource.TestCheckResourceAttrSet(resourceName, "source_details.0.second_backup_id"), + resource.TestCheckResourceAttrSet(resourceName, "state"), + resource.TestCheckResourceAttrSet(resourceName, "time_created"), + resource.TestCheckResourceAttr(resourceName, "vpus_per_gb", "10"), + + func(s *terraform.State) (err error) { + resId2, err = acctest.FromInstanceState(s, resourceName, "id") + if resId != resId2 { + return fmt.Errorf("resource recreated when it was supposed to be updated") + } + return err + }, + ), + }, + + // verify updates to updatable parameters + { + PreConfig: acctest.WaitTillCondition(acctest.TestAccProvider, &resId, bootVolumeWaitCondition, BootVolumeWaitConditionDuration, + bootVolumeResponseFetchOperation, "core", false), + Config: config + compartmentIdVariableStr + CoreBootVolumeDeltaRestoreResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Optional, acctest.Update, CoreDeltaRestoreBootVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "autotune_policies.#", "1"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.autotune_type", "PERFORMANCE_BASED"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.max_vpus_per_gb", "30"), + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(resourceName, "display_name", "deltaRestoredVolumeName2"), + resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(resourceName, "kms_key_id"), + resource.TestCheckResourceAttr(resourceName, "size_in_gbs", "58"), + resource.TestCheckResourceAttrSet(resourceName, "size_in_mbs"), + resource.TestCheckResourceAttr(resourceName, "source_details.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source_details.0.type", "bootVolumeBackupDelta"), + resource.TestCheckResourceAttrSet(resourceName, "source_details.0.first_backup_id"), + resource.TestCheckResourceAttrSet(resourceName, "source_details.0.second_backup_id"), + resource.TestCheckResourceAttrSet(resourceName, "state"), + resource.TestCheckResourceAttrSet(resourceName, "time_created"), + resource.TestCheckResourceAttr(resourceName, "vpus_per_gb", "10"), + + func(s *terraform.State) (err error) { + resId2, err = acctest.FromInstanceState(s, resourceName, "id") + if resId != resId2 { + return fmt.Errorf("Resource recreated when it was supposed to be updated.") + } + return err + }, + ), + }, + // verify datasource + { + Config: config + + acctest.GenerateDataSourceFromRepresentationMap("oci_core_boot_volumes", "test_boot_volumes", acctest.Optional, acctest.Update, CoreCoreBootVolumeDataSourceRepresentation) + + compartmentIdVariableStr + CoreDeltaRestoredVolumeResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Optional, acctest.Update, CoreDeltaRestoreBootVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttrSet(datasourceName, "availability_domain"), + resource.TestCheckResourceAttr(datasourceName, "compartment_id", compartmentId), + resource.TestCheckNoResourceAttr(datasourceName, "volume_backup_id"), + resource.TestCheckNoResourceAttr(datasourceName, "volume_group_id"), + ), + }, + // verify singular datasource + { + Config: config + + acctest.GenerateDataSourceFromRepresentationMap("oci_core_boot_volume", "test_boot_volume", acctest.Required, acctest.Create, CoreCoreBootVolumeSingularDataSourceRepresentation) + + compartmentIdVariableStr + firstBackupIdVariableStr + secondBackupIdVariableStr + BootVolumeDeltaRestoreResourceConfig, + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckNoResourceAttr(singularDatasourceName, "backup_policy_id"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "boot_volume_id"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "kms_key_id"), + + resource.TestCheckResourceAttr(singularDatasourceName, "autotune_policies.#", "1"), + resource.TestCheckResourceAttr(singularDatasourceName, "autotune_policies.0.autotune_type", "PERFORMANCE_BASED"), + resource.TestCheckResourceAttr(singularDatasourceName, "autotune_policies.0.max_vpus_per_gb", "30"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "availability_domain"), + resource.TestCheckResourceAttr(singularDatasourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(singularDatasourceName, "display_name", "deltaRestoredVolumeName2"), + resource.TestCheckResourceAttr(singularDatasourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "id"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "is_hydrated"), + resource.TestCheckResourceAttr(singularDatasourceName, "size_in_gbs", "58"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "size_in_mbs"), + resource.TestCheckResourceAttr(singularDatasourceName, "source_details.#", "1"), + resource.TestCheckResourceAttr(singularDatasourceName, "source_details.0.type", "bootVolumeBackupDelta"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "state"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "time_created"), + resource.TestCheckResourceAttr(singularDatasourceName, "vpus_per_gb", "10"), + ), + }, + // verify resource import + { + Config: config + BootVolumeDeltaRestoredRequiredOnlyResource, + ImportState: true, + ImportStateVerify: true, ImportStateVerifyIgnore: []string{ "backup_policy_id", "cluster_placement_group_id", diff --git a/internal/integrationtest/core_volume_backup_policy_assignment_test.go b/internal/integrationtest/core_volume_backup_policy_assignment_test.go index a9a5246067b..6546d495a8d 100644 --- a/internal/integrationtest/core_volume_backup_policy_assignment_test.go +++ b/internal/integrationtest/core_volume_backup_policy_assignment_test.go @@ -18,14 +18,16 @@ import ( "github.com/oracle/terraform-provider-oci/internal/acctest" tf_client "github.com/oracle/terraform-provider-oci/internal/client" "github.com/oracle/terraform-provider-oci/internal/resourcediscovery" + "github.com/oracle/terraform-provider-oci/internal/tfresource" "github.com/oracle/terraform-provider-oci/internal/utils" ) var ( - CoreCoreVolumeBackupPolicyAssignmentRequiredOnlyResource = acctest.GenerateResourceFromRepresentationMap("oci_core_volume_backup_policy_assignment", "test_volume_backup_policy_assignment", acctest.Required, acctest.Create, CoreVolumeBackupPolicyAssignmentRepresentation) + CoreVolumeBackupPolicyAssignmentRequiredOnlyResource = acctest.GenerateResourceFromRepresentationMap("oci_core_volume_backup_policy_assignment", "test_volume_backup_policy_assignment", acctest.Required, acctest.Create, CoreVolumeBackupPolicyAssignmentRepresentation) CoreCoreVolumeBackupPolicyAssignmentDataSourceRepresentation = map[string]interface{}{ + "asset_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_core_volume.test_volume.id}`}, "filter": acctest.RepresentationGroup{RepType: acctest.Required, Group: CoreVolumeBackupPolicyAssignmentDataSourceFilterRepresentation}} CoreVolumeBackupPolicyAssignmentDataSourceFilterRepresentation = map[string]interface{}{ @@ -34,13 +36,15 @@ var ( } CoreVolumeBackupPolicyAssignmentRepresentation = map[string]interface{}{ - "asset_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_core_volume.test_volume.id}`}, - "policy_id": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_core_volume_backup_policies.test_volume_backup_policies.volume_backup_policies.0.id}`}, + "asset_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_core_volume.test_volume.id}`}, + "policy_id": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_core_volume_backup_policies.test_volume_backup_policies.volume_backup_policies.0.id}`}, + "xrc_kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${var.kms_key_ocid_cross_region}`}, } CoreVolumeBackupPolicyAssignmentResourceDependencies = utils.VolumeBackupPolicyDependency + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Required, acctest.Create, CoreVolumeRepresentation) + - AvailabilityDomainConfig + AvailabilityDomainConfig + + KeyResourceDependencyConfig ) // issue-routing-tag: core/blockStorage @@ -59,13 +63,27 @@ func TestCoreVolumeBackupPolicyAssignmentResource_basic(t *testing.T) { var resId string // Save TF content to Create resource with only required properties. This has to be exactly the same as the config part in the Create step in the test. acctest.SaveConfigContent(config+compartmentIdVariableStr+CoreVolumeBackupPolicyAssignmentResourceDependencies+ - acctest.GenerateResourceFromRepresentationMap("oci_core_volume_backup_policy_assignment", "test_volume_backup_policy_assignment", acctest.Required, acctest.Create, CoreVolumeBackupPolicyAssignmentRepresentation), "core", "volumeBackupPolicyAssignment", t) + acctest.GenerateResourceFromRepresentationMap("oci_core_volume_backup_policy_assignment", "test_volume_backup_policy_assignment", acctest.Optional, acctest.Create, CoreVolumeBackupPolicyAssignmentRepresentation), "core", "volumeBackupPolicyAssignment", t) acctest.ResourceTest(t, testAccCheckCoreVolumeBackupPolicyAssignmentDestroy, []resource.TestStep{ // verify Create { Config: config + compartmentIdVariableStr + CoreVolumeBackupPolicyAssignmentResourceDependencies + acctest.GenerateResourceFromRepresentationMap("oci_core_volume_backup_policy_assignment", "test_volume_backup_policy_assignment", acctest.Required, acctest.Create, CoreVolumeBackupPolicyAssignmentRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttrSet(resourceName, "asset_id"), + resource.TestCheckResourceAttrSet(resourceName, "policy_id"), + ), + }, + + // delete before next Create + { + Config: config + compartmentIdVariableStr + CoreVolumeBackupPolicyAssignmentResourceDependencies, + }, + // verify Create with optionals + { + Config: config + compartmentIdVariableStr + CoreVolumeBackupPolicyAssignmentResourceDependencies + + acctest.GenerateResourceFromRepresentationMap("oci_core_volume_backup_policy_assignment", "test_volume_backup_policy_assignment", acctest.Optional, acctest.Create, CoreVolumeBackupPolicyAssignmentRepresentation), Check: acctest.ComposeAggregateTestCheckFuncWrapper( resource.TestCheckResourceAttrSet(resourceName, "asset_id"), resource.TestCheckResourceAttrSet(resourceName, "policy_id"), @@ -100,7 +118,7 @@ func TestCoreVolumeBackupPolicyAssignmentResource_basic(t *testing.T) { }, // verify resource import { - Config: config + CoreCoreVolumeBackupPolicyAssignmentRequiredOnlyResource, + Config: config + CoreVolumeBackupPolicyAssignmentRequiredOnlyResource, ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{}, diff --git a/internal/integrationtest/core_volume_group_replica_test.go b/internal/integrationtest/core_volume_group_replica_test.go index b4c64090a9d..14d2c2de9c8 100644 --- a/internal/integrationtest/core_volume_group_replica_test.go +++ b/internal/integrationtest/core_volume_group_replica_test.go @@ -26,12 +26,14 @@ var ( "volume_group_replicas": acctest.RepresentationGroup{RepType: acctest.Optional, Group: CoreVolumeGroupVolumeGroupReplicasRepresentation}, "volume_group_replicas_deletion": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `true`}, "preserve_volume_replica": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `false`}, + "lifecycle": acctest.RepresentationGroup{RepType: acctest.Required, Group: CoreIgnoreSystemTagsChangesRepresentation}, } //hardcode availability_domain here to meet the cross region replicas requirement CoreVolumeGroupVolumeGroupReplicasRepresentation = map[string]interface{}{ - "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `KvuH:US-ASHBURN-AD-1`}, + "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `pjBI:US-ASHBURN-AD-1`}, "display_name": acctest.Representation{RepType: acctest.Optional, Create: `displayName`}, + "xrr_kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${var.kms_key_ocid_cross_region}`}, } ) @@ -70,7 +72,7 @@ func TestCoreVolumeGroupReplicaResource_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "volume_group_replicas.0.display_name"), func(s *terraform.State) (err error) { - time.Sleep(2 * time.Minute) + time.Sleep(35 * time.Minute) return }, ), @@ -82,11 +84,9 @@ func TestCoreVolumeGroupReplicaResource_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), resource.TestCheckResourceAttr(resourceName, "display_name", "displayName2"), - resource.TestCheckResourceAttr(resourceName, "state", "AVAILABLE"), - resource.TestCheckNoResourceAttr(resourceName, "volume_group_replicas"), - + resource.TestCheckResourceAttr(resourceName, "state", "UPDATE_PENDING"), func(s *terraform.State) (err error) { - time.Sleep(2 * time.Minute) + time.Sleep(10 * time.Minute) return }, ), diff --git a/internal/integrationtest/core_volume_group_test.go b/internal/integrationtest/core_volume_group_test.go index fe3b7836ef9..87fb7a17b8e 100644 --- a/internal/integrationtest/core_volume_group_test.go +++ b/internal/integrationtest/core_volume_group_test.go @@ -34,7 +34,7 @@ var ( volumeGroupDataSourceRepresentation = map[string]interface{}{ "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, - "availability_domain": acctest.Representation{RepType: acctest.Optional, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, + "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, "display_name": acctest.Representation{RepType: acctest.Optional, Create: `displayName`, Update: `displayName2`}, "state": acctest.Representation{RepType: acctest.Optional, Create: `AVAILABLE`}, "filter": acctest.RepresentationGroup{RepType: acctest.Required, Group: volumeGroupDataSourceFilterRepresentation}} @@ -42,6 +42,9 @@ var ( "name": acctest.Representation{RepType: acctest.Required, Create: `id`}, "values": acctest.Representation{RepType: acctest.Required, Create: []string{`${oci_core_volume_group.test_volume_group.id}`}}, } + CoreIgnoreTagsChangesRepresentation = map[string]interface{}{ + "ignore_changes": acctest.Representation{RepType: acctest.Required, Create: []string{`defined_tags`, `freeform_tags`}}, + } CoreVolumeGroupRepresentation = map[string]interface{}{ "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, @@ -53,11 +56,14 @@ var ( "display_name": acctest.Representation{RepType: acctest.Optional, Create: `displayName`, Update: `displayName2`}, "volume_ids": acctest.Representation{RepType: acctest.Optional, Create: nil, Update: []string{`${oci_core_volume.source_volume_list.*.id[0]}`}}, "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, + "xrc_kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${lookup(data.oci_kms_keys.test_keys_dependency.keys[0], "id")}`}, + "lifecycle": acctest.RepresentationGroup{RepType: acctest.Required, Group: CoreIgnoreTagsChangesRepresentation}, } CoreVolumeGroupSourceDetailsRepresentation = map[string]interface{}{ "type": acctest.Representation{RepType: acctest.Required, Create: `volumeIds`}, "volume_ids": acctest.Representation{RepType: acctest.Required, Create: `${oci_core_volume.source_volume_list.*.id}`}, } + CoreVolumeSourceDetailsJumbledVolumeIdsRepresentation = map[string]interface{}{ "type": acctest.Representation{RepType: acctest.Required, Create: `volumeIds`}, "volume_ids": acctest.Representation{RepType: acctest.Required, Create: []string{`${oci_core_volume.source_volume_list.*.id[1]}`, `${oci_core_volume.source_volume_list.*.id[0]}`}}, @@ -82,6 +88,8 @@ var ( } ` + AvailabilityDomainConfig + + KeyResourceDependencyConfig + + utils.VolumeBackupPolicyDependency + CoreVolumeBackupPolicyRequiredOnlyResource VolumeGroupRequiredOnlyResourceDependencies = AvailabilityDomainConfig + SourceVolumeListDependency @@ -170,6 +178,7 @@ func TestCoreVolumeGroupResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "source_details.#", "1"), resource.TestCheckResourceAttr(resourceName, "source_details.0.type", "volumeIds"), resource.TestCheckResourceAttrSet(resourceName, "time_created"), + resource.TestCheckResourceAttr(resourceName, "volume_ids.#", "2"), func(s *terraform.State) (err error) { @@ -287,6 +296,7 @@ func TestCoreVolumeGroupResource_basic(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ "backup_policy_id", + "xrc_kms_key_id", "cluster_placement_group_id", }, ResourceName: resourceName, diff --git a/internal/integrationtest/core_volume_test.go b/internal/integrationtest/core_volume_test.go index a739dfaabab..8465efec310 100644 --- a/internal/integrationtest/core_volume_test.go +++ b/internal/integrationtest/core_volume_test.go @@ -64,12 +64,32 @@ var ( "size_in_gbs": acctest.Representation{RepType: acctest.Optional, Create: `51`, Update: `52`}, "source_details": acctest.RepresentationGroup{RepType: acctest.Optional, Group: CoreVolumeSourceDetailsRepresentation}, "vpus_per_gb": acctest.Representation{RepType: acctest.Optional, Create: `10`, Update: `10`}, + "xrc_kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${lookup(data.oci_kms_keys.test_keys_dependency.keys[0], "id")}`}, + "lifecycle": acctest.RepresentationGroup{RepType: acctest.Required, Group: IgnoreSystemTagsChangesRep}, } + + CoreDeltaRestoreVolumeRepresentation = map[string]interface{}{ + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, + "autotune_policies": acctest.RepresentationGroup{RepType: acctest.Optional, Group: CoreVolumeAutotunePoliciesRepresentation}, + "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, + "cluster_placement_group_id": acctest.Representation{RepType: acctest.Optional, Create: ``}, + "defined_tags": acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`}, + "display_name": acctest.Representation{RepType: acctest.Optional, Create: `deltaRestoredVolumeName`, Update: `deltaRestoredVolumeName2`}, + "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, + "is_auto_tune_enabled": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `false`}, + "kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${lookup(data.oci_kms_keys.test_keys_dependency.keys[0], "id")}`}, + "size_in_gbs": acctest.Representation{RepType: acctest.Optional, Create: `51`, Update: `52`}, + "source_details": acctest.RepresentationGroup{RepType: acctest.Optional, Group: CoreVolumeSourceDeltaDetailsRepresentation}, + "vpus_per_gb": acctest.Representation{RepType: acctest.Optional, Create: `10`, Update: `10`}, + "lifecycle": acctest.RepresentationGroup{RepType: acctest.Required, Group: IgnoreSystemTagsChangesRep}, + } + CoreVolumeAutotunePoliciesRepresentation = map[string]interface{}{ "autotune_type": acctest.Representation{RepType: acctest.Required, Create: `PERFORMANCE_BASED`, Update: `PERFORMANCE_BASED`}, "max_vpus_per_gb": acctest.Representation{RepType: acctest.Optional, Create: `20`, Update: `30`}, } CoreVolumeBlockVolumeReplicasRepresentation = map[string]interface{}{ + "xrr_kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${var.kms_key_ocid_cross_region}`}, "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `KvuH:US-ASHBURN-AD-1`}, "display_name": acctest.Representation{RepType: acctest.Optional, Create: `displayName`}, } @@ -77,12 +97,23 @@ var ( "id": acctest.Representation{RepType: acctest.Required, Create: `${oci_core_volume.source_volume.id}`}, "type": acctest.Representation{RepType: acctest.Required, Create: `volume`}, } + CoreVolumeSourceDeltaDetailsRepresentation = map[string]interface{}{ + "change_block_size_in_bytes": acctest.Representation{RepType: acctest.Optional, Create: `4096`}, + "first_backup_id": acctest.Representation{RepType: acctest.Optional, Create: `${var.vol_first_backup_id}`}, + "second_backup_id": acctest.Representation{RepType: acctest.Optional, Create: `${var.vol_second_backup_id}`}, + "type": acctest.Representation{RepType: acctest.Required, Create: `volumeBackupDelta`}, + } CoreVolumeResourceDependencies = utils.VolumeBackupPolicyDependency + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "source_volume", acctest.Required, acctest.Create, CoreVolumeRepresentation) + AvailabilityDomainConfig + DefinedTagsDependencies + KeyResourceDependencyConfig + + CoreDeltaRestoredVolumeResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "source_volume", acctest.Required, acctest.Create, CoreDeltaRestoreVolumeRepresentation) + + AvailabilityDomainConfig + + DefinedTagsDependencies + + KeyResourceDependencyConfig ) // issue-routing-tag: core/blockStorage @@ -304,6 +335,224 @@ func TestCoreVolumeResource_basic(t *testing.T) { ), }, // verify resource import + { + Config: config + CoreVolumeRequiredOnlyResource, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "volume_backup_id", + "xrc_kms_key_id", + "cluster_placement_group_id", + }, + ResourceName: resourceName, + }, + }) +} + +func TestCoreVolumeDeltaRestoreResource_basic(t *testing.T) { + if httpreplay.ShouldRetryImmediately() { + t.Skip("TestCoreVolumeDeltaRestoreResource_basic is running flaky in http replay mode, will skip this for checkin test.") + } + + httpreplay.SetScenario("TestCoreVolumeDeltaRestoreResource_basic") + defer httpreplay.SaveScenario() + + config := acctest.ProviderTestConfig() + + firstBackupId := utils.GetEnvSettingWithBlankDefault("vol_first_backup_ocid") + firstBackupIdVariableStr := fmt.Sprintf("variable \"vol_first_backup_id\" { default = \"%s\" }\n", firstBackupId) + + secondBackupId := utils.GetEnvSettingWithBlankDefault("vol_second_backup_ocid") + secondBackupIdVariableStr := fmt.Sprintf("variable \"vol_second_backup_id\" { default = \"%s\" }\n", secondBackupId) + + compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid") + compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) + + compartmentIdU := utils.GetEnvSettingWithDefault("compartment_id_for_update", compartmentId) + compartmentIdUVariableStr := fmt.Sprintf("variable \"compartment_id_for_update\" { default = \"%s\" }\n", compartmentIdU) + + resourceName := "oci_core_volume.test_volume" + datasourceName := "data.oci_core_volumes.test_volumes" + singularDatasourceName := "data.oci_core_volume.test_volume" + + var resId, resId2 string + // Save TF content to Create resource with optional properties. This has to be exactly the same as the config part in the "Create with optionals" step in the test. + acctest.SaveConfigContent(config+compartmentIdVariableStr+CoreDeltaRestoredVolumeResourceDependencies+firstBackupIdVariableStr+secondBackupIdVariableStr+ + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Optional, acctest.Create, CoreDeltaRestoreVolumeRepresentation), "core", "volume", t) + + acctest.ResourceTest(t, testAccCheckCoreVolumeDestroy, []resource.TestStep{ + // verify Create + { + Config: config + compartmentIdVariableStr + CoreDeltaRestoredVolumeResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Required, acctest.Create, CoreDeltaRestoreVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + // Check on default values used + resource.TestCheckResourceAttr(resourceName, "size_in_mbs", "51200"), + resource.TestCheckResourceAttr(resourceName, "size_in_gbs", "50"), + func(s *terraform.State) (err error) { + resId, err = acctest.FromInstanceState(s, resourceName, "id") + return err + }, + ), + }, + // delete before next Create + { + Config: config + compartmentIdVariableStr + firstBackupIdVariableStr + secondBackupIdVariableStr + CoreDeltaRestoredVolumeResourceDependencies, + }, + + { + Config: config + compartmentIdVariableStr + CoreDeltaRestoredVolumeResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Optional, acctest.Create, CoreDeltaRestoreVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "autotune_policies.#", "1"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.autotune_type", "PERFORMANCE_BASED"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.max_vpus_per_gb", "20"), + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(resourceName, "display_name", "deltaRestoredVolumeName"), + resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(resourceName, "id"), + resource.TestCheckResourceAttrSet(resourceName, "kms_key_id"), + resource.TestCheckResourceAttr(resourceName, "size_in_gbs", "51"), + resource.TestCheckResourceAttr(resourceName, "size_in_mbs", "52224"), + resource.TestCheckResourceAttr(resourceName, "source_details.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source_details.0.type", "volumeBackupDelta"), + resource.TestCheckResourceAttrSet(resourceName, "state"), + resource.TestCheckResourceAttrSet(resourceName, "time_created"), + resource.TestCheckNoResourceAttr(resourceName, "volume_backup_id"), + resource.TestCheckNoResourceAttr(resourceName, "volume_group_id"), + resource.TestCheckResourceAttr(resourceName, "vpus_per_gb", "10"), + + func(s *terraform.State) (err error) { + resId, err = acctest.FromInstanceState(s, resourceName, "id") + if isEnableExportCompartment, _ := strconv.ParseBool(utils.GetEnvSettingWithDefault("enable_export_compartment", "true")); isEnableExportCompartment { + if errExport := resourcediscovery.TestExportCompartmentWithResourceName(&resId, &compartmentId, resourceName); errExport != nil { + return errExport + } + } + return err + }, + ), + }, + + //verify Update to the compartment (the compartment will be switched back in the next step) + { + Config: config + compartmentIdVariableStr + compartmentIdUVariableStr + CoreDeltaRestoredVolumeResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Optional, acctest.Create, + acctest.RepresentationCopyWithNewProperties(CoreDeltaRestoreVolumeRepresentation, map[string]interface{}{ + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id_for_update}`}, + })), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "autotune_policies.#", "1"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.autotune_type", "PERFORMANCE_BASED"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.max_vpus_per_gb", "20"), + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentIdU), + resource.TestCheckResourceAttr(resourceName, "display_name", "deltaRestoredVolumeName"), + resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(resourceName, "id"), + resource.TestCheckResourceAttrSet(resourceName, "kms_key_id"), + resource.TestCheckResourceAttr(resourceName, "size_in_gbs", "51"), + resource.TestCheckResourceAttr(resourceName, "size_in_mbs", "52224"), + resource.TestCheckResourceAttr(resourceName, "source_details.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source_details.0.type", "volumeBackupDelta"), + resource.TestCheckResourceAttrSet(resourceName, "state"), + resource.TestCheckResourceAttrSet(resourceName, "time_created"), + resource.TestCheckNoResourceAttr(resourceName, "volume_backup_id"), + resource.TestCheckNoResourceAttr(resourceName, "volume_group_id"), + resource.TestCheckResourceAttr(resourceName, "vpus_per_gb", "10"), + + func(s *terraform.State) (err error) { + resId2, err = acctest.FromInstanceState(s, resourceName, "id") + if resId != resId2 { + return fmt.Errorf("resource recreated when it was supposed to be updated") + } + return err + }, + ), + }, + + // verify updates to updatable parameters + { + Config: config + compartmentIdVariableStr + CoreDeltaRestoredVolumeResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Optional, acctest.Update, CoreDeltaRestoreVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "autotune_policies.#", "1"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.autotune_type", "PERFORMANCE_BASED"), + resource.TestCheckResourceAttr(resourceName, "autotune_policies.0.max_vpus_per_gb", "30"), + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(resourceName, "display_name", "deltaRestoredVolumeName2"), + resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(resourceName, "id"), + resource.TestCheckResourceAttrSet(resourceName, "kms_key_id"), + resource.TestCheckResourceAttr(resourceName, "size_in_gbs", "52"), + resource.TestCheckResourceAttr(resourceName, "size_in_mbs", "53248"), + resource.TestCheckResourceAttr(resourceName, "source_details.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source_details.0.type", "volumeBackupDelta"), + resource.TestCheckResourceAttrSet(resourceName, "state"), + resource.TestCheckResourceAttrSet(resourceName, "time_created"), + resource.TestCheckNoResourceAttr(resourceName, "volume_backup_id"), + resource.TestCheckNoResourceAttr(resourceName, "volume_group_id"), + resource.TestCheckResourceAttr(resourceName, "vpus_per_gb", "10"), + + func(s *terraform.State) (err error) { + resId2, err = acctest.FromInstanceState(s, resourceName, "id") + if resId != resId2 { + return fmt.Errorf("Resource recreated when it was supposed to be updated.") + } + return err + }, + ), + }, + // verify datasource + { + Config: config + + acctest.GenerateDataSourceFromRepresentationMap("oci_core_volumes", "test_volumes", acctest.Optional, acctest.Update, CoreVolumeDataSourceRepresentation) + + compartmentIdVariableStr + CoreDeltaRestoredVolumeResourceDependencies + firstBackupIdVariableStr + secondBackupIdVariableStr + + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Optional, acctest.Update, CoreDeltaRestoreVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttrSet(datasourceName, "availability_domain"), + resource.TestCheckResourceAttr(datasourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(datasourceName, "display_name", "displayName2"), + resource.TestCheckResourceAttrSet(datasourceName, "state"), + resource.TestCheckNoResourceAttr(datasourceName, "volume_backup_id"), + resource.TestCheckNoResourceAttr(datasourceName, "volume_group_id"), + ), + }, + // verify singular datasource + { + Config: config + + acctest.GenerateDataSourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Required, acctest.Create, CoreVolumeSingularDataSourceRepresentation) + firstBackupIdVariableStr + secondBackupIdVariableStr + + compartmentIdVariableStr + CoreDeltaRestoredVolumeResourceDependencies + acctest.GenerateResourceFromRepresentationMap("oci_core_volume", "test_volume", acctest.Optional, acctest.Update, CoreDeltaRestoreVolumeRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttrSet(singularDatasourceName, "volume_id"), + + resource.TestCheckResourceAttr(singularDatasourceName, "autotune_policies.#", "1"), + resource.TestCheckResourceAttr(singularDatasourceName, "autotune_policies.0.autotune_type", "PERFORMANCE_BASED"), + resource.TestCheckResourceAttr(singularDatasourceName, "autotune_policies.0.max_vpus_per_gb", "30"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "availability_domain"), + resource.TestCheckResourceAttr(singularDatasourceName, "compartment_id", compartmentId), + + resource.TestCheckResourceAttrSet(singularDatasourceName, "display_name"), + resource.TestCheckResourceAttr(singularDatasourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "id"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "is_hydrated"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "kms_key_id"), + resource.TestCheckResourceAttr(singularDatasourceName, "size_in_gbs", "52"), + resource.TestCheckResourceAttr(singularDatasourceName, "size_in_mbs", "53248"), + resource.TestCheckResourceAttr(singularDatasourceName, "source_details.#", "1"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "source_details.0.first_backup_id"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "source_details.0.second_backup_id"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "source_details.0.type"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "state"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "time_created"), + resource.TestCheckResourceAttr(singularDatasourceName, "vpus_per_gb", "10"), + ), + }, + // verify resource import { Config: config + CoreVolumeRequiredOnlyResource, ImportState: true, @@ -468,7 +717,7 @@ resource "oci_core_volume" "test_volume2" { } // This test is separated from the basic test due to weird behavior from Terraform test framework. -// An test step that results in an error will result in the state being voided. Isolate such test steps to +// A test step that results in an error will result in the state being voided. Isolate such test steps to // avoid interfering with regular tests that Create/Update resources. // issue-routing-tag: core/blockStorage func TestCoreVolumeResource_validations(t *testing.T) { @@ -492,13 +741,10 @@ func TestCoreVolumeResource_validations(t *testing.T) { // verify baseline Create { Config: config + ` -variable "volume_defined_tags_value" { default = "updatedValue" } variable "volume_display_name" { default = "displayName2" } -variable "volume_freeform_tags" { default = {"Department"= "Accounting"} } variable "volume_size_in_gbs" { default = 50 } variable "volume_source_details_type" { default = "volume" } variable "volume_state" { default = "AVAILABLE" } - ` + compartmentIdVariableStr + CoreVolumeResourceConfig, Check: acctest.ComposeAggregateTestCheckFuncWrapper( resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), @@ -513,12 +759,11 @@ variable "volume_state" { default = "AVAILABLE" } // ensure that changing datatype of size_in_gbs is a no-op { Config: config + ` -variable "volume_defined_tags_value" { default = "updatedValue" } variable "volume_display_name" { default = "displayName2" } -variable "volume_freeform_tags" { default = {"Department"= "Accounting"} } variable "volume_size_in_gbs" { default = "50" } variable "volume_source_details_type" { default = "volume" } variable "volume_state" { default = "AVAILABLE" } +variable "volume_ignore_changes" { default = ["system_tags", "defined_tags", "freeform_tags"] } ` + compartmentIdVariableStr + CoreVolumeResourceConfig, PlanOnly: true, @@ -527,9 +772,8 @@ variable "volume_state" { default = "AVAILABLE" } // ensure that adding leading zeroes to size_in_gbs is a no-op { Config: config + ` -variable "volume_defined_tags_value" { default = "updatedValue" } + variable "volume_display_name" { default = "displayName2" } -variable "volume_freeform_tags" { default = {"Department"= "Accounting"} } variable "volume_size_in_gbs" { default = "0050" } variable "volume_source_details_type" { default = "volume" } variable "volume_state" { default = "AVAILABLE" } @@ -547,9 +791,7 @@ resource "oci_core_volume" "test_volume" { compartment_id = "${var.compartment_id}" #Optional - defined_tags = "${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "${var.volume_defined_tags_value}")}" display_name = "${var.volume_display_name}" - freeform_tags = "${var.volume_freeform_tags}" size_in_mbs = "${var.volume_size_in_mbs}" source_details { #Required @@ -557,9 +799,7 @@ resource "oci_core_volume" "test_volume" { type = "${var.volume_source_details_type}" } } -variable "volume_defined_tags_value" { default = "updatedValue" } variable "volume_display_name" { default = "displayName2" } -variable "volume_freeform_tags" { default = {"Department"= "Accounting"} } variable "volume_size_in_mbs" { default = "51200" } variable "volume_source_details_type" { default = "volume" } variable "volume_state" { default = "AVAILABLE" } @@ -575,9 +815,7 @@ resource "oci_core_volume" "test_volume" { compartment_id = "${var.compartment_id}" #Optional - defined_tags = "${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "${var.volume_defined_tags_value}")}" display_name = "${var.volume_display_name}" - freeform_tags = "${var.volume_freeform_tags}" size_in_gbs = "${var.volume_size_in_gbs}" source_details { #Required @@ -585,12 +823,11 @@ resource "oci_core_volume" "test_volume" { type = "${var.volume_source_details_type}" } } -variable "volume_defined_tags_value" { default = "updatedValue" } variable "volume_display_name" { default = "displayName2" } -variable "volume_freeform_tags" { default = {"Department"= "Accounting"} } variable "volume_size_in_gbs" { default = "50" } variable "volume_source_details_type" { default = "volume" } variable "volume_state" { default = "AVAILABLE" } +variable "volume_ignore_changes" { default = ["system_tags", "defined_tags", "freeform_tags"] } ` + compartmentIdVariableStr + CoreVolumeResourceDependencies, ExpectNonEmptyPlan: false, }, @@ -603,9 +840,7 @@ resource "oci_core_volume" "test_volume" { compartment_id = "${var.compartment_id}" #Optional - defined_tags = "${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "${var.volume_defined_tags_value}")}" display_name = "${var.volume_display_name}" - freeform_tags = "${var.volume_freeform_tags}" size_in_gbs = "${var.volume_size_in_gbs}" source_details { #Required @@ -613,9 +848,7 @@ resource "oci_core_volume" "test_volume" { type = "${var.volume_source_details_type}" } } -variable "volume_defined_tags_value" { default = "updatedValue" } variable "volume_display_name" { default = "displayName2" } -variable "volume_freeform_tags" { default = {"Department"= "Accounting"} } variable "volume_size_in_gbs" { default = "50" } variable "volume_source_details_type" { default = "VoLume" } # case-insensitive variable "volume_state" { default = "AVAILABLE" } diff --git a/internal/integrationtest/data_safe_generate_on_prem_connector_configuration_test.go b/internal/integrationtest/data_safe_generate_on_prem_connector_configuration_test.go new file mode 100644 index 00000000000..012ef7d4874 --- /dev/null +++ b/internal/integrationtest/data_safe_generate_on_prem_connector_configuration_test.go @@ -0,0 +1,69 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package integrationtest + +import ( + "fmt" + "strconv" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + "github.com/oracle/terraform-provider-oci/httpreplay" + "github.com/oracle/terraform-provider-oci/internal/acctest" + + "github.com/oracle/terraform-provider-oci/internal/resourcediscovery" + + "github.com/oracle/terraform-provider-oci/internal/utils" +) + +var ( + DataSafeGenerateOnPremConnectorConfigurationRepresentation = map[string]interface{}{ + "on_prem_connector_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_data_safe_on_prem_connector.test_on_prem_connector.id}`}, + "password": acctest.Representation{RepType: acctest.Required, Create: `BEstrO0ng_#1111`}, + } + + DataSafeGenerateOnPremConnectorConfigurationResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_data_safe_on_prem_connector", "test_on_prem_connector", acctest.Required, acctest.Create, onPremConnectorRepresentation) +) + +// issue-routing-tag: data_safe/default +func TestDataSafeGenerateOnPremConnectorConfigurationResource_basic(t *testing.T) { + httpreplay.SetScenario("TestDataSafeGenerateOnPremConnectorConfigurationResource_basic") + defer httpreplay.SaveScenario() + + config := acctest.ProviderTestConfig() + + compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid") + compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) + + resourceName := "oci_data_safe_generate_on_prem_connector_configuration.test_generate_on_prem_connector_configuration" + + var resId string + // Save TF content to Create resource with only required properties. This has to be exactly the same as the config part in the create step in the test. + acctest.SaveConfigContent(config+compartmentIdVariableStr+DataSafeGenerateOnPremConnectorConfigurationResourceDependencies+ + acctest.GenerateResourceFromRepresentationMap("oci_data_safe_generate_on_prem_connector_configuration", "test_generate_on_prem_connector_configuration", acctest.Required, acctest.Create, DataSafeGenerateOnPremConnectorConfigurationRepresentation), "datasafe", "generateOnPremConnectorConfiguration", t) + + acctest.ResourceTest(t, nil, []resource.TestStep{ + // verify Create + { + Config: config + compartmentIdVariableStr + DataSafeGenerateOnPremConnectorConfigurationResourceDependencies + + acctest.GenerateResourceFromRepresentationMap("oci_data_safe_generate_on_prem_connector_configuration", "test_generate_on_prem_connector_configuration", acctest.Required, acctest.Create, DataSafeGenerateOnPremConnectorConfigurationRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttrSet(resourceName, "on_prem_connector_id"), + resource.TestCheckResourceAttr(resourceName, "password", "BEstrO0ng_#1111"), + + func(s *terraform.State) (err error) { + resId, err = acctest.FromInstanceState(s, resourceName, "id") + if isEnableExportCompartment, _ := strconv.ParseBool(utils.GetEnvSettingWithDefault("enable_export_compartment", "true")); isEnableExportCompartment { + if errExport := resourcediscovery.TestExportCompartmentWithResourceName(&resId, &compartmentId, resourceName); errExport != nil { + return errExport + } + } + return err + }, + ), + }, + }) +} diff --git a/internal/integrationtest/database_database_test.go b/internal/integrationtest/database_database_test.go index 17fb3ffdc03..19ac69eb336 100644 --- a/internal/integrationtest/database_database_test.go +++ b/internal/integrationtest/database_database_test.go @@ -207,7 +207,7 @@ var ( "database": acctest.RepresentationGroup{RepType: acctest.Required, Group: databaseDatabaseRepresentation}, "db_home_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_database_db_home.test_db_home.id}`}, "source": acctest.Representation{RepType: acctest.Required, Create: `NONE`}, - "db_version": acctest.Representation{RepType: acctest.Optional, Create: `19.20.0.0`}, + "db_version": acctest.Representation{RepType: acctest.Optional, Create: `19.24.0.0`}, "key_store_id": acctest.Representation{RepType: acctest.Optional, Create: `${oci_database_key_store.test_key_store.id}`}, "kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${var.kms_key_id}`}, "kms_key_rotation": acctest.Representation{RepType: acctest.Optional, Update: `1`}, @@ -218,14 +218,14 @@ var ( "database": acctest.RepresentationGroup{RepType: acctest.Required, Group: databaseDatabaseRepresentation2}, "db_home_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_database_db_home.test_db_home.id}`, Update: `${oci_database_db_home.test_db_home_dbrs.id}`}, "source": acctest.Representation{RepType: acctest.Required, Create: `NONE`}, - "db_version": acctest.Representation{RepType: acctest.Optional, Create: `19.20.0.0`}, + "db_version": acctest.Representation{RepType: acctest.Optional, Create: `19.24.0.0`}, "kms_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${var.kms_key_id}`}, "kms_key_rotation": acctest.Representation{RepType: acctest.Optional, Update: `1`}, "lifecycle": acctest.RepresentationGroup{RepType: acctest.Required, Group: databaseIgnoreDefinedTagsRepresentation}, } databaseDatabaseRepresentation2 = map[string]interface{}{ - "admin_password": acctest.Representation{RepType: acctest.Required, Create: `BEstrO0ng_#11`}, + "admin_password": acctest.Representation{RepType: acctest.Required, Create: `BEstrO0ng_#11`, Update: `BEstrO0ng_#12`}, "db_name": acctest.Representation{RepType: acctest.Required, Create: `myTestDb`}, "character_set": acctest.Representation{RepType: acctest.Optional, Create: `AL32UTF8`}, "db_backup_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: databaseDatabaseDbBackupConfigRepresentation2}, @@ -381,13 +381,13 @@ var ( } dbHomeRepresentationSourceNone2 = acctest.RepresentationCopyWithNewProperties(DatabaseDbHomeRepresentationBase2, map[string]interface{}{ - "db_version": acctest.Representation{RepType: acctest.Required, Create: `19.20.0.0`}, + "db_version": acctest.Representation{RepType: acctest.Required, Create: `19.24.0.0`}, "source": acctest.Representation{RepType: acctest.Optional, Create: `NONE`}, "display_name": acctest.Representation{RepType: acctest.Optional, Create: `createdDbHomeNone`}, }) dbHomeDbrsRepresentation = acctest.RepresentationCopyWithNewProperties(dbHomeRepresentationSourceNone2, map[string]interface{}{ - "db_version": acctest.Representation{RepType: acctest.Required, Create: `19.20.0.0`}, + "db_version": acctest.Representation{RepType: acctest.Required, Create: `19.24.0.0`}, }) DatabaseDatabaseResourceDependencies = ExaBaseDependencies + DefinedTagsDependencies + AvailabilityDomainConfig + KeyResourceDependencyConfig + @@ -514,7 +514,7 @@ func TestDatabaseDatabaseResource_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "db_home_id"), resource.TestCheckResourceAttrSet(resourceName, "db_name"), resource.TestCheckResourceAttrSet(resourceName, "db_unique_name"), - resource.TestCheckResourceAttr(resourceName, "db_version", "19.20.0.0"), + resource.TestCheckResourceAttr(resourceName, "db_version", "19.24.0.0"), resource.TestCheckResourceAttrSet(resourceName, "id"), //resource.TestCheckResourceAttrSet(resourceName, "kms_key_id"), resource.TestCheckResourceAttr(resourceName, "source", "NONE"), @@ -540,7 +540,7 @@ func TestDatabaseDatabaseResource_basic(t *testing.T) { Check: acctest.ComposeAggregateTestCheckFuncWrapper( resource.TestCheckResourceAttrSet(resourceName, "compartment_id"), resource.TestCheckResourceAttr(resourceName, "database.#", "1"), - resource.TestCheckResourceAttr(resourceName, "database.0.admin_password", "BEstrO0ng_#11"), + resource.TestCheckResourceAttr(resourceName, "database.0.admin_password", "BEstrO0ng_#12"), resource.TestCheckResourceAttr(resourceName, "character_set", "AL32UTF8"), resource.TestCheckResourceAttr(resourceName, "db_backup_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "db_backup_config.0.auto_backup_enabled", "true"), @@ -557,7 +557,7 @@ func TestDatabaseDatabaseResource_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "db_home_id"), resource.TestCheckResourceAttrSet(resourceName, "db_name"), resource.TestCheckResourceAttrSet(resourceName, "db_unique_name"), - resource.TestCheckResourceAttr(resourceName, "db_version", "19.20.0.0"), + resource.TestCheckResourceAttr(resourceName, "db_version", "19.24.0.0"), resource.TestCheckResourceAttrSet(resourceName, "id"), //resource.TestCheckResourceAttrSet(resourceName, "kms_key_id"), resource.TestCheckResourceAttr(resourceName, "source", "NONE"), diff --git a/internal/integrationtest/desktops_desktop_pool_test.go b/internal/integrationtest/desktops_desktop_pool_test.go index 83fe445db92..fedb5e4c9e2 100644 --- a/internal/integrationtest/desktops_desktop_pool_test.go +++ b/internal/integrationtest/desktops_desktop_pool_test.go @@ -48,32 +48,60 @@ var ( } DesktopsDesktopPoolRepresentation = map[string]interface{}{ - "are_privileged_users": acctest.Representation{RepType: acctest.Required, Create: `false`}, - "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, - "availability_policy": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolAvailabilityPolicyRepresentation}, - "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, - "contact_details": acctest.Representation{RepType: acctest.Required, Create: `contactDetails`, Update: `contactDetails2`}, - "device_policy": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolDevicePolicyRepresentation}, - "display_name": acctest.Representation{RepType: acctest.Required, Create: `testPool1`, Update: `testPool2`}, - "image": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolImageRepresentation}, - "is_storage_enabled": acctest.Representation{RepType: acctest.Required, Create: `true`}, - "maximum_size": acctest.Representation{RepType: acctest.Required, Create: `10`, Update: `11`}, - "network_configuration": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolNetworkConfigurationRepresentation}, - "shape_name": acctest.Representation{RepType: acctest.Required, Create: `${var.test_shape_name}`}, - "standby_size": acctest.Representation{RepType: acctest.Required, Create: `2`, Update: `3`}, - "storage_backup_policy_id": acctest.Representation{RepType: acctest.Required, Create: `${var.test_storage_backup_policy_id}`}, - "storage_size_in_gbs": acctest.Representation{RepType: acctest.Required, Create: `50`}, - "description": acctest.Representation{RepType: acctest.Optional, Create: `description`, Update: `description2`}, - "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, - "nsg_ids": acctest.Representation{RepType: acctest.Optional, Create: []string{`${var.test_nsg_id}`}}, - "shape_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolShapeConfigRepresentation}, - "use_dedicated_vm_host": acctest.Representation{RepType: acctest.Optional, Create: `${var.test_use_dedicated_vm_host}`}, - "private_access_details": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolPrivateAccessDetailsRepresentation}, + "are_privileged_users": acctest.Representation{RepType: acctest.Required, Create: `false`}, + "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, + "availability_policy": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolAvailabilityPolicyRepresentation}, + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, + "contact_details": acctest.Representation{RepType: acctest.Required, Create: `contactDetails`, Update: `contactDetails2`}, + "device_policy": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolDevicePolicyRepresentation}, + "display_name": acctest.Representation{RepType: acctest.Required, Create: `testPool1`, Update: `testPool2`}, + "image": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolImageRepresentation}, + "is_storage_enabled": acctest.Representation{RepType: acctest.Required, Create: `true`}, + "maximum_size": acctest.Representation{RepType: acctest.Required, Create: `10`, Update: `11`}, + "network_configuration": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolNetworkConfigurationRepresentation}, + "shape_name": acctest.Representation{RepType: acctest.Required, Create: `${var.test_shape_name}`}, + "standby_size": acctest.Representation{RepType: acctest.Required, Create: `2`, Update: `3`}, + "storage_backup_policy_id": acctest.Representation{RepType: acctest.Required, Create: `${var.test_storage_backup_policy_id}`}, + "storage_size_in_gbs": acctest.Representation{RepType: acctest.Required, Create: `50`}, + "description": acctest.Representation{RepType: acctest.Optional, Create: `description`, Update: `description2`}, + "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, + "nsg_ids": acctest.Representation{RepType: acctest.Optional, Create: []string{`${var.test_nsg_id}`}}, + "shape_config": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolShapeConfigRepresentation}, + "use_dedicated_vm_host": acctest.Representation{RepType: acctest.Optional, Create: `${var.test_use_dedicated_vm_host}`}, + "private_access_details": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolPrivateAccessDetailsRepresentation}, + "session_lifecycle_actions": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolSessionLifecycleActionsRepresentation}, } + + DesktopsDesktopPoolAllSessionLifecycleActionsNoAvailPolicySchedulesRepresentation = map[string]interface{}{ + "are_privileged_users": acctest.Representation{RepType: acctest.Required, Create: `false`}, + "availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`}, + "availability_policy": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolAvailabilityPolicyNoStartStopSchedulesRepresentation}, + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, + "contact_details": acctest.Representation{RepType: acctest.Required, Create: `contactDetails`, Update: `contactDetails2`}, + "device_policy": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolDevicePolicyRepresentation}, + "display_name": acctest.Representation{RepType: acctest.Required, Create: `testPool1`, Update: `testPool2`}, + "image": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolImageRepresentation}, + "is_storage_enabled": acctest.Representation{RepType: acctest.Required, Create: `true`}, + "maximum_size": acctest.Representation{RepType: acctest.Required, Create: `10`, Update: `11`}, + "network_configuration": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolNetworkConfigurationRepresentation}, + "shape_name": acctest.Representation{RepType: acctest.Required, Create: `${var.test_shape_name}`}, + "standby_size": acctest.Representation{RepType: acctest.Required, Create: `2`, Update: `3`}, + "storage_backup_policy_id": acctest.Representation{RepType: acctest.Required, Create: `${var.test_storage_backup_policy_id}`}, + "storage_size_in_gbs": acctest.Representation{RepType: acctest.Required, Create: `50`}, + "description": acctest.Representation{RepType: acctest.Optional, Create: `description`, Update: `description2`}, + "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, + "nsg_ids": acctest.Representation{RepType: acctest.Optional, Create: []string{`${var.test_nsg_id}`}}, + "session_lifecycle_actions": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolSessionLifecycleActionsAllRepresentation}, + } + DesktopsDesktopPoolAvailabilityPolicyRepresentation = map[string]interface{}{ - "start_schedule": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolAvailabilityPolicyStartScheduleRepresentation}, - "stop_schedule": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolAvailabilityPolicyStopScheduleRepresentation}, + "start_schedule": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolAvailabilityPolicyStartScheduleRepresentation}, + "stop_schedule": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolAvailabilityPolicyStopScheduleRepresentation}, } + + // This is the only way for not to not pass availability policy schedules and pass server side validation + DesktopsDesktopPoolAvailabilityPolicyNoStartStopSchedulesRepresentation = map[string]interface{}{} + DesktopsDesktopPoolDevicePolicyRepresentation = map[string]interface{}{ "audio_mode": acctest.Representation{RepType: acctest.Required, Create: `NONE`, Update: `TODESKTOP`}, "cdm_mode": acctest.Representation{RepType: acctest.Required, Create: `NONE`, Update: `READONLY`}, @@ -91,6 +119,7 @@ var ( "subnet_id": acctest.Representation{RepType: acctest.Required, Create: `${var.test_subnet_id}`}, "vcn_id": acctest.Representation{RepType: acctest.Required, Create: `${var.test_vcn_id}`}, } + DesktopsDesktopPoolShapeConfigRepresentation = map[string]interface{}{ "baseline_ocpu_utilization": acctest.Representation{RepType: acctest.Optional, Create: `${var.test_shape_config_baseline_ocpu_utilization}`}, "memory_in_gbs": acctest.Representation{RepType: acctest.Optional, Create: `${var.test_shape_config_memory_in_gbs}`}, @@ -101,6 +130,16 @@ var ( "nsg_ids": acctest.Representation{RepType: acctest.Optional, Create: []string{`${var.test_private_access_nsg_id}`}}, "private_ip": acctest.Representation{RepType: acctest.Optional, Create: `${var.test_private_access_private_ip}`}, } + + DesktopsDesktopPoolSessionLifecycleActionsRepresentation = map[string]interface{}{ + "inactivity": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolSessionLifecycleActionsInactivityRepresentation}, + } + + DesktopsDesktopPoolSessionLifecycleActionsAllRepresentation = map[string]interface{}{ + "inactivity": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolSessionLifecycleActionsInactivityRepresentation}, + "disconnect": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolSessionLifecycleActionsDisconnectRepresentation}, + } + DesktopsDesktopPoolAvailabilityPolicyStartScheduleRepresentation = map[string]interface{}{ "cron_expression": acctest.Representation{RepType: acctest.Required, Create: `${var.test_start_schedule_cron_expr_create}`, Update: `${var.test_start_schedule_cron_expr_update}`}, "timezone": acctest.Representation{RepType: acctest.Required, Create: `${var.test_start_schedule_timezone_create}`, Update: `${var.test_start_schedule_timezone_update}`}, @@ -110,6 +149,16 @@ var ( "timezone": acctest.Representation{RepType: acctest.Required, Create: `${var.test_stop_schedule_timezone_create}`, Update: `${var.test_stop_schedule_timezone_update}`}, } + DesktopsDesktopPoolSessionLifecycleActionsInactivityRepresentation = map[string]interface{}{ + "action": acctest.Representation{RepType: acctest.Required, Create: `${var.test_slm_inactivity_action_create}`}, + "grace_period_in_minutes": acctest.Representation{RepType: acctest.Optional, Create: `${var.test_slm_inactivity_grace_period_create}`}, + } + + DesktopsDesktopPoolSessionLifecycleActionsDisconnectRepresentation = map[string]interface{}{ + "action": acctest.Representation{RepType: acctest.Required, Create: `${var.test_slm_disconnect_action_create}`}, + "grace_period_in_minutes": acctest.Representation{RepType: acctest.Optional, Create: `${var.test_slm_disconnect_grace_period_create}`}, + } + test_vcn_id = utils.GetEnvSettingWithBlankDefault("test_vcn_id") vcnIdVariableStr = fmt.Sprintf("variable \"test_vcn_id\" { default = \"%s\" }\n", test_vcn_id) @@ -176,6 +225,24 @@ var ( test_private_access_private_ip = utils.GetEnvSettingWithBlankDefault("test_private_access_private_ip") privateAccessPrivateIpVariableStr = fmt.Sprintf("variable \"test_private_access_private_ip\" { default = \"%s\" }\n", test_private_access_private_ip) + test_slm_disconnect_action_create = utils.GetEnvSettingWithBlankDefault("test_slm_disconnect_action_create") + slmDisconnectActionCreateVariableStr = fmt.Sprintf("variable \"test_slm_disconnect_action_create\" { default = \"%s\" }\n", test_slm_disconnect_action_create) + + test_slm_disconnect_action_update = utils.GetEnvSettingWithBlankDefault("test_slm_disconnect_action_update") + slmDisconnectActionUpdateVariableStr = fmt.Sprintf("variable \"test_slm_disconnect_action_update\" { default = \"%s\" }\n", test_slm_disconnect_action_update) + + test_slm_disconnect_grace_period_create = utils.GetEnvSettingWithBlankDefault("test_slm_disconnect_grace_period_create") + slmDisconnectGracePeriodCreateVariableStr = fmt.Sprintf("variable \"test_slm_disconnect_grace_period_create\" { default = \"%s\" }\n", test_slm_disconnect_grace_period_create) + + test_slm_inactivity_action_create = utils.GetEnvSettingWithBlankDefault("test_slm_inactivity_action_create") + slmInactivityActionCreateVariableStr = fmt.Sprintf("variable \"test_slm_inactivity_action_create\" { default = \"%s\" }\n", test_slm_inactivity_action_create) + + test_slm_inactivity_action_update = utils.GetEnvSettingWithBlankDefault("test_slm_inactivity_action_update") + slmInactivityActionUpdateVariableStr = fmt.Sprintf("variable \"test_slm_inactivity_action_update\" { default = \"%s\" }\n", test_slm_inactivity_action_update) + + test_slm_inactivity_grace_period_create = utils.GetEnvSettingWithBlankDefault("test_slm_inactivity_grace_period_create") + slmInactivityGracePeriodCreateVariableStr = fmt.Sprintf("variable \"test_slm_inactivity_grace_period_create\" { default = \"%s\" }\n", test_slm_inactivity_grace_period_create) + DesktopsDesktopPoolResourceDependencies = vcnIdVariableStr + subnetIdVariableStr + shapeNameVariableStr + @@ -198,6 +265,12 @@ var ( privateAccessSubnetIdVariableStr + privateAccessNsgIdVariableStr + privateAccessPrivateIpVariableStr + + slmDisconnectActionCreateVariableStr + + slmDisconnectActionUpdateVariableStr + + slmDisconnectGracePeriodCreateVariableStr + + slmInactivityActionCreateVariableStr + + slmInactivityActionUpdateVariableStr + + slmInactivityGracePeriodCreateVariableStr + AvailabilityDomainConfig ) @@ -232,12 +305,6 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "are_privileged_users", "false"), resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), resource.TestCheckResourceAttr(resourceName, "availability_policy.#", "1"), - resource.TestCheckResourceAttr(resourceName, "availability_policy.0.start_schedule.#", "1"), - resource.TestCheckResourceAttrSet(resourceName, "availability_policy.0.start_schedule.0.cron_expression"), - resource.TestCheckResourceAttrSet(resourceName, "availability_policy.0.start_schedule.0.timezone"), - resource.TestCheckResourceAttr(resourceName, "availability_policy.0.stop_schedule.#", "1"), - resource.TestCheckResourceAttrSet(resourceName, "availability_policy.0.stop_schedule.0.cron_expression"), - resource.TestCheckResourceAttrSet(resourceName, "availability_policy.0.stop_schedule.0.timezone"), resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), resource.TestCheckResourceAttr(resourceName, "contact_details", "contactDetails"), resource.TestCheckResourceAttr(resourceName, "device_policy.#", "1"), @@ -317,6 +384,10 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.private_ip"), resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.subnet_id"), resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.vcn_id"), + resource.TestCheckResourceAttr(resourceName, "session_lifecycle_actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "session_lifecycle_actions.0.inactivity.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "session_lifecycle_actions.0.inactivity.0.action"), + resource.TestCheckResourceAttrSet(resourceName, "session_lifecycle_actions.0.inactivity.0.grace_period_in_minutes"), resource.TestCheckResourceAttrSet(resourceName, "shape_name"), resource.TestCheckResourceAttr(resourceName, "standby_size", "2"), resource.TestCheckResourceAttrSet(resourceName, "state"), @@ -384,6 +455,10 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.private_ip"), resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.subnet_id"), resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.vcn_id"), + resource.TestCheckResourceAttr(resourceName, "session_lifecycle_actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "session_lifecycle_actions.0.inactivity.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "session_lifecycle_actions.0.inactivity.0.action"), + resource.TestCheckResourceAttrSet(resourceName, "session_lifecycle_actions.0.inactivity.0.grace_period_in_minutes"), resource.TestCheckResourceAttrSet(resourceName, "shape_name"), resource.TestCheckResourceAttr(resourceName, "standby_size", "2"), resource.TestCheckResourceAttrSet(resourceName, "state"), @@ -531,6 +606,10 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) { resource.TestCheckResourceAttrSet(singularDatasourceName, "shape_config.0.baseline_ocpu_utilization"), resource.TestCheckResourceAttrSet(singularDatasourceName, "shape_config.0.memory_in_gbs"), resource.TestCheckResourceAttrSet(singularDatasourceName, "shape_config.0.ocpus"), + resource.TestCheckResourceAttr(singularDatasourceName, "session_lifecycle_actions.#", "1"), + resource.TestCheckResourceAttr(singularDatasourceName, "session_lifecycle_actions.0.inactivity.#", "1"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "session_lifecycle_actions.0.inactivity.0.action"), + resource.TestCheckResourceAttrSet(singularDatasourceName, "session_lifecycle_actions.0.inactivity.0.grace_period_in_minutes"), resource.TestCheckResourceAttrSet(singularDatasourceName, "shape_name"), resource.TestCheckResourceAttr(singularDatasourceName, "standby_size", "3"), resource.TestCheckResourceAttrSet(singularDatasourceName, "state"), @@ -550,6 +629,128 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) { }) } +func TestDesktopsDesktopPoolResource_session_lifecycle_disconnect(t *testing.T) { + httpreplay.SetScenario("TestDesktopsDesktopPoolResource_session_lifecycle_disconnect") + defer httpreplay.SaveScenario() + + config := acctest.ProviderTestConfig() + + compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid") + compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) + + resourceName := "oci_desktops_desktop_pool.test_desktop_pool" + + var resId, resId2 string + // Save TF content to Create resource with optional properties. This has to be exactly the same as the config part in the "create with optionals" step in the test. + acctest.SaveConfigContent(config+compartmentIdVariableStr+DesktopsDesktopPoolResourceDependencies+ + acctest.GenerateResourceFromRepresentationMap("oci_desktops_desktop_pool", "test_desktop_pool", acctest.Optional, acctest.Create, DesktopsDesktopPoolAllSessionLifecycleActionsNoAvailPolicySchedulesRepresentation), "desktops", "desktopPool", t) + + acctest.ResourceTest(t, testAccCheckDesktopsDesktopPoolDestroy, []resource.TestStep{ + // verify Create with optionals + { + Config: config + compartmentIdVariableStr + DesktopsDesktopPoolResourceDependencies + + acctest.GenerateResourceFromRepresentationMap("oci_desktops_desktop_pool", "test_desktop_pool", acctest.Optional, acctest.Create, DesktopsDesktopPoolAllSessionLifecycleActionsNoAvailPolicySchedulesRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "are_privileged_users", "false"), + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "availability_policy.#", "1"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(resourceName, "contact_details", "contactDetails"), + resource.TestCheckResourceAttr(resourceName, "description", "description"), + resource.TestCheckResourceAttr(resourceName, "device_policy.#", "1"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.audio_mode", "NONE"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.cdm_mode", "NONE"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.clipboard_mode", "NONE"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.is_display_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.is_keyboard_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.is_pointer_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.is_printing_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "display_name", "testPool1"), + resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(resourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "image.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "image.0.image_id"), + resource.TestCheckResourceAttrSet(resourceName, "image.0.image_name"), + resource.TestCheckResourceAttr(resourceName, "is_storage_enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "maximum_size", "10"), + resource.TestCheckResourceAttr(resourceName, "network_configuration.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.subnet_id"), + resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.vcn_id"), + resource.TestCheckResourceAttr(resourceName, "session_lifecycle_actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "session_lifecycle_actions.0.inactivity.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "session_lifecycle_actions.0.inactivity.0.action"), + resource.TestCheckResourceAttrSet(resourceName, "session_lifecycle_actions.0.inactivity.0.grace_period_in_minutes"), + resource.TestCheckResourceAttr(resourceName, "session_lifecycle_actions.0.disconnect.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "session_lifecycle_actions.0.disconnect.0.action"), + resource.TestCheckResourceAttrSet(resourceName, "session_lifecycle_actions.0.disconnect.0.grace_period_in_minutes"), + resource.TestCheckResourceAttrSet(resourceName, "shape_name"), + resource.TestCheckResourceAttr(resourceName, "standby_size", "2"), + resource.TestCheckResourceAttrSet(resourceName, "state"), + resource.TestCheckResourceAttrSet(resourceName, "storage_backup_policy_id"), + resource.TestCheckResourceAttr(resourceName, "storage_size_in_gbs", "50"), + resource.TestCheckResourceAttrSet(resourceName, "time_created"), + + func(s *terraform.State) (err error) { + resId, err = acctest.FromInstanceState(s, resourceName, "id") + if isEnableExportCompartment, _ := strconv.ParseBool(utils.GetEnvSettingWithDefault("enable_export_compartment", "true")); isEnableExportCompartment { + if errExport := resourcediscovery.TestExportCompartmentWithResourceName(&resId, &compartmentId, resourceName); errExport != nil { + return errExport + } + } + return err + }, + ), + }, + + // verify updates to updatable parameters + { + Config: config + compartmentIdVariableStr + DesktopsDesktopPoolResourceDependencies + + acctest.GenerateResourceFromRepresentationMap("oci_desktops_desktop_pool", "test_desktop_pool", acctest.Optional, acctest.Update, DesktopsDesktopPoolAllSessionLifecycleActionsNoAvailPolicySchedulesRepresentation), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "are_privileged_users", "false"), + resource.TestCheckResourceAttrSet(resourceName, "availability_domain"), + resource.TestCheckResourceAttr(resourceName, "availability_policy.#", "1"), + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(resourceName, "contact_details", "contactDetails2"), + resource.TestCheckResourceAttr(resourceName, "description", "description2"), + resource.TestCheckResourceAttr(resourceName, "device_policy.#", "1"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.audio_mode", "TODESKTOP"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.cdm_mode", "READONLY"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.clipboard_mode", "TODESKTOP"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.is_display_enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.is_keyboard_enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.is_pointer_enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "device_policy.0.is_printing_enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "display_name", "testPool2"), + resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"), + resource.TestCheckResourceAttrSet(resourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "image.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "image.0.image_id"), + resource.TestCheckResourceAttrSet(resourceName, "image.0.image_name"), + resource.TestCheckResourceAttr(resourceName, "is_storage_enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "maximum_size", "11"), + resource.TestCheckResourceAttr(resourceName, "network_configuration.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.subnet_id"), + resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.vcn_id"), + resource.TestCheckResourceAttrSet(resourceName, "shape_name"), + resource.TestCheckResourceAttr(resourceName, "standby_size", "3"), + resource.TestCheckResourceAttrSet(resourceName, "state"), + resource.TestCheckResourceAttrSet(resourceName, "storage_backup_policy_id"), + resource.TestCheckResourceAttr(resourceName, "storage_size_in_gbs", "50"), + resource.TestCheckResourceAttrSet(resourceName, "time_created"), + + func(s *terraform.State) (err error) { + resId2, err = acctest.FromInstanceState(s, resourceName, "id") + if resId != resId2 { + return fmt.Errorf("Resource recreated when it was supposed to be updated.") + } + return err + }, + ), + }, + }) +} + func testAccCheckDesktopsDesktopPoolDestroy(s *terraform.State) error { noResourceFound := true client := acctest.TestAccProvider.Meta().(*tf_client.OracleClients).DesktopServiceClient() diff --git a/internal/integrationtest/dns_zone_dnssec_test.go b/internal/integrationtest/dns_zone_dnssec_test.go new file mode 100644 index 00000000000..b274e720457 --- /dev/null +++ b/internal/integrationtest/dns_zone_dnssec_test.go @@ -0,0 +1,107 @@ +// Copyright (c) 2017, 2023, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package integrationtest + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/oracle/terraform-provider-oci/httpreplay" + "github.com/oracle/terraform-provider-oci/internal/acctest" + "github.com/oracle/terraform-provider-oci/internal/utils" +) + +var ( + zoneRepresentationGlobal = map[string]interface{}{ + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, + "name": acctest.Representation{RepType: acctest.Required, + Create: `${data.oci_identity_tenancy.test_tenancy.name}.{{.token}}.stage-dnssec-key-version-test`}, + "zone_type": acctest.Representation{RepType: acctest.Required, Create: `PRIMARY`}, + "scope": acctest.Representation{RepType: acctest.Required, Create: `GLOBAL`}, + } + + ZoneResourceDnssecDependencies = ` + data "oci_identity_tenancy" "test_tenancy" { + tenancy_id = "${var.tenancy_ocid}" + } + ` +) + +func TestDnsZoneResourceDnssec(t *testing.T) { + httpreplay.SetScenario("TestDnsZoneResourceDnssec") + defer httpreplay.SaveScenario() + + config := acctest.ProviderTestConfig() + + compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid") + compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) + + resourceName := "oci_dns_zone.test_zone" + + _, tokenFn := acctest.TokenizeWithHttpReplay("dns_zone") + + acctest.ResourceTest(t, testAccCheckDnsZoneDestroy, []resource.TestStep{ + // create a zone with DNSSEC disabled + { + Config: tokenFn(config+compartmentIdVariableStr+ZoneResourceDnssecDependencies+ + acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Required, + acctest.Create, zoneRepresentationGlobal), nil), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "dnssec_state", "DISABLED"), + ), + }, + + // verify enabling DNSSEC + { + Config: tokenFn(config+compartmentIdVariableStr+ZoneResourceDnssecDependencies+ + acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, + acctest.Update, acctest.RepresentationCopyWithNewProperties(zoneRepresentationGlobal, + map[string]interface{}{ + "dnssec_state": acctest.Representation{RepType: acctest.Optional, + Create: `ENABLED`}, + })), nil), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "dnssec_state", "ENABLED"), + resource.TestCheckResourceAttr(resourceName, "dnssec_config.0.zsk_dnssec_key_versions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "dnssec_config.0.ksk_dnssec_key_versions.#", "1"), + ), + }, + + // delete before next Create + { + Config: tokenFn(config+compartmentIdVariableStr, nil), + }, + + // verify zone creation with DNSSEC enabled + { + Config: tokenFn(config+compartmentIdVariableStr+ZoneResourceDnssecDependencies+ + acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, acctest.Create, + acctest.RepresentationCopyWithNewProperties(zoneRepresentationGlobal, map[string]interface{}{ + "dnssec_state": acctest.Representation{RepType: acctest.Required, + Create: `ENABLED`}, + })), nil), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "dnssec_state", "ENABLED"), + resource.TestCheckResourceAttr(resourceName, "dnssec_config.0.zsk_dnssec_key_versions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "dnssec_config.0.ksk_dnssec_key_versions.#", "1"), + ), + }, + + // verify disabling DNSSEC + { + Config: tokenFn(config+compartmentIdVariableStr+ZoneResourceDnssecDependencies+ + acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, + acctest.Update, acctest.RepresentationCopyWithNewProperties(zoneRepresentationGlobal, + map[string]interface{}{ + "dnssec_state": acctest.Representation{RepType: acctest.Optional, + Create: `DISABLED`}, + })), nil), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "dnssec_state", "DISABLED"), + ), + }, + }) +} diff --git a/internal/integrationtest/dns_zone_promote_dnssec_key_version_test.go b/internal/integrationtest/dns_zone_promote_dnssec_key_version_test.go new file mode 100644 index 00000000000..de2d9f7f7d6 --- /dev/null +++ b/internal/integrationtest/dns_zone_promote_dnssec_key_version_test.go @@ -0,0 +1,68 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package integrationtest + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/oracle/terraform-provider-oci/httpreplay" + "github.com/oracle/terraform-provider-oci/internal/acctest" + "github.com/oracle/terraform-provider-oci/internal/utils" +) + +var ( + ZonePromoteDnssecKeyVersionResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", + "test_dnssec_zone", acctest.Required, acctest.Create, zoneRepresentationDnssec) + + DefinedTagsDependencies + ` + data "oci_identity_tenancy" "test_tenancy" { + tenancy_id = "${var.tenancy_ocid}" + } + ` +) + +// issue-routing-tag: dns/default +func TestDnsZonePromoteDnssecKeyVersionResource_basic(t *testing.T) { + httpreplay.SetScenario("TestDnsZonePromoteDnssecKeyVersionResource_basic") + defer httpreplay.SaveScenario() + + config := acctest.ProviderTestConfig() + + compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid") + compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) + + resourceName := "oci_dns_zone.test_dnssec_zone" + + _, tokenFn := acctest.TokenizeWithHttpReplay("dns_resource") + + acctest.ResourceTest(t, nil, []resource.TestStep{ + + // Create a dnssec enabled zone + { + Config: tokenFn(config+compartmentIdVariableStr+ZonePromoteDnssecKeyVersionResourceDependencies, nil), + }, + + // Promote the staged KSK version + { + Config: tokenFn(config+compartmentIdVariableStr+ZonePromoteDnssecKeyVersionResourceDependencies+` + resource "oci_dns_zone_promote_dnssec_key_version" "test_zone_promote_dnssec_key_version" { + zone_id = oci_dns_zone.test_dnssec_zone.id + dnssec_key_version_uuid = oci_dns_zone.test_dnssec_zone.dnssec_config[0].ksk_dnssec_key_versions[0].uuid + scope = "GLOBAL" + } + `, nil), + }, + + // Validate that the KSK key version's time_promoted was updated. + // This requires a separate step because it requires a refresh of the/zone resource. + { + Config: tokenFn(config+compartmentIdVariableStr+ZonePromoteDnssecKeyVersionResourceDependencies, nil), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttrSet(resourceName, "dnssec_config.0.ksk_dnssec_key_versions.0.time_promoted"), + ), + }, + }) +} diff --git a/internal/integrationtest/dns_zone_stage_dnssec_key_version_test.go b/internal/integrationtest/dns_zone_stage_dnssec_key_version_test.go new file mode 100644 index 00000000000..907b3190dfd --- /dev/null +++ b/internal/integrationtest/dns_zone_stage_dnssec_key_version_test.go @@ -0,0 +1,80 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package integrationtest + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/oracle/terraform-provider-oci/httpreplay" + "github.com/oracle/terraform-provider-oci/internal/acctest" + "github.com/oracle/terraform-provider-oci/internal/utils" +) + +var ( + zoneRepresentationDnssec = map[string]interface{}{ + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, + "name": acctest.Representation{RepType: acctest.Required, + Create: `${data.oci_identity_tenancy.test_tenancy.name}.{{.token}}.stage-dnssec-key-version-test`}, + "zone_type": acctest.Representation{RepType: acctest.Required, Create: `PRIMARY`}, + "scope": acctest.Representation{RepType: acctest.Required, Create: `GLOBAL`}, + "dnssec_state": acctest.Representation{RepType: acctest.Required, Create: `ENABLED`}, + } + + ZoneStageDnssecKeyVersionResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", + "test_dnssec_zone", acctest.Required, acctest.Create, zoneRepresentationDnssec) + + DefinedTagsDependencies + ` + data "oci_identity_tenancy" "test_tenancy" { + tenancy_id = "${var.tenancy_ocid}" + } + ` +) + +// issue-routing-tag: dns/default +func TestDnsZoneStageDnssecKeyVersionResource_basic(t *testing.T) { + httpreplay.SetScenario("TestDnsZoneStageDnssecKeyVersionResource_basic") + defer httpreplay.SaveScenario() + + config := acctest.ProviderTestConfig() + + compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid") + compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) + + resourceName := "oci_dns_zone.test_dnssec_zone" + + _, tokenFn := acctest.TokenizeWithHttpReplay("dns_resource") + + acctest.ResourceTest(t, nil, []resource.TestStep{ + + // Create a dnssec enabled zone + { + Config: tokenFn(config+compartmentIdVariableStr+ZoneStageDnssecKeyVersionResourceDependencies, nil), + }, + + // Stage a replacement ZSK version + { + Config: tokenFn(config+compartmentIdVariableStr+ZoneStageDnssecKeyVersionResourceDependencies+` + locals { + predecessor_uuid = length(oci_dns_zone.test_dnssec_zone.dnssec_config[0].zsk_dnssec_key_versions) == 1 ? oci_dns_zone.test_dnssec_zone.dnssec_config[0].zsk_dnssec_key_versions[0].uuid : [ for zsk in oci_dns_zone.test_dnssec_zone.dnssec_config[0].zsk_dnssec_key_versions : zsk if zsk.successor_dnssec_key_version_uuid != ""][0].uuid + } + resource "oci_dns_zone_stage_dnssec_key_version" "test_zone_stage_dnssec_key_version" { + zone_id = oci_dns_zone.test_dnssec_zone.id + predecessor_dnssec_key_version_uuid = local.predecessor_uuid + scope = "GLOBAL" + } + `, nil), + }, + + // Validate that a second ZSK key version was added to the dnssec configuration. + // This requires a separate step because it requires a refresh of the zone resource. + { + Config: tokenFn(config+compartmentIdVariableStr+ZoneStageDnssecKeyVersionResourceDependencies, nil), + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "dnssec_config.0.zsk_dnssec_key_versions.#", "2"), + ), + }, + }) +} diff --git a/internal/integrationtest/dns_zone_test.go b/internal/integrationtest/dns_zone_test.go index 97515407e14..027cf911ea3 100644 --- a/internal/integrationtest/dns_zone_test.go +++ b/internal/integrationtest/dns_zone_test.go @@ -11,12 +11,6 @@ import ( "testing" "time" - "github.com/oracle/terraform-provider-oci/internal/acctest" - tf_client "github.com/oracle/terraform-provider-oci/internal/client" - "github.com/oracle/terraform-provider-oci/internal/resourcediscovery" - "github.com/oracle/terraform-provider-oci/internal/tfresource" - "github.com/oracle/terraform-provider-oci/internal/utils" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" @@ -24,6 +18,11 @@ import ( oci_dns "github.com/oracle/oci-go-sdk/v65/dns" "github.com/oracle/terraform-provider-oci/httpreplay" + "github.com/oracle/terraform-provider-oci/internal/acctest" + tf_client "github.com/oracle/terraform-provider-oci/internal/client" + "github.com/oracle/terraform-provider-oci/internal/resourcediscovery" + "github.com/oracle/terraform-provider-oci/internal/tfresource" + "github.com/oracle/terraform-provider-oci/internal/utils" ) var ( diff --git a/internal/integrationtest/golden_gate_deployment_environment_test.go b/internal/integrationtest/golden_gate_deployment_environment_test.go new file mode 100644 index 00000000000..5e4f1975045 --- /dev/null +++ b/internal/integrationtest/golden_gate_deployment_environment_test.go @@ -0,0 +1,54 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package integrationtest + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/oracle/terraform-provider-oci/httpreplay" + "github.com/oracle/terraform-provider-oci/internal/acctest" + + "github.com/oracle/terraform-provider-oci/internal/utils" +) + +var ( + GoldenGateDeploymentEnvironmentDataSourceRepresentation = map[string]interface{}{ + "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, + } + + GoldenGateDeploymentEnvironmentResourceConfig = "" +) + +// issue-routing-tag: golden_gate/default +func TestGoldenGateDeploymentEnvironmentResource_basic(t *testing.T) { + httpreplay.SetScenario("TestGoldenGateDeploymentEnvironmentResource_basic") + defer httpreplay.SaveScenario() + + config := acctest.ProviderTestConfig() + + compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid") + compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId) + + datasourceName := "data.oci_golden_gate_deployment_environments.test_deployment_environments" + + acctest.SaveConfigContent("", "", "", t) + + acctest.ResourceTest(t, nil, []resource.TestStep{ + // verify datasource + { + Config: config + + acctest.GenerateDataSourceFromRepresentationMap("oci_golden_gate_deployment_environments", "test_deployment_environments", acctest.Required, acctest.Create, GoldenGateDeploymentEnvironmentDataSourceRepresentation) + + compartmentIdVariableStr + GoldenGateDeploymentEnvironmentResourceConfig, + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(datasourceName, "compartment_id", compartmentId), + + resource.TestCheckResourceAttrSet(datasourceName, "deployment_environment_collection.#"), + resource.TestCheckResourceAttr(datasourceName, "deployment_environment_collection.0.items.#", "6"), + ), + }, + }) +} diff --git a/internal/integrationtest/golden_gate_deployment_test.go b/internal/integrationtest/golden_gate_deployment_test.go index 2eca479eefe..aabf5a9cb21 100644 --- a/internal/integrationtest/golden_gate_deployment_test.go +++ b/internal/integrationtest/golden_gate_deployment_test.go @@ -43,6 +43,7 @@ func TestGoldenGateDeploymentResource_basic(t *testing.T) { IDENTITY_DOMAIN_ID = "identity_domain_id" PASSWORD_SECRET_ID = "password_secret_id" PASSWORD_SECRET_ID_2 = "password_secret_id_2" + GROUP_ID = "group_id" ) var ( @@ -73,6 +74,7 @@ func TestGoldenGateDeploymentResource_basic(t *testing.T) { passwordSecretId2 = utils.GetEnvSettingWithBlankDefault(PASSWORD_SECRET_ID_2) baseOggVersion = utils.GetEnvSettingWithBlankDefault(BASE_OGG_VERSION) upgradedOggVersion = utils.GetEnvSettingWithBlankDefault(UPGRADED_OGG_VERSION) + groupId = utils.GetEnvSettingWithBlankDefault(GROUP_ID) resId string resId2 string @@ -93,6 +95,20 @@ func TestGoldenGateDeploymentResource_basic(t *testing.T) { "key": acctest.Representation{RepType: acctest.Optional, Update: `${var.key}`}, } + groupToRolesMappingRepresentation = map[string]interface{}{ + "security_group_id": acctest.Representation{RepType: acctest.Required, Create: `${var.group_id}`}, + "administrator_group_id": acctest.Representation{RepType: acctest.Optional, Update: `${var.group_id}`}, + "operator_group_id": acctest.Representation{RepType: acctest.Optional, Update: `${var.group_id}`}, + "user_group_id": acctest.Representation{RepType: acctest.Optional, Update: `${var.group_id}`}, + } + + goldenGateDeploymentOggDataWithGroupRoleMappingRepresentation = map[string]interface{}{ + "admin_password": acctest.Representation{RepType: acctest.Required, Create: `${var.password}`}, + "admin_username": acctest.Representation{RepType: acctest.Required, Create: `adminUsername`}, + "deployment_name": acctest.Representation{RepType: acctest.Required, Create: `depl_test_ggs_deployment_name`}, + "group_to_roles_mapping": acctest.RepresentationGroup{RepType: acctest.Required, Group: groupToRolesMappingRepresentation}, + } + deploymentMaintenanceConfigurationRepresentation = map[string]interface{}{ "bundle_release_upgrade_period_in_days": acctest.Representation{RepType: acctest.Optional, Create: `10`, Update: `11`}, "interim_release_upgrade_period_in_days": acctest.Representation{RepType: acctest.Optional, Create: `5`, Update: `6`}, @@ -182,6 +198,7 @@ func TestGoldenGateDeploymentResource_basic(t *testing.T) { makeVariableStr(NEW_PASSWORD, t) + makeVariableStr(PASSWORD_SECRET_ID, t) + makeVariableStr(PASSWORD_SECRET_ID_2, t) + + makeVariableStr(GROUP_ID, t) + GoldenGateDeploymentResourceDependencies if identityDomainId != "" { @@ -192,7 +209,7 @@ func TestGoldenGateDeploymentResource_basic(t *testing.T) { acctest.SaveConfigContent(config+testDeploymentIdVariableStr+ acctest.GenerateResourceFromRepresentationMap("oci_golden_gate_deployment", "depl_test_ggs_deployment", acctest.Optional, acctest.Create, goldenGateDeploymentRepresentation), "goldengate", "deployment", t) - acctest.ResourceTest(t, testAccCheckGoldenGateDeploymentDestroy, []resource.TestStep{ + var steps = []resource.TestStep{ // verify Create { Config: config + testDeploymentIdVariableStr + @@ -220,6 +237,39 @@ func TestGoldenGateDeploymentResource_basic(t *testing.T) { ), }, + // delete before next Create + { + Config: config, + }, + // check groupToRolesMapping attribute set + { + Config: config + testDeploymentIdVariableStr + acctest.GenerateResourceFromRepresentationMap("oci_golden_gate_deployment", "depl_test_ggs_deployment", acctest.Required, acctest.Create, + acctest.RepresentationCopyWithNewProperties(goldenGateDeploymentRepresentation, map[string]interface{}{ + "deployment_type": acctest.Representation{RepType: acctest.Required, Create: `OGG`}, + "ogg_data": acctest.RepresentationGroup{RepType: acctest.Required, Group: goldenGateDeploymentOggDataWithGroupRoleMappingRepresentation}, + })), + + Check: acctest.ComposeAggregateTestCheckFuncWrapper( + resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId), + resource.TestCheckResourceAttr(resourceName, "cpu_core_count", "1"), + resource.TestCheckResourceAttr(resourceName, "deployment_type", "OGG"), + resource.TestCheckResourceAttr(resourceName, "display_name", "Terraform_integration_test"), + resource.TestCheckResourceAttr(resourceName, "is_auto_scaling_enabled", "false"), + resource.TestCheckResourceAttrSet(resourceName, "subnet_id"), + resource.TestCheckResourceAttr(resourceName, "license_model", "LICENSE_INCLUDED"), + resource.TestCheckResourceAttr(resourceName, "ogg_data.#", "1"), + resource.TestCheckResourceAttr(resourceName, "ogg_data.0.admin_username", "adminUsername"), + resource.TestCheckResourceAttrSet(resourceName, "ogg_data.0.deployment_name"), + resource.TestCheckResourceAttrSet(resourceName, "ogg_data.0.ogg_version"), + resource.TestCheckResourceAttr(resourceName, "ogg_data.0.group_to_roles_mapping.#", "1"), + resource.TestCheckResourceAttr(resourceName, "ogg_data.0.group_to_roles_mapping.0.security_group_id", groupId), + + func(s *terraform.State) (err error) { + resId, err = acctest.FromInstanceState(s, resourceName, "id") + return err + }, + ), + }, // delete before next Create { Config: config, @@ -685,7 +735,8 @@ func TestGoldenGateDeploymentResource_basic(t *testing.T) { { Config: config, }, - }) + } + acctest.ResourceTest(t, testAccCheckGoldenGateDeploymentDestroy, steps) } func testAccCheckGoldenGateDeploymentDestroy(s *terraform.State) error { diff --git a/internal/integrationtest/logging_unified_agent_configuration_test.go b/internal/integrationtest/logging_unified_agent_configuration_test.go index 88ac4d912dd..ac9591152a8 100644 --- a/internal/integrationtest/logging_unified_agent_configuration_test.go +++ b/internal/integrationtest/logging_unified_agent_configuration_test.go @@ -45,7 +45,6 @@ var ( "compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`}, "is_enabled": acctest.Representation{RepType: acctest.Required, Create: `true`, Update: `false`}, "service_configuration": acctest.RepresentationGroup{RepType: acctest.Required, Group: LoggingUnifiedAgentConfigurationServiceConfigurationRepresentation}, - "defined_tags": acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`}, "description": acctest.Representation{RepType: acctest.Required, Create: `description`, Update: `description2`}, "display_name": acctest.Representation{RepType: acctest.Required, Create: `displayName`, Update: `displayName2`}, "freeform_tags": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}}, @@ -73,7 +72,8 @@ var ( "pattern": acctest.Representation{RepType: acctest.Optional, Create: `pattern`, Update: `pattern2`}, } LoggingUnifiedAgentConfigurationGroupAssociationRepresentation = map[string]interface{}{ - "group_list": acctest.Representation{RepType: acctest.Required, Create: []string{`${oci_identity_group.test_group.id}`}}, // Update: []string{`${oci_identity_group.test_group.id}`, `ocid1.Group.oc1..aaaaaaaa5rvs7zjwdk3zdmysm7x7wcxyanbllutswe4xbl7ng4stohtg3sla`}}, + //"group_list": acctest.Representation{RepType: acctest.Required, Create: []string{`ocid1.group.oc1..aaaaaaaafxpft7qucqbpsygm555uzxipqslne7d5meupykscq57q32jfiifa`}}, // Update: []string{`${oci_identity_group.test_group.id}`, `ocid1.Group.oc1..aaaaaaaa5rvs7zjwdk3zdmysm7x7wcxyanbllutswe4xbl7ng4stohtg3sla`}}, + "group_list": acctest.Representation{RepType: acctest.Required, Create: []string{`ocid1.group.oc1..testid`}}, // Update: []string{`${oci_identity_group.test_group.id}`, `ocid1.Group.oc1..aaaaaaaa5rvs7zjwdk3zdmysm7x7wcxyanbllutswe4xbl7ng4stohtg3sla`}}, } LoggingUnifiedAgentConfigurationServiceConfigurationDestinationRepresentation = map[string]interface{}{ @@ -111,7 +111,6 @@ var ( "null_value_pattern": acctest.Representation{RepType: acctest.Optional, Create: `nullValuePattern`}, "timeout_in_milliseconds": acctest.Representation{RepType: acctest.Optional, Create: `10`}, "types": acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"types": "types"}}, - //"is_estimate_current_event": acctest.Representation{RepType: acctest.Optional, Create: `false`}, } LoggingUnifiedAgentConfigurationDataSourceFilterRepresentation = map[string]interface{}{ @@ -126,13 +125,8 @@ var ( } // need to add policy for creating groups - LoggingUnifiedAgentConfigurationResourceDependencies = DefinedTagsDependencies + - acctest.GenerateResourceFromRepresentationMap("oci_identity_group", "test_group", acctest.Required, acctest.Create, LoggingUAIdentityGroupRepresentation) + - acctest.GenerateResourceFromRepresentationMap("oci_logging_log_group", "test_log_group", acctest.Required, acctest.Create, LoggingLogGroupRepresentation) + + LoggingUnifiedAgentConfigurationResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_logging_log_group", "test_log_group", acctest.Required, acctest.Create, LoggingLogGroupRepresentation) + acctest.GenerateResourceFromRepresentationMap("oci_logging_log", "test_log", acctest.Required, acctest.Create, customLogRepresentation) // + - //acctest.GenerateResourceFromRepresentationMap("oci_objectstorage_bucket", "test_bucket", acctest.Required, acctest.Create, ObjectStorageBucketRepresentation) + - //acctest.GenerateDataSourceFromRepresentationMap("oci_objectstorage_namespace", "test_namespace", acctest.Required, acctest.Create, ObjectStorageObjectStorageNamespaceSingularDataSourceRepresentation) + - //acctest.GenerateResourceFromRepresentationMap("oci_objectstorage_object", "test_object", acctest.Required, acctest.Create, ObjectStorageObjectRepresentation) LoggingUnifiedAgentConfigurationServiceConfigurationSourcesRepresentation = map[string]interface{}{ "advanced_options": acctest.RepresentationGroup{RepType: acctest.Optional, Group: LoggingUnifiedAgentConfigurationServiceConfigurationApplicationConfigurationsSourcesAdvancedOptionsRepresentation}, @@ -140,7 +134,6 @@ var ( "paths": acctest.Representation{RepType: acctest.Required, Create: []string{`/var/log/*`}}, "name": acctest.Representation{RepType: acctest.Required, Create: `name`}, "parser": acctest.RepresentationGroup{RepType: acctest.Required, Group: LoggingUnifiedAgentConfigurationServiceConfigurationSourcesParserRepresentation}, - //"channels": acctest.Representation{RepType: acctest.Required, Create: []string{`Security`}, Update: []string{`Security`, `Application`}}, } LoggingUnifiedAgentConfigurationServiceConfigurationApplicationConfigurationsSourcesAdvancedOptionsRepresentation = map[string]interface{}{ "is_read_from_head": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `true`}, @@ -148,9 +141,8 @@ var ( // Add new test configs here // CRI parser configs LoggingUnifiedAgentConfigurationServiceConfigurationSourcesParserNestedParserRepresentation = map[string]interface{}{ - "time_format": acctest.Representation{RepType: acctest.Optional, Create: `%Y-%m-%dT%H:%M:%S.%L%z`, Update: `%Y-%m-%d %H:%M:%S.%L%z`}, - "field_time_key": acctest.Representation{RepType: acctest.Optional, Create: `time`, Update: `time1`}, - "is_keep_time_key": acctest.Representation{RepType: acctest.Optional, Create: `true`, Update: `false`}, + "time_format": acctest.Representation{RepType: acctest.Optional, Create: `%Y-%m-%dT%H:%M:%S.%L%z`, Update: `%Y-%m-%d %H:%M:%S.%L%z`}, + "field_time_key": acctest.Representation{RepType: acctest.Optional, Create: `time`, Update: `time1`}, } LoggingUnifiedAgentConfigurationServiceConfigurationSourcesCriParserRepresentation = map[string]interface{}{ @@ -202,7 +194,6 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "service_configuration.0.destination.#", "1"), resource.TestCheckResourceAttrSet(resourceName, "service_configuration.0.destination.0.log_object_id"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.#", "1"), - //resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.channels.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.name", "name"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.paths.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.source_type", "LOG_TAIL"), @@ -226,7 +217,6 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "service_configuration.0.destination.#", "1"), resource.TestCheckResourceAttrSet(resourceName, "service_configuration.0.destination.0.log_object_id"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.#", "1"), - //resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.channels.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.name", "name"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.paths.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.source_type", "LOG_TAIL"), @@ -234,7 +224,7 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.parser.0.is_merge_cri_fields", "true"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.parser.0.nested_parser.0.time_format", "%Y-%m-%dT%H:%M:%S.%L%z"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.parser.0.nested_parser.0.field_time_key", "time"), - resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.parser.0.nested_parser.0.is_keep_time_key", "true"), + resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.parser.0.nested_parser.0.is_keep_time_key", "false"), func(s *terraform.State) (err error) { _, err = acctest.FromInstanceState(s, resourceName, "id") @@ -254,7 +244,6 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "service_configuration.0.destination.#", "1"), resource.TestCheckResourceAttrSet(resourceName, "service_configuration.0.destination.0.log_object_id"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.#", "1"), - //resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.channels.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.name", "name"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.paths.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.source_type", "LOG_TAIL"), @@ -284,7 +273,6 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "service_configuration.0.destination.#", "1"), resource.TestCheckResourceAttrSet(resourceName, "service_configuration.0.destination.0.log_object_id"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.#", "1"), - //resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.channels.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.name", "name"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.paths.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.source_type", "LOG_TAIL"), @@ -329,8 +317,7 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.name", "name"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.source_type", "LOG_TAIL"), - resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.parser.0.parser_type", "AUDITD"), - resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.parser.0.is_estimate_current_event", "true"), + //resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.parser.0.parser_type", "AUDITD"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.advanced_options.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.advanced_options.0.is_read_from_head", "false"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.unified_agent_configuration_filter.#", "1"), @@ -387,7 +374,6 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "service_configuration.0.destination.0.operational_metrics_configuration.0.source.0.record_input.0.resource_group", "resourceGroup"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.destination.0.operational_metrics_configuration.0.source.0.type", "UMA_METRICS"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.#", "1"), - //resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.channels.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.name", "name"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.source_type", "LOG_TAIL"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.unified_agent_configuration_filter.#", "1"), @@ -440,8 +426,6 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "service_configuration.0.destination.0.operational_metrics_configuration.0.source.0.record_input.0.resource_group", "resourceGroup2"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.destination.0.operational_metrics_configuration.0.source.0.type", "UMA_METRICS"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.#", "1"), - //resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.channels.#", "2"), - //resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.name", "name2"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.sources.0.source_type", "LOG_TAIL"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.unified_agent_configuration_filter.#", "1"), resource.TestCheckResourceAttr(resourceName, "service_configuration.0.unified_agent_configuration_filter.0.allow_list.#", "1"), @@ -509,8 +493,6 @@ func TestLoggingUnifiedAgentConfigurationResource_basic(t *testing.T) { resource.TestCheckResourceAttr(singularDatasourceName, "service_configuration.0.destination.0.operational_metrics_configuration.0.source.0.record_input.0.resource_group", "resourceGroup2"), resource.TestCheckResourceAttr(singularDatasourceName, "service_configuration.0.destination.0.operational_metrics_configuration.0.source.0.type", "UMA_METRICS"), resource.TestCheckResourceAttr(singularDatasourceName, "service_configuration.0.sources.#", "1"), - //resource.TestCheckResourceAttr(singularDatasourceName, "service_configuration.0.sources.0.channels.#", "2"), - //resource.TestCheckResourceAttr(singularDatasourceName, "service_configuration.0.sources.0.name", "name2"), resource.TestCheckResourceAttr(singularDatasourceName, "service_configuration.0.sources.0.source_type", "LOG_TAIL"), resource.TestCheckResourceAttr(singularDatasourceName, "service_configuration.0.sources.0.advanced_options.0.is_read_from_head", "true"), resource.TestCheckResourceAttr(singularDatasourceName, "service_configuration.0.unified_agent_configuration_filter.#", "1"), diff --git a/internal/provider/register_datasource.go b/internal/provider/register_datasource.go index d5767724bb0..3932fa23fc9 100644 --- a/internal/provider/register_datasource.go +++ b/internal/provider/register_datasource.go @@ -62,7 +62,6 @@ import ( tf_fusion_apps "github.com/oracle/terraform-provider-oci/internal/service/fusion_apps" tf_generative_ai "github.com/oracle/terraform-provider-oci/internal/service/generative_ai" tf_generic_artifacts_content "github.com/oracle/terraform-provider-oci/internal/service/generic_artifacts_content" - tf_globally_distributed_database "github.com/oracle/terraform-provider-oci/internal/service/globally_distributed_database" tf_golden_gate "github.com/oracle/terraform-provider-oci/internal/service/golden_gate" tf_health_checks "github.com/oracle/terraform-provider-oci/internal/service/health_checks" tf_identity "github.com/oracle/terraform-provider-oci/internal/service/identity" @@ -303,9 +302,6 @@ func init() { if common.CheckForEnabledServices("genericartifactscontent") { tf_generic_artifacts_content.RegisterDatasource() } - if common.CheckForEnabledServices("globallydistributeddatabase") { - tf_globally_distributed_database.RegisterDatasource() - } if common.CheckForEnabledServices("goldengate") { tf_golden_gate.RegisterDatasource() } diff --git a/internal/provider/register_resource.go b/internal/provider/register_resource.go index d49c9a101bc..e400d01852c 100644 --- a/internal/provider/register_resource.go +++ b/internal/provider/register_resource.go @@ -62,7 +62,6 @@ import ( tf_fusion_apps "github.com/oracle/terraform-provider-oci/internal/service/fusion_apps" tf_generative_ai "github.com/oracle/terraform-provider-oci/internal/service/generative_ai" tf_generic_artifacts_content "github.com/oracle/terraform-provider-oci/internal/service/generic_artifacts_content" - tf_globally_distributed_database "github.com/oracle/terraform-provider-oci/internal/service/globally_distributed_database" tf_golden_gate "github.com/oracle/terraform-provider-oci/internal/service/golden_gate" tf_health_checks "github.com/oracle/terraform-provider-oci/internal/service/health_checks" tf_identity "github.com/oracle/terraform-provider-oci/internal/service/identity" @@ -303,9 +302,6 @@ func init() { if common.CheckForEnabledServices("genericartifactscontent") { tf_generic_artifacts_content.RegisterResource() } - if common.CheckForEnabledServices("globallydistributeddatabase") { - tf_globally_distributed_database.RegisterResource() - } if common.CheckForEnabledServices("goldengate") { tf_golden_gate.RegisterResource() } diff --git a/internal/service/cloud_guard/cloud_guard_data_source_resource.go b/internal/service/cloud_guard/cloud_guard_data_source_resource.go index 654a60444f1..fbbeca9cd71 100644 --- a/internal/service/cloud_guard/cloud_guard_data_source_resource.go +++ b/internal/service/cloud_guard/cloud_guard_data_source_resource.go @@ -750,7 +750,7 @@ func ContinuousQueryStartPolicyToMap(obj *oci_cloud_guard.ContinuousQueryStartPo result["start_policy_type"] = "ABSOLUTE_TIME_START_POLICY" if v.QueryStartTime != nil { - result["query_start_time"] = v.QueryStartTime.Format(time.RFC3339Nano) + result["query_start_time"] = v.QueryStartTime.Round(time.Millisecond).Format(time.RFC3339Nano) } case oci_cloud_guard.NoDelayStartPolicy: result["start_policy_type"] = "NO_DELAY_START_POLICY" diff --git a/internal/service/containerengine/containerengine_cluster_resource.go b/internal/service/containerengine/containerengine_cluster_resource.go index 5d26cd5b7e3..ee748ebbd79 100644 --- a/internal/service/containerengine/containerengine_cluster_resource.go +++ b/internal/service/containerengine/containerengine_cluster_resource.go @@ -259,6 +259,114 @@ func ContainerengineClusterResource() *schema.Resource { }, }, }, + "open_id_connect_token_authentication_config": { + Type: schema.TypeList, + Optional: true, + Computed: true, + MaxItems: 1, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + "is_open_id_connect_auth_enabled": { + Type: schema.TypeBool, + Required: true, + }, + + // Optional + "ca_certificate": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "client_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "groups_claim": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "groups_prefix": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "issuer_url": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "required_claims": { + Type: schema.TypeList, + Optional: true, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + "key": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "value": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + + // Computed + }, + }, + }, + "signing_algorithms": { + Type: schema.TypeList, + Optional: true, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "username_claim": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "username_prefix": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + + // Computed + }, + }, + }, + "open_id_connect_discovery": { + Type: schema.TypeList, + Optional: true, + Computed: true, + MaxItems: 1, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + "is_open_id_connect_discovery_enabled": { + Type: schema.TypeBool, + Optional: true, + Computed: true, + }, + + // Computed + }, + }, + }, "persistent_volume_config": { Type: schema.TypeList, Optional: true, @@ -431,6 +539,10 @@ func ContainerengineClusterResource() *schema.Resource { }, }, }, + "open_id_connect_discovery_endpoint": { + Type: schema.TypeString, + Computed: true, + }, "state": { Type: schema.TypeString, Computed: true, @@ -1045,6 +1157,10 @@ func (s *ContainerengineClusterResourceCrud) SetData() error { s.D.Set("name", *s.Res.Name) } + if s.Res.OpenIdConnectDiscoveryEndpoint != nil { + s.D.Set("open_id_connect_discovery_endpoint", *s.Res.OpenIdConnectDiscoveryEndpoint) + } + if s.Res.Options != nil { s.D.Set("options", []interface{}{ClusterCreateOptionsToMap(s.Res.Options)}) } else { @@ -1149,6 +1265,28 @@ func (s *ContainerengineClusterResourceCrud) mapToClusterCreateOptions(fieldKeyF } } + if openIdConnectTokenAuthenticationConfig, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "open_id_connect_token_authentication_config")); ok { + if tmpList := openIdConnectTokenAuthenticationConfig.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "open_id_connect_token_authentication_config"), 0) + tmp, err := s.mapToOpenIdConnectTokenAuthenticationConfig(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert open_id_connect_token_authentication_config, encountered error: %v", err) + } + result.OpenIdConnectTokenAuthenticationConfig = &tmp + } + } + + if openIdConnectDiscovery, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "open_id_connect_discovery")); ok { + if tmpList := openIdConnectDiscovery.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "open_id_connect_discovery"), 0) + tmp, err := s.mapToOpenIdConnectDiscovery(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert open_id_connect_discovery, encountered error: %v", err) + } + result.OpenIdConnectDiscovery = &tmp + } + } + if persistentVolumeConfig, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "persistent_volume_config")); ok { if tmpList := persistentVolumeConfig.([]interface{}); len(tmpList) > 0 { fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "persistent_volume_config"), 0) @@ -1187,6 +1325,67 @@ func (s *ContainerengineClusterResourceCrud) mapToClusterCreateOptions(fieldKeyF return result, nil } +func (s *ContainerengineClusterResourceCrud) mapToUpdateClusterOptionsDetails(fieldKeyFormat string) (oci_containerengine.UpdateClusterOptionsDetails, error) { + result := oci_containerengine.UpdateClusterOptionsDetails{} + + if admissionControllerOptions, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "admission_controller_options")); ok { + if tmpList := admissionControllerOptions.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "admission_controller_options"), 0) + tmp, err := s.mapToAdmissionControllerOptions(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert admission_controller_options, encountered error: %v", err) + } + result.AdmissionControllerOptions = &tmp + } + } + + if openIdConnectTokenAuthenticationConfig, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "open_id_connect_token_authentication_config")); ok { + if tmpList := openIdConnectTokenAuthenticationConfig.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "open_id_connect_token_authentication_config"), 0) + tmp, err := s.mapToOpenIdConnectTokenAuthenticationConfig(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert open_id_connect_token_authentication_config, encountered error: %v", err) + } + result.OpenIdConnectTokenAuthenticationConfig = &tmp + } + } + + if openIdConnectDiscovery, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "open_id_connect_discovery")); ok { + if tmpList := openIdConnectDiscovery.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "open_id_connect_discovery"), 0) + tmp, err := s.mapToOpenIdConnectDiscovery(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert open_id_connect_discovery, encountered error: %v", err) + } + result.OpenIdConnectDiscovery = &tmp + } + } + + if persistentVolumeConfig, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "persistent_volume_config")); ok { + if tmpList := persistentVolumeConfig.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "persistent_volume_config"), 0) + tmp, err := s.mapToPersistentVolumeConfigDetails(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert persistent_volume_config, encountered error: %v", err) + } + result.PersistentVolumeConfig = &tmp + } + } + + if serviceLbConfig, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "service_lb_config")); ok { + if tmpList := serviceLbConfig.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "service_lb_config"), 0) + tmp, err := s.mapToServiceLbConfigDetails(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert service_lb_config, encountered error: %v", err) + } + result.ServiceLbConfig = &tmp + } + } + + return result, nil +} + func ClusterCreateOptionsToMap(obj *oci_containerengine.ClusterCreateOptions) map[string]interface{} { result := map[string]interface{}{} @@ -1202,6 +1401,14 @@ func ClusterCreateOptionsToMap(obj *oci_containerengine.ClusterCreateOptions) ma result["kubernetes_network_config"] = []interface{}{KubernetesNetworkConfigToMap(obj.KubernetesNetworkConfig)} } + if obj.OpenIdConnectTokenAuthenticationConfig != nil { + result["open_id_connect_token_authentication_config"] = []interface{}{OpenIdConnectTokenAuthenticationConfigToMap(obj.OpenIdConnectTokenAuthenticationConfig)} + } + + if obj.OpenIdConnectDiscovery != nil { + result["open_id_connect_discovery"] = []interface{}{OpenIdConnectDiscoveryToMap(obj.OpenIdConnectDiscovery)} + } + if obj.PersistentVolumeConfig != nil { result["persistent_volume_config"] = []interface{}{PersistentVolumeConfigDetailsToMap(obj.PersistentVolumeConfig)} } @@ -1526,6 +1733,36 @@ func KeyDetailsToMap(obj oci_containerengine.KeyDetails) map[string]interface{} return result } +func (s *ContainerengineClusterResourceCrud) mapToKeyValue(fieldKeyFormat string) (oci_containerengine.KeyValue, error) { + result := oci_containerengine.KeyValue{} + + if key, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "key")); ok { + tmp := key.(string) + result.Key = &tmp + } + + if value, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "value")); ok { + tmp := value.(string) + result.Value = &tmp + } + + return result, nil +} + +func KeyValueToMap(obj oci_containerengine.KeyValue) map[string]interface{} { + result := map[string]interface{}{} + + if obj.Key != nil { + result["key"] = string(*obj.Key) + } + + if obj.Value != nil { + result["value"] = string(*obj.Value) + } + + return result +} + func (s *ContainerengineClusterResourceCrud) mapToKubernetesNetworkConfig(fieldKeyFormat string) (oci_containerengine.KubernetesNetworkConfig, error) { result := oci_containerengine.KubernetesNetworkConfig{} @@ -1556,6 +1793,149 @@ func KubernetesNetworkConfigToMap(obj *oci_containerengine.KubernetesNetworkConf return result } +func (s *ContainerengineClusterResourceCrud) mapToOpenIdConnectTokenAuthenticationConfig(fieldKeyFormat string) (oci_containerengine.OpenIdConnectTokenAuthenticationConfig, error) { + result := oci_containerengine.OpenIdConnectTokenAuthenticationConfig{} + + if caCertificate, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "ca_certificate")); ok { + tmp := caCertificate.(string) + result.CaCertificate = &tmp + } + + if clientId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "client_id")); ok { + tmp := clientId.(string) + result.ClientId = &tmp + } + + if groupsClaim, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "groups_claim")); ok { + tmp := groupsClaim.(string) + result.GroupsClaim = &tmp + } + + if groupsPrefix, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "groups_prefix")); ok { + tmp := groupsPrefix.(string) + result.GroupsPrefix = &tmp + } + + if isOpenIdConnectAuthEnabled, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "is_open_id_connect_auth_enabled")); ok { + tmp := isOpenIdConnectAuthEnabled.(bool) + result.IsOpenIdConnectAuthEnabled = &tmp + } + + if issuerUrl, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "issuer_url")); ok { + tmp := issuerUrl.(string) + result.IssuerUrl = &tmp + } + + if requiredClaims, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "required_claims")); ok { + interfaces := requiredClaims.([]interface{}) + tmp := make([]oci_containerengine.KeyValue, len(interfaces)) + for i := range interfaces { + stateDataIndex := i + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "required_claims"), stateDataIndex) + converted, err := s.mapToKeyValue(fieldKeyFormatNextLevel) + if err != nil { + return result, err + } + tmp[i] = converted + } + if len(tmp) != 0 || s.D.HasChange(fmt.Sprintf(fieldKeyFormat, "required_claims")) { + result.RequiredClaims = tmp + } + } + + if signingAlgorithms, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "signing_algorithms")); ok { + interfaces := signingAlgorithms.([]interface{}) + tmp := make([]string, len(interfaces)) + for i := range interfaces { + if interfaces[i] != nil { + tmp[i] = interfaces[i].(string) + } + } + if len(tmp) != 0 || s.D.HasChange(fmt.Sprintf(fieldKeyFormat, "signing_algorithms")) { + result.SigningAlgorithms = tmp + } + } + + if usernameClaim, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "username_claim")); ok { + tmp := usernameClaim.(string) + result.UsernameClaim = &tmp + } + + if usernamePrefix, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "username_prefix")); ok { + tmp := usernamePrefix.(string) + result.UsernamePrefix = &tmp + } + + return result, nil +} + +func OpenIdConnectTokenAuthenticationConfigToMap(obj *oci_containerengine.OpenIdConnectTokenAuthenticationConfig) map[string]interface{} { + result := map[string]interface{}{} + + if obj.CaCertificate != nil { + result["ca_certificate"] = string(*obj.CaCertificate) + } + + if obj.ClientId != nil { + result["client_id"] = string(*obj.ClientId) + } + + if obj.GroupsClaim != nil { + result["groups_claim"] = string(*obj.GroupsClaim) + } + + if obj.GroupsPrefix != nil { + result["groups_prefix"] = string(*obj.GroupsPrefix) + } + + if obj.IsOpenIdConnectAuthEnabled != nil { + result["is_open_id_connect_auth_enabled"] = bool(*obj.IsOpenIdConnectAuthEnabled) + } + + if obj.IssuerUrl != nil { + result["issuer_url"] = string(*obj.IssuerUrl) + } + + requiredClaims := []interface{}{} + for _, item := range obj.RequiredClaims { + requiredClaims = append(requiredClaims, KeyValueToMap(item)) + } + result["required_claims"] = requiredClaims + + result["signing_algorithms"] = obj.SigningAlgorithms + + if obj.UsernameClaim != nil { + result["username_claim"] = string(*obj.UsernameClaim) + } + + if obj.UsernamePrefix != nil { + result["username_prefix"] = string(*obj.UsernamePrefix) + } + + return result +} + +func (s *ContainerengineClusterResourceCrud) mapToOpenIdConnectDiscovery(fieldKeyFormat string) (oci_containerengine.OpenIdConnectDiscovery, error) { + result := oci_containerengine.OpenIdConnectDiscovery{} + + if isOpenIdConnectDiscoveryEnabled, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "is_open_id_connect_discovery_enabled")); ok { + tmp := isOpenIdConnectDiscoveryEnabled.(bool) + result.IsOpenIdConnectDiscoveryEnabled = &tmp + } + + return result, nil +} + +func OpenIdConnectDiscoveryToMap(obj *oci_containerengine.OpenIdConnectDiscovery) map[string]interface{} { + result := map[string]interface{}{} + + if obj.IsOpenIdConnectDiscoveryEnabled != nil { + result["is_open_id_connect_discovery_enabled"] = bool(*obj.IsOpenIdConnectDiscoveryEnabled) + } + + return result +} + func (s *ContainerengineClusterResourceCrud) mapToPersistentVolumeConfigDetails(fieldKeyFormat string) (oci_containerengine.PersistentVolumeConfigDetails, error) { result := oci_containerengine.PersistentVolumeConfigDetails{} @@ -1615,42 +1995,3 @@ func ServiceLbConfigDetailsToMap(obj *oci_containerengine.ServiceLbConfigDetails return result } - -func (s *ContainerengineClusterResourceCrud) mapToUpdateClusterOptionsDetails(fieldKeyFormat string) (oci_containerengine.UpdateClusterOptionsDetails, error) { - result := oci_containerengine.UpdateClusterOptionsDetails{} - - if admissionControllerOptions, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "admission_controller_options")); ok { - if tmpList := admissionControllerOptions.([]interface{}); len(tmpList) > 0 { - fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "admission_controller_options"), 0) - tmp, err := s.mapToAdmissionControllerOptions(fieldKeyFormatNextLevel) - if err != nil { - return result, fmt.Errorf("unable to convert admission_controller_options, encountered error: %v", err) - } - result.AdmissionControllerOptions = &tmp - } - } - - if persistentVolumeConfig, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "persistent_volume_config")); ok { - if tmpList := persistentVolumeConfig.([]interface{}); len(tmpList) > 0 { - fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "persistent_volume_config"), 0) - tmp, err := s.mapToPersistentVolumeConfigDetails(fieldKeyFormatNextLevel) - if err != nil { - return result, fmt.Errorf("unable to convert persistent_volume_config, encountered error: %v", err) - } - result.PersistentVolumeConfig = &tmp - } - } - - if serviceLbConfig, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "service_lb_config")); ok { - if tmpList := serviceLbConfig.([]interface{}); len(tmpList) > 0 { - fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "service_lb_config"), 0) - tmp, err := s.mapToServiceLbConfigDetails(fieldKeyFormatNextLevel) - if err != nil { - return result, fmt.Errorf("unable to convert service_lb_config, encountered error: %v", err) - } - result.ServiceLbConfig = &tmp - } - } - - return result, nil -} diff --git a/internal/service/containerengine/containerengine_node_pool_resource.go b/internal/service/containerengine/containerengine_node_pool_resource.go index cc7f8beaf46..58e4ac7bf4d 100644 --- a/internal/service/containerengine/containerengine_node_pool_resource.go +++ b/internal/service/containerengine/containerengine_node_pool_resource.go @@ -1543,20 +1543,6 @@ func (s *ContainerengineNodePoolResourceCrud) mapToKeyValue(fieldKeyFormat strin return result, nil } -func KeyValueToMap(obj oci_containerengine.KeyValue) map[string]interface{} { - result := map[string]interface{}{} - - if obj.Key != nil { - result["key"] = string(*obj.Key) - } - - if obj.Value != nil { - result["value"] = string(*obj.Value) - } - - return result -} - func NodeToMap(obj oci_containerengine.Node) map[string]interface{} { result := map[string]interface{}{} diff --git a/internal/service/core/core_block_volume_replica_data_source.go b/internal/service/core/core_block_volume_replica_data_source.go index 70e3187fc41..282245f9b1f 100644 --- a/internal/service/core/core_block_volume_replica_data_source.go +++ b/internal/service/core/core_block_volume_replica_data_source.go @@ -49,6 +49,10 @@ func CoreBlockVolumeReplicaDataSource() *schema.Resource { Computed: true, Elem: schema.TypeString, }, + "kms_key_id": { + Type: schema.TypeString, + Computed: true, + }, "size_in_gbs": { Type: schema.TypeString, Computed: true, @@ -139,6 +143,10 @@ func (s *CoreBlockVolumeReplicaDataSourceCrud) SetData() error { s.D.Set("freeform_tags", s.Res.FreeformTags) + if s.Res.KmsKeyId != nil { + s.D.Set("kms_key_id", *s.Res.KmsKeyId) + } + if s.Res.SizeInGBs != nil { s.D.Set("size_in_gbs", strconv.FormatInt(*s.Res.SizeInGBs, 10)) } diff --git a/internal/service/core/core_block_volume_replicas_data_source.go b/internal/service/core/core_block_volume_replicas_data_source.go index 757ba85b6a3..d399a846a6e 100644 --- a/internal/service/core/core_block_volume_replicas_data_source.go +++ b/internal/service/core/core_block_volume_replicas_data_source.go @@ -79,6 +79,10 @@ func CoreBlockVolumeReplicasDataSource() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "kms_key_id": { + Type: schema.TypeString, + Computed: true, + }, "size_in_gbs": { Type: schema.TypeString, Computed: true, @@ -211,6 +215,10 @@ func (s *CoreBlockVolumeReplicasDataSourceCrud) SetData() error { blockVolumeReplica["id"] = *r.Id } + if r.KmsKeyId != nil { + blockVolumeReplica["kms_key_id"] = *r.KmsKeyId + } + if r.SizeInGBs != nil { blockVolumeReplica["size_in_gbs"] = strconv.FormatInt(*r.SizeInGBs, 10) } diff --git a/internal/service/core/core_boot_volume_replica_data_source.go b/internal/service/core/core_boot_volume_replica_data_source.go index 0dcecdcd33a..8f8d37b2c79 100644 --- a/internal/service/core/core_boot_volume_replica_data_source.go +++ b/internal/service/core/core_boot_volume_replica_data_source.go @@ -53,6 +53,10 @@ func CoreBootVolumeReplicaDataSource() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "kms_key_id": { + Type: schema.TypeString, + Computed: true, + }, "size_in_gbs": { Type: schema.TypeString, Computed: true, @@ -147,6 +151,10 @@ func (s *CoreBootVolumeReplicaDataSourceCrud) SetData() error { s.D.Set("image_id", *s.Res.ImageId) } + if s.Res.KmsKeyId != nil { + s.D.Set("kms_key_id", *s.Res.KmsKeyId) + } + if s.Res.SizeInGBs != nil { s.D.Set("size_in_gbs", strconv.FormatInt(*s.Res.SizeInGBs, 10)) } diff --git a/internal/service/core/core_boot_volume_replicas_data_source.go b/internal/service/core/core_boot_volume_replicas_data_source.go index b26cc3fd6cb..e4860aa093b 100644 --- a/internal/service/core/core_boot_volume_replicas_data_source.go +++ b/internal/service/core/core_boot_volume_replicas_data_source.go @@ -83,6 +83,10 @@ func CoreBootVolumeReplicasDataSource() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "kms_key_id": { + Type: schema.TypeString, + Computed: true, + }, "size_in_gbs": { Type: schema.TypeString, Computed: true, @@ -219,6 +223,10 @@ func (s *CoreBootVolumeReplicasDataSourceCrud) SetData() error { bootVolumeReplica["image_id"] = *r.ImageId } + if r.KmsKeyId != nil { + bootVolumeReplica["kms_key_id"] = *r.KmsKeyId + } + if r.SizeInGBs != nil { bootVolumeReplica["size_in_gbs"] = strconv.FormatInt(*r.SizeInGBs, 10) } diff --git a/internal/service/core/core_boot_volume_resource.go b/internal/service/core/core_boot_volume_resource.go index 1a04c3e1a5d..793c862a088 100644 --- a/internal/service/core/core_boot_volume_resource.go +++ b/internal/service/core/core_boot_volume_resource.go @@ -50,11 +50,6 @@ func CoreBootVolumeResource() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ // Required - "id": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - }, "type": { Type: schema.TypeString, Required: true, @@ -63,11 +58,38 @@ func CoreBootVolumeResource() *schema.Resource { ValidateFunc: validation.StringInSlice([]string{ "bootVolume", "bootVolumeBackup", + "bootVolumeBackupDelta", "bootVolumeReplica", }, true), }, // Optional + "change_block_size_in_bytes": { + Type: schema.TypeString, + Optional: true, + Computed: false, + ForceNew: true, + ValidateFunc: tfresource.ValidateInt64TypeString, + DiffSuppressFunc: tfresource.Int64StringDiffSuppressFunction, + }, + "first_backup_id": { + Type: schema.TypeString, + Optional: true, + Computed: false, + ForceNew: true, + }, + "id": { + Type: schema.TypeString, + Optional: true, + Computed: false, + ForceNew: true, + }, + "second_backup_id": { + Type: schema.TypeString, + Optional: true, + Computed: false, + ForceNew: true, + }, // Computed }, @@ -131,12 +153,21 @@ func CoreBootVolumeResource() *schema.Resource { Optional: true, Computed: true, }, + "xrr_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, // Computed "boot_volume_replica_id": { Type: schema.TypeString, Computed: true, }, + "kms_key_id": { + Type: schema.TypeString, + Computed: true, + }, }, }, }, @@ -191,6 +222,12 @@ func CoreBootVolumeResource() *schema.Resource { ValidateFunc: tfresource.ValidateInt64TypeString, DiffSuppressFunc: tfresource.Int64StringDiffSuppressFunction, }, + "xrc_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, // Computed "auto_tuned_vpus_per_gb": { @@ -424,6 +461,11 @@ func (s *CoreBootVolumeResourceCrud) Create() error { request.VpusPerGB = &tmpInt64 } + if xrcKmsKeyId, ok := s.D.GetOkExists("xrc_kms_key_id"); ok { + tmp := xrcKmsKeyId.(string) + request.XrcKmsKeyId = &tmp + } + request.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "core") response, err := s.Client.CreateBootVolume(context.Background(), request) @@ -752,6 +794,11 @@ func (s *CoreBootVolumeResourceCrud) mapToBootVolumeReplicaDetails(fieldKeyForma result.DisplayName = &tmp } + if xrrKmsKeyId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "xrr_kms_key_id")); ok { + tmp := xrrKmsKeyId.(string) + result.XrrKmsKeyId = &tmp + } + return result, nil } @@ -770,6 +817,10 @@ func BootVolumeReplicaInfoToMap(obj oci_core.BootVolumeReplicaInfo) map[string]i result["display_name"] = string(*obj.DisplayName) } + if obj.KmsKeyId != nil { + result["kms_key_id"] = string(*obj.KmsKeyId) + } + return result } @@ -798,6 +849,25 @@ func (s *CoreBootVolumeResourceCrud) mapToBootVolumeSourceDetails(fieldKeyFormat details.Id = &tmp } baseObject = details + case strings.ToLower("bootVolumeBackupDelta"): + details := oci_core.BootVolumeSourceFromBootVolumeBackupDeltaDetails{} + if changeBlockSizeInBytes, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "change_block_size_in_bytes")); ok { + tmp := changeBlockSizeInBytes.(string) + tmpInt64, err := strconv.ParseInt(tmp, 10, 64) + if err != nil { + return details, fmt.Errorf("unable to convert changeBlockSizeInBytes string: %s to an int64 and encountered error: %v", tmp, err) + } + details.ChangeBlockSizeInBytes = &tmpInt64 + } + if firstBackupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "first_backup_id")); ok { + tmp := firstBackupId.(string) + details.FirstBackupId = &tmp + } + if secondBackupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "second_backup_id")); ok { + tmp := secondBackupId.(string) + details.SecondBackupId = &tmp + } + baseObject = details case strings.ToLower("bootVolumeReplica"): details := oci_core.BootVolumeSourceFromBootVolumeReplicaDetails{} if id, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "id")); ok { @@ -826,6 +896,20 @@ func BootVolumeSourceDetailsToMap(obj *oci_core.BootVolumeSourceDetails) map[str if v.Id != nil { result["id"] = string(*v.Id) } + case oci_core.BootVolumeSourceFromBootVolumeBackupDeltaDetails: + result["type"] = "bootVolumeBackupDelta" + + if v.ChangeBlockSizeInBytes != nil { + result["change_block_size_in_bytes"] = strconv.FormatInt(*v.ChangeBlockSizeInBytes, 10) + } + + if v.FirstBackupId != nil { + result["first_backup_id"] = string(*v.FirstBackupId) + } + + if v.SecondBackupId != nil { + result["second_backup_id"] = string(*v.SecondBackupId) + } case oci_core.BootVolumeSourceFromBootVolumeReplicaDetails: result["type"] = "bootVolumeReplica" diff --git a/internal/service/core/core_instance_configuration_resource.go b/internal/service/core/core_instance_configuration_resource.go index 468c363ba36..05a80a1ebeb 100644 --- a/internal/service/core/core_instance_configuration_resource.go +++ b/internal/service/core/core_instance_configuration_resource.go @@ -331,6 +331,12 @@ func CoreInstanceConfigurationResource() *schema.Resource { ValidateFunc: tfresource.ValidateInt64TypeString, DiffSuppressFunc: tfresource.Int64StringDiffSuppressFunction, }, + "xrc_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, // Computed }, @@ -1326,6 +1332,12 @@ func CoreInstanceConfigurationResource() *schema.Resource { ValidateFunc: tfresource.ValidateInt64TypeString, DiffSuppressFunc: tfresource.Int64StringDiffSuppressFunction, }, + "xrc_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, // Computed }, @@ -3257,6 +3269,11 @@ func (s *CoreInstanceConfigurationResourceCrud) mapToInstanceConfigurationCreate result.VpusPerGB = &tmpInt64 } + if xrcKmsKeyId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "xrc_kms_key_id")); ok { + tmp := xrcKmsKeyId.(string) + result.XrcKmsKeyId = &tmp + } + return result, nil } @@ -3325,6 +3342,10 @@ func InstanceConfigurationCreateVolumeDetailsToMap(obj *oci_core.InstanceConfigu result["vpus_per_gb"] = strconv.FormatInt(*obj.VpusPerGB, 10) } + if obj.XrcKmsKeyId != nil { + result["xrc_kms_key_id"] = string(*obj.XrcKmsKeyId) + } + return result } diff --git a/internal/service/core/core_volume_backup_policy_assignment_resource.go b/internal/service/core/core_volume_backup_policy_assignment_resource.go index 758f72fb651..b882bf1b64b 100644 --- a/internal/service/core/core_volume_backup_policy_assignment_resource.go +++ b/internal/service/core/core_volume_backup_policy_assignment_resource.go @@ -37,6 +37,12 @@ func CoreVolumeBackupPolicyAssignmentResource() *schema.Resource { }, // Optional + "xrc_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, // Computed "time_created": { @@ -96,6 +102,11 @@ func (s *CoreVolumeBackupPolicyAssignmentResourceCrud) Create() error { request.PolicyId = &tmp } + if xrcKmsKeyId, ok := s.D.GetOkExists("xrc_kms_key_id"); ok { + tmp := xrcKmsKeyId.(string) + request.XrcKmsKeyId = &tmp + } + request.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "core") response, err := s.Client.CreateVolumeBackupPolicyAssignment(context.Background(), request) @@ -149,5 +160,9 @@ func (s *CoreVolumeBackupPolicyAssignmentResourceCrud) SetData() error { s.D.Set("time_created", s.Res.TimeCreated.String()) } + if s.Res.XrcKmsKeyId != nil { + s.D.Set("xrc_kms_key_id", *s.Res.XrcKmsKeyId) + } + return nil } diff --git a/internal/service/core/core_volume_backup_policy_assignments_data_source.go b/internal/service/core/core_volume_backup_policy_assignments_data_source.go index 99d81047013..a2da19cf747 100644 --- a/internal/service/core/core_volume_backup_policy_assignments_data_source.go +++ b/internal/service/core/core_volume_backup_policy_assignments_data_source.go @@ -105,6 +105,10 @@ func (s *CoreVolumeBackupPolicyAssignmentsDataSourceCrud) SetData() error { volumeBackupPolicyAssignment["time_created"] = r.TimeCreated.String() } + if r.XrcKmsKeyId != nil { + volumeBackupPolicyAssignment["xrc_kms_key_id"] = *r.XrcKmsKeyId + } + resources = append(resources, volumeBackupPolicyAssignment) } diff --git a/internal/service/core/core_volume_group_resource.go b/internal/service/core/core_volume_group_resource.go index 1fe1e34a509..2f1e4370b91 100644 --- a/internal/service/core/core_volume_group_resource.go +++ b/internal/service/core/core_volume_group_resource.go @@ -154,8 +154,11 @@ func CoreVolumeGroupResource() *schema.Resource { Optional: true, Computed: true, }, - - // Computed + "xrr_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "volume_group_replica_id": { Type: schema.TypeString, Computed: true, @@ -163,6 +166,12 @@ func CoreVolumeGroupResource() *schema.Resource { }, }, }, + "xrc_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, // Computed "is_hydrated": { @@ -342,6 +351,11 @@ func (s *CoreVolumeGroupResourceCrud) Create() error { } } + if xrcKmsKeyId, ok := s.D.GetOkExists("xrc_kms_key_id"); ok { + tmp := xrcKmsKeyId.(string) + request.XrcKmsKeyId = &tmp + } + request.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "core") response, err := s.Client.CreateVolumeGroup(context.Background(), request) @@ -545,6 +559,11 @@ func (s *CoreVolumeGroupResourceCrud) mapToVolumeGroupReplicaDetails(fieldKeyFor result.DisplayName = &tmp } + if xrrKmsKeyId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "xrr_kms_key_id")); ok { + tmp := xrrKmsKeyId.(string) + result.XrrKmsKeyId = &tmp + } + return result, nil } diff --git a/internal/service/core/core_volume_resource.go b/internal/service/core/core_volume_resource.go index f8bb1c9c3b3..fddb1cd1b36 100644 --- a/internal/service/core/core_volume_resource.go +++ b/internal/service/core/core_volume_resource.go @@ -99,12 +99,21 @@ func CoreVolumeResource() *schema.Resource { Optional: true, Computed: true, }, + "xrr_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, // Computed "block_volume_replica_id": { Type: schema.TypeString, Computed: true, }, + "kms_key_id": { + Type: schema.TypeString, + Computed: true, + }, }, }, }, @@ -171,11 +180,6 @@ func CoreVolumeResource() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ // Required - "id": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - }, "type": { Type: schema.TypeString, Required: true, @@ -185,10 +189,37 @@ func CoreVolumeResource() *schema.Resource { "blockVolumeReplica", "volume", "volumeBackup", + "volumeBackupDelta", }, true), }, // Optional + "change_block_size_in_bytes": { + Type: schema.TypeString, + Optional: true, + Computed: false, + ForceNew: true, + ValidateFunc: tfresource.ValidateInt64TypeString, + DiffSuppressFunc: tfresource.Int64StringDiffSuppressFunction, + }, + "first_backup_id": { + Type: schema.TypeString, + Optional: true, + Computed: false, + ForceNew: true, + }, + "id": { + Type: schema.TypeString, + Optional: true, + Computed: false, + ForceNew: true, + }, + "second_backup_id": { + Type: schema.TypeString, + Optional: true, + Computed: false, + ForceNew: true, + }, // Computed }, @@ -207,6 +238,12 @@ func CoreVolumeResource() *schema.Resource { ValidateFunc: tfresource.ValidateInt64TypeString, DiffSuppressFunc: tfresource.Int64StringDiffSuppressFunction, }, + "xrc_kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, // Computed "auto_tuned_vpus_per_gb": { @@ -451,6 +488,11 @@ func (s *CoreVolumeResourceCrud) Create() error { request.VpusPerGB = &tmpInt64 } + if xrcKmsKeyId, ok := s.D.GetOkExists("xrc_kms_key_id"); ok { + tmp := xrcKmsKeyId.(string) + request.XrcKmsKeyId = &tmp + } + request.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "core") response, err := s.Client.CreateVolume(context.Background(), request) @@ -775,6 +817,11 @@ func (s *CoreVolumeResourceCrud) mapToBlockVolumeReplicaDetails(fieldKeyFormat s result.DisplayName = &tmp } + if xrrKmsKeyId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "xrr_kms_key_id")); ok { + tmp := xrrKmsKeyId.(string) + result.XrrKmsKeyId = &tmp + } + return result, nil } @@ -793,6 +840,10 @@ func BlockVolumeReplicaInfoToMap(obj oci_core.BlockVolumeReplicaInfo) map[string result["display_name"] = string(*obj.DisplayName) } + if obj.KmsKeyId != nil { + result["kms_key_id"] = string(*obj.KmsKeyId) + } + return result } @@ -828,6 +879,25 @@ func (s *CoreVolumeResourceCrud) mapToVolumeSourceDetails(fieldKeyFormat string) details.Id = &tmp } baseObject = details + case strings.ToLower("volumeBackupDelta"): + details := oci_core.VolumeSourceFromVolumeBackupDeltaDetails{} + if changeBlockSizeInBytes, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "change_block_size_in_bytes")); ok { + tmp := changeBlockSizeInBytes.(string) + tmpInt64, err := strconv.ParseInt(tmp, 10, 64) + if err != nil { + return details, fmt.Errorf("unable to convert changeBlockSizeInBytes string: %s to an int64 and encountered error: %v", tmp, err) + } + details.ChangeBlockSizeInBytes = &tmpInt64 + } + if firstBackupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "first_backup_id")); ok { + tmp := firstBackupId.(string) + details.FirstBackupId = &tmp + } + if secondBackupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "second_backup_id")); ok { + tmp := secondBackupId.(string) + details.SecondBackupId = &tmp + } + baseObject = details default: return nil, fmt.Errorf("unknown type '%v' was specified", type_) } @@ -855,6 +925,20 @@ func VolumeSourceDetailsToMap(obj *oci_core.VolumeSourceDetails) map[string]inte if v.Id != nil { result["id"] = string(*v.Id) } + case oci_core.VolumeSourceFromVolumeBackupDeltaDetails: + result["type"] = "volumeBackupDelta" + + if v.ChangeBlockSizeInBytes != nil { + result["change_block_size_in_bytes"] = strconv.FormatInt(*v.ChangeBlockSizeInBytes, 10) + } + + if v.FirstBackupId != nil { + result["first_backup_id"] = string(*v.FirstBackupId) + } + + if v.SecondBackupId != nil { + result["second_backup_id"] = string(*v.SecondBackupId) + } default: log.Printf("[WARN] Received 'type' of unknown type %v", *obj) return nil diff --git a/internal/service/data_safe/data_safe_export.go b/internal/service/data_safe/data_safe_export.go index 0f8f8d25ebd..e086a9362e4 100644 --- a/internal/service/data_safe/data_safe_export.go +++ b/internal/service/data_safe/data_safe_export.go @@ -388,6 +388,11 @@ var exportDataSafeCalculateAuditVolumeCollectedHints = &tf_export.TerraformResou ResourceAbbreviation: "calculate_audit_volume_collected", } +var exportDataSafeGenerateOnPremConnectorConfigurationHints = &tf_export.TerraformResourceHints{ + ResourceClass: "oci_data_safe_generate_on_prem_connector_configuration", + ResourceAbbreviation: "generate_on_prem_connector_configuration", +} + var dataSafeResourceGraph = tf_export.TerraformResourceGraph{ "oci_identity_compartment": { {TerraformResourceHints: exportDataSafeDataSafePrivateEndpointHints}, diff --git a/internal/service/data_safe/data_safe_generate_on_prem_connector_configuration_resource.go b/internal/service/data_safe/data_safe_generate_on_prem_connector_configuration_resource.go new file mode 100644 index 00000000000..6c40ef645e0 --- /dev/null +++ b/internal/service/data_safe/data_safe_generate_on_prem_connector_configuration_resource.go @@ -0,0 +1,101 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package data_safe + +import ( + "context" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + oci_data_safe "github.com/oracle/oci-go-sdk/v65/datasafe" + + "github.com/oracle/terraform-provider-oci/internal/client" + "github.com/oracle/terraform-provider-oci/internal/tfresource" +) + +func DataSafeGenerateOnPremConnectorConfigurationResource() *schema.Resource { + return &schema.Resource{ + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + Timeouts: tfresource.DefaultTimeout, + Create: createDataSafeGenerateOnPremConnectorConfiguration, + Read: readDataSafeGenerateOnPremConnectorConfiguration, + Delete: deleteDataSafeGenerateOnPremConnectorConfiguration, + Schema: map[string]*schema.Schema{ + // Required + "on_prem_connector_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "password": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Sensitive: true, + }, + + // Optional + + // Computed + }, + } +} + +func createDataSafeGenerateOnPremConnectorConfiguration(d *schema.ResourceData, m interface{}) error { + sync := &DataSafeGenerateOnPremConnectorConfigurationResourceCrud{} + sync.D = d + sync.Client = m.(*client.OracleClients).DataSafeClient() + + return tfresource.CreateResource(d, sync) +} + +func readDataSafeGenerateOnPremConnectorConfiguration(d *schema.ResourceData, m interface{}) error { + return nil +} + +func deleteDataSafeGenerateOnPremConnectorConfiguration(d *schema.ResourceData, m interface{}) error { + return nil +} + +type DataSafeGenerateOnPremConnectorConfigurationResourceCrud struct { + tfresource.BaseCrud + Client *oci_data_safe.DataSafeClient + Res *oci_data_safe.GenerateOnPremConnectorConfigurationResponse + DisableNotFoundRetries bool +} + +func (s *DataSafeGenerateOnPremConnectorConfigurationResourceCrud) ID() string { + return *s.Res.OpcRequestId +} + +func (s *DataSafeGenerateOnPremConnectorConfigurationResourceCrud) Create() error { + request := oci_data_safe.GenerateOnPremConnectorConfigurationRequest{} + + if onPremConnectorId, ok := s.D.GetOkExists("on_prem_connector_id"); ok { + tmp := onPremConnectorId.(string) + request.OnPremConnectorId = &tmp + } + + if password, ok := s.D.GetOkExists("password"); ok { + tmp := password.(string) + request.GenerateOnPremConnectorConfigurationDetails = oci_data_safe.GenerateOnPremConnectorConfigurationDetails{ + Password: &tmp, + } + } + request.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "data_safe") + + response, err := s.Client.GenerateOnPremConnectorConfiguration(context.Background(), request) + if err != nil { + return err + } + + s.Res = &response + return nil +} + +func (s *DataSafeGenerateOnPremConnectorConfigurationResourceCrud) SetData() error { + return nil +} diff --git a/internal/service/data_safe/register_resource.go b/internal/service/data_safe/register_resource.go index 114d0d59e16..1bc5addef3f 100644 --- a/internal/service/data_safe/register_resource.go +++ b/internal/service/data_safe/register_resource.go @@ -25,6 +25,7 @@ func RegisterResource() { tfresource.RegisterResource("oci_data_safe_database_security_config", DataSafeDatabaseSecurityConfigResource()) tfresource.RegisterResource("oci_data_safe_database_security_config_management", DataSafeDatabaseSecurityConfigManagementResource()) tfresource.RegisterResource("oci_data_safe_discovery_job", DataSafeDiscoveryJobResource()) + tfresource.RegisterResource("oci_data_safe_generate_on_prem_connector_configuration", DataSafeGenerateOnPremConnectorConfigurationResource()) tfresource.RegisterResource("oci_data_safe_library_masking_format", DataSafeLibraryMaskingFormatResource()) tfresource.RegisterResource("oci_data_safe_masking_policies_masking_column", DataSafeMaskingPoliciesMaskingColumnResource()) tfresource.RegisterResource("oci_data_safe_masking_policy", DataSafeMaskingPolicyResource()) diff --git a/internal/service/database/database_cloud_vm_cluster_resource.go b/internal/service/database/database_cloud_vm_cluster_resource.go index 76107076658..0af0c6fe2e9 100644 --- a/internal/service/database/database_cloud_vm_cluster_resource.go +++ b/internal/service/database/database_cloud_vm_cluster_resource.go @@ -907,7 +907,7 @@ func (s *DatabaseCloudVmClusterResourceCrud) Update() error { flex, err := s.flexAvailableDbStorageInGBs(compartmentId.(string), flexShape) if err == nil { - if storageSizeInGBs, ok := s.D.GetOkExists("storage_size_in_gbs"); ok { + if storageSizeInGBs, ok := s.D.GetOkExists("storage_size_in_gbs"); ok && s.D.HasChange("storage_size_in_gbs") { tmp := flex**s.Infra.StorageCount - storageSizeInGBs.(int) request.StorageSizeInGBs = &tmp } @@ -935,12 +935,12 @@ func (s *DatabaseCloudVmClusterResourceCrud) Update() error { } } - if dataStorageSizeInTBs, ok := s.D.GetOkExists("data_storage_size_in_tbs"); ok { + if dataStorageSizeInTBs, ok := s.D.GetOkExists("data_storage_size_in_tbs"); ok && s.D.HasChange("data_storage_size_in_tbs") { tmp := dataStorageSizeInTBs.(float64) request.DataStorageSizeInTBs = &tmp } - if dbNodeStorageSizeInGBs, ok := s.D.GetOkExists("db_node_storage_size_in_gbs"); ok { + if dbNodeStorageSizeInGBs, ok := s.D.GetOkExists("db_node_storage_size_in_gbs"); ok && s.D.HasChange("db_node_storage_size_in_gbs") { tmp := dbNodeStorageSizeInGBs.(int) request.DbNodeStorageSizeInGBs = &tmp } @@ -953,7 +953,7 @@ func (s *DatabaseCloudVmClusterResourceCrud) Update() error { request.DefinedTags = convertedDefinedTags } - if displayName, ok := s.D.GetOkExists("display_name"); ok { + if displayName, ok := s.D.GetOkExists("display_name"); ok && s.D.HasChange("display_name") { tmp := displayName.(string) request.DisplayName = &tmp } @@ -983,7 +983,7 @@ func (s *DatabaseCloudVmClusterResourceCrud) Update() error { request.LicenseModel = oci_database.UpdateCloudVmClusterDetailsLicenseModelEnum(licenseModel.(string)) } - if memorySizeInGBs, ok := s.D.GetOkExists("memory_size_in_gbs"); ok { + if memorySizeInGBs, ok := s.D.GetOkExists("memory_size_in_gbs"); ok && s.D.HasChange("memory_size_in_gbs") { tmp := memorySizeInGBs.(int) request.MemorySizeInGBs = &tmp } diff --git a/internal/service/database/database_database_resource.go b/internal/service/database/database_database_resource.go index 16d9959d4fd..21b93ca8a85 100644 --- a/internal/service/database/database_database_resource.go +++ b/internal/service/database/database_database_resource.go @@ -56,7 +56,6 @@ func DatabaseDatabaseResource() *schema.Resource { "admin_password": { Type: schema.TypeString, Required: true, - ForceNew: true, Sensitive: true, }, "db_name": { @@ -1404,28 +1403,28 @@ func (s *DatabaseDatabaseResourceCrud) DatabaseToMap(obj *oci_database.Database) } func (s *DatabaseDatabaseResourceCrud) setDbKeyVersion(databaseId string) error { - setDbKeyVersionRequest := oci_database.SetDbKeyVersionRequest{} - setDbKeyVersionRequest.DatabaseId = &databaseId - setDbKeyVersionRequest.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "database") - details := oci_database.OciProviderSetKeyVersionDetails{} - if kmsKeyVersionId, ok := s.D.GetOkExists("kms_key_version_id"); ok && s.D.HasChange("kms_key_version_id") { oldRaw, newRaw := s.D.GetChange("kms_key_version_id") if oldRaw == "" && newRaw != "" { + setDbKeyVersionRequest := oci_database.SetDbKeyVersionRequest{} + setDbKeyVersionRequest.DatabaseId = &databaseId + setDbKeyVersionRequest.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "database") + details := oci_database.OciProviderSetKeyVersionDetails{} + temp := kmsKeyVersionId.(string) details.KmsKeyVersionId = &temp setDbKeyVersionRequest.SetKeyVersionDetails = details - } - } - response, err := s.Client.SetDbKeyVersion(context.Background(), setDbKeyVersionRequest) - if err != nil { - return err - } - workId := response.OpcWorkRequestId - if workId != nil { - _, err = tfresource.WaitForWorkRequestWithErrorHandling(s.WorkRequestClient, workId, "database", oci_work_requests.WorkRequestResourceActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate), s.DisableNotFoundRetries) - if err != nil { + response, err := s.Client.SetDbKeyVersion(context.Background(), setDbKeyVersionRequest) + if err != nil { + return err + } + workId := response.OpcWorkRequestId + if workId != nil { + _, err = tfresource.WaitForWorkRequestWithErrorHandling(s.WorkRequestClient, workId, "database", oci_work_requests.WorkRequestResourceActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate), s.DisableNotFoundRetries) + if err != nil { + } + } } } return nil diff --git a/internal/service/desktops/desktops_desktop_pool_data_source.go b/internal/service/desktops/desktops_desktop_pool_data_source.go index befa2732de7..c99c4412192 100644 --- a/internal/service/desktops/desktops_desktop_pool_data_source.go +++ b/internal/service/desktops/desktops_desktop_pool_data_source.go @@ -143,6 +143,12 @@ func (s *DesktopsDesktopPoolDataSourceCrud) SetData() error { s.D.Set("private_access_details", nil) } + if s.Res.SessionLifecycleActions != nil { + s.D.Set("session_lifecycle_actions", []interface{}{DesktopSessionLifecycleActionsToMap(s.Res.SessionLifecycleActions)}) + } else { + s.D.Set("session_lifecycle_actions", nil) + } + if s.Res.ShapeName != nil { s.D.Set("shape_name", *s.Res.ShapeName) } diff --git a/internal/service/desktops/desktops_desktop_pool_resource.go b/internal/service/desktops/desktops_desktop_pool_resource.go index 3c4a8113c1f..fc80ddc2a7f 100644 --- a/internal/service/desktops/desktops_desktop_pool_resource.go +++ b/internal/service/desktops/desktops_desktop_pool_resource.go @@ -52,9 +52,11 @@ func DesktopsDesktopPoolResource() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ // Required + + // Optional "start_schedule": { Type: schema.TypeList, - Required: true, + Optional: true, MaxItems: 1, MinItems: 1, Elem: &schema.Resource{ @@ -77,7 +79,7 @@ func DesktopsDesktopPoolResource() *schema.Resource { }, "stop_schedule": { Type: schema.TypeList, - Required: true, + Optional: true, MaxItems: 1, MinItems: 1, Elem: &schema.Resource{ @@ -99,8 +101,6 @@ func DesktopsDesktopPoolResource() *schema.Resource { }, }, - // Optional - // Computed }, }, @@ -358,6 +358,72 @@ func DesktopsDesktopPoolResource() *schema.Resource { }, }, }, + "session_lifecycle_actions": { + Type: schema.TypeList, + Optional: true, + ForceNew: true, + MaxItems: 1, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + "disconnect": { + Type: schema.TypeList, + Optional: true, + Computed: true, + MaxItems: 1, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + "action": { + Type: schema.TypeString, + Required: true, + }, + + // Optional + "grace_period_in_minutes": { + Type: schema.TypeInt, + Optional: true, + Computed: true, + }, + + // Computed + }, + }, + }, + "inactivity": { + Type: schema.TypeList, + Optional: true, + Computed: true, + MaxItems: 1, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + "action": { + Type: schema.TypeString, + Required: true, + }, + + // Optional + "grace_period_in_minutes": { + Type: schema.TypeInt, + Optional: true, + Computed: true, + }, + + // Computed + }, + }, + }, + + // Computed + }, + }, + }, "time_start_scheduled": { Type: schema.TypeString, Optional: true, @@ -595,6 +661,17 @@ func (s *DesktopsDesktopPoolResourceCrud) Create() error { } } + if sessionLifecycleActions, ok := s.D.GetOkExists("session_lifecycle_actions"); ok { + if tmpList := sessionLifecycleActions.([]interface{}); len(tmpList) > 0 { + fieldKeyFormat := fmt.Sprintf("%s.%d.%%s", "session_lifecycle_actions", 0) + tmp, err := s.mapToCreateDesktopPoolDesktopSessionLifecycleActions(fieldKeyFormat) + if err != nil { + return err + } + request.SessionLifecycleActions = &tmp + } + } + if shapeName, ok := s.D.GetOkExists("shape_name"); ok { tmp := shapeName.(string) request.ShapeName = &tmp @@ -1003,6 +1080,12 @@ func (s *DesktopsDesktopPoolResourceCrud) SetData() error { s.D.Set("private_access_details", nil) } + if s.Res.SessionLifecycleActions != nil { + s.D.Set("session_lifecycle_actions", []interface{}{DesktopSessionLifecycleActionsToMap(s.Res.SessionLifecycleActions)}) + } else { + s.D.Set("session_lifecycle_actions", nil) + } + if s.Res.ShapeName != nil { s.D.Set("shape_name", *s.Res.ShapeName) } @@ -1112,6 +1195,34 @@ func (s *DesktopsDesktopPoolResourceCrud) mapToCreateDesktopPoolPrivateAccessDet return result, nil } +func (s *DesktopsDesktopPoolResourceCrud) mapToCreateDesktopPoolDesktopSessionLifecycleActions(fieldKeyFormat string) (oci_desktops.CreateDesktopPoolDesktopSessionLifecycleActions, error) { + result := oci_desktops.CreateDesktopPoolDesktopSessionLifecycleActions{} + + if disconnect, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "disconnect")); ok { + if tmpList := disconnect.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "disconnect"), 0) + tmp, err := s.mapToDisconnectConfig(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert disconnect, encountered error: %v", err) + } + result.Disconnect = &tmp + } + } + + if inactivity, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "inactivity")); ok { + if tmpList := inactivity.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "inactivity"), 0) + tmp, err := s.mapToInactivityConfig(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert inactivity, encountered error: %v", err) + } + result.Inactivity = &tmp + } + } + + return result, nil +} + func DesktopPoolPrivateAccessDetailsToMap(obj *oci_desktops.DesktopPoolPrivateAccessDetails, datasource bool) map[string]interface{} { result := map[string]interface{}{} @@ -1144,6 +1255,34 @@ func DesktopPoolPrivateAccessDetailsToMap(obj *oci_desktops.DesktopPoolPrivateAc return result } +func CreateDesktopPoolDesktopSessionLifecycleActionsToMap(obj *oci_desktops.CreateDesktopPoolDesktopSessionLifecycleActions) map[string]interface{} { + result := map[string]interface{}{} + + if obj.Disconnect != nil { + result["disconnect"] = []interface{}{DisconnectConfigToMap(obj.Disconnect)} + } + + if obj.Inactivity != nil { + result["inactivity"] = []interface{}{InactivityConfigToMap(obj.Inactivity)} + } + + return result +} + +func DesktopSessionLifecycleActionsToMap(obj *oci_desktops.DesktopSessionLifecycleActions) map[string]interface{} { + result := map[string]interface{}{} + + if obj.Disconnect != nil { + result["disconnect"] = []interface{}{DisconnectConfigToMap(obj.Disconnect)} + } + + if obj.Inactivity != nil { + result["inactivity"] = []interface{}{InactivityConfigToMap(obj.Inactivity)} + } + + return result +} + func (s *DesktopsDesktopPoolResourceCrud) mapToDesktopAvailabilityPolicy(fieldKeyFormat string) (oci_desktops.DesktopAvailabilityPolicy, error) { result := oci_desktops.DesktopAvailabilityPolicy{} @@ -1175,11 +1314,11 @@ func (s *DesktopsDesktopPoolResourceCrud) mapToDesktopAvailabilityPolicy(fieldKe func DesktopAvailabilityPolicyToMap(obj *oci_desktops.DesktopAvailabilityPolicy) map[string]interface{} { result := map[string]interface{}{} - if obj.StartSchedule != nil { + if obj.StartSchedule != nil && obj.StartSchedule.CronExpression != nil { result["start_schedule"] = []interface{}{DesktopScheduleToMap(obj.StartSchedule)} } - if obj.StopSchedule != nil { + if obj.StopSchedule != nil && obj.StopSchedule.CronExpression != nil { result["stop_schedule"] = []interface{}{DesktopScheduleToMap(obj.StopSchedule)} } @@ -1393,6 +1532,60 @@ func DesktopScheduleToMap(obj *oci_desktops.DesktopSchedule) map[string]interfac return result } +func (s *DesktopsDesktopPoolResourceCrud) mapToDisconnectConfig(fieldKeyFormat string) (oci_desktops.DisconnectConfig, error) { + result := oci_desktops.DisconnectConfig{} + + if action, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "action")); ok { + result.Action = oci_desktops.DisconnectConfigActionEnum(action.(string)) + } + + if gracePeriodInMinutes, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "grace_period_in_minutes")); ok { + tmp := gracePeriodInMinutes.(int) + result.GracePeriodInMinutes = &tmp + } + + return result, nil +} + +func DisconnectConfigToMap(obj *oci_desktops.DisconnectConfig) map[string]interface{} { + result := map[string]interface{}{} + + result["action"] = string(obj.Action) + + if obj.GracePeriodInMinutes != nil { + result["grace_period_in_minutes"] = int(*obj.GracePeriodInMinutes) + } + + return result +} + +func (s *DesktopsDesktopPoolResourceCrud) mapToInactivityConfig(fieldKeyFormat string) (oci_desktops.InactivityConfig, error) { + result := oci_desktops.InactivityConfig{} + + if action, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "action")); ok { + result.Action = oci_desktops.InactivityConfigActionEnum(action.(string)) + } + + if gracePeriodInMinutes, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "grace_period_in_minutes")); ok { + tmp := gracePeriodInMinutes.(int) + result.GracePeriodInMinutes = &tmp + } + + return result, nil +} + +func InactivityConfigToMap(obj *oci_desktops.InactivityConfig) map[string]interface{} { + result := map[string]interface{}{} + + result["action"] = string(obj.Action) + + if obj.GracePeriodInMinutes != nil { + result["grace_period_in_minutes"] = int(*obj.GracePeriodInMinutes) + } + + return result +} + func (s *DesktopsDesktopPoolResourceCrud) updateCompartment(compartment interface{}) error { changeCompartmentRequest := oci_desktops.ChangeDesktopPoolCompartmentRequest{} diff --git a/internal/service/dns/dns_action_create_zone_from_zone_file_resource.go b/internal/service/dns/dns_action_create_zone_from_zone_file_resource.go index 87282aa90e0..d435fbd3c46 100644 --- a/internal/service/dns/dns_action_create_zone_from_zone_file_resource.go +++ b/internal/service/dns/dns_action_create_zone_from_zone_file_resource.go @@ -59,6 +59,174 @@ func DnsActionCreateZoneFromZoneFileResource() *schema.Resource { Computed: true, Elem: schema.TypeString, }, + "dnssec_config": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "ksk_dnssec_key_versions": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "algorithm": { + Type: schema.TypeString, + Computed: true, + }, + "ds_data": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "digest_type": { + Type: schema.TypeString, + Computed: true, + }, + "rdata": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "key_tag": { + Type: schema.TypeInt, + Computed: true, + }, + "length_in_bytes": { + Type: schema.TypeInt, + Computed: true, + }, + "predecessor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "successor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "time_activated": { + Type: schema.TypeString, + Computed: true, + }, + "time_created": { + Type: schema.TypeString, + Computed: true, + }, + "time_expired": { + Type: schema.TypeString, + Computed: true, + }, + "time_inactivated": { + Type: schema.TypeString, + Computed: true, + }, + "time_promoted": { + Type: schema.TypeString, + Computed: true, + }, + "time_published": { + Type: schema.TypeString, + Computed: true, + }, + "time_unpublished": { + Type: schema.TypeString, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "zsk_dnssec_key_versions": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "algorithm": { + Type: schema.TypeString, + Computed: true, + }, + "key_tag": { + Type: schema.TypeInt, + Computed: true, + }, + "length_in_bytes": { + Type: schema.TypeInt, + Computed: true, + }, + "predecessor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "successor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "time_activated": { + Type: schema.TypeString, + Computed: true, + }, + "time_created": { + Type: schema.TypeString, + Computed: true, + }, + "time_expired": { + Type: schema.TypeString, + Computed: true, + }, + "time_inactivated": { + Type: schema.TypeString, + Computed: true, + }, + "time_promoted": { + Type: schema.TypeString, + Computed: true, + }, + "time_published": { + Type: schema.TypeString, + Computed: true, + }, + "time_unpublished": { + Type: schema.TypeString, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "dnssec_state": { + Type: schema.TypeString, + Computed: true, + }, "external_downstreams": { Type: schema.TypeList, Computed: true, @@ -315,6 +483,14 @@ func (s *DnsActionCreateZoneFromZoneFileResourceCrud) SetData() error { s.D.Set("defined_tags", tfresource.DefinedTagsToMap(s.Res.DefinedTags)) } + if s.Res.DnssecConfig != nil { + s.D.Set("dnssec_config", []interface{}{DnssecConfigToMap(s.Res.DnssecConfig)}) + } else { + s.D.Set("dnssec_config", nil) + } + + s.D.Set("dnssec_state", s.Res.DnssecState) + externalDownstreams := []interface{}{} for _, item := range s.Res.ExternalDownstreams { externalDownstreams = append(externalDownstreams, ExternalDownstreamToMap(item)) diff --git a/internal/service/dns/dns_zone_promote_dnssec_key_version_resource.go b/internal/service/dns/dns_zone_promote_dnssec_key_version_resource.go new file mode 100644 index 00000000000..e6a81204b93 --- /dev/null +++ b/internal/service/dns/dns_zone_promote_dnssec_key_version_resource.go @@ -0,0 +1,119 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package dns + +import ( + "context" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + oci_dns "github.com/oracle/oci-go-sdk/v65/dns" + oci_work_requests "github.com/oracle/oci-go-sdk/v65/workrequests" + + "github.com/oracle/terraform-provider-oci/internal/client" + "github.com/oracle/terraform-provider-oci/internal/tfresource" +) + +func DnsZonePromoteDnssecKeyVersionResource() *schema.Resource { + return &schema.Resource{ + Timeouts: tfresource.DefaultTimeout, + Create: createDnsZonePromoteDnssecKeyVersion, + Read: readDnsZonePromoteDnssecKeyVersion, + Delete: deleteDnsZonePromoteDnssecKeyVersion, + Schema: map[string]*schema.Schema{ + // Required + "dnssec_key_version_uuid": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "zone_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + + // Optional + "scope": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, + + // Computed + }, + } +} + +func createDnsZonePromoteDnssecKeyVersion(d *schema.ResourceData, m interface{}) error { + sync := &DnsZonePromoteDnssecKeyVersionResourceCrud{} + sync.D = d + sync.Client = m.(*client.OracleClients).DnsClient() + sync.WorkRequestClient = m.(*client.OracleClients).WorkRequestClient + + return tfresource.CreateResource(d, sync) +} + +func readDnsZonePromoteDnssecKeyVersion(d *schema.ResourceData, m interface{}) error { + return nil +} + +func deleteDnsZonePromoteDnssecKeyVersion(d *schema.ResourceData, m interface{}) error { + return nil +} + +type DnsZonePromoteDnssecKeyVersionResourceCrud struct { + tfresource.BaseCrud + Client *oci_dns.DnsClient + DisableNotFoundRetries bool + WorkRequestClient *oci_work_requests.WorkRequestClient +} + +func (s *DnsZonePromoteDnssecKeyVersionResourceCrud) ID() string { + return s.D.Id() +} + +func (s *DnsZonePromoteDnssecKeyVersionResourceCrud) Create() error { + request := oci_dns.PromoteZoneDnssecKeyVersionRequest{} + + if dnssecKeyVersionUuid, ok := s.D.GetOkExists("dnssec_key_version_uuid"); ok { + tmp := dnssecKeyVersionUuid.(string) + request.DnssecKeyVersionUuid = &tmp + } + + if scope, ok := s.D.GetOkExists("scope"); ok { + request.Scope = oci_dns.PromoteZoneDnssecKeyVersionScopeEnum(scope.(string)) + } + + if zoneId, ok := s.D.GetOkExists("zone_id"); ok { + tmp := zoneId.(string) + request.ZoneId = &tmp + } + + request.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "dns") + + response, err := s.Client.PromoteZoneDnssecKeyVersion(context.Background(), request) + if err != nil { + return err + } + + workId := response.OpcWorkRequestId + + if workId != nil { + _, err := tfresource.WaitForWorkRequestWithErrorHandling(s.WorkRequestClient, workId, "zone", + oci_work_requests.WorkRequestResourceActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate), s.DisableNotFoundRetries) + if err != nil { + return err + } + } + s.D.SetId(fmt.Sprintf("%s-%s", *request.ZoneId, *request.DnssecKeyVersionUuid)) + + return nil +} + +func (s *DnsZonePromoteDnssecKeyVersionResourceCrud) SetData() error { + return nil +} diff --git a/internal/service/dns/dns_zone_resource.go b/internal/service/dns/dns_zone_resource.go index f2db0ff6f82..59d480520e6 100644 --- a/internal/service/dns/dns_zone_resource.go +++ b/internal/service/dns/dns_zone_resource.go @@ -58,6 +58,11 @@ func DnsZoneResource() *schema.Resource { DiffSuppressFunc: tfresource.DefinedTagsDiffSuppressFunction, Elem: schema.TypeString, }, + "dnssec_state": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "external_downstreams": { Type: schema.TypeList, Optional: true, @@ -133,6 +138,170 @@ func DnsZoneResource() *schema.Resource { }, // Computed + "dnssec_config": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "ksk_dnssec_key_versions": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "algorithm": { + Type: schema.TypeString, + Computed: true, + }, + "ds_data": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "digest_type": { + Type: schema.TypeString, + Computed: true, + }, + "rdata": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "key_tag": { + Type: schema.TypeInt, + Computed: true, + }, + "length_in_bytes": { + Type: schema.TypeInt, + Computed: true, + }, + "predecessor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "successor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "time_activated": { + Type: schema.TypeString, + Computed: true, + }, + "time_created": { + Type: schema.TypeString, + Computed: true, + }, + "time_expired": { + Type: schema.TypeString, + Computed: true, + }, + "time_inactivated": { + Type: schema.TypeString, + Computed: true, + }, + "time_promoted": { + Type: schema.TypeString, + Computed: true, + }, + "time_published": { + Type: schema.TypeString, + Computed: true, + }, + "time_unpublished": { + Type: schema.TypeString, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "zsk_dnssec_key_versions": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "algorithm": { + Type: schema.TypeString, + Computed: true, + }, + "key_tag": { + Type: schema.TypeInt, + Computed: true, + }, + "length_in_bytes": { + Type: schema.TypeInt, + Computed: true, + }, + "predecessor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "successor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "time_activated": { + Type: schema.TypeString, + Computed: true, + }, + "time_created": { + Type: schema.TypeString, + Computed: true, + }, + "time_expired": { + Type: schema.TypeString, + Computed: true, + }, + "time_inactivated": { + Type: schema.TypeString, + Computed: true, + }, + "time_promoted": { + Type: schema.TypeString, + Computed: true, + }, + "time_published": { + Type: schema.TypeString, + Computed: true, + }, + "time_unpublished": { + Type: schema.TypeString, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, "is_protected": { Type: schema.TypeBool, Computed: true, @@ -285,6 +454,18 @@ func (s *DnsZoneResourceCrud) DeletedTarget() []string { } } +func (s *DnsZoneResourceCrud) UpdatedPending() []string { + return []string{ + string(oci_dns.ZoneLifecycleStateUpdating), + } +} + +func (s *DnsZoneResourceCrud) UpdatedTarget() []string { + return []string{ + string(oci_dns.ZoneLifecycleStateActive), + } +} + func (s *DnsZoneResourceCrud) Create() error { request := oci_dns.CreateZoneRequest{} createZoneDetailsRequest := oci_dns.CreateZoneDetails{} @@ -301,6 +482,10 @@ func (s *DnsZoneResourceCrud) Create() error { createZoneDetailsRequest.DefinedTags = convertedDefinedTags } + if dnssecState, ok := s.D.GetOkExists("dnssec_state"); ok { + createZoneDetailsRequest.DnssecState = oci_dns.ZoneDnssecStateEnum(dnssecState.(string)) + } + if externalDownstreams, ok := s.D.GetOkExists("external_downstreams"); ok { interfaces := externalDownstreams.([]interface{}) tmp := make([]oci_dns.ExternalDownstream, len(interfaces)) @@ -440,6 +625,10 @@ func (s *DnsZoneResourceCrud) Update() error { request.DefinedTags = convertedDefinedTags } + if dnssecState, ok := s.D.GetOkExists("dnssec_state"); ok { + request.DnssecState = oci_dns.ZoneDnssecStateEnum(dnssecState.(string)) + } + if externalDownstreams, ok := s.D.GetOkExists("external_downstreams"); ok { interfaces := externalDownstreams.([]interface{}) tmp := make([]oci_dns.ExternalDownstream, len(interfaces)) @@ -538,6 +727,14 @@ func (s *DnsZoneResourceCrud) SetData() error { s.D.Set("defined_tags", tfresource.DefinedTagsToMap(s.Res.DefinedTags)) } + if s.Res.DnssecConfig != nil { + s.D.Set("dnssec_config", []interface{}{DnssecConfigToMap(s.Res.DnssecConfig)}) + } else { + s.D.Set("dnssec_config", nil) + } + + s.D.Set("dnssec_state", s.Res.DnssecState) + externalDownstreams := []interface{}{} for _, item := range s.Res.ExternalDownstreams { externalDownstreams = append(externalDownstreams, ExternalDownstreamToMap(item)) @@ -605,6 +802,36 @@ func (s *DnsZoneResourceCrud) SetData() error { return nil } +func DnssecConfigToMap(obj *oci_dns.DnssecConfig) map[string]interface{} { + result := map[string]interface{}{} + + kskDnssecKeyVersions := []interface{}{} + for _, item := range obj.KskDnssecKeyVersions { + kskDnssecKeyVersions = append(kskDnssecKeyVersions, KskDnssecKeyVersionToMap(item)) + } + result["ksk_dnssec_key_versions"] = kskDnssecKeyVersions + + zskDnssecKeyVersions := []interface{}{} + for _, item := range obj.ZskDnssecKeyVersions { + zskDnssecKeyVersions = append(zskDnssecKeyVersions, ZskDnssecKeyVersionToMap(item)) + } + result["zsk_dnssec_key_versions"] = zskDnssecKeyVersions + + return result +} + +func DnssecKeyVersionDsDataToMap(obj oci_dns.DnssecKeyVersionDsData) map[string]interface{} { + result := map[string]interface{}{} + + result["digest_type"] = string(obj.DigestType) + + if obj.Rdata != nil { + result["rdata"] = string(*obj.Rdata) + } + + return result +} + func (s *DnsZoneResourceCrud) mapToExternalDownstream(fieldKeyFormat string) (oci_dns.ExternalDownstream, error) { result := oci_dns.ExternalDownstream{} @@ -683,6 +910,68 @@ func ExternalMasterToMap(obj oci_dns.ExternalMaster) map[string]interface{} { return result } +func KskDnssecKeyVersionToMap(obj oci_dns.KskDnssecKeyVersion) map[string]interface{} { + result := map[string]interface{}{} + + result["algorithm"] = string(obj.Algorithm) + + dsData := []interface{}{} + for _, item := range obj.DsData { + dsData = append(dsData, DnssecKeyVersionDsDataToMap(item)) + } + result["ds_data"] = dsData + + if obj.KeyTag != nil { + result["key_tag"] = int(*obj.KeyTag) + } + + if obj.LengthInBytes != nil { + result["length_in_bytes"] = int(*obj.LengthInBytes) + } + + if obj.PredecessorDnssecKeyVersionUuid != nil { + result["predecessor_dnssec_key_version_uuid"] = string(*obj.PredecessorDnssecKeyVersionUuid) + } + + if obj.SuccessorDnssecKeyVersionUuid != nil { + result["successor_dnssec_key_version_uuid"] = string(*obj.SuccessorDnssecKeyVersionUuid) + } + + if obj.TimeActivated != nil { + result["time_activated"] = obj.TimeActivated.String() + } + + if obj.TimeCreated != nil { + result["time_created"] = obj.TimeCreated.String() + } + + if obj.TimeExpired != nil { + result["time_expired"] = obj.TimeExpired.String() + } + + if obj.TimeInactivated != nil { + result["time_inactivated"] = obj.TimeInactivated.String() + } + + if obj.TimePromoted != nil { + result["time_promoted"] = obj.TimePromoted.String() + } + + if obj.TimePublished != nil { + result["time_published"] = obj.TimePublished.String() + } + + if obj.TimeUnpublished != nil { + result["time_unpublished"] = obj.TimeUnpublished.String() + } + + if obj.Uuid != nil { + result["uuid"] = string(*obj.Uuid) + } + + return result +} + func NameserverToMap(obj oci_dns.Nameserver) map[string]interface{} { result := map[string]interface{}{} @@ -715,6 +1004,62 @@ func ZoneTransferServerToMap(obj oci_dns.ZoneTransferServer) map[string]interfac return result } +func ZskDnssecKeyVersionToMap(obj oci_dns.ZskDnssecKeyVersion) map[string]interface{} { + result := map[string]interface{}{} + + result["algorithm"] = string(obj.Algorithm) + + if obj.KeyTag != nil { + result["key_tag"] = int(*obj.KeyTag) + } + + if obj.LengthInBytes != nil { + result["length_in_bytes"] = int(*obj.LengthInBytes) + } + + if obj.PredecessorDnssecKeyVersionUuid != nil { + result["predecessor_dnssec_key_version_uuid"] = string(*obj.PredecessorDnssecKeyVersionUuid) + } + + if obj.SuccessorDnssecKeyVersionUuid != nil { + result["successor_dnssec_key_version_uuid"] = string(*obj.SuccessorDnssecKeyVersionUuid) + } + + if obj.TimeActivated != nil { + result["time_activated"] = obj.TimeActivated.String() + } + + if obj.TimeCreated != nil { + result["time_created"] = obj.TimeCreated.String() + } + + if obj.TimeExpired != nil { + result["time_expired"] = obj.TimeExpired.String() + } + + if obj.TimeInactivated != nil { + result["time_inactivated"] = obj.TimeInactivated.String() + } + + if obj.TimePromoted != nil { + result["time_promoted"] = obj.TimePromoted.String() + } + + if obj.TimePublished != nil { + result["time_published"] = obj.TimePublished.String() + } + + if obj.TimeUnpublished != nil { + result["time_unpublished"] = obj.TimeUnpublished.String() + } + + if obj.Uuid != nil { + result["uuid"] = string(*obj.Uuid) + } + + return result +} + func (s *DnsZoneResourceCrud) updateCompartment(compartment interface{}) error { changeCompartmentRequest := oci_dns.ChangeZoneCompartmentRequest{} diff --git a/internal/service/dns/dns_zone_stage_dnssec_key_version_resource.go b/internal/service/dns/dns_zone_stage_dnssec_key_version_resource.go new file mode 100644 index 00000000000..c7453f74fc8 --- /dev/null +++ b/internal/service/dns/dns_zone_stage_dnssec_key_version_resource.go @@ -0,0 +1,119 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package dns + +import ( + "context" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + oci_dns "github.com/oracle/oci-go-sdk/v65/dns" + oci_work_requests "github.com/oracle/oci-go-sdk/v65/workrequests" + + "github.com/oracle/terraform-provider-oci/internal/client" + "github.com/oracle/terraform-provider-oci/internal/tfresource" +) + +func DnsZoneStageDnssecKeyVersionResource() *schema.Resource { + return &schema.Resource{ + Timeouts: tfresource.DefaultTimeout, + Create: createDnsZoneStageDnssecKeyVersion, + Read: readDnsZoneStageDnssecKeyVersion, + Delete: deleteDnsZoneStageDnssecKeyVersion, + Schema: map[string]*schema.Schema{ + // Required + "predecessor_dnssec_key_version_uuid": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "zone_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + + // Optional + "scope": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, + + // Computed + }, + } +} + +func createDnsZoneStageDnssecKeyVersion(d *schema.ResourceData, m interface{}) error { + sync := &DnsZoneStageDnssecKeyVersionResourceCrud{} + sync.D = d + sync.Client = m.(*client.OracleClients).DnsClient() + sync.WorkRequestClient = m.(*client.OracleClients).WorkRequestClient + + return tfresource.CreateResource(d, sync) +} + +func readDnsZoneStageDnssecKeyVersion(d *schema.ResourceData, m interface{}) error { + return nil +} + +func deleteDnsZoneStageDnssecKeyVersion(d *schema.ResourceData, m interface{}) error { + return nil +} + +type DnsZoneStageDnssecKeyVersionResourceCrud struct { + tfresource.BaseCrud + Client *oci_dns.DnsClient + DisableNotFoundRetries bool + WorkRequestClient *oci_work_requests.WorkRequestClient +} + +func (s *DnsZoneStageDnssecKeyVersionResourceCrud) ID() string { + return s.D.Id() +} + +func (s *DnsZoneStageDnssecKeyVersionResourceCrud) Create() error { + request := oci_dns.StageZoneDnssecKeyVersionRequest{} + + if predecessorDnssecKeyVersionUuid, ok := s.D.GetOkExists("predecessor_dnssec_key_version_uuid"); ok { + tmp := predecessorDnssecKeyVersionUuid.(string) + request.PredecessorDnssecKeyVersionUuid = &tmp + } + + if scope, ok := s.D.GetOkExists("scope"); ok { + request.Scope = oci_dns.StageZoneDnssecKeyVersionScopeEnum(scope.(string)) + } + + if zoneId, ok := s.D.GetOkExists("zone_id"); ok { + tmp := zoneId.(string) + request.ZoneId = &tmp + } + + request.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "dns") + + response, err := s.Client.StageZoneDnssecKeyVersion(context.Background(), request) + if err != nil { + return err + } + + workId := response.OpcWorkRequestId + + if workId != nil { + _, err := tfresource.WaitForWorkRequestWithErrorHandling(s.WorkRequestClient, workId, "zone", + oci_work_requests.WorkRequestResourceActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate), s.DisableNotFoundRetries) + if err != nil { + return err + } + } + s.D.SetId(fmt.Sprintf("%s-%s", *request.ZoneId, *request.PredecessorDnssecKeyVersionUuid)) + + return nil +} + +func (s *DnsZoneStageDnssecKeyVersionResourceCrud) SetData() error { + return nil +} diff --git a/internal/service/dns/dns_zones_data_source.go b/internal/service/dns/dns_zones_data_source.go index ca608795ea3..be03fcaaffc 100644 --- a/internal/service/dns/dns_zones_data_source.go +++ b/internal/service/dns/dns_zones_data_source.go @@ -24,6 +24,10 @@ func DnsZonesDataSource() *schema.Resource { Type: schema.TypeString, Required: true, }, + "dnssec_state": { + Type: schema.TypeString, + Optional: true, + }, "name": { Type: schema.TypeString, Optional: true, @@ -103,6 +107,10 @@ func (s *DnsZonesDataSourceCrud) Get() error { request.CompartmentId = &tmp } + if dnssecState, ok := s.D.GetOkExists("dnssec_state"); ok { + request.DnssecState = oci_dns.ListZonesDnssecStateEnum(dnssecState.(string)) + } + if name, ok := s.D.GetOkExists("name"); ok { tmp := name.(string) request.Name = &tmp @@ -229,6 +237,14 @@ func (s *DnsZonesDataSourceCrud) SetData() error { zone["defined_tags"] = tfresource.DefinedTagsToMap(r.DefinedTags) } + if r.DnssecConfig != nil { + zone["dnssec_config"] = []interface{}{DnssecConfigToMap(r.DnssecConfig)} + } else { + zone["dnssec_config"] = nil + } + + zone["dnssec_state"] = r.DnssecState + zone["freeform_tags"] = r.FreeformTags if r.Id != nil { diff --git a/internal/service/dns/register_resource.go b/internal/service/dns/register_resource.go index bcc88b5c04f..96b70bfd8d8 100644 --- a/internal/service/dns/register_resource.go +++ b/internal/service/dns/register_resource.go @@ -16,4 +16,6 @@ func RegisterResource() { tfresource.RegisterResource("oci_dns_tsig_key", DnsTsigKeyResource()) tfresource.RegisterResource("oci_dns_view", DnsViewResource()) tfresource.RegisterResource("oci_dns_zone", DnsZoneResource()) + tfresource.RegisterResource("oci_dns_zone_promote_dnssec_key_version", DnsZonePromoteDnssecKeyVersionResource()) + tfresource.RegisterResource("oci_dns_zone_stage_dnssec_key_version", DnsZoneStageDnssecKeyVersionResource()) } diff --git a/internal/service/golden_gate/golden_gate_deployment_backup_resource.go b/internal/service/golden_gate/golden_gate_deployment_backup_resource.go index ae371b953ad..304bdbd33cb 100644 --- a/internal/service/golden_gate/golden_gate_deployment_backup_resource.go +++ b/internal/service/golden_gate/golden_gate_deployment_backup_resource.go @@ -310,22 +310,10 @@ func (s *GoldenGateDeploymentBackupResourceCrud) Create() error { } workId := response.OpcWorkRequestId - workRequestResponse := oci_golden_gate.GetWorkRequestResponse{} - workRequestResponse, err = s.Client.GetWorkRequest(context.Background(), - oci_golden_gate.GetWorkRequestRequest{ - WorkRequestId: workId, - RequestMetadata: oci_common.RequestMetadata{ - RetryPolicy: tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "golden_gate"), - }, - }) - if err == nil { - // The work request response contains an array of objects - for _, res := range workRequestResponse.Resources { - if res.EntityType != nil && strings.Contains(strings.ToLower(*res.EntityType), "deploymentbackup") && res.Identifier != nil { - s.D.SetId(*res.Identifier) - break - } - } + var identifier *string + identifier = response.Id + if identifier != nil { + s.D.SetId(*identifier) } return s.getDeploymentBackupFromWorkRequest(workId, tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "golden_gate"), oci_golden_gate.ActionTypeCreated, s.D.Timeout(schema.TimeoutCreate)) } diff --git a/internal/service/golden_gate/golden_gate_deployment_data_source.go b/internal/service/golden_gate/golden_gate_deployment_data_source.go index f727873f62c..27928a1c7b9 100644 --- a/internal/service/golden_gate/golden_gate_deployment_data_source.go +++ b/internal/service/golden_gate/golden_gate_deployment_data_source.go @@ -67,6 +67,8 @@ func (s *GoldenGateDeploymentDataSourceCrud) SetData() error { s.D.SetId(*s.Res.Id) + s.D.Set("category", s.Res.Category) + if s.Res.CompartmentId != nil { s.D.Set("compartment_id", *s.Res.CompartmentId) } @@ -103,6 +105,8 @@ func (s *GoldenGateDeploymentDataSourceCrud) SetData() error { s.D.Set("display_name", *s.Res.DisplayName) } + s.D.Set("environment_type", s.Res.EnvironmentType) + if s.Res.Fqdn != nil { s.D.Set("fqdn", *s.Res.Fqdn) } diff --git a/internal/service/golden_gate/golden_gate_deployment_environments_data_source.go b/internal/service/golden_gate/golden_gate_deployment_environments_data_source.go new file mode 100644 index 00000000000..83fe642bb7f --- /dev/null +++ b/internal/service/golden_gate/golden_gate_deployment_environments_data_source.go @@ -0,0 +1,212 @@ +// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Mozilla Public License v2.0 + +package golden_gate + +import ( + "context" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + oci_golden_gate "github.com/oracle/oci-go-sdk/v65/goldengate" + + "github.com/oracle/terraform-provider-oci/internal/client" + "github.com/oracle/terraform-provider-oci/internal/tfresource" +) + +func GoldenGateDeploymentEnvironmentsDataSource() *schema.Resource { + return &schema.Resource{ + Read: readGoldenGateDeploymentEnvironments, + Schema: map[string]*schema.Schema{ + "filter": tfresource.DataSourceFiltersSchema(), + "compartment_id": { + Type: schema.TypeString, + Required: true, + }, + "deployment_environment_collection": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "items": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + + // Optional + + // Computed + "category": { + Type: schema.TypeString, + Computed: true, + }, + "default_cpu_core_count": { + Type: schema.TypeInt, + Computed: true, + }, + "display_name": { + Type: schema.TypeString, + Computed: true, + }, + "environment_type": { + Type: schema.TypeString, + Computed: true, + }, + "is_auto_scaling_enabled_by_default": { + Type: schema.TypeBool, + Computed: true, + }, + "max_cpu_core_count": { + Type: schema.TypeInt, + Computed: true, + }, + "memory_per_ocpu_in_gbs": { + Type: schema.TypeInt, + Computed: true, + }, + "min_cpu_core_count": { + Type: schema.TypeInt, + Computed: true, + }, + "network_bandwidth_per_ocpu_in_gbps": { + Type: schema.TypeInt, + Computed: true, + }, + "storage_usage_limit_per_ocpu_in_gbs": { + Type: schema.TypeInt, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + }, + } +} + +func readGoldenGateDeploymentEnvironments(d *schema.ResourceData, m interface{}) error { + sync := &GoldenGateDeploymentEnvironmentsDataSourceCrud{} + sync.D = d + sync.Client = m.(*client.OracleClients).GoldenGateClient() + + return tfresource.ReadResource(sync) +} + +type GoldenGateDeploymentEnvironmentsDataSourceCrud struct { + D *schema.ResourceData + Client *oci_golden_gate.GoldenGateClient + Res *oci_golden_gate.ListDeploymentEnvironmentsResponse +} + +func (s *GoldenGateDeploymentEnvironmentsDataSourceCrud) VoidState() { + s.D.SetId("") +} + +func (s *GoldenGateDeploymentEnvironmentsDataSourceCrud) Get() error { + request := oci_golden_gate.ListDeploymentEnvironmentsRequest{} + + if compartmentId, ok := s.D.GetOkExists("compartment_id"); ok { + tmp := compartmentId.(string) + request.CompartmentId = &tmp + } + + request.RequestMetadata.RetryPolicy = tfresource.GetRetryPolicy(false, "golden_gate") + + response, err := s.Client.ListDeploymentEnvironments(context.Background(), request) + if err != nil { + return err + } + + s.Res = &response + request.Page = s.Res.OpcNextPage + + for request.Page != nil { + listResponse, err := s.Client.ListDeploymentEnvironments(context.Background(), request) + if err != nil { + return err + } + + s.Res.Items = append(s.Res.Items, listResponse.Items...) + request.Page = listResponse.OpcNextPage + } + + return nil +} + +func (s *GoldenGateDeploymentEnvironmentsDataSourceCrud) SetData() error { + if s.Res == nil { + return nil + } + + s.D.SetId(tfresource.GenerateDataSourceHashID("GoldenGateDeploymentEnvironmentsDataSource-", GoldenGateDeploymentEnvironmentsDataSource(), s.D)) + resources := []map[string]interface{}{} + deploymentEnvironment := map[string]interface{}{} + + items := []interface{}{} + for _, item := range s.Res.Items { + items = append(items, DeploymentEnvironmentSummaryToMap(item)) + } + deploymentEnvironment["items"] = items + + if f, fOk := s.D.GetOkExists("filter"); fOk { + items = tfresource.ApplyFiltersInCollection(f.(*schema.Set), items, GoldenGateDeploymentEnvironmentsDataSource().Schema["deployment_environment_collection"].Elem.(*schema.Resource).Schema) + deploymentEnvironment["items"] = items + } + + resources = append(resources, deploymentEnvironment) + if err := s.D.Set("deployment_environment_collection", resources); err != nil { + return err + } + + return nil +} + +func DeploymentEnvironmentSummaryToMap(obj oci_golden_gate.DeploymentEnvironmentSummary) map[string]interface{} { + result := map[string]interface{}{} + + result["category"] = string(obj.Category) + + if obj.DefaultCpuCoreCount != nil { + result["default_cpu_core_count"] = int(*obj.DefaultCpuCoreCount) + } + + if obj.DisplayName != nil { + result["display_name"] = string(*obj.DisplayName) + } + + result["environment_type"] = string(obj.EnvironmentType) + + if obj.IsAutoScalingEnabledByDefault != nil { + result["is_auto_scaling_enabled_by_default"] = bool(*obj.IsAutoScalingEnabledByDefault) + } + + if obj.MaxCpuCoreCount != nil { + result["max_cpu_core_count"] = int(*obj.MaxCpuCoreCount) + } + + if obj.MemoryPerOcpuInGBs != nil { + result["memory_per_ocpu_in_gbs"] = int(*obj.MemoryPerOcpuInGBs) + } + + if obj.MinCpuCoreCount != nil { + result["min_cpu_core_count"] = int(*obj.MinCpuCoreCount) + } + + if obj.NetworkBandwidthPerOcpuInGbps != nil { + result["network_bandwidth_per_ocpu_in_gbps"] = int(*obj.NetworkBandwidthPerOcpuInGbps) + } + + if obj.StorageUsageLimitPerOcpuInGBs != nil { + result["storage_usage_limit_per_ocpu_in_gbs"] = int(*obj.StorageUsageLimitPerOcpuInGBs) + } + + return result +} diff --git a/internal/service/golden_gate/golden_gate_deployment_resource.go b/internal/service/golden_gate/golden_gate_deployment_resource.go index 44c79419db4..573a3107977 100644 --- a/internal/service/golden_gate/golden_gate_deployment_resource.go +++ b/internal/service/golden_gate/golden_gate_deployment_resource.go @@ -6,7 +6,6 @@ package golden_gate import ( "context" "fmt" - "log" "strconv" "strings" "time" @@ -28,7 +27,7 @@ func GoldenGateDeploymentResource() *schema.Resource { Importer: &schema.ResourceImporter{ State: schema.ImportStatePassthrough, }, - Timeouts: &schema.ResourceTimeout{ + Timeouts: &schema.ResourceTimeout{ // custom code, do not change Create: tfresource.GetTimeoutDuration("90m"), Update: tfresource.GetTimeoutDuration("60m"), Delete: tfresource.GetTimeoutDuration("30m"), @@ -88,6 +87,11 @@ func GoldenGateDeploymentResource() *schema.Resource { Optional: true, Computed: true, }, + "environment_type": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "fqdn": { Type: schema.TypeString, Optional: true, @@ -259,6 +263,41 @@ func GoldenGateDeploymentResource() *schema.Resource { Optional: true, Computed: true, }, + "group_to_roles_mapping": { + Type: schema.TypeList, + Optional: true, + Computed: true, + MaxItems: 1, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + // Required + "security_group_id": { + Type: schema.TypeString, + Required: true, + }, + + // Optional + "administrator_group_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "operator_group_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "user_group_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + + // Computed + }, + }, + }, "identity_domain_id": { Type: schema.TypeString, Optional: true, @@ -273,6 +312,7 @@ func GoldenGateDeploymentResource() *schema.Resource { Type: schema.TypeString, Optional: true, Computed: true, + // ForceNew: true, Upgrade is handled in different action, not part of the update operation }, "password_secret_id": { Type: schema.TypeString, @@ -287,6 +327,10 @@ func GoldenGateDeploymentResource() *schema.Resource { }, // Computed + "category": { + Type: schema.TypeString, + Computed: true, + }, "deployment_diagnostic_data": { Type: schema.TypeList, Computed: true, @@ -388,7 +432,7 @@ func GoldenGateDeploymentResource() *schema.Resource { "state": { Type: schema.TypeString, Computed: true, - Optional: true, + Optional: true, // custom code, action start and stop are implemented by this DiffSuppressFunc: tfresource.EqualIgnoreCaseSuppressDiff, ValidateFunc: validation.StringInSlice([]string{ string(oci_golden_gate.LifecycleStateInactive), @@ -630,6 +674,10 @@ func (s *GoldenGateDeploymentResourceCrud) Create() error { request.DisplayName = &tmp } + if environmentType, ok := s.D.GetOkExists("environment_type"); ok { + request.EnvironmentType = oci_golden_gate.EnvironmentTypeEnum(environmentType.(string)) + } + if fqdn, ok := s.D.GetOkExists("fqdn"); ok { tmp := fqdn.(string) request.Fqdn = &tmp @@ -747,12 +795,10 @@ func (s *GoldenGateDeploymentResourceCrud) getDeploymentFromWorkRequest(workId * actionTypeEnum oci_golden_gate.ActionTypeEnum, timeout time.Duration) error { // Wait until it finishes - deploymentId, err := goldenGateDeploymentWaitForWorkRequest(workId, "deployment", + deploymentId, err := deploymentWaitForWorkRequest(workId, "deployment", actionTypeEnum, timeout, s.DisableNotFoundRetries, s.Client) if err != nil { - // Try to cancel the work request - log.Printf("[DEBUG] operation failed: %v for identifier: %v\n", workId, deploymentId) return err } s.D.SetId(*deploymentId) @@ -760,7 +806,7 @@ func (s *GoldenGateDeploymentResourceCrud) getDeploymentFromWorkRequest(workId * return s.Get() } -func goldenGateDeploymentWorkRequestShouldRetryFunc(timeout time.Duration) func(response oci_common.OCIOperationResponse) bool { +func deploymentWorkRequestShouldRetryFunc(timeout time.Duration) func(response oci_common.OCIOperationResponse) bool { startTime := time.Now() stopTime := startTime.Add(timeout) return func(response oci_common.OCIOperationResponse) bool { @@ -783,16 +829,17 @@ func goldenGateDeploymentWorkRequestShouldRetryFunc(timeout time.Duration) func( } } -func goldenGateDeploymentWaitForWorkRequest(wId *string, entityType string, action oci_golden_gate.ActionTypeEnum, +func deploymentWaitForWorkRequest(wId *string, entityType string, action oci_golden_gate.ActionTypeEnum, timeout time.Duration, disableFoundRetries bool, client *oci_golden_gate.GoldenGateClient) (*string, error) { retryPolicy := tfresource.GetRetryPolicy(disableFoundRetries, "golden_gate") - retryPolicy.ShouldRetryOperation = goldenGateDeploymentWorkRequestShouldRetryFunc(timeout) + retryPolicy.ShouldRetryOperation = deploymentWorkRequestShouldRetryFunc(timeout) response := oci_golden_gate.GetWorkRequestResponse{} stateConf := &resource.StateChangeConf{ Pending: []string{ string(oci_golden_gate.OperationStatusInProgress), string(oci_golden_gate.OperationStatusAccepted), + //string(oci_golden_gate.OperationStatusCanceling), //Canceling workrequest is N/A for GGS }, Target: []string{ string(oci_golden_gate.OperationStatusSucceeded), @@ -830,13 +877,13 @@ func goldenGateDeploymentWaitForWorkRequest(wId *string, entityType string, acti // The workrequest may have failed, check for errors if identifier is not found or work failed or got cancelled if identifier == nil || response.Status == oci_golden_gate.OperationStatusFailed || response.Status == oci_golden_gate.OperationStatusCanceled { - return nil, getErrorFromDeploymentWorkRequest(client, wId, retryPolicy, entityType, action) + return nil, getErrorFromGoldenGateDeploymentWorkRequest(client, wId, retryPolicy, entityType, action) } return identifier, nil } -func getErrorFromDeploymentWorkRequest(client *oci_golden_gate.GoldenGateClient, workId *string, retryPolicy *oci_common.RetryPolicy, entityType string, action oci_golden_gate.ActionTypeEnum) error { +func getErrorFromGoldenGateDeploymentWorkRequest(client *oci_golden_gate.GoldenGateClient, workId *string, retryPolicy *oci_common.RetryPolicy, entityType string, action oci_golden_gate.ActionTypeEnum) error { response, err := client.ListWorkRequestErrors(context.Background(), oci_golden_gate.ListWorkRequestErrorsRequest{ WorkRequestId: workId, @@ -914,6 +961,10 @@ func (s *GoldenGateDeploymentResourceCrud) Update() error { request.DisplayName = &tmp } + if environmentType, ok := s.D.GetOkExists("environment_type"); ok { + request.EnvironmentType = oci_golden_gate.EnvironmentTypeEnum(environmentType.(string)) + } + if fqdn, ok := s.D.GetOkExists("fqdn"); ok { tmp := fqdn.(string) request.Fqdn = &tmp @@ -1030,12 +1081,14 @@ func (s *GoldenGateDeploymentResourceCrud) Delete() error { workId := response.OpcWorkRequestId // Wait until it finishes - _, delWorkRequestErr := goldenGateDeploymentWaitForWorkRequest(workId, "deployment", + _, delWorkRequestErr := deploymentWaitForWorkRequest(workId, "deployment", oci_golden_gate.ActionTypeDeleted, s.D.Timeout(schema.TimeoutDelete), s.DisableNotFoundRetries, s.Client) return delWorkRequestErr } func (s *GoldenGateDeploymentResourceCrud) SetData() error { + s.D.Set("category", s.Res.Category) + if s.Res.CompartmentId != nil { s.D.Set("compartment_id", *s.Res.CompartmentId) } @@ -1072,6 +1125,8 @@ func (s *GoldenGateDeploymentResourceCrud) SetData() error { s.D.Set("display_name", *s.Res.DisplayName) } + s.D.Set("environment_type", s.Res.EnvironmentType) + if s.Res.Fqdn != nil { s.D.Set("fqdn", *s.Res.Fqdn) } @@ -1148,10 +1203,10 @@ func (s *GoldenGateDeploymentResourceCrud) SetData() error { for _, item := range s.Res.NsgIds { nsgIds = append(nsgIds, item) } - s.D.Set("nsg_ids", nsgIds) + s.D.Set("nsg_ids", nsgIds) // custom code, do not change if s.Res.OggData != nil { - s.D.Set("ogg_data", []interface{}{OggDeploymentToMap(s.Res.OggData, s.D)}) + s.D.Set("ogg_data", []interface{}{OggDeploymentToMap(s.Res.OggData, s.D)}) // custom code, do not change } else { s.D.Set("ogg_data", nil) } @@ -1324,8 +1379,8 @@ func MaintenanceConfigurationToMap(obj *oci_golden_gate.MaintenanceConfiguration return result } -func (s *GoldenGateDeploymentResourceCrud) mapToUpdateMaintenanceWindowDetails(fieldKeyFormat string) (oci_golden_gate.UpdateMaintenanceWindowDetails, error) { - result := oci_golden_gate.UpdateMaintenanceWindowDetails{} +func (s *GoldenGateDeploymentResourceCrud) mapToCreateMaintenanceWindowDetails(fieldKeyFormat string) (oci_golden_gate.CreateMaintenanceWindowDetails, error) { + result := oci_golden_gate.CreateMaintenanceWindowDetails{} if day, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "day")); ok { result.Day = oci_golden_gate.DayEnum(day.(string)) @@ -1339,8 +1394,8 @@ func (s *GoldenGateDeploymentResourceCrud) mapToUpdateMaintenanceWindowDetails(f return result, nil } -func (s *GoldenGateDeploymentResourceCrud) mapToCreateMaintenanceWindowDetails(fieldKeyFormat string) (oci_golden_gate.CreateMaintenanceWindowDetails, error) { - result := oci_golden_gate.CreateMaintenanceWindowDetails{} +func (s *GoldenGateDeploymentResourceCrud) mapToUpdateMaintenanceWindowDetails(fieldKeyFormat string) (oci_golden_gate.UpdateMaintenanceWindowDetails, error) { + result := oci_golden_gate.UpdateMaintenanceWindowDetails{} if day, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "day")); ok { result.Day = oci_golden_gate.DayEnum(day.(string)) @@ -1393,6 +1448,17 @@ func (s *GoldenGateDeploymentResourceCrud) mapToCreateOggDeploymentDetails(field result.DeploymentName = &tmp } + if groupToRolesMapping, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "group_to_roles_mapping")); ok { + if tmpList := groupToRolesMapping.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "group_to_roles_mapping"), 0) + tmp, err := s.mapToGroupToRolesMappingDetails(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert group_to_roles_mapping, encountered error: %v", err) + } + result.GroupToRolesMapping = &tmp + } + } + if identityDomainId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "identity_domain_id")); ok { tmp := identityDomainId.(string) result.IdentityDomainId = &tmp @@ -1419,7 +1485,7 @@ func (s *GoldenGateDeploymentResourceCrud) mapToCreateOggDeploymentDetails(field func (s *GoldenGateDeploymentResourceCrud) mapToUpdateOggDeploymentDetails(fieldKeyFormat string) (oci_golden_gate.UpdateOggDeploymentDetails, error) { result := oci_golden_gate.UpdateOggDeploymentDetails{} - adminPasswordKeyFormat := fmt.Sprintf(fieldKeyFormat, "admin_password") + adminPasswordKeyFormat := fmt.Sprintf(fieldKeyFormat, "admin_password") // custom code, do not change if adminPassword, ok := s.D.GetOk(adminPasswordKeyFormat); ok && s.D.HasChange(adminPasswordKeyFormat) { tmp := adminPassword.(string) result.AdminPassword = &tmp @@ -1430,27 +1496,38 @@ func (s *GoldenGateDeploymentResourceCrud) mapToUpdateOggDeploymentDetails(field result.AdminUsername = &tmp } - if certificate, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "certificate")); ok { + if certificate, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "certificate")); ok { // custom code, do not change tmp := certificate.(string) result.Certificate = &tmp } - if credentialStore, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "credential_store")); ok { + if credentialStore, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "credential_store")); ok { // custom code, do not change result.CredentialStore = oci_golden_gate.CredentialStoreEnum(credentialStore.(string)) } - if identityDomainId, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "identity_domain_id")); ok { + if groupToRolesMapping, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "group_to_roles_mapping")); ok { + if tmpList := groupToRolesMapping.([]interface{}); len(tmpList) > 0 { + fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "group_to_roles_mapping"), 0) + tmp, err := s.mapToUpdateGroupToRolesMappingDetails(fieldKeyFormatNextLevel) + if err != nil { + return result, fmt.Errorf("unable to convert group_to_roles_mapping, encountered error: %v", err) + } + result.GroupToRolesMapping = &tmp + } + } + + if identityDomainId, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "identity_domain_id")); ok { // custom code, do not change tmp := identityDomainId.(string) result.IdentityDomainId = &tmp } - keyKeyFormat := fmt.Sprintf(fieldKeyFormat, "key") + keyKeyFormat := fmt.Sprintf(fieldKeyFormat, "key") // custom code, do not change if key, ok := s.D.GetOk(keyKeyFormat); ok && s.D.HasChange(keyKeyFormat) { tmp := key.(string) result.Key = &tmp } - if passwordSecretId, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "password_secret_id")); ok { + if passwordSecretId, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "password_secret_id")); ok { // custom code, do not change tmp := passwordSecretId.(string) result.PasswordSecretId = &tmp } @@ -1458,7 +1535,7 @@ func (s *GoldenGateDeploymentResourceCrud) mapToUpdateOggDeploymentDetails(field return result, nil } -func OggDeploymentToMap(obj *oci_golden_gate.OggDeployment, resourceData *schema.ResourceData) map[string]interface{} { +func OggDeploymentToMap(obj *oci_golden_gate.OggDeployment, resourceData *schema.ResourceData) map[string]interface{} { // custom code, do not change result := map[string]interface{}{} if oggData, ok := resourceData.GetOkExists("ogg_data"); ok { @@ -1490,6 +1567,10 @@ func OggDeploymentToMap(obj *oci_golden_gate.OggDeployment, resourceData *schema result["deployment_name"] = string(*obj.DeploymentName) } + if obj.GroupToRolesMapping != nil { + result["group_to_roles_mapping"] = []interface{}{GroupToRolesMappingDetailsToMap(obj.GroupToRolesMapping)} + } + if obj.IdentityDomainId != nil { result["identity_domain_id"] = string(*obj.IdentityDomainId) } @@ -1533,9 +1614,11 @@ func DeploymentDiagnosticDataToMap(obj *oci_golden_gate.DeploymentDiagnosticData return result } -func GoldenGateDeploymentSummaryToMap(obj oci_golden_gate.DeploymentSummary) map[string]interface{} { +func DeploymentSummaryToMap(obj oci_golden_gate.DeploymentSummary) map[string]interface{} { result := map[string]interface{}{} + result["category"] = string(obj.Category) + if obj.CompartmentId != nil { result["compartment_id"] = string(*obj.CompartmentId) } @@ -1562,6 +1645,8 @@ func GoldenGateDeploymentSummaryToMap(obj oci_golden_gate.DeploymentSummary) map result["display_name"] = string(*obj.DisplayName) } + result["environment_type"] = string(obj.EnvironmentType) + if obj.Fqdn != nil { result["fqdn"] = string(*obj.Fqdn) } @@ -1647,6 +1732,80 @@ func GoldenGateDeploymentSummaryToMap(obj oci_golden_gate.DeploymentSummary) map return result } +func (s *GoldenGateDeploymentResourceCrud) mapToGroupToRolesMappingDetails(fieldKeyFormat string) (oci_golden_gate.GroupToRolesMappingDetails, error) { + result := oci_golden_gate.GroupToRolesMappingDetails{} + + if administratorGroupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "administrator_group_id")); ok { + tmp := administratorGroupId.(string) + result.AdministratorGroupId = &tmp + } + + if operatorGroupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "operator_group_id")); ok { + tmp := operatorGroupId.(string) + result.OperatorGroupId = &tmp + } + + if securityGroupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "security_group_id")); ok { + tmp := securityGroupId.(string) + result.SecurityGroupId = &tmp + } + + if userGroupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "user_group_id")); ok { + tmp := userGroupId.(string) + result.UserGroupId = &tmp + } + + return result, nil +} + +func (s *GoldenGateDeploymentResourceCrud) mapToUpdateGroupToRolesMappingDetails(fieldKeyFormat string) (oci_golden_gate.UpdateGroupToRolesMappingDetails, error) { + result := oci_golden_gate.UpdateGroupToRolesMappingDetails{} + + if administratorGroupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "administrator_group_id")); ok { + tmp := administratorGroupId.(string) + result.AdministratorGroupId = &tmp + } + + if operatorGroupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "operator_group_id")); ok { + tmp := operatorGroupId.(string) + result.OperatorGroupId = &tmp + } + + if securityGroupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "security_group_id")); ok { + tmp := securityGroupId.(string) + result.SecurityGroupId = &tmp + } + + if userGroupId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "user_group_id")); ok { + tmp := userGroupId.(string) + result.UserGroupId = &tmp + } + + return result, nil +} + +func GroupToRolesMappingDetailsToMap(obj *oci_golden_gate.GroupToRolesMappingDetails) map[string]interface{} { + result := map[string]interface{}{} + + if obj.AdministratorGroupId != nil { + result["administrator_group_id"] = string(*obj.AdministratorGroupId) + } + + if obj.OperatorGroupId != nil { + result["operator_group_id"] = string(*obj.OperatorGroupId) + } + + if obj.SecurityGroupId != nil { + result["security_group_id"] = string(*obj.SecurityGroupId) + } + + if obj.UserGroupId != nil { + result["user_group_id"] = string(*obj.UserGroupId) + } + + return result +} + func (s *GoldenGateDeploymentResourceCrud) updateCompartment(compartment interface{}) error { changeCompartmentRequest := oci_golden_gate.ChangeDeploymentCompartmentRequest{} @@ -1670,9 +1829,8 @@ func (s *GoldenGateDeploymentResourceCrud) updateCompartment(compartment interfa workId := response.OpcWorkRequestId // Wait until it finishes - _, changeWorkRequestErr := goldenGateDeploymentWaitForWorkRequest(workId, "deployment", - oci_golden_gate.ActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate), s.DisableNotFoundRetries, s.Client) - return changeWorkRequestErr + return s.getDeploymentFromWorkRequest(workId, tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "golden_gate"), + oci_golden_gate.ActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate)) } func (s *GoldenGateDeploymentResourceCrud) upgradeToSpecificVersion(oggVersion interface{}) error { @@ -1700,7 +1858,7 @@ func (s *GoldenGateDeploymentResourceCrud) upgradeToSpecificVersion(oggVersion i workId := response.OpcWorkRequestId // Wait until it finishes - _, upgradeWorkRequestErr := goldenGateDeploymentWaitForWorkRequest(workId, "deployment", + _, upgradeWorkRequestErr := deploymentWaitForWorkRequest(workId, "deployment", oci_golden_gate.ActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate), s.DisableNotFoundRetries, s.Client) if upgradeWorkRequestErr != nil { return upgradeWorkRequestErr @@ -1746,8 +1904,8 @@ func (s *GoldenGateDeploymentResourceCrud) startDeployment() error { workId := response.OpcWorkRequestId // Wait until it finishes - _, startWorkRequestErr := goldenGateDeploymentWaitForWorkRequest(workId, "deployment", - oci_golden_gate.ActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate), s.DisableNotFoundRetries, s.Client) + startWorkRequestErr := s.getDeploymentFromWorkRequest(workId, tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "golden_gate"), + oci_golden_gate.ActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate)) if startWorkRequestErr != nil { return startWorkRequestErr } @@ -1775,8 +1933,8 @@ func (s *GoldenGateDeploymentResourceCrud) stopDeployment() error { workId := response.OpcWorkRequestId // Wait until it finishes - _, stopWorkRequestErr := goldenGateDeploymentWaitForWorkRequest(workId, "deployment", - oci_golden_gate.ActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate), s.DisableNotFoundRetries, s.Client) + stopWorkRequestErr := s.getDeploymentFromWorkRequest(workId, tfresource.GetRetryPolicy(s.DisableNotFoundRetries, "golden_gate"), + oci_golden_gate.ActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate)) if stopWorkRequestErr != nil { return stopWorkRequestErr } diff --git a/internal/service/golden_gate/golden_gate_deployments_data_source.go b/internal/service/golden_gate/golden_gate_deployments_data_source.go index 1bbd14e6214..ecc1a0898bb 100644 --- a/internal/service/golden_gate/golden_gate_deployments_data_source.go +++ b/internal/service/golden_gate/golden_gate_deployments_data_source.go @@ -160,7 +160,7 @@ func (s *GoldenGateDeploymentsDataSourceCrud) SetData() error { items := []interface{}{} for _, item := range s.Res.Items { - items = append(items, GoldenGateDeploymentSummaryToMap(item)) + items = append(items, DeploymentSummaryToMap(item)) } deployment["items"] = items diff --git a/internal/service/golden_gate/register_datasource.go b/internal/service/golden_gate/register_datasource.go index fbbc2a763e9..e07793e87d1 100644 --- a/internal/service/golden_gate/register_datasource.go +++ b/internal/service/golden_gate/register_datasource.go @@ -17,6 +17,7 @@ func RegisterDatasource() { tfresource.RegisterDatasource("oci_golden_gate_deployment_backups", GoldenGateDeploymentBackupsDataSource()) tfresource.RegisterDatasource("oci_golden_gate_deployment_certificate", GoldenGateDeploymentCertificateDataSource()) tfresource.RegisterDatasource("oci_golden_gate_deployment_certificates", GoldenGateDeploymentCertificatesDataSource()) + tfresource.RegisterDatasource("oci_golden_gate_deployment_environments", GoldenGateDeploymentEnvironmentsDataSource()) tfresource.RegisterDatasource("oci_golden_gate_deployment_type", GoldenGateDeploymentTypeDataSource()) tfresource.RegisterDatasource("oci_golden_gate_deployment_types", GoldenGateDeploymentTypesDataSource()) tfresource.RegisterDatasource("oci_golden_gate_deployment_upgrade", GoldenGateDeploymentUpgradeDataSource()) diff --git a/internal/service/logging/logging_unified_agent_configuration_resource.go b/internal/service/logging/logging_unified_agent_configuration_resource.go index dcf7ad8b454..fb7fcfb412f 100644 --- a/internal/service/logging/logging_unified_agent_configuration_resource.go +++ b/internal/service/logging/logging_unified_agent_configuration_resource.go @@ -285,12 +285,12 @@ func LoggingUnifiedAgentConfigurationResource() *schema.Resource { "is_estimate_current_event": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: true, }, "is_keep_time_key": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: false, }, "is_merge_cri_fields": { Type: schema.TypeBool, @@ -300,7 +300,7 @@ func LoggingUnifiedAgentConfigurationResource() *schema.Resource { "is_null_empty_string": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: false, }, "is_support_colonless_ident": { Type: schema.TypeBool, @@ -804,12 +804,12 @@ func LoggingUnifiedAgentConfigurationResource() *schema.Resource { "is_estimate_current_event": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: true, }, "is_keep_time_key": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: false, }, "is_merge_cri_fields": { Type: schema.TypeBool, @@ -819,7 +819,7 @@ func LoggingUnifiedAgentConfigurationResource() *schema.Resource { "is_null_empty_string": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: false, }, "is_support_colonless_ident": { Type: schema.TypeBool, @@ -1257,12 +1257,12 @@ func LoggingUnifiedAgentConfigurationResource() *schema.Resource { "is_estimate_current_event": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: true, }, "is_keep_time_key": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: false, }, "is_merge_cri_fields": { Type: schema.TypeBool, @@ -1273,7 +1273,7 @@ func LoggingUnifiedAgentConfigurationResource() *schema.Resource { "is_null_empty_string": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: false, }, "is_support_colonless_ident": { Type: schema.TypeBool, @@ -3348,7 +3348,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3378,7 +3378,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3408,7 +3408,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3440,6 +3440,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := isEstimateCurrentEvent.(bool) details.IsEstimateCurrentEvent = &tmp } + if isKeepTimeKey, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "is_keep_time_key")); ok { tmp := isKeepTimeKey.(bool) details.IsKeepTimeKey = &tmp @@ -3452,7 +3453,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3498,7 +3499,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3552,7 +3553,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3597,7 +3598,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3627,7 +3628,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3673,7 +3674,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3731,7 +3732,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3765,7 +3766,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3805,7 +3806,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3843,7 +3844,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3895,7 +3896,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3941,7 +3942,7 @@ func (s *LoggingUnifiedAgentConfigurationResourceCrud) mapToUnifiedAgentParser(f tmp := nullValuePattern.(string) details.NullValuePattern = &tmp } - if timeoutInMilliseconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { + if timeoutInMilliseconds, ok := s.D.GetOk(fmt.Sprintf(fieldKeyFormat, "timeout_in_milliseconds")); ok { tmp := timeoutInMilliseconds.(int) details.TimeoutInMilliseconds = &tmp } @@ -3964,21 +3965,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -3989,21 +3988,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4014,21 +4011,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4039,7 +4034,21 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int if v.IsMergeCriFields != nil { result["is_merge_cri_fields"] = bool(*v.IsMergeCriFields) } - + if v.IsEstimateCurrentEvent != nil { + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) + } + if v.IsKeepTimeKey != nil { + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) + } + if v.IsNullEmptyString != nil { + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) + } + if v.NullValuePattern != nil { + result["null_value_pattern"] = v.NullValuePattern + } + if v.TimeoutInMilliseconds != nil { + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) + } if v.NestedParser != nil { result["nested_parser"] = []interface{}{UnifiedJsonParserToMap(v.NestedParser)} } @@ -4050,21 +4059,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4088,16 +4095,20 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["grok_name_key"] = string(*v.GrokNameKey) } + if v.IsEstimateCurrentEvent != nil { + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) + } + if v.IsKeepTimeKey != nil { + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) + } + if v.IsNullEmptyString != nil { + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) + } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } - if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds - } - - if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { @@ -4122,21 +4133,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4152,21 +4161,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4177,21 +4184,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4207,21 +4212,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4249,21 +4252,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4283,21 +4284,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4316,21 +4315,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) @@ -4361,21 +4358,19 @@ func UnifiedAgentParserToMap(obj *oci_logging.UnifiedAgentParser) map[string]int result["field_time_key"] = v.FieldTimeKey } if v.IsEstimateCurrentEvent != nil { - result["is_estimate_current_event"] = v.IsEstimateCurrentEvent - } else { - result["is_estimate_current_event"] = true + result["is_estimate_current_event"] = bool(*v.IsEstimateCurrentEvent) } if v.IsKeepTimeKey != nil { - result["is_keep_time_key"] = v.IsKeepTimeKey + result["is_keep_time_key"] = bool(*v.IsKeepTimeKey) } if v.IsNullEmptyString != nil { - result["is_null_empty_string"] = v.IsNullEmptyString + result["is_null_empty_string"] = bool(*v.IsNullEmptyString) } if v.NullValuePattern != nil { result["null_value_pattern"] = v.NullValuePattern } if v.TimeoutInMilliseconds != nil { - result["timeout_in_milliseconds"] = v.TimeoutInMilliseconds + result["timeout_in_milliseconds"] = int(*v.TimeoutInMilliseconds) } if v.Types != nil { result["types"] = tfresource.StringMapToObjectMap(v.Types) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/version.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/version.go index 7e36c4cd322..a49bbfdf19a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/version.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/version.go @@ -12,8 +12,8 @@ import ( const ( major = "65" - minor = "75" - patch = "2" + minor = "76" + patch = "0" tag = "" ) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster.go index da6f644fca8..65f3d4dd432 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster.go @@ -82,6 +82,9 @@ type Cluster struct { // Type of cluster Type ClusterTypeEnum `mandatory:"false" json:"type,omitempty"` + + // The cluster-specific OpenID Connect Discovery endpoint + OpenIdConnectDiscoveryEndpoint *string `mandatory:"false" json:"openIdConnectDiscoveryEndpoint"` } func (m Cluster) String() string { @@ -109,25 +112,26 @@ func (m Cluster) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *Cluster) UnmarshalJSON(data []byte) (e error) { model := struct { - Id *string `json:"id"` - Name *string `json:"name"` - CompartmentId *string `json:"compartmentId"` - EndpointConfig *ClusterEndpointConfig `json:"endpointConfig"` - VcnId *string `json:"vcnId"` - KubernetesVersion *string `json:"kubernetesVersion"` - KmsKeyId *string `json:"kmsKeyId"` - FreeformTags map[string]string `json:"freeformTags"` - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - SystemTags map[string]map[string]interface{} `json:"systemTags"` - Options *ClusterCreateOptions `json:"options"` - Metadata *ClusterMetadata `json:"metadata"` - LifecycleState ClusterLifecycleStateEnum `json:"lifecycleState"` - LifecycleDetails *string `json:"lifecycleDetails"` - Endpoints *ClusterEndpoints `json:"endpoints"` - AvailableKubernetesUpgrades []string `json:"availableKubernetesUpgrades"` - ImagePolicyConfig *ImagePolicyConfig `json:"imagePolicyConfig"` - ClusterPodNetworkOptions []clusterpodnetworkoptiondetails `json:"clusterPodNetworkOptions"` - Type ClusterTypeEnum `json:"type"` + Id *string `json:"id"` + Name *string `json:"name"` + CompartmentId *string `json:"compartmentId"` + EndpointConfig *ClusterEndpointConfig `json:"endpointConfig"` + VcnId *string `json:"vcnId"` + KubernetesVersion *string `json:"kubernetesVersion"` + KmsKeyId *string `json:"kmsKeyId"` + FreeformTags map[string]string `json:"freeformTags"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + SystemTags map[string]map[string]interface{} `json:"systemTags"` + Options *ClusterCreateOptions `json:"options"` + Metadata *ClusterMetadata `json:"metadata"` + LifecycleState ClusterLifecycleStateEnum `json:"lifecycleState"` + LifecycleDetails *string `json:"lifecycleDetails"` + Endpoints *ClusterEndpoints `json:"endpoints"` + AvailableKubernetesUpgrades []string `json:"availableKubernetesUpgrades"` + ImagePolicyConfig *ImagePolicyConfig `json:"imagePolicyConfig"` + ClusterPodNetworkOptions []clusterpodnetworkoptiondetails `json:"clusterPodNetworkOptions"` + Type ClusterTypeEnum `json:"type"` + OpenIdConnectDiscoveryEndpoint *string `json:"openIdConnectDiscoveryEndpoint"` }{} e = json.Unmarshal(data, &model) @@ -183,5 +187,7 @@ func (m *Cluster) UnmarshalJSON(data []byte) (e error) { } m.Type = model.Type + m.OpenIdConnectDiscoveryEndpoint = model.OpenIdConnectDiscoveryEndpoint + return } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_create_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_create_options.go index eafbcf7c206..e9c0a3dac19 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_create_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_create_options.go @@ -35,6 +35,10 @@ type ClusterCreateOptions struct { PersistentVolumeConfig *PersistentVolumeConfigDetails `mandatory:"false" json:"persistentVolumeConfig"` ServiceLbConfig *ServiceLbConfigDetails `mandatory:"false" json:"serviceLbConfig"` + + OpenIdConnectTokenAuthenticationConfig *OpenIdConnectTokenAuthenticationConfig `mandatory:"false" json:"openIdConnectTokenAuthenticationConfig"` + + OpenIdConnectDiscovery *OpenIdConnectDiscovery `mandatory:"false" json:"openIdConnectDiscovery"` } func (m ClusterCreateOptions) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_discovery.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_discovery.go new file mode 100644 index 00000000000..b4a842ea0e3 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_discovery.go @@ -0,0 +1,41 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Kubernetes Engine API +// +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, +// and manage cloud-native applications. For more information, see +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// + +package containerengine + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// OpenIdConnectDiscovery The property that define the status of the OIDC Discovery feature for a cluster. +type OpenIdConnectDiscovery struct { + + // Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint. + IsOpenIdConnectDiscoveryEnabled *bool `mandatory:"false" json:"isOpenIdConnectDiscoveryEnabled"` +} + +func (m OpenIdConnectDiscovery) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m OpenIdConnectDiscovery) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_token_authentication_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_token_authentication_config.go new file mode 100644 index 00000000000..f8b2c9157b0 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_token_authentication_config.go @@ -0,0 +1,77 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Kubernetes Engine API +// +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, +// and manage cloud-native applications. For more information, see +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// + +package containerengine + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// OpenIdConnectTokenAuthenticationConfig The properties that configure OIDC token authentication in kube-apiserver. +// For more information, see Configuring the API Server (https://kubernetes.io/docs/reference/access-authn-authz/authentication/#using-flags). +type OpenIdConnectTokenAuthenticationConfig struct { + + // Whether the cluster has OIDC Auth Config enabled. Defaults to false. + IsOpenIdConnectAuthEnabled *bool `mandatory:"true" json:"isOpenIdConnectAuthEnabled"` + + // URL of the provider that allows the API server to discover public signing keys. + // Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, + // changed to have an empty path. + IssuerUrl *string `mandatory:"false" json:"issuerUrl"` + + // A client id that all tokens must be issued for. + ClientId *string `mandatory:"false" json:"clientId"` + + // JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end + // user. Admins can choose other claims, such as email or name, depending on their provider. However, claims + // other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins. + UsernameClaim *string `mandatory:"false" json:"usernameClaim"` + + // Prefix prepended to username claims to prevent clashes with existing names (such as system:users). + // For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and + // --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where + // ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing. + UsernamePrefix *string `mandatory:"false" json:"usernamePrefix"` + + // JWT claim to use as the user's group. If the claim is present it must be an array of strings. + GroupsClaim *string `mandatory:"false" json:"groupsClaim"` + + // Prefix prepended to group claims to prevent clashes with existing names (such as system:groups). + GroupsPrefix *string `mandatory:"false" json:"groupsPrefix"` + + // A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present + // in the ID Token with a matching value. Repeat this flag to specify multiple claims. + RequiredClaims []KeyValue `mandatory:"false" json:"requiredClaims"` + + // A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate. + CaCertificate *string `mandatory:"false" json:"caCertificate"` + + // The signing algorithms accepted. Default is ["RS256"]. + SigningAlgorithms []string `mandatory:"false" json:"signingAlgorithms"` +} + +func (m OpenIdConnectTokenAuthenticationConfig) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m OpenIdConnectTokenAuthenticationConfig) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_options_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_options_details.go index 8351a2c734e..ec8d7ae17f6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_options_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_options_details.go @@ -26,6 +26,10 @@ type UpdateClusterOptionsDetails struct { PersistentVolumeConfig *PersistentVolumeConfigDetails `mandatory:"false" json:"persistentVolumeConfig"` ServiceLbConfig *ServiceLbConfigDetails `mandatory:"false" json:"serviceLbConfig"` + + OpenIdConnectTokenAuthenticationConfig *OpenIdConnectTokenAuthenticationConfig `mandatory:"false" json:"openIdConnectTokenAuthenticationConfig"` + + OpenIdConnectDiscovery *OpenIdConnectDiscovery `mandatory:"false" json:"openIdConnectDiscovery"` } func (m UpdateClusterOptionsDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica.go index 045fa2636f3..9f1c4932fff 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica.go @@ -78,6 +78,11 @@ type BlockVolumeReplica struct { // The OCID of the volume group replica. VolumeGroupReplicaId *string `mandatory:"false" json:"volumeGroupReplicaId"` + + // The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m BlockVolumeReplica) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_details.go index 8d1879205a0..331dd5c8c2f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_details.go @@ -31,6 +31,12 @@ type BlockVolumeReplicaDetails struct { // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` + + // The OCID of the Vault service key which is the master encryption key for the cross region block volume replicas, which will be used in the destination region to encrypt the block volume replica's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrrKmsKeyId *string `mandatory:"false" json:"xrrKmsKeyId"` } func (m BlockVolumeReplicaDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_info.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_info.go index d915126c870..7741877e1db 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_info.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_info.go @@ -34,6 +34,11 @@ type BlockVolumeReplicaInfo struct { // The availability domain of the block volume replica. // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"true" json:"availabilityDomain"` + + // The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m BlockVolumeReplicaInfo) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica.go index a18af18692e..d8ab97e17fb 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica.go @@ -81,6 +81,11 @@ type BootVolumeReplica struct { // The OCID of the volume group replica. VolumeGroupReplicaId *string `mandatory:"false" json:"volumeGroupReplicaId"` + + // The OCID of the Vault service key to assign as the master encryption key for the boot volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m BootVolumeReplica) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_details.go index 566c56d2086..ab139d2d484 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_details.go @@ -31,6 +31,12 @@ type BootVolumeReplicaDetails struct { // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` + + // The OCID of the Vault service key which is the master encryption key for the cross region boot volume replicas, which will be used in the destination region to encrypt the boot volume replica's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrrKmsKeyId *string `mandatory:"false" json:"xrrKmsKeyId"` } func (m BootVolumeReplicaDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_info.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_info.go index 9aa46150f36..62874afc2e3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_info.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_info.go @@ -34,6 +34,11 @@ type BootVolumeReplicaInfo struct { // The availability domain of the boot volume replica. // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"true" json:"availabilityDomain"` + + // The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m BootVolumeReplicaInfo) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_details.go index ecaaf1e2462..d4ac8635e9a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_details.go @@ -68,6 +68,10 @@ func (m *bootvolumesourcedetails) UnmarshalPolymorphicJSON(data []byte) (interfa mm := BootVolumeSourceFromBootVolumeReplicaDetails{} err = json.Unmarshal(data, &mm) return mm, err + case "bootVolumeBackupDelta": + mm := BootVolumeSourceFromBootVolumeBackupDeltaDetails{} + err = json.Unmarshal(data, &mm) + return mm, err default: common.Logf("Recieved unsupported enum value for BootVolumeSourceDetails: %s.", m.Type) return *m, nil diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_from_boot_volume_backup_delta_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_from_boot_volume_backup_delta_details.go new file mode 100644 index 00000000000..a8b9fc2b1ae --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_from_boot_volume_backup_delta_details.go @@ -0,0 +1,66 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "encoding/json" + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// BootVolumeSourceFromBootVolumeBackupDeltaDetails Specifies the boot volume backups (first & second) and block size in bytes. +type BootVolumeSourceFromBootVolumeBackupDeltaDetails struct { + + // The OCID of the first boot volume backup. + FirstBackupId *string `mandatory:"true" json:"firstBackupId"` + + // The OCID of the second boot volume backup. + SecondBackupId *string `mandatory:"true" json:"secondBackupId"` + + // Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + ChangeBlockSizeInBytes *int64 `mandatory:"false" json:"changeBlockSizeInBytes"` +} + +func (m BootVolumeSourceFromBootVolumeBackupDeltaDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m BootVolumeSourceFromBootVolumeBackupDeltaDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// MarshalJSON marshals to json representation +func (m BootVolumeSourceFromBootVolumeBackupDeltaDetails) MarshalJSON() (buff []byte, e error) { + type MarshalTypeBootVolumeSourceFromBootVolumeBackupDeltaDetails BootVolumeSourceFromBootVolumeBackupDeltaDetails + s := struct { + DiscriminatorParam string `json:"type"` + MarshalTypeBootVolumeSourceFromBootVolumeBackupDeltaDetails + }{ + "bootVolumeBackupDelta", + (MarshalTypeBootVolumeSourceFromBootVolumeBackupDeltaDetails)(m), + } + + return json.Marshal(&s) +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_boot_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_boot_volume_details.go index 2cabb02aa04..e29f505e140 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_boot_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_boot_volume_details.go @@ -82,6 +82,12 @@ type CreateBootVolumeDetails struct { // The list of autotune policies to be enabled for this volume. AutotunePolicies []AutotunePolicy `mandatory:"false" json:"autotunePolicies"` + + // The OCID of the Vault service key which is the master encryption key for the boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m CreateBootVolumeDetails) String() string { @@ -115,6 +121,7 @@ func (m *CreateBootVolumeDetails) UnmarshalJSON(data []byte) (e error) { IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` BootVolumeReplicas []BootVolumeReplicaDetails `json:"bootVolumeReplicas"` AutotunePolicies []autotunepolicy `json:"autotunePolicies"` + XrcKmsKeyId *string `json:"xrcKmsKeyId"` CompartmentId *string `json:"compartmentId"` SourceDetails bootvolumesourcedetails `json:"sourceDetails"` }{} @@ -158,6 +165,8 @@ func (m *CreateBootVolumeDetails) UnmarshalJSON(data []byte) (e error) { m.AutotunePolicies[i] = nil } } + m.XrcKmsKeyId = model.XrcKmsKeyId + m.CompartmentId = model.CompartmentId nn, e = model.SourceDetails.UnmarshalPolymorphicJSON(model.SourceDetails.JsonData) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_backup_policy_assignment_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_backup_policy_assignment_details.go index fb2fa2471cc..c3fc3f69501 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_backup_policy_assignment_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_backup_policy_assignment_details.go @@ -29,6 +29,12 @@ type CreateVolumeBackupPolicyAssignmentDetails struct { // The OCID of the volume backup policy to assign to the volume. PolicyId *string `mandatory:"true" json:"policyId"` + + // The OCID of the Vault service key which is the master encryption key for the block / boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m CreateVolumeBackupPolicyAssignmentDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_details.go index bbf187fe641..977ac058d24 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_details.go @@ -93,6 +93,12 @@ type CreateVolumeDetails struct { // The list of autotune policies to be enabled for this volume. AutotunePolicies []AutotunePolicy `mandatory:"false" json:"autotunePolicies"` + + // The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m CreateVolumeDetails) String() string { @@ -129,6 +135,7 @@ func (m *CreateVolumeDetails) UnmarshalJSON(data []byte) (e error) { IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` BlockVolumeReplicas []BlockVolumeReplicaDetails `json:"blockVolumeReplicas"` AutotunePolicies []autotunepolicy `json:"autotunePolicies"` + XrcKmsKeyId *string `json:"xrcKmsKeyId"` CompartmentId *string `json:"compartmentId"` }{} @@ -185,6 +192,8 @@ func (m *CreateVolumeDetails) UnmarshalJSON(data []byte) (e error) { m.AutotunePolicies[i] = nil } } + m.XrcKmsKeyId = model.XrcKmsKeyId + m.CompartmentId = model.CompartmentId return diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_group_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_group_details.go index 1a2437e9d73..9f2af6b3ce9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_group_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_group_details.go @@ -57,6 +57,12 @@ type CreateVolumeGroupDetails struct { // The clusterPlacementGroup Id of the volume group for volume group placement. ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + + // The OCID of the Vault service key which is the master encryption key for the volume's cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m CreateVolumeGroupDetails) String() string { @@ -84,6 +90,7 @@ func (m *CreateVolumeGroupDetails) UnmarshalJSON(data []byte) (e error) { FreeformTags map[string]string `json:"freeformTags"` VolumeGroupReplicas []VolumeGroupReplicaDetails `json:"volumeGroupReplicas"` ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` + XrcKmsKeyId *string `json:"xrcKmsKeyId"` AvailabilityDomain *string `json:"availabilityDomain"` CompartmentId *string `json:"compartmentId"` SourceDetails volumegroupsourcedetails `json:"sourceDetails"` @@ -106,6 +113,8 @@ func (m *CreateVolumeGroupDetails) UnmarshalJSON(data []byte) (e error) { copy(m.VolumeGroupReplicas, model.VolumeGroupReplicas) m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.XrcKmsKeyId = model.XrcKmsKeyId + m.AvailabilityDomain = model.AvailabilityDomain m.CompartmentId = model.CompartmentId diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_volume_details.go index 8d794531fc8..d14942c873c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_volume_details.go @@ -83,6 +83,12 @@ type InstanceConfigurationCreateVolumeDetails struct { // The list of autotune policies enabled for this volume. AutotunePolicies []InstanceConfigurationAutotunePolicy `mandatory:"false" json:"autotunePolicies"` + + // The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m InstanceConfigurationCreateVolumeDetails) String() string { @@ -118,6 +124,7 @@ func (m *InstanceConfigurationCreateVolumeDetails) UnmarshalJSON(data []byte) (e SizeInGBs *int64 `json:"sizeInGBs"` SourceDetails instanceconfigurationvolumesourcedetails `json:"sourceDetails"` AutotunePolicies []instanceconfigurationautotunepolicy `json:"autotunePolicies"` + XrcKmsKeyId *string `json:"xrcKmsKeyId"` }{} e = json.Unmarshal(data, &model) @@ -171,5 +178,7 @@ func (m *InstanceConfigurationCreateVolumeDetails) UnmarshalJSON(data []byte) (e m.AutotunePolicies[i] = nil } } + m.XrcKmsKeyId = model.XrcKmsKeyId + return } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_backup_policy_assignment.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_backup_policy_assignment.go index 7322b96f8c7..871de28e4fd 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_backup_policy_assignment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_backup_policy_assignment.go @@ -38,6 +38,12 @@ type VolumeBackupPolicyAssignment struct { // The date and time the volume backup policy was assigned to the volume. The format is // defined by RFC3339 (https://tools.ietf.org/html/rfc3339). TimeCreated *common.SDKTime `mandatory:"true" json:"timeCreated"` + + // The OCID of the Vault service key which is the master encryption key for the block / boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m VolumeBackupPolicyAssignment) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_details.go index 7a98f3ae586..7dfae065a99 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_details.go @@ -31,6 +31,12 @@ type VolumeGroupReplicaDetails struct { // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` + + // The OCID of the Vault service key which is the master encryption key for the cross region volume group's replicas, which will be used in the destination region to encrypt the volume group's replicas encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrrKmsKeyId *string `mandatory:"false" json:"xrrKmsKeyId"` } func (m VolumeGroupReplicaDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_info.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_info.go index f730deec9a0..2d5a8cdae2f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_info.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_info.go @@ -34,6 +34,11 @@ type VolumeGroupReplicaInfo struct { // The availability domain of the boot volume replica replica. // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"true" json:"availabilityDomain"` + + // The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m VolumeGroupReplicaInfo) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_details.go index bcea6aaf3df..8d8538519a5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_details.go @@ -70,6 +70,10 @@ func (m *volumesourcedetails) UnmarshalPolymorphicJSON(data []byte) (interface{} mm := VolumeSourceFromVolumeBackupDetails{} err = json.Unmarshal(data, &mm) return mm, err + case "volumeBackupDelta": + mm := VolumeSourceFromVolumeBackupDeltaDetails{} + err = json.Unmarshal(data, &mm) + return mm, err default: common.Logf("Recieved unsupported enum value for VolumeSourceDetails: %s.", m.Type) return *m, nil diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_from_volume_backup_delta_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_from_volume_backup_delta_details.go new file mode 100644 index 00000000000..b3223d6369f --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_from_volume_backup_delta_details.go @@ -0,0 +1,66 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "encoding/json" + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// VolumeSourceFromVolumeBackupDeltaDetails Specifies the volume backups (first & second) and block size in bytes. +type VolumeSourceFromVolumeBackupDeltaDetails struct { + + // The OCID of the first volume backup. + FirstBackupId *string `mandatory:"true" json:"firstBackupId"` + + // The OCID of the second volume backup. + SecondBackupId *string `mandatory:"true" json:"secondBackupId"` + + // Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + ChangeBlockSizeInBytes *int64 `mandatory:"false" json:"changeBlockSizeInBytes"` +} + +func (m VolumeSourceFromVolumeBackupDeltaDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m VolumeSourceFromVolumeBackupDeltaDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// MarshalJSON marshals to json representation +func (m VolumeSourceFromVolumeBackupDeltaDetails) MarshalJSON() (buff []byte, e error) { + type MarshalTypeVolumeSourceFromVolumeBackupDeltaDetails VolumeSourceFromVolumeBackupDeltaDetails + s := struct { + DiscriminatorParam string `json:"type"` + MarshalTypeVolumeSourceFromVolumeBackupDeltaDetails + }{ + "volumeBackupDelta", + (MarshalTypeVolumeSourceFromVolumeBackupDeltaDetails)(m), + } + + return json.Marshal(&s) +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/change_steering_policy_compartment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/change_steering_policy_compartment_request_response.go index e26a3646637..8980eecce4c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/change_steering_policy_compartment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/change_steering_policy_compartment_request_response.go @@ -101,6 +101,10 @@ type ChangeSteeringPolicyCompartmentResponse struct { // Unique Oracle-assigned identifier for the request. If you need to // contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` } func (response ChangeSteeringPolicyCompartmentResponse) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_steering_policy_attachment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_steering_policy_attachment_request_response.go index b17c64ccf07..0b6ad30f19a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_steering_policy_attachment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_steering_policy_attachment_request_response.go @@ -102,6 +102,10 @@ type CreateSteeringPolicyAttachmentResponse struct { // Unique Oracle-assigned identifier for the request. If you need to // contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` } func (response CreateSteeringPolicyAttachmentResponse) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_steering_policy_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_steering_policy_request_response.go index 8404a04fd30..2ae884166c8 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_steering_policy_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_steering_policy_request_response.go @@ -102,6 +102,10 @@ type CreateSteeringPolicyResponse struct { // Unique Oracle-assigned identifier for the request. If you need to // contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` } func (response CreateSteeringPolicyResponse) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_zone_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_zone_details.go index 113ffe8cabb..c21faa15016 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_zone_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/create_zone_details.go @@ -59,6 +59,27 @@ type CreateZoneDetails struct { // The scope of the zone. Scope ScopeEnum `mandatory:"false" json:"scope,omitempty"` + + // The state of DNSSEC on the zone. + // For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain (or an independent + // trust anchor) must also have DNSSEC correctly set up. + // After enabling DNSSEC, you must add a DS record to the zone's parent zone containing the + // `KskDnssecKeyVersion` data. You can find the DS data in the `dsData` attribute of the `KskDnssecKeyVersion`. + // Then, use the `PromoteZoneDnssecKeyVersion` operation to promote the `KskDnssecKeyVersion`. + // New `KskDnssecKeyVersion`s are generated annually, a week before the existing `KskDnssecKeyVersion`'s expiration. + // To rollover a `KskDnssecKeyVersion`, you must replace the parent zone's DS record containing the old + // `KskDnssecKeyVersion` data with the data from the new `KskDnssecKeyVersion`. + // To remove the old DS record without causing service disruption, wait until the old DS record's TTL has + // expired, and the new DS record has propagated. After the DS replacement has been completed, then the + // `PromoteZoneDnssecKeyVersion` operation must be called. + // Metrics are emitted in the `oci_dns` namespace daily for each `KskDnssecKeyVersion` indicating how many + // days are left until expiration. + // We recommend that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the + // necessary parent zone updates can be made and the `PromoteZoneDnssecKeyVersion` operation can be called. + // Enabling DNSSEC results in additional records in DNS responses which increases their size and can + // cause higher response latency. + // For more information, see DNSSEC (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). + DnssecState ZoneDnssecStateEnum `mandatory:"false" json:"dnssecState,omitempty"` } // GetName returns Name @@ -97,6 +118,9 @@ func (m CreateZoneDetails) ValidateEnumValue() (bool, error) { if _, ok := GetMappingScopeEnum(string(m.Scope)); !ok && m.Scope != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Scope: %s. Supported values are: %s.", m.Scope, strings.Join(GetScopeEnumStringValues(), ","))) } + if _, ok := GetMappingZoneDnssecStateEnum(string(m.DnssecState)); !ok && m.DnssecState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DnssecState: %s. Supported values are: %s.", m.DnssecState, strings.Join(GetZoneDnssecStateEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/delete_steering_policy_attachment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/delete_steering_policy_attachment_request_response.go index d64baaaec01..6550d9c3926 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/delete_steering_policy_attachment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/delete_steering_policy_attachment_request_response.go @@ -97,6 +97,10 @@ type DeleteSteeringPolicyAttachmentResponse struct { // Unique Oracle-assigned identifier for the request. If you need to // contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` } func (response DeleteSteeringPolicyAttachmentResponse) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/delete_steering_policy_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/delete_steering_policy_request_response.go index 27e93e4ca1c..285ede2ce10 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/delete_steering_policy_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/delete_steering_policy_request_response.go @@ -97,6 +97,10 @@ type DeleteSteeringPolicyResponse struct { // Unique Oracle-assigned identifier for the request. If you need to // contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` } func (response DeleteSteeringPolicyResponse) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/dns_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dns_client.go index 3621b124eb9..0095d89891d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/dns_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dns_client.go @@ -2657,6 +2657,141 @@ func (client DnsClient) patchZoneRecords(ctx context.Context, request common.OCI return response, err } +// PromoteZoneDnssecKeyVersion Promotes a specified `DnssecKeyVersion` on the zone. +// If the `DnssecKeyVersion` identified in the request body is a key signing key (KSK) that is replacing +// another `DnssecKeyVersion`, then the old `DnssecKeyVersion` is scheduled for removal from the zone. +// For key signing keys (KSKs), you must create the DS record with the new key information **before** promoting +// the new key to establish a chain of trust. To avoid a service disruption, remove the old DS record as soon +// as its TTL (time to live) expires. +// For more information, see DNSSEC (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/dns/PromoteZoneDnssecKeyVersion.go.html to see an example of how to use PromoteZoneDnssecKeyVersion API. +// A default retry strategy applies to this operation PromoteZoneDnssecKeyVersion() +func (client DnsClient) PromoteZoneDnssecKeyVersion(ctx context.Context, request PromoteZoneDnssecKeyVersionRequest) (response PromoteZoneDnssecKeyVersionResponse, err error) { + var ociResponse common.OCIResponse + policy := common.DefaultRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.promoteZoneDnssecKeyVersion, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = PromoteZoneDnssecKeyVersionResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = PromoteZoneDnssecKeyVersionResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(PromoteZoneDnssecKeyVersionResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into PromoteZoneDnssecKeyVersionResponse") + } + return +} + +// promoteZoneDnssecKeyVersion implements the OCIOperation interface (enables retrying operations) +func (client DnsClient) promoteZoneDnssecKeyVersion(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/zones/{zoneId}/actions/promoteDnssecKeyVersion", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response PromoteZoneDnssecKeyVersionResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/dns/20180115/Zone/PromoteZoneDnssecKeyVersion" + err = common.PostProcessServiceError(err, "Dns", "PromoteZoneDnssecKeyVersion", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// StageZoneDnssecKeyVersion Stages a new `DnssecKeyVersion` on the zone. Staging is a process that generates a new "successor" key version +// that replaces an existing "predecessor" key version. +// **Note:** A new key-signing key (KSK) version is inert until you update the parent zone DS records. +// For more information, see the DNSSEC (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm) documentation. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/dns/StageZoneDnssecKeyVersion.go.html to see an example of how to use StageZoneDnssecKeyVersion API. +// A default retry strategy applies to this operation StageZoneDnssecKeyVersion() +func (client DnsClient) StageZoneDnssecKeyVersion(ctx context.Context, request StageZoneDnssecKeyVersionRequest) (response StageZoneDnssecKeyVersionResponse, err error) { + var ociResponse common.OCIResponse + policy := common.DefaultRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.stageZoneDnssecKeyVersion, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = StageZoneDnssecKeyVersionResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = StageZoneDnssecKeyVersionResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(StageZoneDnssecKeyVersionResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into StageZoneDnssecKeyVersionResponse") + } + return +} + +// stageZoneDnssecKeyVersion implements the OCIOperation interface (enables retrying operations) +func (client DnsClient) stageZoneDnssecKeyVersion(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/zones/{zoneId}/actions/stageDnssecKeyVersion", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response StageZoneDnssecKeyVersionResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/dns/20180115/Zone/StageZoneDnssecKeyVersion" + err = common.PostProcessServiceError(err, "Dns", "StageZoneDnssecKeyVersion", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // UpdateDomainRecords Replaces records in the specified zone at a domain with the records specified in the request body. // If a specified record does not exist, it will be created. If the record exists, then it will be updated to // represent the record in the body of the request. If a record in the zone does not exist in the request body, diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_config.go new file mode 100644 index 00000000000..01b1d535010 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_config.go @@ -0,0 +1,44 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// DnssecConfig DNSSEC configuration data. +// A zone may have a maximum of 10 `DnssecKeyVersions`, regardless of signing key type. +type DnssecConfig struct { + + // A read-only array of key signing key (KSK) versions. + KskDnssecKeyVersions []KskDnssecKeyVersion `mandatory:"false" json:"kskDnssecKeyVersions"` + + // A read-only array of zone signing key (ZSK) versions. + ZskDnssecKeyVersions []ZskDnssecKeyVersion `mandatory:"false" json:"zskDnssecKeyVersions"` +} + +func (m DnssecConfig) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m DnssecConfig) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_digest_type.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_digest_type.go new file mode 100644 index 00000000000..2eef9f3a27a --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_digest_type.go @@ -0,0 +1,53 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "strings" +) + +// DnssecDigestTypeEnum Enum with underlying type: string +type DnssecDigestTypeEnum string + +// Set of constants representing the allowable values for DnssecDigestTypeEnum +const ( + DnssecDigestTypeSha256 DnssecDigestTypeEnum = "SHA_256" +) + +var mappingDnssecDigestTypeEnum = map[string]DnssecDigestTypeEnum{ + "SHA_256": DnssecDigestTypeSha256, +} + +var mappingDnssecDigestTypeEnumLowerCase = map[string]DnssecDigestTypeEnum{ + "sha_256": DnssecDigestTypeSha256, +} + +// GetDnssecDigestTypeEnumValues Enumerates the set of values for DnssecDigestTypeEnum +func GetDnssecDigestTypeEnumValues() []DnssecDigestTypeEnum { + values := make([]DnssecDigestTypeEnum, 0) + for _, v := range mappingDnssecDigestTypeEnum { + values = append(values, v) + } + return values +} + +// GetDnssecDigestTypeEnumStringValues Enumerates the set of values in String for DnssecDigestTypeEnum +func GetDnssecDigestTypeEnumStringValues() []string { + return []string{ + "SHA_256", + } +} + +// GetMappingDnssecDigestTypeEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingDnssecDigestTypeEnum(val string) (DnssecDigestTypeEnum, bool) { + enum, ok := mappingDnssecDigestTypeEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_key_version_ds_data.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_key_version_ds_data.go new file mode 100644 index 00000000000..b523b75bc57 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_key_version_ds_data.go @@ -0,0 +1,47 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// DnssecKeyVersionDsData Data for a parent zone DS record corresponding to this key-signing key (KSK). +type DnssecKeyVersionDsData struct { + + // Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, + // see Supported DNS Resource Record Types (https://docs.cloud.oracle.com/iaas/Content/DNS/Reference/supporteddnsresource.htm) + Rdata *string `mandatory:"false" json:"rdata"` + + // The type of the digest associated with the rdata. + DigestType DnssecDigestTypeEnum `mandatory:"false" json:"digestType,omitempty"` +} + +func (m DnssecKeyVersionDsData) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m DnssecKeyVersionDsData) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if _, ok := GetMappingDnssecDigestTypeEnum(string(m.DigestType)); !ok && m.DigestType != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DigestType: %s. Supported values are: %s.", m.DigestType, strings.Join(GetDnssecDigestTypeEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_signing_algorithm.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_signing_algorithm.go new file mode 100644 index 00000000000..b75a41181ef --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/dnssec_signing_algorithm.go @@ -0,0 +1,53 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "strings" +) + +// DnssecSigningAlgorithmEnum Enum with underlying type: string +type DnssecSigningAlgorithmEnum string + +// Set of constants representing the allowable values for DnssecSigningAlgorithmEnum +const ( + DnssecSigningAlgorithmRsasha256 DnssecSigningAlgorithmEnum = "RSASHA256" +) + +var mappingDnssecSigningAlgorithmEnum = map[string]DnssecSigningAlgorithmEnum{ + "RSASHA256": DnssecSigningAlgorithmRsasha256, +} + +var mappingDnssecSigningAlgorithmEnumLowerCase = map[string]DnssecSigningAlgorithmEnum{ + "rsasha256": DnssecSigningAlgorithmRsasha256, +} + +// GetDnssecSigningAlgorithmEnumValues Enumerates the set of values for DnssecSigningAlgorithmEnum +func GetDnssecSigningAlgorithmEnumValues() []DnssecSigningAlgorithmEnum { + values := make([]DnssecSigningAlgorithmEnum, 0) + for _, v := range mappingDnssecSigningAlgorithmEnum { + values = append(values, v) + } + return values +} + +// GetDnssecSigningAlgorithmEnumStringValues Enumerates the set of values in String for DnssecSigningAlgorithmEnum +func GetDnssecSigningAlgorithmEnumStringValues() []string { + return []string{ + "RSASHA256", + } +} + +// GetMappingDnssecSigningAlgorithmEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingDnssecSigningAlgorithmEnum(val string) (DnssecSigningAlgorithmEnum, bool) { + enum, ok := mappingDnssecSigningAlgorithmEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/ksk_dnssec_key_version.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/ksk_dnssec_key_version.go new file mode 100644 index 00000000000..bb550f9786f --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/ksk_dnssec_key_version.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// KskDnssecKeyVersion A key signing key (KSK) version. The version information contains timing and configuration data corresponding to the KSK that is used to +// apply DNSSEC on the zone. +type KskDnssecKeyVersion struct { + + // The UUID of the `DnssecKeyVersion`. + Uuid *string `mandatory:"false" json:"uuid"` + + // The signing algorithm used for the key. + Algorithm DnssecSigningAlgorithmEnum `mandatory:"false" json:"algorithm,omitempty"` + + // The length of the corresponding private key in bytes, expressed as an integer. + LengthInBytes *int `mandatory:"false" json:"lengthInBytes"` + + // The date and time the key version was created, expressed in RFC 3339 timestamp format. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeCreated *common.SDKTime `mandatory:"false" json:"timeCreated"` + + // The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is + // when the zone contents will include a DNSKEY record corresponding to the key material. + // **Example:** `2016-07-22T17:23:59:00Z` + TimePublished *common.SDKTime `mandatory:"false" json:"timePublished"` + + // The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is + // when the key material will be used to generate RRSIGs. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeActivated *common.SDKTime `mandatory:"false" json:"timeActivated"` + + // The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This + // is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) `DnssecKeyVersion`, this is + // populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeInactivated *common.SDKTime `mandatory:"false" json:"timeInactivated"` + + // The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This + // is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) `DnssecKeyVersion`, this is + // populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeUnpublished *common.SDKTime `mandatory:"false" json:"timeUnpublished"` + + // The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC + // 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no + // longer be used to generate RRSIGs. For a key sigining key (KSK), if `PromoteZoneDnssecKeyVersion` has not been called on this + // `DnssecKeyVersion`'s successor then it will remain active for arbitrarily long past its recommended lifetime. + // This prevents service disruption at the potential increased risk of key compromise. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeExpired *common.SDKTime `mandatory:"false" json:"timeExpired"` + + // The date and time the key version was promoted expressed in RFC 3339 timestamp format. + // **Example:** `2016-07-22T17:23:59:00Z` + TimePromoted *common.SDKTime `mandatory:"false" json:"timePromoted"` + + // When populated, this is the UUID of the `DnssecKeyVersion` that this `DnssecKeyVersion` will replace or has + // replaced. + PredecessorDnssecKeyVersionUuid *string `mandatory:"false" json:"predecessorDnssecKeyVersionUuid"` + + // When populated, this is the UUID of the `DnssecKeyVersion` that will replace, or has replaced, this + // `DnssecKeyVersion`. + SuccessorDnssecKeyVersionUuid *string `mandatory:"false" json:"successorDnssecKeyVersionUuid"` + + // The key tag associated with the `DnssecKeyVersion`. This key tag will be present in the RRSIG and DS records + // associated with the key material for this `DnssecKeyVersion`. For more information about key tags, see + // RFC 4034 (https://tools.ietf.org/html/rfc4034). + KeyTag *int `mandatory:"false" json:"keyTag"` + + // An array of data for DS records corresponding with this key version. An entry will exist for each + // supported DS digest algorithm. + DsData []DnssecKeyVersionDsData `mandatory:"false" json:"dsData"` +} + +func (m KskDnssecKeyVersion) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m KskDnssecKeyVersion) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if _, ok := GetMappingDnssecSigningAlgorithmEnum(string(m.Algorithm)); !ok && m.Algorithm != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Algorithm: %s. Supported values are: %s.", m.Algorithm, strings.Join(GetDnssecSigningAlgorithmEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/list_zones_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/list_zones_request_response.go index b56b3380a69..bfd691a8e0a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/list_zones_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/list_zones_request_response.go @@ -70,6 +70,9 @@ type ListZonesRequest struct { // Search for zones that are associated with a TSIG key. TsigKeyId *string `mandatory:"false" contributesTo:"query" name:"tsigKeyId"` + // Search for zones that have the given `DnssecState`. + DnssecState ListZonesDnssecStateEnum `mandatory:"false" contributesTo:"query" name:"dnssecState" omitEmpty:"true"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata @@ -121,6 +124,9 @@ func (request ListZonesRequest) ValidateEnumValue() (bool, error) { if _, ok := GetMappingListZonesScopeEnum(string(request.Scope)); !ok && request.Scope != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Scope: %s. Supported values are: %s.", request.Scope, strings.Join(GetListZonesScopeEnumStringValues(), ","))) } + if _, ok := GetMappingListZonesDnssecStateEnum(string(request.DnssecState)); !ok && request.DnssecState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DnssecState: %s. Supported values are: %s.", request.DnssecState, strings.Join(GetListZonesDnssecStateEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } @@ -387,3 +393,45 @@ func GetMappingListZonesScopeEnum(val string) (ListZonesScopeEnum, bool) { enum, ok := mappingListZonesScopeEnumLowerCase[strings.ToLower(val)] return enum, ok } + +// ListZonesDnssecStateEnum Enum with underlying type: string +type ListZonesDnssecStateEnum string + +// Set of constants representing the allowable values for ListZonesDnssecStateEnum +const ( + ListZonesDnssecStateEnabled ListZonesDnssecStateEnum = "ENABLED" + ListZonesDnssecStateDisabled ListZonesDnssecStateEnum = "DISABLED" +) + +var mappingListZonesDnssecStateEnum = map[string]ListZonesDnssecStateEnum{ + "ENABLED": ListZonesDnssecStateEnabled, + "DISABLED": ListZonesDnssecStateDisabled, +} + +var mappingListZonesDnssecStateEnumLowerCase = map[string]ListZonesDnssecStateEnum{ + "enabled": ListZonesDnssecStateEnabled, + "disabled": ListZonesDnssecStateDisabled, +} + +// GetListZonesDnssecStateEnumValues Enumerates the set of values for ListZonesDnssecStateEnum +func GetListZonesDnssecStateEnumValues() []ListZonesDnssecStateEnum { + values := make([]ListZonesDnssecStateEnum, 0) + for _, v := range mappingListZonesDnssecStateEnum { + values = append(values, v) + } + return values +} + +// GetListZonesDnssecStateEnumStringValues Enumerates the set of values in String for ListZonesDnssecStateEnum +func GetListZonesDnssecStateEnumStringValues() []string { + return []string{ + "ENABLED", + "DISABLED", + } +} + +// GetMappingListZonesDnssecStateEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingListZonesDnssecStateEnum(val string) (ListZonesDnssecStateEnum, bool) { + enum, ok := mappingListZonesDnssecStateEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/promote_zone_dnssec_key_version_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/promote_zone_dnssec_key_version_details.go new file mode 100644 index 00000000000..d982639b305 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/promote_zone_dnssec_key_version_details.go @@ -0,0 +1,40 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// PromoteZoneDnssecKeyVersionDetails Details for promoting a `DnssecKeyVersion` on a zone. +type PromoteZoneDnssecKeyVersionDetails struct { + + // The UUID of the `DnssecKeyVersion` that is being promoted. + DnssecKeyVersionUuid *string `mandatory:"true" json:"dnssecKeyVersionUuid"` +} + +func (m PromoteZoneDnssecKeyVersionDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m PromoteZoneDnssecKeyVersionDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/promote_zone_dnssec_key_version_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/promote_zone_dnssec_key_version_request_response.go new file mode 100644 index 00000000000..7f3054c3c1f --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/promote_zone_dnssec_key_version_request_response.go @@ -0,0 +1,166 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package dns + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// PromoteZoneDnssecKeyVersionRequest wrapper for the PromoteZoneDnssecKeyVersion operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/dns/PromoteZoneDnssecKeyVersion.go.html to see an example of how to use PromoteZoneDnssecKeyVersionRequest. +type PromoteZoneDnssecKeyVersionRequest struct { + + // The OCID of the target zone. + ZoneId *string `mandatory:"true" contributesTo:"path" name:"zoneId"` + + // Details for promoting a `DnssecKeyVersion`. + PromoteZoneDnssecKeyVersionDetails `contributesTo:"body"` + + // The `If-Match` header field makes the request method conditional on the + // existence of at least one current representation of the target resource, + // when the field-value is `*`, or having a current representation of the + // target resource that has an entity-tag matching a member of the list of + // entity-tags provided in the field-value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"If-Match"` + + // The `If-Unmodified-Since` header field makes the request method + // conditional on the selected representation's last modification date being + // earlier than or equal to the date provided in the field-value. This + // field accomplishes the same purpose as If-Match for cases where the user + // agent does not have an entity-tag for the representation. + IfUnmodifiedSince *string `mandatory:"false" contributesTo:"header" name:"If-Unmodified-Since"` + + // A token that uniquely identifies a request so it can be retried in case + // of a timeout or server error without risk of executing that same action + // again. Retry tokens expire after 24 hours, but can be invalidated before + // then due to conflicting operations (for example, if a resource has been + // deleted and purged from the system, then a retry of the original creation + // request may be rejected). + OpcRetryToken *string `mandatory:"false" contributesTo:"header" name:"opc-retry-token"` + + // Unique Oracle-assigned identifier for the request. If you need + // to contact Oracle about a particular request, please provide + // the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Specifies to operate only on resources that have a matching DNS scope. + Scope PromoteZoneDnssecKeyVersionScopeEnum `mandatory:"false" contributesTo:"query" name:"scope" omitEmpty:"true"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request PromoteZoneDnssecKeyVersionRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request PromoteZoneDnssecKeyVersionRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request PromoteZoneDnssecKeyVersionRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request PromoteZoneDnssecKeyVersionRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request PromoteZoneDnssecKeyVersionRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if _, ok := GetMappingPromoteZoneDnssecKeyVersionScopeEnum(string(request.Scope)); !ok && request.Scope != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Scope: %s. Supported values are: %s.", request.Scope, strings.Join(GetPromoteZoneDnssecKeyVersionScopeEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// PromoteZoneDnssecKeyVersionResponse wrapper for the PromoteZoneDnssecKeyVersion operation +type PromoteZoneDnssecKeyVersionResponse struct { + + // The underlying http response + RawResponse *http.Response + + // Unique Oracle-assigned identifier for the request. If you need to + // contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` +} + +func (response PromoteZoneDnssecKeyVersionResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response PromoteZoneDnssecKeyVersionResponse) HTTPResponse() *http.Response { + return response.RawResponse +} + +// PromoteZoneDnssecKeyVersionScopeEnum Enum with underlying type: string +type PromoteZoneDnssecKeyVersionScopeEnum string + +// Set of constants representing the allowable values for PromoteZoneDnssecKeyVersionScopeEnum +const ( + PromoteZoneDnssecKeyVersionScopeGlobal PromoteZoneDnssecKeyVersionScopeEnum = "GLOBAL" + PromoteZoneDnssecKeyVersionScopePrivate PromoteZoneDnssecKeyVersionScopeEnum = "PRIVATE" +) + +var mappingPromoteZoneDnssecKeyVersionScopeEnum = map[string]PromoteZoneDnssecKeyVersionScopeEnum{ + "GLOBAL": PromoteZoneDnssecKeyVersionScopeGlobal, + "PRIVATE": PromoteZoneDnssecKeyVersionScopePrivate, +} + +var mappingPromoteZoneDnssecKeyVersionScopeEnumLowerCase = map[string]PromoteZoneDnssecKeyVersionScopeEnum{ + "global": PromoteZoneDnssecKeyVersionScopeGlobal, + "private": PromoteZoneDnssecKeyVersionScopePrivate, +} + +// GetPromoteZoneDnssecKeyVersionScopeEnumValues Enumerates the set of values for PromoteZoneDnssecKeyVersionScopeEnum +func GetPromoteZoneDnssecKeyVersionScopeEnumValues() []PromoteZoneDnssecKeyVersionScopeEnum { + values := make([]PromoteZoneDnssecKeyVersionScopeEnum, 0) + for _, v := range mappingPromoteZoneDnssecKeyVersionScopeEnum { + values = append(values, v) + } + return values +} + +// GetPromoteZoneDnssecKeyVersionScopeEnumStringValues Enumerates the set of values in String for PromoteZoneDnssecKeyVersionScopeEnum +func GetPromoteZoneDnssecKeyVersionScopeEnumStringValues() []string { + return []string{ + "GLOBAL", + "PRIVATE", + } +} + +// GetMappingPromoteZoneDnssecKeyVersionScopeEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingPromoteZoneDnssecKeyVersionScopeEnum(val string) (PromoteZoneDnssecKeyVersionScopeEnum, bool) { + enum, ok := mappingPromoteZoneDnssecKeyVersionScopeEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/stage_zone_dnssec_key_version_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/stage_zone_dnssec_key_version_details.go new file mode 100644 index 00000000000..62a7ee22d07 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/stage_zone_dnssec_key_version_details.go @@ -0,0 +1,40 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// StageZoneDnssecKeyVersionDetails Details for staging a `DnssecKeyVersion` on a zone. +type StageZoneDnssecKeyVersionDetails struct { + + // The UUID of the `DnssecKeyVersion` for which a new successor should be generated. + PredecessorDnssecKeyVersionUuid *string `mandatory:"true" json:"predecessorDnssecKeyVersionUuid"` +} + +func (m StageZoneDnssecKeyVersionDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m StageZoneDnssecKeyVersionDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/stage_zone_dnssec_key_version_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/stage_zone_dnssec_key_version_request_response.go new file mode 100644 index 00000000000..872a5b7e8a9 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/stage_zone_dnssec_key_version_request_response.go @@ -0,0 +1,166 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package dns + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// StageZoneDnssecKeyVersionRequest wrapper for the StageZoneDnssecKeyVersion operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/dns/StageZoneDnssecKeyVersion.go.html to see an example of how to use StageZoneDnssecKeyVersionRequest. +type StageZoneDnssecKeyVersionRequest struct { + + // The OCID of the target zone. + ZoneId *string `mandatory:"true" contributesTo:"path" name:"zoneId"` + + // Details for staging a DnssecKeyVersion. + StageZoneDnssecKeyVersionDetails `contributesTo:"body"` + + // The `If-Match` header field makes the request method conditional on the + // existence of at least one current representation of the target resource, + // when the field-value is `*`, or having a current representation of the + // target resource that has an entity-tag matching a member of the list of + // entity-tags provided in the field-value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"If-Match"` + + // The `If-Unmodified-Since` header field makes the request method + // conditional on the selected representation's last modification date being + // earlier than or equal to the date provided in the field-value. This + // field accomplishes the same purpose as If-Match for cases where the user + // agent does not have an entity-tag for the representation. + IfUnmodifiedSince *string `mandatory:"false" contributesTo:"header" name:"If-Unmodified-Since"` + + // A token that uniquely identifies a request so it can be retried in case + // of a timeout or server error without risk of executing that same action + // again. Retry tokens expire after 24 hours, but can be invalidated before + // then due to conflicting operations (for example, if a resource has been + // deleted and purged from the system, then a retry of the original creation + // request may be rejected). + OpcRetryToken *string `mandatory:"false" contributesTo:"header" name:"opc-retry-token"` + + // Unique Oracle-assigned identifier for the request. If you need + // to contact Oracle about a particular request, please provide + // the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Specifies to operate only on resources that have a matching DNS scope. + Scope StageZoneDnssecKeyVersionScopeEnum `mandatory:"false" contributesTo:"query" name:"scope" omitEmpty:"true"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request StageZoneDnssecKeyVersionRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request StageZoneDnssecKeyVersionRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request StageZoneDnssecKeyVersionRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request StageZoneDnssecKeyVersionRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request StageZoneDnssecKeyVersionRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if _, ok := GetMappingStageZoneDnssecKeyVersionScopeEnum(string(request.Scope)); !ok && request.Scope != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Scope: %s. Supported values are: %s.", request.Scope, strings.Join(GetStageZoneDnssecKeyVersionScopeEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// StageZoneDnssecKeyVersionResponse wrapper for the StageZoneDnssecKeyVersion operation +type StageZoneDnssecKeyVersionResponse struct { + + // The underlying http response + RawResponse *http.Response + + // Unique Oracle-assigned identifier for the request. If you need to + // contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` +} + +func (response StageZoneDnssecKeyVersionResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response StageZoneDnssecKeyVersionResponse) HTTPResponse() *http.Response { + return response.RawResponse +} + +// StageZoneDnssecKeyVersionScopeEnum Enum with underlying type: string +type StageZoneDnssecKeyVersionScopeEnum string + +// Set of constants representing the allowable values for StageZoneDnssecKeyVersionScopeEnum +const ( + StageZoneDnssecKeyVersionScopeGlobal StageZoneDnssecKeyVersionScopeEnum = "GLOBAL" + StageZoneDnssecKeyVersionScopePrivate StageZoneDnssecKeyVersionScopeEnum = "PRIVATE" +) + +var mappingStageZoneDnssecKeyVersionScopeEnum = map[string]StageZoneDnssecKeyVersionScopeEnum{ + "GLOBAL": StageZoneDnssecKeyVersionScopeGlobal, + "PRIVATE": StageZoneDnssecKeyVersionScopePrivate, +} + +var mappingStageZoneDnssecKeyVersionScopeEnumLowerCase = map[string]StageZoneDnssecKeyVersionScopeEnum{ + "global": StageZoneDnssecKeyVersionScopeGlobal, + "private": StageZoneDnssecKeyVersionScopePrivate, +} + +// GetStageZoneDnssecKeyVersionScopeEnumValues Enumerates the set of values for StageZoneDnssecKeyVersionScopeEnum +func GetStageZoneDnssecKeyVersionScopeEnumValues() []StageZoneDnssecKeyVersionScopeEnum { + values := make([]StageZoneDnssecKeyVersionScopeEnum, 0) + for _, v := range mappingStageZoneDnssecKeyVersionScopeEnum { + values = append(values, v) + } + return values +} + +// GetStageZoneDnssecKeyVersionScopeEnumStringValues Enumerates the set of values in String for StageZoneDnssecKeyVersionScopeEnum +func GetStageZoneDnssecKeyVersionScopeEnumStringValues() []string { + return []string{ + "GLOBAL", + "PRIVATE", + } +} + +// GetMappingStageZoneDnssecKeyVersionScopeEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingStageZoneDnssecKeyVersionScopeEnum(val string) (StageZoneDnssecKeyVersionScopeEnum, bool) { + enum, ok := mappingStageZoneDnssecKeyVersionScopeEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_steering_policy_attachment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_steering_policy_attachment_request_response.go index 382f5a3e54c..9d1d3f60439 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_steering_policy_attachment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_steering_policy_attachment_request_response.go @@ -104,6 +104,10 @@ type UpdateSteeringPolicyAttachmentResponse struct { // contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` + // The current version of the resource, ending with a // representation-specific suffix. This value may be used in If-Match // and If-None-Match headers for later requests of the same resource. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_steering_policy_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_steering_policy_request_response.go index 4455ca4a2c1..59f4deb260d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_steering_policy_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_steering_policy_request_response.go @@ -104,6 +104,10 @@ type UpdateSteeringPolicyResponse struct { // contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + // Unique Oracle-assigned identifier for the asynchronous request. + // You can use this to query status of the asynchronous operation. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` + // The current version of the resource, ending with a // representation-specific suffix. This value may be used in If-Match // and If-None-Match headers for later requests of the same resource. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_zone_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_zone_details.go index 4b35f00282a..8e4551312d2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_zone_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/update_zone_details.go @@ -32,6 +32,27 @@ type UpdateZoneDetails struct { // **Example:** `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // The state of DNSSEC on the zone. + // For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain (or an independent + // trust anchor) must also have DNSSEC correctly set up. + // After enabling DNSSEC, you must add a DS record to the zone's parent zone containing the + // `KskDnssecKeyVersion` data. You can find the DS data in the `dsData` attribute of the `KskDnssecKeyVersion`. + // Then, use the `PromoteZoneDnssecKeyVersion` operation to promote the `KskDnssecKeyVersion`. + // New `KskDnssecKeyVersion`s are generated annually, a week before the existing `KskDnssecKeyVersion`'s expiration. + // To rollover a `KskDnssecKeyVersion`, you must replace the parent zone's DS record containing the old + // `KskDnssecKeyVersion` data with the data from the new `KskDnssecKeyVersion`. + // To remove the old DS record without causing service disruption, wait until the old DS record's TTL has + // expired, and the new DS record has propagated. After the DS replacement has been completed, then the + // `PromoteZoneDnssecKeyVersion` operation must be called. + // Metrics are emitted in the `oci_dns` namespace daily for each `KskDnssecKeyVersion` indicating how many + // days are left until expiration. + // We recommend that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the + // necessary parent zone updates can be made and the `PromoteZoneDnssecKeyVersion` operation can be called. + // Enabling DNSSEC results in additional records in DNS responses which increases their size and can + // cause higher response latency. + // For more information, see DNSSEC (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). + DnssecState ZoneDnssecStateEnum `mandatory:"false" json:"dnssecState,omitempty"` + // External master servers for the zone. `externalMasters` becomes a // required parameter when the `zoneType` value is `SECONDARY`. ExternalMasters []ExternalMaster `mandatory:"false" json:"externalMasters"` @@ -51,6 +72,9 @@ func (m UpdateZoneDetails) String() string { func (m UpdateZoneDetails) ValidateEnumValue() (bool, error) { errMessage := []string{} + if _, ok := GetMappingZoneDnssecStateEnum(string(m.DnssecState)); !ok && m.DnssecState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DnssecState: %s. Supported values are: %s.", m.DnssecState, strings.Join(GetZoneDnssecStateEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone.go index 579b49eaec5..3484744980a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone.go @@ -44,6 +44,27 @@ type Zone struct { // **Example:** `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"true" json:"definedTags"` + // The state of DNSSEC on the zone. + // For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain (or an independent + // trust anchor) must also have DNSSEC correctly set up. + // After enabling DNSSEC, you must add a DS record to the zone's parent zone containing the + // `KskDnssecKeyVersion` data. You can find the DS data in the `dsData` attribute of the `KskDnssecKeyVersion`. + // Then, use the `PromoteZoneDnssecKeyVersion` operation to promote the `KskDnssecKeyVersion`. + // New `KskDnssecKeyVersion`s are generated annually, a week before the existing `KskDnssecKeyVersion`'s expiration. + // To rollover a `KskDnssecKeyVersion`, you must replace the parent zone's DS record containing the old + // `KskDnssecKeyVersion` data with the data from the new `KskDnssecKeyVersion`. + // To remove the old DS record without causing service disruption, wait until the old DS record's TTL has + // expired, and the new DS record has propagated. After the DS replacement has been completed, then the + // `PromoteZoneDnssecKeyVersion` operation must be called. + // Metrics are emitted in the `oci_dns` namespace daily for each `KskDnssecKeyVersion` indicating how many + // days are left until expiration. + // We recommend that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the + // necessary parent zone updates can be made and the `PromoteZoneDnssecKeyVersion` operation can be called. + // Enabling DNSSEC results in additional records in DNS responses which increases their size and can + // cause higher response latency. + // For more information, see DNSSEC (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). + DnssecState ZoneDnssecStateEnum `mandatory:"true" json:"dnssecState"` + // External master servers for the zone. `externalMasters` becomes a // required parameter when the `zoneType` value is `SECONDARY`. ExternalMasters []ExternalMaster `mandatory:"true" json:"externalMasters"` @@ -85,6 +106,8 @@ type Zone struct { // not part of a private view. ViewId *string `mandatory:"false" json:"viewId"` + DnssecConfig *DnssecConfig `mandatory:"false" json:"dnssecConfig"` + // The OCI nameservers that transfer the zone data with external nameservers. ZoneTransferServers []ZoneTransferServer `mandatory:"false" json:"zoneTransferServers"` } @@ -104,6 +127,9 @@ func (m Zone) ValidateEnumValue() (bool, error) { if _, ok := GetMappingScopeEnum(string(m.Scope)); !ok && m.Scope != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Scope: %s. Supported values are: %s.", m.Scope, strings.Join(GetScopeEnumStringValues(), ","))) } + if _, ok := GetMappingZoneDnssecStateEnum(string(m.DnssecState)); !ok && m.DnssecState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DnssecState: %s. Supported values are: %s.", m.DnssecState, strings.Join(GetZoneDnssecStateEnumStringValues(), ","))) + } if _, ok := GetMappingZoneLifecycleStateEnum(string(m.LifecycleState)); !ok && m.LifecycleState != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetZoneLifecycleStateEnumStringValues(), ","))) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone_dnssec_state.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone_dnssec_state.go new file mode 100644 index 00000000000..69012747616 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone_dnssec_state.go @@ -0,0 +1,57 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "strings" +) + +// ZoneDnssecStateEnum Enum with underlying type: string +type ZoneDnssecStateEnum string + +// Set of constants representing the allowable values for ZoneDnssecStateEnum +const ( + ZoneDnssecStateEnabled ZoneDnssecStateEnum = "ENABLED" + ZoneDnssecStateDisabled ZoneDnssecStateEnum = "DISABLED" +) + +var mappingZoneDnssecStateEnum = map[string]ZoneDnssecStateEnum{ + "ENABLED": ZoneDnssecStateEnabled, + "DISABLED": ZoneDnssecStateDisabled, +} + +var mappingZoneDnssecStateEnumLowerCase = map[string]ZoneDnssecStateEnum{ + "enabled": ZoneDnssecStateEnabled, + "disabled": ZoneDnssecStateDisabled, +} + +// GetZoneDnssecStateEnumValues Enumerates the set of values for ZoneDnssecStateEnum +func GetZoneDnssecStateEnumValues() []ZoneDnssecStateEnum { + values := make([]ZoneDnssecStateEnum, 0) + for _, v := range mappingZoneDnssecStateEnum { + values = append(values, v) + } + return values +} + +// GetZoneDnssecStateEnumStringValues Enumerates the set of values in String for ZoneDnssecStateEnum +func GetZoneDnssecStateEnumStringValues() []string { + return []string{ + "ENABLED", + "DISABLED", + } +} + +// GetMappingZoneDnssecStateEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingZoneDnssecStateEnum(val string) (ZoneDnssecStateEnum, bool) { + enum, ok := mappingZoneDnssecStateEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone_summary.go index f0e1d0be937..d6aae7821b3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/zone_summary.go @@ -44,6 +44,27 @@ type ZoneSummary struct { // **Example:** `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"true" json:"definedTags"` + // The state of DNSSEC on the zone. + // For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain (or an independent + // trust anchor) must also have DNSSEC correctly set up. + // After enabling DNSSEC, you must add a DS record to the zone's parent zone containing the + // `KskDnssecKeyVersion` data. You can find the DS data in the `dsData` attribute of the `KskDnssecKeyVersion`. + // Then, use the `PromoteZoneDnssecKeyVersion` operation to promote the `KskDnssecKeyVersion`. + // New `KskDnssecKeyVersion`s are generated annually, a week before the existing `KskDnssecKeyVersion`'s expiration. + // To rollover a `KskDnssecKeyVersion`, you must replace the parent zone's DS record containing the old + // `KskDnssecKeyVersion` data with the data from the new `KskDnssecKeyVersion`. + // To remove the old DS record without causing service disruption, wait until the old DS record's TTL has + // expired, and the new DS record has propagated. After the DS replacement has been completed, then the + // `PromoteZoneDnssecKeyVersion` operation must be called. + // Metrics are emitted in the `oci_dns` namespace daily for each `KskDnssecKeyVersion` indicating how many + // days are left until expiration. + // We recommend that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the + // necessary parent zone updates can be made and the `PromoteZoneDnssecKeyVersion` operation can be called. + // Enabling DNSSEC results in additional records in DNS responses which increases their size and can + // cause higher response latency. + // For more information, see DNSSEC (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). + DnssecState ZoneDnssecStateEnum `mandatory:"true" json:"dnssecState"` + // The canonical absolute URL of the resource. Self *string `mandatory:"true" json:"self"` @@ -73,6 +94,8 @@ type ZoneSummary struct { // be null for zones in the global DNS, which are publicly resolvable and // not part of a private view. ViewId *string `mandatory:"false" json:"viewId"` + + DnssecConfig *DnssecConfig `mandatory:"false" json:"dnssecConfig"` } func (m ZoneSummary) String() string { @@ -90,6 +113,9 @@ func (m ZoneSummary) ValidateEnumValue() (bool, error) { if _, ok := GetMappingScopeEnum(string(m.Scope)); !ok && m.Scope != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Scope: %s. Supported values are: %s.", m.Scope, strings.Join(GetScopeEnumStringValues(), ","))) } + if _, ok := GetMappingZoneDnssecStateEnum(string(m.DnssecState)); !ok && m.DnssecState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DnssecState: %s. Supported values are: %s.", m.DnssecState, strings.Join(GetZoneDnssecStateEnumStringValues(), ","))) + } if _, ok := GetMappingZoneSummaryLifecycleStateEnum(string(m.LifecycleState)); !ok && m.LifecycleState != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetZoneSummaryLifecycleStateEnumStringValues(), ","))) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/dns/zsk_dnssec_key_version.go b/vendor/github.com/oracle/oci-go-sdk/v65/dns/zsk_dnssec_key_version.go new file mode 100644 index 00000000000..2e6b70ae8d0 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/dns/zsk_dnssec_key_version.go @@ -0,0 +1,101 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// DNS API +// +// API for the DNS service. Use this API to manage DNS zones, records, and other DNS resources. +// For more information, see Overview of the DNS Service (https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm). +// + +package dns + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// ZskDnssecKeyVersion A zone signing key (ZSK) version. The version information contains timing and configuration data for the ZSK that is used to +// apply DNSSEC on the zone. +type ZskDnssecKeyVersion struct { + + // The UUID of the `DnssecKeyVersion`. + Uuid *string `mandatory:"false" json:"uuid"` + + // The signing algorithm used for the key. + Algorithm DnssecSigningAlgorithmEnum `mandatory:"false" json:"algorithm,omitempty"` + + // The length of the corresponding private key in bytes, expressed as an integer. + LengthInBytes *int `mandatory:"false" json:"lengthInBytes"` + + // The date and time the key version was created, expressed in RFC 3339 timestamp format. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeCreated *common.SDKTime `mandatory:"false" json:"timeCreated"` + + // The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is + // when the zone contents will include a DNSKEY record corresponding to the key material. + // **Example:** `2016-07-22T17:23:59:00Z` + TimePublished *common.SDKTime `mandatory:"false" json:"timePublished"` + + // The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is + // when the key material will be used to generate RRSIGs. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeActivated *common.SDKTime `mandatory:"false" json:"timeActivated"` + + // The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This + // is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) `DnssecKeyVersion`, this is + // populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeInactivated *common.SDKTime `mandatory:"false" json:"timeInactivated"` + + // The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This + // is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) `DnssecKeyVersion`, this is + // populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeUnpublished *common.SDKTime `mandatory:"false" json:"timeUnpublished"` + + // The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC + // 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no + // longer be used to generate RRSIGs. For a key sigining key (KSK), if `PromoteZoneDnssecKeyVersion` has not been called on this + // `DnssecKeyVersion`'s successor then it will remain active for arbitrarily long past its recommended lifetime. + // This prevents service disruption at the potential increased risk of key compromise. + // **Example:** `2016-07-22T17:23:59:00Z` + TimeExpired *common.SDKTime `mandatory:"false" json:"timeExpired"` + + // The date and time the key version was promoted expressed in RFC 3339 timestamp format. + // **Example:** `2016-07-22T17:23:59:00Z` + TimePromoted *common.SDKTime `mandatory:"false" json:"timePromoted"` + + // When populated, this is the UUID of the `DnssecKeyVersion` that this `DnssecKeyVersion` will replace or has + // replaced. + PredecessorDnssecKeyVersionUuid *string `mandatory:"false" json:"predecessorDnssecKeyVersionUuid"` + + // When populated, this is the UUID of the `DnssecKeyVersion` that will replace, or has replaced, this + // `DnssecKeyVersion`. + SuccessorDnssecKeyVersionUuid *string `mandatory:"false" json:"successorDnssecKeyVersionUuid"` + + // The key tag associated with the `DnssecKeyVersion`. This key tag will be present in the RRSIG and DS records + // associated with the key material for this `DnssecKeyVersion`. For more information about key tags, see + // RFC 4034 (https://tools.ietf.org/html/rfc4034). + KeyTag *int `mandatory:"false" json:"keyTag"` +} + +func (m ZskDnssecKeyVersion) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m ZskDnssecKeyVersion) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if _, ok := GetMappingDnssecSigningAlgorithmEnum(string(m.Algorithm)); !ok && m.Algorithm != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Algorithm: %s. Supported values are: %s.", m.Algorithm, strings.Join(GetDnssecSigningAlgorithmEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/copy_deployment_backup_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/copy_deployment_backup_request_response.go index 18dae51e791..72df5e67e03 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/copy_deployment_backup_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/copy_deployment_backup_request_response.go @@ -87,6 +87,9 @@ type CopyDeploymentBackupResponse struct { // The underlying http response RawResponse *http.Response + // The DeploymentBackup instance + DeploymentBackup `presentIn:"body"` + // A unique Oracle-assigned identifier for an asynchronous request. You can use this to query // status of the asynchronous operation. OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` @@ -94,6 +97,9 @@ type CopyDeploymentBackupResponse struct { // A unique Oracle-assigned identifier for the request. If you need to contact Oracle about a // particular request, please include the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` } func (response CopyDeploymentBackupResponse) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_database_registration_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_database_registration_details.go index e1ea7cb45c2..683e5182eb4 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_database_registration_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_database_registration_details.go @@ -70,8 +70,8 @@ type CreateDatabaseRegistrationDetails struct { // to the database node to connect to. By default the mode would be DIRECT. SessionMode CreateDatabaseRegistrationDetailsSessionModeEnum `mandatory:"false" json:"sessionMode,omitempty"` - // The wallet contents Oracle GoldenGate uses to make connections to a database. This - // attribute is expected to be base64 encoded. + // The wallet contents Oracle GoldenGate uses to make connections to a database. + // This attribute is expected to be base64 encoded. Wallet *string `mandatory:"false" json:"wallet"` // Refers to the customer's vault OCID. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_deployment_backup_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_deployment_backup_request_response.go index f321196f834..588a81d64be 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_deployment_backup_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_deployment_backup_request_response.go @@ -78,6 +78,9 @@ type CreateDeploymentBackupResponse struct { // The underlying http response RawResponse *http.Response + // The DeploymentBackup instance + DeploymentBackup `presentIn:"body"` + // A unique Oracle-assigned identifier for an asynchronous request. You can use this to query // status of the asynchronous operation. OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` @@ -85,6 +88,9 @@ type CreateDeploymentBackupResponse struct { // A unique Oracle-assigned identifier for the request. If you need to contact Oracle about a // particular request, please include the request ID. OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` } func (response CreateDeploymentBackupResponse) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_deployment_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_deployment_details.go index a6219e67397..2fcbd42027f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_deployment_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_deployment_details.go @@ -43,6 +43,9 @@ type CreateDeploymentDetails struct { // Its use is discouraged in favor of 'DATABASE_ORACLE'. DeploymentType DeploymentTypeEnum `mandatory:"true" json:"deploymentType"` + // Specifies whether the deployment is used in a production or development/testing environment. + EnvironmentType EnvironmentTypeEnum `mandatory:"false" json:"environmentType,omitempty"` + // Metadata about this specific object. Description *string `mandatory:"false" json:"description"` @@ -98,6 +101,9 @@ func (m CreateDeploymentDetails) ValidateEnumValue() (bool, error) { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DeploymentType: %s. Supported values are: %s.", m.DeploymentType, strings.Join(GetDeploymentTypeEnumStringValues(), ","))) } + if _, ok := GetMappingEnvironmentTypeEnum(string(m.EnvironmentType)); !ok && m.EnvironmentType != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for EnvironmentType: %s. Supported values are: %s.", m.EnvironmentType, strings.Join(GetEnvironmentTypeEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_ogg_deployment_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_ogg_deployment_details.go index 2308cf1bded..f081d5daba8 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_ogg_deployment_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_ogg_deployment_details.go @@ -48,6 +48,8 @@ type CreateOggDeploymentDetails struct { // Version of OGG OggVersion *string `mandatory:"false" json:"oggVersion"` + + GroupToRolesMapping *GroupToRolesMappingDetails `mandatory:"false" json:"groupToRolesMapping"` } func (m CreateOggDeploymentDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_oracle_connection_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_oracle_connection_details.go index ed22c18f9e1..4a5fcdb7789 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_oracle_connection_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/create_oracle_connection_details.go @@ -67,8 +67,8 @@ type CreateOracleConnectionDetails struct { // Connect descriptor or Easy Connect Naming method used to connect to a database. ConnectionString *string `mandatory:"false" json:"connectionString"` - // The wallet contents Oracle GoldenGate uses to make connections to a database. This - // attribute is expected to be base64 encoded. + // The wallet contents Oracle GoldenGate uses to make connections to a database. + // This attribute is expected to be base64 encoded. Wallet *string `mandatory:"false" json:"wallet"` // Deprecated: this field will be removed in future versions. Either specify the private IP in the connectionString or host diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment.go index 0cb139c3144..45d0e76b46f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment.go @@ -32,6 +32,10 @@ type Deployment struct { // The Oracle license model that applies to a Deployment. LicenseModel LicenseModelEnum `mandatory:"true" json:"licenseModel"` + // The deployment category defines the broad separation of the deployment type into three categories. + // Currently the separation is 'DATA_REPLICATION', 'STREAM_ANALYTICS' and 'DATA_TRANSFORMS'. + Category DeploymentCategoryEnum `mandatory:"true" json:"category"` + // The Minimum number of OCPUs to be made available for this Deployment. CpuCoreCount *int `mandatory:"true" json:"cpuCoreCount"` @@ -97,6 +101,9 @@ type Deployment struct { // A three-label Fully Qualified Domain Name (FQDN) for a resource. Fqdn *string `mandatory:"false" json:"fqdn"` + // Specifies whether the deployment is used in a production or development/testing environment. + EnvironmentType EnvironmentTypeEnum `mandatory:"false" json:"environmentType,omitempty"` + // An array of Network Security Group OCIDs used to define network access for either Deployments or Connections. NsgIds []string `mandatory:"false" json:"nsgIds"` @@ -134,6 +141,7 @@ type Deployment struct { // The amount of storage being utilized (in bytes) StorageUtilizationInBytes *int64 `mandatory:"false" json:"storageUtilizationInBytes"` + // Deprecated: This field is not updated and will be removed in future versions. If storage utilization exceeds the limit, the respective warning message will appear in deployment messages, which can be accessed through /messages?deploymentId=. // Indicator will be true if the amount of storage being utilized exceeds the allowable storage utilization limit. Exceeding the limit may be an indication of a misconfiguration of the deployment's GoldenGate service. IsStorageUtilizationLimitExceeded *bool `mandatory:"false" json:"isStorageUtilizationLimitExceeded"` @@ -176,6 +184,9 @@ func (m Deployment) ValidateEnumValue() (bool, error) { if _, ok := GetMappingLicenseModelEnum(string(m.LicenseModel)); !ok && m.LicenseModel != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LicenseModel: %s. Supported values are: %s.", m.LicenseModel, strings.Join(GetLicenseModelEnumStringValues(), ","))) } + if _, ok := GetMappingDeploymentCategoryEnum(string(m.Category)); !ok && m.Category != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Category: %s. Supported values are: %s.", m.Category, strings.Join(GetDeploymentCategoryEnumStringValues(), ","))) + } if _, ok := GetMappingDeploymentTypeEnum(string(m.DeploymentType)); !ok && m.DeploymentType != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DeploymentType: %s. Supported values are: %s.", m.DeploymentType, strings.Join(GetDeploymentTypeEnumStringValues(), ","))) } @@ -186,6 +197,9 @@ func (m Deployment) ValidateEnumValue() (bool, error) { if _, ok := GetMappingLifecycleSubStateEnum(string(m.LifecycleSubState)); !ok && m.LifecycleSubState != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleSubState: %s. Supported values are: %s.", m.LifecycleSubState, strings.Join(GetLifecycleSubStateEnumStringValues(), ","))) } + if _, ok := GetMappingEnvironmentTypeEnum(string(m.EnvironmentType)); !ok && m.EnvironmentType != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for EnvironmentType: %s. Supported values are: %s.", m.EnvironmentType, strings.Join(GetEnvironmentTypeEnumStringValues(), ","))) + } if _, ok := GetMappingMaintenanceActionTypeEnum(string(m.NextMaintenanceActionType)); !ok && m.NextMaintenanceActionType != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for NextMaintenanceActionType: %s. Supported values are: %s.", m.NextMaintenanceActionType, strings.Join(GetMaintenanceActionTypeEnumStringValues(), ","))) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_category.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_category.go new file mode 100644 index 00000000000..93d5208ce2d --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_category.go @@ -0,0 +1,60 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// GoldenGate API +// +// Use the Oracle Cloud Infrastructure GoldenGate APIs to perform data replication operations. +// + +package goldengate + +import ( + "strings" +) + +// DeploymentCategoryEnum Enum with underlying type: string +type DeploymentCategoryEnum string + +// Set of constants representing the allowable values for DeploymentCategoryEnum +const ( + DeploymentCategoryDataReplication DeploymentCategoryEnum = "DATA_REPLICATION" + DeploymentCategoryStreamAnalytics DeploymentCategoryEnum = "STREAM_ANALYTICS" + DeploymentCategoryDataTransforms DeploymentCategoryEnum = "DATA_TRANSFORMS" +) + +var mappingDeploymentCategoryEnum = map[string]DeploymentCategoryEnum{ + "DATA_REPLICATION": DeploymentCategoryDataReplication, + "STREAM_ANALYTICS": DeploymentCategoryStreamAnalytics, + "DATA_TRANSFORMS": DeploymentCategoryDataTransforms, +} + +var mappingDeploymentCategoryEnumLowerCase = map[string]DeploymentCategoryEnum{ + "data_replication": DeploymentCategoryDataReplication, + "stream_analytics": DeploymentCategoryStreamAnalytics, + "data_transforms": DeploymentCategoryDataTransforms, +} + +// GetDeploymentCategoryEnumValues Enumerates the set of values for DeploymentCategoryEnum +func GetDeploymentCategoryEnumValues() []DeploymentCategoryEnum { + values := make([]DeploymentCategoryEnum, 0) + for _, v := range mappingDeploymentCategoryEnum { + values = append(values, v) + } + return values +} + +// GetDeploymentCategoryEnumStringValues Enumerates the set of values in String for DeploymentCategoryEnum +func GetDeploymentCategoryEnumStringValues() []string { + return []string{ + "DATA_REPLICATION", + "STREAM_ANALYTICS", + "DATA_TRANSFORMS", + } +} + +// GetMappingDeploymentCategoryEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingDeploymentCategoryEnum(val string) (DeploymentCategoryEnum, bool) { + enum, ok := mappingDeploymentCategoryEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_environment_collection.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_environment_collection.go new file mode 100644 index 00000000000..2a22270d740 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_environment_collection.go @@ -0,0 +1,39 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// GoldenGate API +// +// Use the Oracle Cloud Infrastructure GoldenGate APIs to perform data replication operations. +// + +package goldengate + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// DeploymentEnvironmentCollection The list of DeploymentEnvironmentDescriptor objects. +type DeploymentEnvironmentCollection struct { + + // Array of DeploymentEnvironmentSummary objects. + Items []DeploymentEnvironmentSummary `mandatory:"true" json:"items"` +} + +func (m DeploymentEnvironmentCollection) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m DeploymentEnvironmentCollection) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_environment_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_environment_summary.go new file mode 100644 index 00000000000..5ec0184ec09 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_environment_summary.go @@ -0,0 +1,73 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// GoldenGate API +// +// Use the Oracle Cloud Infrastructure GoldenGate APIs to perform data replication operations. +// + +package goldengate + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// DeploymentEnvironmentSummary The metadata specific to a production or development/testing environment. +type DeploymentEnvironmentSummary struct { + + // Specifies whether the deployment is used in a production or development/testing environment. + EnvironmentType EnvironmentTypeEnum `mandatory:"true" json:"environmentType"` + + // The deployment category defines the broad separation of the deployment type into three categories. + // Currently the separation is 'DATA_REPLICATION', 'STREAM_ANALYTICS' and 'DATA_TRANSFORMS'. + Category DeploymentCategoryEnum `mandatory:"true" json:"category"` + + // The minimum CPU core count. + MinCpuCoreCount *int `mandatory:"true" json:"minCpuCoreCount"` + + // The default CPU core count. + DefaultCpuCoreCount *int `mandatory:"true" json:"defaultCpuCoreCount"` + + // The maximum CPU core count. + MaxCpuCoreCount *int `mandatory:"true" json:"maxCpuCoreCount"` + + // Specifies whether the "Auto scaling" option should be enabled by default or not. + IsAutoScalingEnabledByDefault *bool `mandatory:"true" json:"isAutoScalingEnabledByDefault"` + + // The multiplier value between CPU core count and network bandwidth. + NetworkBandwidthPerOcpuInGbps *int `mandatory:"true" json:"networkBandwidthPerOcpuInGbps"` + + // The multiplier value between CPU core count and memory size. + MemoryPerOcpuInGBs *int `mandatory:"true" json:"memoryPerOcpuInGBs"` + + // The multiplier value between CPU core count and storage usage limit size. + StorageUsageLimitPerOcpuInGBs *int `mandatory:"true" json:"storageUsageLimitPerOcpuInGBs"` + + // An object's Display Name. + DisplayName *string `mandatory:"false" json:"displayName"` +} + +func (m DeploymentEnvironmentSummary) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m DeploymentEnvironmentSummary) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if _, ok := GetMappingEnvironmentTypeEnum(string(m.EnvironmentType)); !ok && m.EnvironmentType != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for EnvironmentType: %s. Supported values are: %s.", m.EnvironmentType, strings.Join(GetEnvironmentTypeEnumStringValues(), ","))) + } + if _, ok := GetMappingDeploymentCategoryEnum(string(m.Category)); !ok && m.Category != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Category: %s. Supported values are: %s.", m.Category, strings.Join(GetDeploymentCategoryEnumStringValues(), ","))) + } + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_summary.go index 7eb46ad58b0..9eab0b98407 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_summary.go @@ -32,6 +32,15 @@ type DeploymentSummary struct { // The Oracle license model that applies to a Deployment. LicenseModel LicenseModelEnum `mandatory:"true" json:"licenseModel"` + // The deployment category defines the broad separation of the deployment type into three categories. + // Currently the separation is 'DATA_REPLICATION', 'STREAM_ANALYTICS' and 'DATA_TRANSFORMS'. + Category DeploymentCategoryEnum `mandatory:"true" json:"category"` + + // The type of deployment, which can be any one of the Allowed values. + // NOTE: Use of the value 'OGG' is maintained for backward compatibility purposes. + // Its use is discouraged in favor of 'DATABASE_ORACLE'. + DeploymentType DeploymentTypeEnum `mandatory:"true" json:"deploymentType"` + // An object's Display Name. DisplayName *string `mandatory:"false" json:"displayName"` @@ -74,6 +83,9 @@ type DeploymentSummary struct { // The loadbalancer of the public deployment created in the customer subnet. LoadBalancerId *string `mandatory:"false" json:"loadBalancerId"` + // Specifies whether the deployment is used in a production or development/testing environment. + EnvironmentType EnvironmentTypeEnum `mandatory:"false" json:"environmentType,omitempty"` + // A three-label Fully Qualified Domain Name (FQDN) for a resource. Fqdn *string `mandatory:"false" json:"fqdn"` @@ -114,14 +126,10 @@ type DeploymentSummary struct { // RFC3339 (https://tools.ietf.org/html/rfc3339), such as `2016-08-25T21:10:29.600Z`. TimeUpgradeRequired *common.SDKTime `mandatory:"false" json:"timeUpgradeRequired"` - // The type of deployment, which can be any one of the Allowed values. - // NOTE: Use of the value 'OGG' is maintained for backward compatibility purposes. - // Its use is discouraged in favor of 'DATABASE_ORACLE'. - DeploymentType DeploymentTypeEnum `mandatory:"false" json:"deploymentType,omitempty"` - // The amount of storage being utilized (in bytes) StorageUtilizationInBytes *int64 `mandatory:"false" json:"storageUtilizationInBytes"` + // Deprecated: This field is not updated and will be removed in future versions. If storage utilization exceeds the limit, the respective warning message will appear in deployment messages, which can be accessed through /messages?deploymentId=. // Indicator will be true if the amount of storage being utilized exceeds the allowable storage utilization limit. Exceeding the limit may be an indication of a misconfiguration of the deployment's GoldenGate service. IsStorageUtilizationLimitExceeded *bool `mandatory:"false" json:"isStorageUtilizationLimitExceeded"` @@ -141,6 +149,12 @@ func (m DeploymentSummary) ValidateEnumValue() (bool, error) { if _, ok := GetMappingLicenseModelEnum(string(m.LicenseModel)); !ok && m.LicenseModel != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LicenseModel: %s. Supported values are: %s.", m.LicenseModel, strings.Join(GetLicenseModelEnumStringValues(), ","))) } + if _, ok := GetMappingDeploymentCategoryEnum(string(m.Category)); !ok && m.Category != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Category: %s. Supported values are: %s.", m.Category, strings.Join(GetDeploymentCategoryEnumStringValues(), ","))) + } + if _, ok := GetMappingDeploymentTypeEnum(string(m.DeploymentType)); !ok && m.DeploymentType != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DeploymentType: %s. Supported values are: %s.", m.DeploymentType, strings.Join(GetDeploymentTypeEnumStringValues(), ","))) + } if _, ok := GetMappingLifecycleStateEnum(string(m.LifecycleState)); !ok && m.LifecycleState != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetLifecycleStateEnumStringValues(), ","))) @@ -148,8 +162,8 @@ func (m DeploymentSummary) ValidateEnumValue() (bool, error) { if _, ok := GetMappingLifecycleSubStateEnum(string(m.LifecycleSubState)); !ok && m.LifecycleSubState != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleSubState: %s. Supported values are: %s.", m.LifecycleSubState, strings.Join(GetLifecycleSubStateEnumStringValues(), ","))) } - if _, ok := GetMappingDeploymentTypeEnum(string(m.DeploymentType)); !ok && m.DeploymentType != "" { - errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DeploymentType: %s. Supported values are: %s.", m.DeploymentType, strings.Join(GetDeploymentTypeEnumStringValues(), ","))) + if _, ok := GetMappingEnvironmentTypeEnum(string(m.EnvironmentType)); !ok && m.EnvironmentType != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for EnvironmentType: %s. Supported values are: %s.", m.EnvironmentType, strings.Join(GetEnvironmentTypeEnumStringValues(), ","))) } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_type_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_type_summary.go index 24914b0e4ed..421719346f6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_type_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/deployment_type_summary.go @@ -16,11 +16,13 @@ import ( ) // DeploymentTypeSummary The meta-data specific on particular deployment type represented by deploymentType field. +// Deprecated properties: `sourceTechnologies` and `targetTechnologies` are not populated. They will be removed after September 15 2025. +// The list of supported source and target technologies can be accessed using the url provided in `supportedTechnologiesUrl` property. type DeploymentTypeSummary struct { // The deployment category defines the broad separation of the deployment type into three categories. // Currently the separation is 'DATA_REPLICATION', 'STREAM_ANALYTICS' and 'DATA_TRANSFORMS'. - Category DeploymentTypeSummaryCategoryEnum `mandatory:"true" json:"category"` + Category DeploymentCategoryEnum `mandatory:"true" json:"category"` // An object's Display Name. DisplayName *string `mandatory:"true" json:"displayName"` @@ -62,8 +64,8 @@ func (m DeploymentTypeSummary) String() string { // Not recommended for calling this function directly func (m DeploymentTypeSummary) ValidateEnumValue() (bool, error) { errMessage := []string{} - if _, ok := GetMappingDeploymentTypeSummaryCategoryEnum(string(m.Category)); !ok && m.Category != "" { - errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Category: %s. Supported values are: %s.", m.Category, strings.Join(GetDeploymentTypeSummaryCategoryEnumStringValues(), ","))) + if _, ok := GetMappingDeploymentCategoryEnum(string(m.Category)); !ok && m.Category != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Category: %s. Supported values are: %s.", m.Category, strings.Join(GetDeploymentCategoryEnumStringValues(), ","))) } if _, ok := GetMappingDeploymentTypeEnum(string(m.DeploymentType)); !ok && m.DeploymentType != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for DeploymentType: %s. Supported values are: %s.", m.DeploymentType, strings.Join(GetDeploymentTypeEnumStringValues(), ","))) @@ -80,49 +82,3 @@ func (m DeploymentTypeSummary) ValidateEnumValue() (bool, error) { } return false, nil } - -// DeploymentTypeSummaryCategoryEnum Enum with underlying type: string -type DeploymentTypeSummaryCategoryEnum string - -// Set of constants representing the allowable values for DeploymentTypeSummaryCategoryEnum -const ( - DeploymentTypeSummaryCategoryDataReplication DeploymentTypeSummaryCategoryEnum = "DATA_REPLICATION" - DeploymentTypeSummaryCategoryStreamAnalytics DeploymentTypeSummaryCategoryEnum = "STREAM_ANALYTICS" - DeploymentTypeSummaryCategoryDataTransforms DeploymentTypeSummaryCategoryEnum = "DATA_TRANSFORMS" -) - -var mappingDeploymentTypeSummaryCategoryEnum = map[string]DeploymentTypeSummaryCategoryEnum{ - "DATA_REPLICATION": DeploymentTypeSummaryCategoryDataReplication, - "STREAM_ANALYTICS": DeploymentTypeSummaryCategoryStreamAnalytics, - "DATA_TRANSFORMS": DeploymentTypeSummaryCategoryDataTransforms, -} - -var mappingDeploymentTypeSummaryCategoryEnumLowerCase = map[string]DeploymentTypeSummaryCategoryEnum{ - "data_replication": DeploymentTypeSummaryCategoryDataReplication, - "stream_analytics": DeploymentTypeSummaryCategoryStreamAnalytics, - "data_transforms": DeploymentTypeSummaryCategoryDataTransforms, -} - -// GetDeploymentTypeSummaryCategoryEnumValues Enumerates the set of values for DeploymentTypeSummaryCategoryEnum -func GetDeploymentTypeSummaryCategoryEnumValues() []DeploymentTypeSummaryCategoryEnum { - values := make([]DeploymentTypeSummaryCategoryEnum, 0) - for _, v := range mappingDeploymentTypeSummaryCategoryEnum { - values = append(values, v) - } - return values -} - -// GetDeploymentTypeSummaryCategoryEnumStringValues Enumerates the set of values in String for DeploymentTypeSummaryCategoryEnum -func GetDeploymentTypeSummaryCategoryEnumStringValues() []string { - return []string{ - "DATA_REPLICATION", - "STREAM_ANALYTICS", - "DATA_TRANSFORMS", - } -} - -// GetMappingDeploymentTypeSummaryCategoryEnum performs case Insensitive comparison on enum value and return the desired enum -func GetMappingDeploymentTypeSummaryCategoryEnum(val string) (DeploymentTypeSummaryCategoryEnum, bool) { - enum, ok := mappingDeploymentTypeSummaryCategoryEnumLowerCase[strings.ToLower(val)] - return enum, ok -} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/environment_type.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/environment_type.go new file mode 100644 index 00000000000..8889a49162e --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/environment_type.go @@ -0,0 +1,56 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// GoldenGate API +// +// Use the Oracle Cloud Infrastructure GoldenGate APIs to perform data replication operations. +// + +package goldengate + +import ( + "strings" +) + +// EnvironmentTypeEnum Enum with underlying type: string +type EnvironmentTypeEnum string + +// Set of constants representing the allowable values for EnvironmentTypeEnum +const ( + EnvironmentTypeProduction EnvironmentTypeEnum = "PRODUCTION" + EnvironmentTypeDevelopmentOrTesting EnvironmentTypeEnum = "DEVELOPMENT_OR_TESTING" +) + +var mappingEnvironmentTypeEnum = map[string]EnvironmentTypeEnum{ + "PRODUCTION": EnvironmentTypeProduction, + "DEVELOPMENT_OR_TESTING": EnvironmentTypeDevelopmentOrTesting, +} + +var mappingEnvironmentTypeEnumLowerCase = map[string]EnvironmentTypeEnum{ + "production": EnvironmentTypeProduction, + "development_or_testing": EnvironmentTypeDevelopmentOrTesting, +} + +// GetEnvironmentTypeEnumValues Enumerates the set of values for EnvironmentTypeEnum +func GetEnvironmentTypeEnumValues() []EnvironmentTypeEnum { + values := make([]EnvironmentTypeEnum, 0) + for _, v := range mappingEnvironmentTypeEnum { + values = append(values, v) + } + return values +} + +// GetEnvironmentTypeEnumStringValues Enumerates the set of values in String for EnvironmentTypeEnum +func GetEnvironmentTypeEnumStringValues() []string { + return []string{ + "PRODUCTION", + "DEVELOPMENT_OR_TESTING", + } +} + +// GetMappingEnvironmentTypeEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingEnvironmentTypeEnum(val string) (EnvironmentTypeEnum, bool) { + enum, ok := mappingEnvironmentTypeEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/goldengate_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/goldengate_client.go index 0c0b7c8183d..1d80d8981c2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/goldengate_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/goldengate_client.go @@ -2576,6 +2576,64 @@ func (client GoldenGateClient) listDeploymentBackups(ctx context.Context, reques return response, err } +// ListDeploymentEnvironments Returns an array of DeploymentEnvironmentDescriptor +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/goldengate/ListDeploymentEnvironments.go.html to see an example of how to use ListDeploymentEnvironments API. +// A default retry strategy applies to this operation ListDeploymentEnvironments() +func (client GoldenGateClient) ListDeploymentEnvironments(ctx context.Context, request ListDeploymentEnvironmentsRequest) (response ListDeploymentEnvironmentsResponse, err error) { + var ociResponse common.OCIResponse + policy := common.DefaultRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.listDeploymentEnvironments, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = ListDeploymentEnvironmentsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = ListDeploymentEnvironmentsResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(ListDeploymentEnvironmentsResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into ListDeploymentEnvironmentsResponse") + } + return +} + +// listDeploymentEnvironments implements the OCIOperation interface (enables retrying operations) +func (client GoldenGateClient) listDeploymentEnvironments(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodGet, "/deploymentEnvironments", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response ListDeploymentEnvironmentsResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/goldengate/20200407/DeploymentEnvironmentCollection/ListDeploymentEnvironments" + err = common.PostProcessServiceError(err, "GoldenGate", "ListDeploymentEnvironments", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // ListDeploymentTypes Returns an array of DeploymentTypeDescriptor // // # See also diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/group_to_roles_mapping_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/group_to_roles_mapping_details.go new file mode 100644 index 00000000000..6bf96f48059 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/group_to_roles_mapping_details.go @@ -0,0 +1,57 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// GoldenGate API +// +// Use the Oracle Cloud Infrastructure GoldenGate APIs to perform data replication operations. +// + +package goldengate + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// GroupToRolesMappingDetails Defines the IDP Groups to GoldenGate roles mapping. This field is used only for IAM deployment and does not have any impact on non-IAM deployments. +// For IAM deployment, when user does not specify this mapping, then it has null value and default mapping is used. +// User belonging to each group can only perform the actions according to the role the respective group is mapped to. +type GroupToRolesMappingDetails struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role securityGroup. + // It grants administration of security related objects and invoke security related service requests. This role has full privileges. + SecurityGroupId *string `mandatory:"true" json:"securityGroupId"` + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role administratorGroup. + // It grants full access to the user, including the ability to alter general, non-security related operational parameters + // and profiles of the server. + AdministratorGroupId *string `mandatory:"false" json:"administratorGroupId"` + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role operatorGroup. + // It allows users to perform only operational actions, like starting and stopping resources. + // Operators cannot alter the operational parameters or profiles of the MA server. + OperatorGroupId *string `mandatory:"false" json:"operatorGroupId"` + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role userGroup. + // It allows information-only service requests, which do not alter or affect the operation of either the MA. + // Examples of query and read-only information include performance metric information and resource status and monitoring information + UserGroupId *string `mandatory:"false" json:"userGroupId"` +} + +func (m GroupToRolesMappingDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m GroupToRolesMappingDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/list_deployment_environments_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/list_deployment_environments_request_response.go new file mode 100644 index 00000000000..3bfb28cffef --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/list_deployment_environments_request_response.go @@ -0,0 +1,202 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package goldengate + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// ListDeploymentEnvironmentsRequest wrapper for the ListDeploymentEnvironments operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/goldengate/ListDeploymentEnvironments.go.html to see an example of how to use ListDeploymentEnvironmentsRequest. +type ListDeploymentEnvironmentsRequest struct { + + // The OCID of the compartment that contains the work request. Work requests should be scoped + // to the same compartment as the resource the work request affects. If the work request concerns + // multiple resources, and those resources are not in the same compartment, it is up to the service team + // to pick the primary resource whose compartment should be used. + CompartmentId *string `mandatory:"true" contributesTo:"query" name:"compartmentId"` + + // The client request ID for tracing. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // The maximum number of items to return. + Limit *int `mandatory:"false" contributesTo:"query" name:"limit"` + + // The page token representing the page at which to start retrieving results. This is usually + // retrieved from a previous list call. + Page *string `mandatory:"false" contributesTo:"query" name:"page"` + + // The sort order to use, either 'asc' or 'desc'. + SortOrder ListDeploymentEnvironmentsSortOrderEnum `mandatory:"false" contributesTo:"query" name:"sortOrder" omitEmpty:"true"` + + // The field to sort by. Only one sort order can be provided. Default order for 'timeCreated' is + // descending. Default order for 'displayName' is ascending. If no value is specified + // timeCreated is the default. + SortBy ListDeploymentEnvironmentsSortByEnum `mandatory:"false" contributesTo:"query" name:"sortBy" omitEmpty:"true"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request ListDeploymentEnvironmentsRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request ListDeploymentEnvironmentsRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request ListDeploymentEnvironmentsRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request ListDeploymentEnvironmentsRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request ListDeploymentEnvironmentsRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if _, ok := GetMappingListDeploymentEnvironmentsSortOrderEnum(string(request.SortOrder)); !ok && request.SortOrder != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for SortOrder: %s. Supported values are: %s.", request.SortOrder, strings.Join(GetListDeploymentEnvironmentsSortOrderEnumStringValues(), ","))) + } + if _, ok := GetMappingListDeploymentEnvironmentsSortByEnum(string(request.SortBy)); !ok && request.SortBy != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for SortBy: %s. Supported values are: %s.", request.SortBy, strings.Join(GetListDeploymentEnvironmentsSortByEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// ListDeploymentEnvironmentsResponse wrapper for the ListDeploymentEnvironments operation +type ListDeploymentEnvironmentsResponse struct { + + // The underlying http response + RawResponse *http.Response + + // A list of DeploymentEnvironmentCollection instances + DeploymentEnvironmentCollection `presentIn:"body"` + + // A unique Oracle-assigned identifier for the request. If you need to contact Oracle about a + // particular request, please include the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // The page token represents the page to start retrieving results. This is usually retrieved + // from a previous list call. + OpcNextPage *string `presentIn:"header" name:"opc-next-page"` +} + +func (response ListDeploymentEnvironmentsResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response ListDeploymentEnvironmentsResponse) HTTPResponse() *http.Response { + return response.RawResponse +} + +// ListDeploymentEnvironmentsSortOrderEnum Enum with underlying type: string +type ListDeploymentEnvironmentsSortOrderEnum string + +// Set of constants representing the allowable values for ListDeploymentEnvironmentsSortOrderEnum +const ( + ListDeploymentEnvironmentsSortOrderAsc ListDeploymentEnvironmentsSortOrderEnum = "ASC" + ListDeploymentEnvironmentsSortOrderDesc ListDeploymentEnvironmentsSortOrderEnum = "DESC" +) + +var mappingListDeploymentEnvironmentsSortOrderEnum = map[string]ListDeploymentEnvironmentsSortOrderEnum{ + "ASC": ListDeploymentEnvironmentsSortOrderAsc, + "DESC": ListDeploymentEnvironmentsSortOrderDesc, +} + +var mappingListDeploymentEnvironmentsSortOrderEnumLowerCase = map[string]ListDeploymentEnvironmentsSortOrderEnum{ + "asc": ListDeploymentEnvironmentsSortOrderAsc, + "desc": ListDeploymentEnvironmentsSortOrderDesc, +} + +// GetListDeploymentEnvironmentsSortOrderEnumValues Enumerates the set of values for ListDeploymentEnvironmentsSortOrderEnum +func GetListDeploymentEnvironmentsSortOrderEnumValues() []ListDeploymentEnvironmentsSortOrderEnum { + values := make([]ListDeploymentEnvironmentsSortOrderEnum, 0) + for _, v := range mappingListDeploymentEnvironmentsSortOrderEnum { + values = append(values, v) + } + return values +} + +// GetListDeploymentEnvironmentsSortOrderEnumStringValues Enumerates the set of values in String for ListDeploymentEnvironmentsSortOrderEnum +func GetListDeploymentEnvironmentsSortOrderEnumStringValues() []string { + return []string{ + "ASC", + "DESC", + } +} + +// GetMappingListDeploymentEnvironmentsSortOrderEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingListDeploymentEnvironmentsSortOrderEnum(val string) (ListDeploymentEnvironmentsSortOrderEnum, bool) { + enum, ok := mappingListDeploymentEnvironmentsSortOrderEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + +// ListDeploymentEnvironmentsSortByEnum Enum with underlying type: string +type ListDeploymentEnvironmentsSortByEnum string + +// Set of constants representing the allowable values for ListDeploymentEnvironmentsSortByEnum +const ( + ListDeploymentEnvironmentsSortByTimecreated ListDeploymentEnvironmentsSortByEnum = "timeCreated" + ListDeploymentEnvironmentsSortByDisplayname ListDeploymentEnvironmentsSortByEnum = "displayName" +) + +var mappingListDeploymentEnvironmentsSortByEnum = map[string]ListDeploymentEnvironmentsSortByEnum{ + "timeCreated": ListDeploymentEnvironmentsSortByTimecreated, + "displayName": ListDeploymentEnvironmentsSortByDisplayname, +} + +var mappingListDeploymentEnvironmentsSortByEnumLowerCase = map[string]ListDeploymentEnvironmentsSortByEnum{ + "timecreated": ListDeploymentEnvironmentsSortByTimecreated, + "displayname": ListDeploymentEnvironmentsSortByDisplayname, +} + +// GetListDeploymentEnvironmentsSortByEnumValues Enumerates the set of values for ListDeploymentEnvironmentsSortByEnum +func GetListDeploymentEnvironmentsSortByEnumValues() []ListDeploymentEnvironmentsSortByEnum { + values := make([]ListDeploymentEnvironmentsSortByEnum, 0) + for _, v := range mappingListDeploymentEnvironmentsSortByEnum { + values = append(values, v) + } + return values +} + +// GetListDeploymentEnvironmentsSortByEnumStringValues Enumerates the set of values in String for ListDeploymentEnvironmentsSortByEnum +func GetListDeploymentEnvironmentsSortByEnumStringValues() []string { + return []string{ + "timeCreated", + "displayName", + } +} + +// GetMappingListDeploymentEnvironmentsSortByEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingListDeploymentEnvironmentsSortByEnum(val string) (ListDeploymentEnvironmentsSortByEnum, bool) { + enum, ok := mappingListDeploymentEnvironmentsSortByEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/ogg_deployment.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/ogg_deployment.go index ac024c38bac..493c9dcc9c7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/ogg_deployment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/ogg_deployment.go @@ -39,6 +39,8 @@ type OggDeployment struct { // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the Secret where the deployment password is stored. PasswordSecretId *string `mandatory:"false" json:"passwordSecretId"` + + GroupToRolesMapping *GroupToRolesMappingDetails `mandatory:"false" json:"groupToRolesMapping"` } func (m OggDeployment) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/test_connection_assignment_result.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/test_connection_assignment_result.go index 4aa432001d3..7824f65b1ae 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/test_connection_assignment_result.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/test_connection_assignment_result.go @@ -16,12 +16,16 @@ import ( ) // TestConnectionAssignmentResult The result of the connectivity test performed between the GoldenGate deployment and the associated database / service. +// The 'error' property is deprecated and will not contain values in the future. So, the error(s) will be returned in just the 'errors' property. type TestConnectionAssignmentResult struct { // Type of the result (i.e. Success, Failure or Timeout). ResultType TestConnectionAssignmentResultResultTypeEnum `mandatory:"true" json:"resultType"` Error *TestConnectionAssignmentError `mandatory:"false" json:"error"` + + // List of test connection assignment error objects. + Errors []TestConnectionAssignmentError `mandatory:"false" json:"errors"` } func (m TestConnectionAssignmentResult) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_database_registration_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_database_registration_details.go index 861659ee8e7..f92f2c143aa 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_database_registration_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_database_registration_details.go @@ -54,8 +54,8 @@ type UpdateDatabaseRegistrationDetails struct { // to the database node to connect to. By default the mode would be DIRECT. SessionMode UpdateDatabaseRegistrationDetailsSessionModeEnum `mandatory:"false" json:"sessionMode,omitempty"` - // The wallet contents Oracle GoldenGate uses to make connections to a database. This - // attribute is expected to be base64 encoded. + // The wallet contents Oracle GoldenGate uses to make connections to a database. + // This attribute is expected to be base64 encoded. Wallet *string `mandatory:"false" json:"wallet"` // Credential store alias. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_deployment_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_deployment_details.go index ece0698871e..2e9edc63e64 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_deployment_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_deployment_details.go @@ -24,6 +24,9 @@ type UpdateDeploymentDetails struct { // The Oracle license model that applies to a Deployment. LicenseModel LicenseModelEnum `mandatory:"false" json:"licenseModel,omitempty"` + // Specifies whether the deployment is used in a production or development/testing environment. + EnvironmentType EnvironmentTypeEnum `mandatory:"false" json:"environmentType,omitempty"` + // Metadata about this specific object. Description *string `mandatory:"false" json:"description"` @@ -81,6 +84,9 @@ func (m UpdateDeploymentDetails) ValidateEnumValue() (bool, error) { if _, ok := GetMappingLicenseModelEnum(string(m.LicenseModel)); !ok && m.LicenseModel != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LicenseModel: %s. Supported values are: %s.", m.LicenseModel, strings.Join(GetLicenseModelEnumStringValues(), ","))) } + if _, ok := GetMappingEnvironmentTypeEnum(string(m.EnvironmentType)); !ok && m.EnvironmentType != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for EnvironmentType: %s. Supported values are: %s.", m.EnvironmentType, strings.Join(GetEnvironmentTypeEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_group_to_roles_mapping_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_group_to_roles_mapping_details.go new file mode 100644 index 00000000000..ceb9893c4b2 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_group_to_roles_mapping_details.go @@ -0,0 +1,57 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// GoldenGate API +// +// Use the Oracle Cloud Infrastructure GoldenGate APIs to perform data replication operations. +// + +package goldengate + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// UpdateGroupToRolesMappingDetails Defines the IDP Groups to GoldenGate roles mapping. This field is used only for IAM deployment and does not have any impact on non-IAM deployments. +// For IAM deployment, when user does not specify this mapping, then it has null value and default mapping is used. +// User belonging to each group can only perform the actions according to the role the respective group is mapped to. +type UpdateGroupToRolesMappingDetails struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role securityGroup. + // It grants administration of security related objects and invoke security related service requests. This role has full privileges. + SecurityGroupId *string `mandatory:"false" json:"securityGroupId"` + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role administratorGroup. + // It grants full access to the user, including the ability to alter general, non-security related operational parameters + // and profiles of the server. + AdministratorGroupId *string `mandatory:"false" json:"administratorGroupId"` + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role operatorGroup. + // It allows users to perform only operational actions, like starting and stopping resources. + // Operators cannot alter the operational parameters or profiles of the MA server. + OperatorGroupId *string `mandatory:"false" json:"operatorGroupId"` + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role userGroup. + // It allows information-only service requests, which do not alter or affect the operation of either the MA. + // Examples of query and read-only information include performance metric information and resource status and monitoring information + UserGroupId *string `mandatory:"false" json:"userGroupId"` +} + +func (m UpdateGroupToRolesMappingDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m UpdateGroupToRolesMappingDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_ogg_deployment_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_ogg_deployment_details.go index 7951fa55f49..445b26aba13 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_ogg_deployment_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_ogg_deployment_details.go @@ -41,6 +41,8 @@ type UpdateOggDeploymentDetails struct { // The base64 encoded content of the PEM file containing the private key. Key *string `mandatory:"false" json:"key"` + + GroupToRolesMapping *UpdateGroupToRolesMappingDetails `mandatory:"false" json:"groupToRolesMapping"` } func (m UpdateOggDeploymentDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_oracle_connection_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_oracle_connection_details.go index a8d8c075928..3e3252e5d25 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_oracle_connection_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/goldengate/update_oracle_connection_details.go @@ -61,8 +61,8 @@ type UpdateOracleConnectionDetails struct { // Connect descriptor or Easy Connect Naming method used to connect to a database. ConnectionString *string `mandatory:"false" json:"connectionString"` - // The wallet contents Oracle GoldenGate uses to make connections to a database. This - // attribute is expected to be base64 encoded. + // The wallet contents Oracle GoldenGate uses to make connections to a database. + // This attribute is expected to be base64 encoded. Wallet *string `mandatory:"false" json:"wallet"` // Deprecated: this field will be removed in future versions. Either specify the private IP in the connectionString or host diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/securityattribute/securityattribute_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/securityattribute/securityattribute_client.go index 911d97a96a2..3ecbd3b5b4b 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/securityattribute/securityattribute_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/securityattribute/securityattribute_client.go @@ -160,7 +160,7 @@ func (client SecurityAttributeClient) bulkDeleteSecurityAttributes(ctx context.C defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttribute/BulkDeleteSecurityAttributes" err = common.PostProcessServiceError(err, "SecurityAttribute", "BulkDeleteSecurityAttributes", apiReferenceLink) return response, err } @@ -231,7 +231,7 @@ func (client SecurityAttributeClient) bulkEditSecurityAttributes(ctx context.Con defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttribute/BulkEditSecurityAttributes" err = common.PostProcessServiceError(err, "SecurityAttribute", "BulkEditSecurityAttributes", apiReferenceLink) return response, err } @@ -307,7 +307,7 @@ func (client SecurityAttributeClient) cascadingDeleteSecurityAttributeNamespace( defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeNamespace/CascadingDeleteSecurityAttributeNamespace" err = common.PostProcessServiceError(err, "SecurityAttribute", "CascadingDeleteSecurityAttributeNamespace", apiReferenceLink) return response, err } @@ -373,7 +373,7 @@ func (client SecurityAttributeClient) changeSecurityAttributeNamespaceCompartmen defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeNamespace/ChangeSecurityAttributeNamespaceCompartment" err = common.PostProcessServiceError(err, "SecurityAttribute", "ChangeSecurityAttributeNamespaceCompartment", apiReferenceLink) return response, err } @@ -448,7 +448,7 @@ func (client SecurityAttributeClient) createSecurityAttribute(ctx context.Contex defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttribute/CreateSecurityAttribute" err = common.PostProcessServiceError(err, "SecurityAttribute", "CreateSecurityAttribute", apiReferenceLink) return response, err } @@ -521,7 +521,7 @@ func (client SecurityAttributeClient) createSecurityAttributeNamespace(ctx conte defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeNamespace/CreateSecurityAttributeNamespace" err = common.PostProcessServiceError(err, "SecurityAttribute", "CreateSecurityAttributeNamespace", apiReferenceLink) return response, err } @@ -593,7 +593,7 @@ func (client SecurityAttributeClient) deleteSecurityAttribute(ctx context.Contex defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttribute/DeleteSecurityAttribute" err = common.PostProcessServiceError(err, "SecurityAttribute", "DeleteSecurityAttribute", apiReferenceLink) return response, err } @@ -658,7 +658,7 @@ func (client SecurityAttributeClient) deleteSecurityAttributeNamespace(ctx conte defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeNamespace/DeleteSecurityAttributeNamespace" err = common.PostProcessServiceError(err, "SecurityAttribute", "DeleteSecurityAttributeNamespace", apiReferenceLink) return response, err } @@ -716,7 +716,7 @@ func (client SecurityAttributeClient) getSecurityAttribute(ctx context.Context, defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttribute/GetSecurityAttribute" err = common.PostProcessServiceError(err, "SecurityAttribute", "GetSecurityAttribute", apiReferenceLink) return response, err } @@ -774,7 +774,7 @@ func (client SecurityAttributeClient) getSecurityAttributeNamespace(ctx context. defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeNamespace/GetSecurityAttributeNamespace" err = common.PostProcessServiceError(err, "SecurityAttribute", "GetSecurityAttributeNamespace", apiReferenceLink) return response, err } @@ -833,7 +833,7 @@ func (client SecurityAttributeClient) getSecurityAttributeWorkRequest(ctx contex defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeWorkRequest/GetSecurityAttributeWorkRequest" err = common.PostProcessServiceError(err, "SecurityAttribute", "GetSecurityAttributeWorkRequest", apiReferenceLink) return response, err } @@ -891,7 +891,7 @@ func (client SecurityAttributeClient) listSecurityAttributeNamespaces(ctx contex defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeNamespaceSummary/ListSecurityAttributeNamespaces" err = common.PostProcessServiceError(err, "SecurityAttribute", "ListSecurityAttributeNamespaces", apiReferenceLink) return response, err } @@ -949,7 +949,7 @@ func (client SecurityAttributeClient) listSecurityAttributeWorkRequestErrors(ctx defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeWorkRequestErrorSummary/ListSecurityAttributeWorkRequestErrors" err = common.PostProcessServiceError(err, "SecurityAttribute", "ListSecurityAttributeWorkRequestErrors", apiReferenceLink) return response, err } @@ -1007,7 +1007,7 @@ func (client SecurityAttributeClient) listSecurityAttributeWorkRequestLogs(ctx c defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeWorkRequestLogSummary/ListSecurityAttributeWorkRequestLogs" err = common.PostProcessServiceError(err, "SecurityAttribute", "ListSecurityAttributeWorkRequestLogs", apiReferenceLink) return response, err } @@ -1065,7 +1065,7 @@ func (client SecurityAttributeClient) listSecurityAttributeWorkRequests(ctx cont defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeWorkRequestSummary/ListSecurityAttributeWorkRequests" err = common.PostProcessServiceError(err, "SecurityAttribute", "ListSecurityAttributeWorkRequests", apiReferenceLink) return response, err } @@ -1123,7 +1123,7 @@ func (client SecurityAttributeClient) listSecurityAttributes(ctx context.Context defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeSummary/ListSecurityAttributes" err = common.PostProcessServiceError(err, "SecurityAttribute", "ListSecurityAttributes", apiReferenceLink) return response, err } @@ -1186,7 +1186,7 @@ func (client SecurityAttributeClient) updateSecurityAttribute(ctx context.Contex defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttribute/UpdateSecurityAttribute" err = common.PostProcessServiceError(err, "SecurityAttribute", "UpdateSecurityAttribute", apiReferenceLink) return response, err } @@ -1255,7 +1255,7 @@ func (client SecurityAttributeClient) updateSecurityAttributeNamespace(ctx conte defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/security-attribute/20240815/SecurityAttributeNamespace/UpdateSecurityAttributeNamespace" err = common.PostProcessServiceError(err, "SecurityAttribute", "UpdateSecurityAttributeNamespace", apiReferenceLink) return response, err } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/zpr/zpr_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/zpr/zpr_client.go index a55a979c383..eea4e53e8cc 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/zpr/zpr_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/zpr/zpr_client.go @@ -146,7 +146,7 @@ func (client ZprClient) createConfiguration(ctx context.Context, request common. defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/Configuration/CreateConfiguration" err = common.PostProcessServiceError(err, "Zpr", "CreateConfiguration", apiReferenceLink) return response, err } @@ -209,7 +209,7 @@ func (client ZprClient) createZprPolicy(ctx context.Context, request common.OCIR defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/ZprPolicy/CreateZprPolicy" err = common.PostProcessServiceError(err, "Zpr", "CreateZprPolicy", apiReferenceLink) return response, err } @@ -267,7 +267,7 @@ func (client ZprClient) deleteZprPolicy(ctx context.Context, request common.OCIR defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/ZprPolicy/DeleteZprPolicy" err = common.PostProcessServiceError(err, "Zpr", "DeleteZprPolicy", apiReferenceLink) return response, err } @@ -326,7 +326,7 @@ func (client ZprClient) getConfiguration(ctx context.Context, request common.OCI defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/Configuration/GetConfiguration" err = common.PostProcessServiceError(err, "Zpr", "GetConfiguration", apiReferenceLink) return response, err } @@ -384,7 +384,7 @@ func (client ZprClient) getZprConfigurationWorkRequest(ctx context.Context, requ defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/WorkRequest/GetZprConfigurationWorkRequest" err = common.PostProcessServiceError(err, "Zpr", "GetZprConfigurationWorkRequest", apiReferenceLink) return response, err } @@ -442,7 +442,7 @@ func (client ZprClient) getZprPolicy(ctx context.Context, request common.OCIRequ defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/ZprPolicy/GetZprPolicy" err = common.PostProcessServiceError(err, "Zpr", "GetZprPolicy", apiReferenceLink) return response, err } @@ -500,7 +500,7 @@ func (client ZprClient) getZprPolicyWorkRequest(ctx context.Context, request com defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/WorkRequest/GetZprPolicyWorkRequest" err = common.PostProcessServiceError(err, "Zpr", "GetZprPolicyWorkRequest", apiReferenceLink) return response, err } @@ -558,7 +558,7 @@ func (client ZprClient) listZprConfigurationWorkRequestErrors(ctx context.Contex defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/WorkRequestError/ListZprConfigurationWorkRequestErrors" err = common.PostProcessServiceError(err, "Zpr", "ListZprConfigurationWorkRequestErrors", apiReferenceLink) return response, err } @@ -616,7 +616,7 @@ func (client ZprClient) listZprConfigurationWorkRequestLogs(ctx context.Context, defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/WorkRequestLogEntry/ListZprConfigurationWorkRequestLogs" err = common.PostProcessServiceError(err, "Zpr", "ListZprConfigurationWorkRequestLogs", apiReferenceLink) return response, err } @@ -674,7 +674,7 @@ func (client ZprClient) listZprConfigurationWorkRequests(ctx context.Context, re defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/WorkRequest/ListZprConfigurationWorkRequests" err = common.PostProcessServiceError(err, "Zpr", "ListZprConfigurationWorkRequests", apiReferenceLink) return response, err } @@ -732,7 +732,7 @@ func (client ZprClient) listZprPolicies(ctx context.Context, request common.OCIR defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/ZprPolicyCollection/ListZprPolicies" err = common.PostProcessServiceError(err, "Zpr", "ListZprPolicies", apiReferenceLink) return response, err } @@ -790,7 +790,7 @@ func (client ZprClient) listZprPolicyWorkRequestErrors(ctx context.Context, requ defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/WorkRequestError/ListZprPolicyWorkRequestErrors" err = common.PostProcessServiceError(err, "Zpr", "ListZprPolicyWorkRequestErrors", apiReferenceLink) return response, err } @@ -848,7 +848,7 @@ func (client ZprClient) listZprPolicyWorkRequestLogs(ctx context.Context, reques defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/WorkRequestLogEntry/ListZprPolicyWorkRequestLogs" err = common.PostProcessServiceError(err, "Zpr", "ListZprPolicyWorkRequestLogs", apiReferenceLink) return response, err } @@ -906,7 +906,7 @@ func (client ZprClient) listZprPolicyWorkRequests(ctx context.Context, request c defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/WorkRequest/ListZprPolicyWorkRequests" err = common.PostProcessServiceError(err, "Zpr", "ListZprPolicyWorkRequests", apiReferenceLink) return response, err } @@ -969,7 +969,7 @@ func (client ZprClient) updateZprPolicy(ctx context.Context, request common.OCIR defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/zero-trust-packet-routing/20240301/ZprPolicy/UpdateZprPolicy" err = common.PostProcessServiceError(err, "Zpr", "UpdateZprPolicy", apiReferenceLink) return response, err } diff --git a/vendor/modules.txt b/vendor/modules.txt index fb6cdd209f4..e44ea7c14aa 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -225,7 +225,7 @@ github.com/mitchellh/reflectwalk # github.com/oklog/run v1.0.0 ## explicit github.com/oklog/run -# github.com/oracle/oci-go-sdk/v65 v65.75.0 => ./vendor/github.com/oracle/oci-go-sdk +# github.com/oracle/oci-go-sdk/v65 v65.76.0 ## explicit; go 1.13 github.com/oracle/oci-go-sdk/v65/adm github.com/oracle/oci-go-sdk/v65/aianomalydetection diff --git a/website/docs/d/containerengine_clusters.html.markdown b/website/docs/d/containerengine_clusters.html.markdown index d92416c129c..259d33dc2cd 100644 --- a/website/docs/d/containerengine_clusters.html.markdown +++ b/website/docs/d/containerengine_clusters.html.markdown @@ -79,6 +79,7 @@ The following attributes are exported: * `updated_by_user_id` - The user who updated the cluster. * `updated_by_work_request_id` - The OCID of the work request which updated the cluster. * `name` - The name of the cluster. +* `open_id_connect_discovery_endpoint` - The cluster-specific OpenID Connect Discovery endpoint * `options` - Optional attributes for the cluster. * `add_ons` - Configurable cluster add-ons * `is_kubernetes_dashboard_enabled` - Whether or not to enable the Kubernetes Dashboard add-on. @@ -88,6 +89,21 @@ The following attributes are exported: * `kubernetes_network_config` - Network configuration for Kubernetes. * `pods_cidr` - The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16. * `services_cidr` - The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16. + * `open_id_connect_token_authentication_config` - The properties that configure OIDC token authentication in kube-apiserver. For more information, see [Configuring the API Server](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#using-flags). + * `ca_certificate` - A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate. + * `client_id` - A client id that all tokens must be issued for. + * `groups_claim` - JWT claim to use as the user's group. If the claim is present it must be an array of strings. + * `groups_prefix` - Prefix prepended to group claims to prevent clashes with existing names (such as system:groups). + * `is_open_id_connect_auth_enabled` - Whether the cluster has OIDC Auth Config enabled. Defaults to false. + * `issuer_url` - URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path. + * `required_claims` - A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims. + * `key` - The key of the pair. + * `value` - The value of the pair. + * `signing_algorithms` - The signing algorithms accepted. Default is ["RS256"]. + * `username_claim` - JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins. + * `username_prefix` - Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing. + * `open_id_connect_discovery` - The property that define the status of the OIDC Discovery feature for a cluster. + * `is_open_id_connect_discovery_enabled` - Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint. * `persistent_volume_config` - Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC) * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` * `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` diff --git a/website/docs/d/core_block_volume_replica.html.markdown b/website/docs/d/core_block_volume_replica.html.markdown index ebbdbd01ebd..525a2db88b2 100644 --- a/website/docs/d/core_block_volume_replica.html.markdown +++ b/website/docs/d/core_block_volume_replica.html.markdown @@ -39,6 +39,7 @@ The following attributes are exported: * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. * `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` * `id` - The block volume replica's Oracle ID (OCID). +* `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `size_in_gbs` - The size of the source block volume, in GBs. * `state` - The current state of a block volume replica. * `time_created` - The date and time the block volume replica was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339). diff --git a/website/docs/d/core_block_volume_replicas.html.markdown b/website/docs/d/core_block_volume_replicas.html.markdown index 141f7d59ee1..554a61c4449 100644 --- a/website/docs/d/core_block_volume_replicas.html.markdown +++ b/website/docs/d/core_block_volume_replicas.html.markdown @@ -56,6 +56,7 @@ The following attributes are exported: * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. * `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` * `id` - The block volume replica's Oracle ID (OCID). +* `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `size_in_gbs` - The size of the source block volume, in GBs. * `state` - The current state of a block volume replica. * `time_created` - The date and time the block volume replica was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339). diff --git a/website/docs/d/core_boot_volume.html.markdown b/website/docs/d/core_boot_volume.html.markdown index b8d66a3e2fa..788cc15a5c2 100644 --- a/website/docs/d/core_boot_volume.html.markdown +++ b/website/docs/d/core_boot_volume.html.markdown @@ -41,6 +41,7 @@ The following attributes are exported: * `availability_domain` - The availability domain of the boot volume replica. Example: `Uocm:PHX-AD-1` * `boot_volume_replica_id` - The boot volume replica's Oracle ID (OCID). * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. + * `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `cluster_placement_group_id` - The clusterPlacementGroup Id of the volume for volume placement. * `compartment_id` - The OCID of the compartment that contains the boot volume. * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` @@ -54,8 +55,11 @@ The following attributes are exported: * `size_in_gbs` - The size of the boot volume in GBs. * `size_in_mbs` - The size of the volume in MBs. The value must be a multiple of 1024. This field is deprecated. Please use `size_in_gbs`. * `source_details` - + * `change_block_size_in_bytes` - Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + * `first_backup_id` - The OCID of the first boot volume backup. * `id` - The OCID of the boot volume replica. - * `type` - The type can be one of these values: `bootVolume`, `bootVolumeBackup`, `bootVolumeReplica` + * `second_backup_id` - The OCID of the second boot volume backup. + * `type` - The type can be one of these values: `bootVolume`, `bootVolumeBackup`, `bootVolumeBackupDelta`, `bootVolumeReplica` * `state` - The current state of a boot volume. * `system_tags` - System tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` * `time_created` - The date and time the boot volume was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339). diff --git a/website/docs/d/core_boot_volume_replica.html.markdown b/website/docs/d/core_boot_volume_replica.html.markdown index aa55bef4cba..19b46adb2fc 100644 --- a/website/docs/d/core_boot_volume_replica.html.markdown +++ b/website/docs/d/core_boot_volume_replica.html.markdown @@ -39,6 +39,8 @@ The following attributes are exported: * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. * `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` * `id` - The boot volume replica's Oracle ID (OCID). +* `image_id` - The image OCID used to create the boot volume the replica is replicated from. +* `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the boot volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `image_id` - The image OCID used to create the boot volume the replica is replicated from. * `size_in_gbs` - The size of the source boot volume, in GBs. * `state` - The current state of a boot volume replica. diff --git a/website/docs/d/core_boot_volume_replicas.html.markdown b/website/docs/d/core_boot_volume_replicas.html.markdown index e11827f452b..3b92ee58414 100644 --- a/website/docs/d/core_boot_volume_replicas.html.markdown +++ b/website/docs/d/core_boot_volume_replicas.html.markdown @@ -56,6 +56,8 @@ The following attributes are exported: * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. * `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` * `id` - The boot volume replica's Oracle ID (OCID). +* `image_id` - The image OCID used to create the boot volume the replica is replicated from. +* `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the boot volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `image_id` - The image OCID used to create the boot volume the replica is replicated from. * `size_in_gbs` - The size of the source boot volume, in GBs. * `state` - The current state of a boot volume replica. diff --git a/website/docs/d/core_boot_volumes.html.markdown b/website/docs/d/core_boot_volumes.html.markdown index 24772f67f73..e3d604e6da3 100644 --- a/website/docs/d/core_boot_volumes.html.markdown +++ b/website/docs/d/core_boot_volumes.html.markdown @@ -53,6 +53,7 @@ The following attributes are exported: * `availability_domain` - The availability domain of the boot volume replica. Example: `Uocm:PHX-AD-1` * `boot_volume_replica_id` - The boot volume replica's Oracle ID (OCID). * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. + * `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `cluster_placement_group_id` - The clusterPlacementGroup Id of the volume for volume placement. * `compartment_id` - The OCID of the compartment that contains the boot volume. * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` @@ -66,8 +67,11 @@ The following attributes are exported: * `size_in_gbs` - The size of the boot volume in GBs. * `size_in_mbs` - The size of the volume in MBs. The value must be a multiple of 1024. This field is deprecated. Please use `size_in_gbs`. * `source_details` - + * `change_block_size_in_bytes` - Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + * `first_backup_id` - The OCID of the first boot volume backup. * `id` - The OCID of the boot volume replica. - * `type` - The type can be one of these values: `bootVolume`, `bootVolumeBackup`, `bootVolumeReplica` + * `second_backup_id` - The OCID of the second boot volume backup. + * `type` - The type can be one of these values: `bootVolume`, `bootVolumeBackup`, `bootVolumeBackupDelta`, `bootVolumeReplica` * `state` - The current state of a boot volume. * `system_tags` - System tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` * `time_created` - The date and time the boot volume was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339). diff --git a/website/docs/d/core_instance_configuration.html.markdown b/website/docs/d/core_instance_configuration.html.markdown index e98e27a8271..5238a2d7aad 100644 --- a/website/docs/d/core_instance_configuration.html.markdown +++ b/website/docs/d/core_instance_configuration.html.markdown @@ -77,6 +77,7 @@ The following attributes are exported: * `30`-`120`: Represents the Ultra High Performance option. For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + * `xrc_kms_key_id` - The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_id` - The OCID of the volume. * `instance_type` - The type of instance details. Supported instanceType is compute * `launch_details` - Instance launch details for creating an instance from an instance configuration. Use the `sourceDetails` parameter to specify whether a boot volume or an image should be used to launch a new instance. @@ -309,6 +310,7 @@ The following attributes are exported: * `30`-`120`: Represents the Ultra High Performance option. For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + * `xrc_kms_key_id` - The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_id` - The OCID of the volume. * `launch_details` - Instance launch details for creating an instance from an instance configuration. Use the `sourceDetails` parameter to specify whether a boot volume or an image should be used to launch a new instance. diff --git a/website/docs/d/core_instance_configurations.html.markdown b/website/docs/d/core_instance_configurations.html.markdown index cbdca40ad97..721b4f52cb5 100644 --- a/website/docs/d/core_instance_configurations.html.markdown +++ b/website/docs/d/core_instance_configurations.html.markdown @@ -84,6 +84,7 @@ The following attributes are exported: * `30`-`120`: Represents the Ultra High Performance option. For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + * `xrc_kms_key_id` - The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_id` - The OCID of the volume. * `instance_type` - The type of instance details. Supported instanceType is compute * `launch_details` - Instance launch details for creating an instance from an instance configuration. Use the `sourceDetails` parameter to specify whether a boot volume or an image should be used to launch a new instance. @@ -316,6 +317,7 @@ The following attributes are exported: * `30`-`120`: Represents the Ultra High Performance option. For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + * `xrc_kms_key_id` - The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_id` - The OCID of the volume. * `launch_details` - Instance launch details for creating an instance from an instance configuration. Use the `sourceDetails` parameter to specify whether a boot volume or an image should be used to launch a new instance. diff --git a/website/docs/d/core_volume.html.markdown b/website/docs/d/core_volume.html.markdown index fae45b710a6..390f547798e 100644 --- a/website/docs/d/core_volume.html.markdown +++ b/website/docs/d/core_volume.html.markdown @@ -42,6 +42,7 @@ The following attributes are exported: * `block_volume_replica_id` - The block volume replica's Oracle ID (OCID). * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. * `cluster_placement_group_id` - The clusterPlacementGroup Id of the volume for volume placement. + * `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `compartment_id` - The OCID of the compartment that contains the volume. * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. @@ -51,10 +52,13 @@ The following attributes are exported: * `is_hydrated` - Specifies whether the cloned volume's data has finished copying from the source volume or backup. * `kms_key_id` - The OCID of the Vault service key which is the master encryption key for the volume. * `size_in_gbs` - The size of the volume in GBs. -* `size_in_mbs` - The size of the volume in MBs. This field is deprecated. Use sizeInGBs instead. -* `source_details` - - * `id` - The OCID of the block volume replica. - * `type` - The type can be one of these values: `blockVolumeReplica`, `volume`, `volumeBackup` +* `size_in_mbs` - The size of the volume in MBs. This field is deprecated. Use sizeInGBs instead. +* `source_details` - Specifies the volume source details for a new Block volume. The volume source is either another Block volume in the same Availability Domain or a Block volume backup. This is an optional field. If not specified or set to null, the new Block volume will be empty. When specified, the new Block volume will contain data from the source volume or backup. + * `change_block_size_in_bytes` - Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + * `first_backup_id` - The OCID of the first volume backup. + * `id` - The OCID of the block volume replica. + * `second_backup_id` - The OCID of the second volume backup. + * `type` - The type can be one of these values: `blockVolumeReplica`, `volume`, `volumeBackup`, `volumeBackupDelta` * `state` - The current state of a volume. * `system_tags` - System tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` * `time_created` - The date and time the volume was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339). diff --git a/website/docs/d/core_volume_backup_policy_assignments.html.markdown b/website/docs/d/core_volume_backup_policy_assignments.html.markdown index d4124a43a08..e7c08eeb272 100644 --- a/website/docs/d/core_volume_backup_policy_assignments.html.markdown +++ b/website/docs/d/core_volume_backup_policy_assignments.html.markdown @@ -45,4 +45,5 @@ The following attributes are exported: * `id` - The OCID of the volume backup policy assignment. * `policy_id` - The OCID of the volume backup policy that has been assigned to the volume. * `time_created` - The date and time the volume backup policy was assigned to the volume. The format is defined by [RFC3339](https://tools.ietf.org/html/rfc3339). +* `xrc_kms_key_id` - The OCID of the Vault service key which is the master encryption key for the block / boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). diff --git a/website/docs/d/core_volume_groups.html.markdown b/website/docs/d/core_volume_groups.html.markdown index 90a0ac7b83f..931d6bd0e4e 100644 --- a/website/docs/d/core_volume_groups.html.markdown +++ b/website/docs/d/core_volume_groups.html.markdown @@ -67,6 +67,7 @@ The following attributes are exported: * `volume_group_replicas` - The list of volume group replicas of this volume group. * `availability_domain` - The availability domain of the boot volume replica replica. Example: `Uocm:PHX-AD-1` * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. + * `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_group_replica_id` - The volume group replica's Oracle ID (OCID). * `volume_ids` - OCIDs for the volumes in this volume group. diff --git a/website/docs/d/core_volumes.html.markdown b/website/docs/d/core_volumes.html.markdown index 1e2bf29211e..46744c44e61 100644 --- a/website/docs/d/core_volumes.html.markdown +++ b/website/docs/d/core_volumes.html.markdown @@ -60,6 +60,7 @@ The following attributes are exported: * `block_volume_replica_id` - The block volume replica's Oracle ID (OCID). * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. * `cluster_placement_group_id` - The clusterPlacementGroup Id of the volume for volume placement. + * `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `compartment_id` - The OCID of the compartment that contains the volume. * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. @@ -69,10 +70,13 @@ The following attributes are exported: * `is_hydrated` - Specifies whether the cloned volume's data has finished copying from the source volume or backup. * `kms_key_id` - The OCID of the Vault service key which is the master encryption key for the volume. * `size_in_gbs` - The size of the volume in GBs. -* `size_in_mbs` - The size of the volume in MBs. This field is deprecated. Use `size_in_gbs` instead. -* `source_details` - - * `id` - The OCID of the block volume replica. - * `type` - The type can be one of these values: `blockVolumeReplica`, `volume`, `volumeBackup` +* `size_in_mbs` - The size of the volume in MBs. This field is deprecated. Use sizeInGBs instead. +* `source_details` - Specifies the volume source details for a new Block volume. The volume source is either another Block volume in the same Availability Domain or a Block volume backup. This is an optional field. If not specified or set to null, the new Block volume will be empty. When specified, the new Block volume will contain data from the source volume or backup. + * `change_block_size_in_bytes` - Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + * `first_backup_id` - The OCID of the first volume backup. + * `id` - The OCID of the block volume replica. + * `second_backup_id` - The OCID of the second volume backup. + * `type` - The type can be one of these values: `blockVolumeReplica`, `volume`, `volumeBackup`, `volumeBackupDelta` * `state` - The current state of a volume. * `system_tags` - System tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` * `time_created` - The date and time the volume was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339). diff --git a/website/docs/d/desktops_desktop_pool.html.markdown b/website/docs/d/desktops_desktop_pool.html.markdown index 45d93ed07d7..9f14f3ae54c 100644 --- a/website/docs/d/desktops_desktop_pool.html.markdown +++ b/website/docs/d/desktops_desktop_pool.html.markdown @@ -8,11 +8,11 @@ description: |- --- # Data Source: oci_desktops_desktop_pool + This data source provides details about a specific Desktop Pool resource in Oracle Cloud Infrastructure Desktops service. Returns information about the desktop pool including all configuration parameters and the current state. - ## Example Usage ```hcl @@ -28,7 +28,6 @@ The following arguments are supported: * `desktop_pool_id` - (Required) The OCID of the desktop pool. - ## Attributes Reference The following attributes are exported: @@ -37,53 +36,57 @@ The following attributes are exported: * `are_privileged_users` - Indicates whether desktop pool users have administrative privileges on their desktop. * `availability_domain` - The availability domain of the desktop pool. * `availability_policy` - Provides the start and stop schedule information for desktop availability of the desktop pool. - * `start_schedule` - Provides the schedule information for a desktop. - * `cron_expression` - A cron expression describing the desktop's schedule. - * `timezone` - The timezone of the desktop's schedule. - * `stop_schedule` - Provides the schedule information for a desktop. - * `cron_expression` - A cron expression describing the desktop's schedule. - * `timezone` - The timezone of the desktop's schedule. + * `start_schedule` - Provides the schedule information for a desktop. + * `cron_expression` - A cron expression describing the desktop's schedule. + * `timezone` - The timezone of the desktop's schedule. + * `stop_schedule` - Provides the schedule information for a desktop. + * `cron_expression` - A cron expression describing the desktop's schedule. + * `timezone` - The timezone of the desktop's schedule. * `compartment_id` - The OCID of the compartment of the desktop pool. -* `contact_details` - Contact information of the desktop pool administrator. Avoid entering confidential information. -* `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` -* `description` - A user friendly description providing additional information about the resource. Avoid entering confidential information. -* `device_policy` - Provides the settings for desktop and client device options, such as audio in and out, client drive mapping, and clipboard access. - * `audio_mode` - The audio mode. NONE: No access to the local audio devices is permitted. TODESKTOP: The user may record audio on their desktop. FROMDESKTOP: The user may play audio on their desktop. FULL: The user may play and record audio on their desktop. - * `cdm_mode` - The client local drive access mode. NONE: No access to local drives permitted. READONLY: The user may read from local drives on their desktop. FULL: The user may read from and write to their local drives on their desktop. - * `clipboard_mode` - The clipboard mode. NONE: No access to the local clipboard is permitted. TODESKTOP: The clipboard can be used to transfer data to the desktop only. FROMDESKTOP: The clipboard can be used to transfer data from the desktop only. FULL: The clipboard can be used to transfer data to and from the desktop. - * `is_display_enabled` - Indicates whether the display is enabled. - * `is_keyboard_enabled` - Indicates whether the keyboard is enabled. - * `is_pointer_enabled` - Indicates whether the pointer is enabled. - * `is_printing_enabled` - Indicates whether printing is enabled. +* `contact_details` - Contact information of the desktop pool administrator. Avoid entering confidential information. +* `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` +* `description` - A user friendly description providing additional information about the resource. Avoid entering confidential information. +* `device_policy` - Provides the settings for desktop and client device options, such as audio in and out, client drive mapping, and clipboard access. + * `audio_mode` - The audio mode. NONE: No access to the local audio devices is permitted. TODESKTOP: The user may record audio on their desktop. FROMDESKTOP: The user may play audio on their desktop. FULL: The user may play and record audio on their desktop. + * `cdm_mode` - The client local drive access mode. NONE: No access to local drives permitted. READONLY: The user may read from local drives on their desktop. FULL: The user may read from and write to their local drives on their desktop. + * `clipboard_mode` - The clipboard mode. NONE: No access to the local clipboard is permitted. TODESKTOP: The clipboard can be used to transfer data to the desktop only. FROMDESKTOP: The clipboard can be used to transfer data from the desktop only. FULL: The clipboard can be used to transfer data to and from the desktop. + * `is_display_enabled` - Indicates whether the display is enabled. + * `is_keyboard_enabled` - Indicates whether the keyboard is enabled. + * `is_pointer_enabled` - Indicates whether the pointer is enabled. + * `is_printing_enabled` - Indicates whether printing is enabled. * `display_name` - A user friendly display name. Avoid entering confidential information. -* `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` +* `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` * `id` - The OCID of the desktop pool. * `image` - Provides information about the desktop image. - * `image_id` - The OCID of the desktop image. - * `image_name` - The name of the desktop image. - * `operating_system` - The operating system of the desktop image, e.g. "Oracle Linux", "Windows". + * `image_id` - The OCID of the desktop image. + * `image_name` - The name of the desktop image. + * `operating_system` - The operating system of the desktop image, e.g. "Oracle Linux", "Windows". * `is_storage_enabled` - Indicates whether storage is enabled for the desktop pool. * `maximum_size` - The maximum number of desktops permitted in the desktop pool. * `network_configuration` - Provides information about the network configuration of the desktop pool. - * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. - * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. + * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. + * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. * `nsg_ids` - A list of network security groups for the network. -* `shape_config` - The shape configuration used for each desktop compute instance in the desktop pool. - * `baseline_ocpu_utilization` - The baseline OCPU utilization for a subcore burstable VM instance used for each desktop compute instance in the desktop pool. Leave this attribute blank for a non-burstable instance, or explicitly specify non-burstable with `BASELINE_1_1`. The following values are supported: - * `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. - * `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. - * `BASELINE_1_1` - baseline usage is the entire OCPU. This represents a non-burstable instance. - * `memory_in_gbs` - The total amount of memory available in gigabytes for each desktop compute instance in the desktop pool. - * `ocpus` - The total number of OCPUs available for each desktop compute instance in the desktop pool. - * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. - * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. -* `nsg_ids` - A list of network security groups for the network. -* `private_access_details` - The details of the desktop's private access network connectivity that were used to create the pool. - * `endpoint_fqdn` - The three-label FQDN to use for the private endpoint. The customer VCN's DNS records are updated with this FQDN. This enables the customer to use the FQDN instead of the private endpoint's private IP address to access the service (for example, xyz.oraclecloud.com). - * `nsg_ids` - A list of network security groups for the private access. - * `private_ip` - The IPv4 address from the provided Oracle Cloud Infrastructure subnet which needs to be assigned to the VNIC. If not provided, it will be auto-assigned with an available IPv4 address from the subnet. - * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. - * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. +* `shape_config` - The shape configuration used for each desktop compute instance in the desktop pool. + * `baseline_ocpu_utilization` - The baseline OCPU utilization for a subcore burstable VM instance used for each desktop compute instance in the desktop pool. Leave this attribute blank for a non-burstable instance, or explicitly specify non-burstable with `BASELINE_1_1`. The following values are supported: + * `BASELINE_1_8` - baseline usage is 1/8 of an OCPU. + * `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. + * `BASELINE_1_1` - baseline usage is the entire OCPU. This represents a non-burstable instance. + * `memory_in_gbs` - The total amount of memory available in gigabytes for each desktop compute instance in the desktop pool. + * `ocpus` - The total number of OCPUs available for each desktop compute instance in the desktop pool. +* `private_access_details` - The details of the desktop's private access network connectivity that were used to create the pool. + * `endpoint_fqdn` - The three-label FQDN to use for the private endpoint. The customer VCN's DNS records are updated with this FQDN. This enables the customer to use the FQDN instead of the private endpoint's private IP address to access the service (for example, xyz.oraclecloud.com). + * `nsg_ids` - A list of network security groups for the private access. + * `private_ip` - The IPv4 address from the provided Oracle Cloud Infrastructure subnet which needs to be assigned to the VNIC. If not provided, it will be auto-assigned with an available IPv4 address from the subnet. + * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the private subnet in the customer VCN where the connectivity will be established. + * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. +* `session_lifecycle_actions` - Action to be triggered on inactivity or disconnect + * `disconnect` - Action and grace period for disconnect + * `action` - a disconnect action to be triggered + * `grace_period_in_minutes` - The period of time (in minutes) after disconnect before any action occurs. If the value is not provided, a default value is used. + * `inactivity` - Action and grace period for inactivity + * `action` - an inactivity action to be triggered + * `grace_period_in_minutes` - The period of time (in minutes) during which the session must remain inactive before any action occurs. If the value is not provided, a default value is used. * `shape_name` - The shape of the desktop pool. * `standby_size` - The maximum number of standby desktops available in the desktop pool. * `state` - The current state of the desktop pool. @@ -93,4 +96,5 @@ The following attributes are exported: * `time_start_scheduled` - The start time of the desktop pool. * `time_stop_scheduled` - The stop time of the desktop pool. * `use_dedicated_vm_host` - Indicates whether the desktop pool uses dedicated virtual machine hosts. +--- diff --git a/website/docs/d/desktops_desktop_pools.html.markdown b/website/docs/d/desktops_desktop_pools.html.markdown index 17efa571a9e..83e4a3efe5e 100644 --- a/website/docs/d/desktops_desktop_pools.html.markdown +++ b/website/docs/d/desktops_desktop_pools.html.markdown @@ -90,16 +90,20 @@ The following attributes are exported: * `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. * `BASELINE_1_1` - baseline usage is the entire OCPU. This represents a non-burstable instance. * `memory_in_gbs` - The total amount of memory available in gigabytes for each desktop compute instance in the desktop pool. - * `ocpus` - The total number of OCPUs available for each desktop compute instance in the desktop pool. - * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. - * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. -* `nsg_ids` - A list of network security groups for the network. + * `ocpus` - The total number of OCPUs available for each desktop compute instance in the desktop pool. * `private_access_details` - The details of the desktop's private access network connectivity that were used to create the pool. * `endpoint_fqdn` - The three-label FQDN to use for the private endpoint. The customer VCN's DNS records are updated with this FQDN. This enables the customer to use the FQDN instead of the private endpoint's private IP address to access the service (for example, xyz.oraclecloud.com). * `nsg_ids` - A list of network security groups for the private access. * `private_ip` - The IPv4 address from the provided Oracle Cloud Infrastructure subnet which needs to be assigned to the VNIC. If not provided, it will be auto-assigned with an available IPv4 address from the subnet. - * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. - * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. + * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the private subnet in the customer VCN where the connectivity will be established. + * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. +* `session_lifecycle_actions` - Action to be triggered on inactivity or disconnect + * `disconnect` - Action and grace period for disconnect + * `action` - a disconnect action to be triggered + * `grace_period_in_minutes` - The period of time (in minutes) after disconnect before any action occurs. If the value is not provided, a default value is used. + * `inactivity` - Action and grace period for inactivity + * `action` - an inactivity action to be triggered + * `grace_period_in_minutes` - The period of time (in minutes) during which the session must remain inactive before any action occurs. If the value is not provided, a default value is used. * `shape_name` - The shape of the desktop pool. * `standby_size` - The maximum number of standby desktops available in the desktop pool. * `state` - The current state of the desktop pool. diff --git a/website/docs/d/dns_records.html.markdown b/website/docs/d/dns_records.html.markdown index 8b6f934c69b..f300ff44c8d 100644 --- a/website/docs/d/dns_records.html.markdown +++ b/website/docs/d/dns_records.html.markdown @@ -13,11 +13,12 @@ description: |- This data source provides the list of Records in Oracle Cloud Infrastructure DNS service. -Gets all records in the specified zone. The results are sorted by `domain` in alphabetical order by default. -For more information about records, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). -For private zones, the scope query parameter is required with a value of `PRIVATE`. When the zone name is -provided as a path parameter and `PRIVATE` is used for the scope query parameter then the viewId query -parameter is required. +Gets all records in the specified zone. + +The results are sorted by `domain` in alphabetical order by default. For more information about records, +see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). +When the zone name is provided as a path parameter and `PRIVATE` is used for the scope query parameter +then the viewId query parameter is required. ## Example Usage @@ -28,12 +29,9 @@ data "oci_dns_records" "test_records" { zone_name_or_id = oci_dns_zone_name_or.test_zone_name_or.id #Optional - compartment_id = var.compartment_id domain = var.record_domain domain_contains = var.record_domain_contains rtype = var.record_rtype - scope = var.record_scope - view_id = oci_dns_view.test_view.id zone_version = var.record_zone_version } ``` @@ -42,7 +40,9 @@ data "oci_dns_records" "test_records" { The following arguments are supported: -* `compartment_id` - (Optional) The OCID of the compartment the resource belongs to. +* `compartment_id` - (Optional) The OCID of the compartment the zone belongs to. + + This parameter is deprecated and should be omitted. * `domain` - (Optional) Search by domain. Will match any record whose domain (case-insensitive) equals the provided value. * `domain_contains` - (Optional) Search by domain. Will match any record whose domain (case-insensitive) contains the provided value. * `rtype` - (Optional) Search by record type. Will match any record whose [type](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4) (case-insensitive) equals the provided value. @@ -67,7 +67,7 @@ The following attributes are exported: * `rdata` - The record's data, as whitespace-delimited tokens in type-specific presentation format. All RDATA is normalized and the returned presentation of your RDATA may differ from its initial input. For more information about RDATA, see [Supported DNS Resource Record Types](https://docs.cloud.oracle.com/iaas/Content/DNS/Reference/supporteddnsresource.htm) * `record_hash` - A unique identifier for the record within its zone. * `rrset_version` - The latest version of the record's zone in which its RRSet differs from the preceding version. -* `rtype` - The canonical name for the record's type, such as A or CNAME. For more information, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). -* `ttl` - The Time To Live for the record, in seconds. +* `rtype` - The type of DNS record, such as A or CNAME. For more information, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). +* `ttl` - The Time To Live for the record, in seconds. Using a TTL lower than 30 seconds is not recommended. * `zone_name_or_id` - The name or OCID of the target zone. diff --git a/website/docs/d/dns_resolver.html.markdown b/website/docs/d/dns_resolver.html.markdown index 51e3d25101b..3fedaa89500 100644 --- a/website/docs/d/dns_resolver.html.markdown +++ b/website/docs/d/dns_resolver.html.markdown @@ -10,9 +10,10 @@ description: |- # Data Source: oci_dns_resolver This data source provides details about a specific Resolver resource in Oracle Cloud Infrastructure DNS service. -Gets information about a specific resolver. Note that attempting to get a -resolver in the DELETED lifecycleState will result in a `404` response to be -consistent with other operations of the API. Requires a `PRIVATE` scope query parameter. +Gets information about a specific resolver. + +Note that attempting to get a resolver in the DELETED lifecycleState will result in a `404` +response to be consistent with other operations of the API. ## Example Usage diff --git a/website/docs/d/dns_resolver_endpoint.html.markdown b/website/docs/d/dns_resolver_endpoint.html.markdown index 89b1dad45bc..86b8ec51ae4 100644 --- a/website/docs/d/dns_resolver_endpoint.html.markdown +++ b/website/docs/d/dns_resolver_endpoint.html.markdown @@ -10,9 +10,10 @@ description: |- # Data Source: oci_dns_resolver_endpoint This data source provides details about a specific Resolver Endpoint resource in Oracle Cloud Infrastructure DNS service. -Gets information about a specific resolver endpoint. Note that attempting to get a resolver endpoint -in the DELETED lifecycle state will result in a `404` response to be consistent with other operations of the -API. Requires a `PRIVATE` scope query parameter. +Gets information about a specific resolver endpoint. + +Note that attempting to get a resolver endpoint in the DELETED lifecycle state will result +in a `404` response to be consistent with other operations of the API. ## Example Usage diff --git a/website/docs/d/dns_resolver_endpoints.html.markdown b/website/docs/d/dns_resolver_endpoints.html.markdown index 7efd061a5de..3abd30da5a3 100644 --- a/website/docs/d/dns_resolver_endpoints.html.markdown +++ b/website/docs/d/dns_resolver_endpoints.html.markdown @@ -13,7 +13,7 @@ This data source provides the list of Resolver Endpoints in Oracle Cloud Infrast Gets a list of all endpoints within a resolver. The collection can be filtered by name or lifecycle state. It can be sorted on creation time or name both in ASC or DESC order. Note that when no lifecycleState query parameter is provided, the collection does not include resolver endpoints in the DELETED -lifecycle state to be consistent with other operations of the API. Requires a `PRIVATE` scope query parameter. +lifecycle state to be consistent with other operations of the API. ## Example Usage diff --git a/website/docs/d/dns_resolvers.html.markdown b/website/docs/d/dns_resolvers.html.markdown index 9b42ef9b0bd..5bead49b575 100644 --- a/website/docs/d/dns_resolvers.html.markdown +++ b/website/docs/d/dns_resolvers.html.markdown @@ -10,12 +10,12 @@ description: |- # Data Source: oci_dns_resolvers This data source provides the list of Resolvers in Oracle Cloud Infrastructure DNS service. -Gets a list of all resolvers within a compartment. The collection can -be filtered by display name, id, or lifecycle state. It can be sorted -on creation time or displayName both in ASC or DESC order. Note that -when no lifecycleState query parameter is provided, the collection -does not include resolvers in the DELETED lifecycleState to be consistent -with other operations of the API. Requires a `PRIVATE` scope query parameter. +Gets a list of all resolvers within a compartment. + +The collection can be filtered by display name, id, or lifecycle state. It can be sorted +on creation time or displayName both in ASC or DESC order. Note that when no lifecycleState +query parameter is provided, the collection does not include resolvers in the DELETED +lifecycleState to be consistent with other operations of the API. ## Example Usage diff --git a/website/docs/d/dns_rrset.html.markdown b/website/docs/d/dns_rrset.html.markdown index 7c1824fe33e..de8bce88316 100644 --- a/website/docs/d/dns_rrset.html.markdown +++ b/website/docs/d/dns_rrset.html.markdown @@ -10,10 +10,10 @@ description: |- # Data Source: oci_dns_rrset This data source provides details about a specific Rrset resource in Oracle Cloud Infrastructure DNS service. -Gets a list of all records in the specified RRSet. The results are sorted by `recordHash` by default. For -private zones, the scope query parameter is required with a value of `PRIVATE`. When the zone name is -provided as a path parameter and `PRIVATE` is used for the scope query parameter then the viewId query -parameter is required. +Gets a list of all records in the specified RRSet. + +The results are sorted by `recordHash` by default. When the zone name is provided as a path parameter +and `PRIVATE` is used for the scope query parameter then the viewId query parameter is required. ## Example Usage @@ -26,7 +26,6 @@ data "oci_dns_rrset" "test_rrset" { zone_name_or_id = oci_dns_zone.test_zone.id #Optional - compartment_id = var.compartment_id scope = var.rrset_scope view_id = oci_dns_view.test_view.id } @@ -36,12 +35,13 @@ data "oci_dns_rrset" "test_rrset" { The following arguments are supported: -* `compartment_id` - (Optional) The OCID of the compartment the resource belongs to. +* `compartment_id` - (Optional) The OCID of the compartment the zone belongs to. + + This parameter is deprecated and should be omitted. * `domain` - (Required) The target fully-qualified domain name (FQDN) within the target zone. * `rtype` - (Required) The type of the target RRSet within the target zone. -* `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. -This value will be null for zones in the global DNS and `PRIVATE` when listing private Rrsets. -* `view_id` - (Optional) The OCID of the view the resource is associated with. +* `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. +* `view_id` - (Optional) The OCID of the view the zone is associated with. Required when accessing a private zone by name. * `zone_name_or_id` - (Required) The name or OCID of the target zone. * `zone_version` - (Optional) The version of the zone for which data is requested. @@ -57,5 +57,5 @@ The following attributes are exported: * `record_hash` - A unique identifier for the record within its zone. * `rrset_version` - The latest version of the record's zone in which its RRSet differs from the preceding version. * `rtype` - The type of DNS record, such as A or CNAME. For more information, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). - * `ttl` - The Time To Live for the record, in seconds. + * `ttl` - The Time To Live for the record, in seconds. Using a TTL lower than 30 seconds is not recommended. diff --git a/website/docs/d/dns_rrsets.html.markdown b/website/docs/d/dns_rrsets.html.markdown index cb07db10897..6fb80baa2d4 100644 --- a/website/docs/d/dns_rrsets.html.markdown +++ b/website/docs/d/dns_rrsets.html.markdown @@ -10,10 +10,11 @@ description: |- # Data Source: oci_dns_rrsets This data source provides the list of RRsets in Oracle Cloud Infrastructure DNS service. -Gets a list of all rrsets in the specified zone. You can optionally filter the results using the listed parameters. -For private zones, the scope query parameter is required with a value of `PRIVATE`. When the zone name is -provided as a path parameter and `PRIVATE` is used for the scope query parameter then the viewId query -parameter is required. +Gets a list of all rrsets in the specified zone. + +You can optionally filter the results using the listed parameters. When the zone name +is provided as a path parameter and `PRIVATE` is used for the scope query parameter then +the viewId parameter is required. ## Example Usage @@ -40,7 +41,7 @@ The following arguments are supported: * `domain_contains` - (Optional) Matches any rrset whose fully-qualified domain name (FQDN) contains the provided value. * `rtype` - (Optional) Search by record type. Will match any record whose [type](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4) (case-insensitive) equals the provided value. * `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. -* `view_id` - (Optional) The OCID of the view the resource is associated with. +* `view_id` - (Optional) The OCID of the view the zone is associated with. Required when accessing a private zone by name. * `zone_name_or_id` - (Required) The name or OCID of the target zone. @@ -63,5 +64,5 @@ The following attributes are exported: * `record_hash` - A unique identifier for the record within its zone. * `rrset_version` - The latest version of the record's zone in which its RRSet differs from the preceding version. * `rtype` - The type of DNS record, such as A or CNAME. For more information, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). - * `ttl` - The Time To Live for the record, in seconds. + * `ttl` - The Time To Live for the record, in seconds. Using a TTL lower than 30 seconds is not recommended. diff --git a/website/docs/d/dns_steering_policies.html.markdown b/website/docs/d/dns_steering_policies.html.markdown index 17a96119c71..d850e253b21 100644 --- a/website/docs/d/dns_steering_policies.html.markdown +++ b/website/docs/d/dns_steering_policies.html.markdown @@ -79,7 +79,7 @@ The following attributes are exported: * `answer_condition` - An expression that is used to select a set of answers that match a condition. For example, answers with matching pool properties. * `should_keep` - Keeps the answer only if the value is `true`. * `value` - The rank assigned to the set of answers that match the expression in `answerCondition`. Answers with the lowest values move to the beginning of the list without changing the relative order of those with the same value. Answers can be given a value between `0` and `255`. - * `case_condition` - An expression that uses conditions at the time of a DNS query to indicate whether a case matches. Conditions may include the geographical location, IP subnet, or ASN the DNS query originated. **Example:** If you have an office that uses the subnet `192.0.2.0/24` you could use a `caseCondition` expression `query.client.subnet in ('192.0.2.0/24')` to define a case that matches queries from that office. + * `case_condition` - An expression that uses conditions at the time of a DNS query to indicate whether a case matches. Conditions may include the geographical location, IP subnet, or ASN the DNS query originated. **Example:** If you have an office that uses the subnet `192.0.2.0/24` you could use a `caseCondition` expression `query.client.address in ('192.0.2.0/24')` to define a case that matches queries from that office. * `count` - The number of answers allowed to remain after the limit rule has been processed, keeping only the first of the remaining answers in the list. Example: If the `count` property is set to `2` and four answers remain before the limit rule is processed, only the first two answers in the list will remain after the limit rule has been processed. * `default_answer_data` - Defines a default set of answer conditions and values that are applied to an answer when `cases` is not defined for the rule, or a matching case does not have any matching `answerCondition`s in its `answerData`. `defaultAnswerData` is not applied if `cases` is defined and there are no matching cases. In this scenario, the next rule will be processed. * `answer_condition` - An expression that is used to select a set of answers that match a condition. For example, answers with matching pool properties. diff --git a/website/docs/d/dns_steering_policy.html.markdown b/website/docs/d/dns_steering_policy.html.markdown index 2ed8184793f..c78718c3ecc 100644 --- a/website/docs/d/dns_steering_policy.html.markdown +++ b/website/docs/d/dns_steering_policy.html.markdown @@ -55,7 +55,7 @@ The following attributes are exported: * `answer_condition` - An expression that is used to select a set of answers that match a condition. For example, answers with matching pool properties. * `should_keep` - Keeps the answer only if the value is `true`. * `value` - The rank assigned to the set of answers that match the expression in `answerCondition`. Answers with the lowest values move to the beginning of the list without changing the relative order of those with the same value. Answers can be given a value between `0` and `255`. - * `case_condition` - An expression that uses conditions at the time of a DNS query to indicate whether a case matches. Conditions may include the geographical location, IP subnet, or ASN the DNS query originated. **Example:** If you have an office that uses the subnet `192.0.2.0/24` you could use a `caseCondition` expression `query.client.subnet in ('192.0.2.0/24')` to define a case that matches queries from that office. + * `case_condition` - An expression that uses conditions at the time of a DNS query to indicate whether a case matches. Conditions may include the geographical location, IP subnet, or ASN the DNS query originated. **Example:** If you have an office that uses the subnet `192.0.2.0/24` you could use a `caseCondition` expression `query.client.address in ('192.0.2.0/24')` to define a case that matches queries from that office. * `count` - The number of answers allowed to remain after the limit rule has been processed, keeping only the first of the remaining answers in the list. Example: If the `count` property is set to `2` and four answers remain before the limit rule is processed, only the first two answers in the list will remain after the limit rule has been processed. * `default_answer_data` - Defines a default set of answer conditions and values that are applied to an answer when `cases` is not defined for the rule, or a matching case does not have any matching `answerCondition`s in its `answerData`. `defaultAnswerData` is not applied if `cases` is defined and there are no matching cases. In this scenario, the next rule will be processed. * `answer_condition` - An expression that is used to select a set of answers that match a condition. For example, answers with matching pool properties. diff --git a/website/docs/d/dns_view.html.markdown b/website/docs/d/dns_view.html.markdown index bcad8b8e014..dc7081f3502 100644 --- a/website/docs/d/dns_view.html.markdown +++ b/website/docs/d/dns_view.html.markdown @@ -10,9 +10,11 @@ description: |- # Data Source: oci_dns_view This data source provides details about a specific View resource in Oracle Cloud Infrastructure DNS service. -Gets information about a specific view. Note that attempting to get a +Gets information about a specific view. + +Note that attempting to get a view in the DELETED lifecycleState will result in a `404` response to be -consistent with other operations of the API. Requires a `PRIVATE` scope query parameter. +consistent with other operations of the API. ## Example Usage diff --git a/website/docs/d/dns_views.html.markdown b/website/docs/d/dns_views.html.markdown index a51bbab1d00..5961e4f9dd8 100644 --- a/website/docs/d/dns_views.html.markdown +++ b/website/docs/d/dns_views.html.markdown @@ -10,12 +10,12 @@ description: |- # Data Source: oci_dns_views This data source provides the list of Views in Oracle Cloud Infrastructure DNS service. -Gets a list of all views within a compartment. The collection can -be filtered by display name, id, or lifecycle state. It can be sorted -on creation time or displayName both in ASC or DESC order. Note that -when no lifecycleState query parameter is provided, the collection -does not include views in the DELETED lifecycleState to be consistent -with other operations of the API. Requires a `PRIVATE` scope query parameter. +Gets a list of all views within a compartment. + +The collection can be filtered by display name, id, or lifecycle state. It can be sorted +on creation time or displayName both in ASC or DESC order. Note that when no lifecycleState +query parameter is provided, the collection does not include views in the DELETED +lifecycleState to be consistent with other operations of the API. ## Example Usage diff --git a/website/docs/d/dns_zones.html.markdown b/website/docs/d/dns_zones.html.markdown index 11bf6d53868..1c7db678a2e 100644 --- a/website/docs/d/dns_zones.html.markdown +++ b/website/docs/d/dns_zones.html.markdown @@ -10,10 +10,11 @@ description: |- # Data Source: oci_dns_zones This data source provides the list of Zones in Oracle Cloud Infrastructure DNS service. -Gets a list of all zones in the specified compartment. The collection -can be filtered by name, time created, scope, associated view, and zone type. -Additionally, for Private DNS, the `scope` query parameter is required when -listing private zones. +Gets a list of all zones in the specified compartment. + +The collection can be filtered by name, time created, scope, associated view, and zone type. +Filtering by view is only supported for private zones. + ## Example Usage @@ -23,6 +24,7 @@ data "oci_dns_zones" "test_zones" { compartment_id = var.compartment_id #Optional + dnssec_state = var.zone_dnssec_state name = var.zone_name name_contains = var.zone_name_contains scope = var.zone_scope @@ -40,10 +42,10 @@ data "oci_dns_zones" "test_zones" { The following arguments are supported: * `compartment_id` - (Required) The OCID of the compartment the resource belongs to. +* `dnssec_state` - (Optional) Search for zones that have the given `DnssecState`. * `name` - (Optional) A case-sensitive filter for zone names. Will match any zone with a name that equals the provided value. * `name_contains` - (Optional) Search by zone name. Will match any zone whose name (case-insensitive) contains the provided value. -* `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. This value will be null -for zones in the global DNS and `PRIVATE` when listing private zones. +* `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. * `sort_by` - (Optional) The field by which to sort zones. Allowed values are: name|zoneType|timeCreated * `sort_order` - The order to sort the resources. Allowed values are: ASC|DESC * `state` - (Optional) The state of a resource. @@ -67,7 +69,82 @@ The following attributes are exported: * `compartment_id` - The OCID of the compartment containing the zone. * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). - **Example:** `{"Operations.CostCenter": "42"}` + **Example:** `{"Operations": {"CostCenter": "42"}}` +* `dnssec_config` - DNSSEC configuration data. + + A zone may have a maximum of 10 `DnssecKeyVersions`, regardless of signing key type. + * `ksk_dnssec_key_versions` - A read-only array of key signing key (KSK) versions. + * `algorithm` - The signing algorithm used for the key. + * `ds_data` - An array of data for DS records corresponding with this key version. An entry will exist for each supported DS digest algorithm. + * `digest_type` - The type of the digest associated with the rdata. + * `rdata` - Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, see [Supported DNS Resource Record Types](https://docs.cloud.oracle.com/iaas/Content/DNS/Reference/supporteddnsresource.htm) + * `key_tag` - The key tag associated with the `DnssecKeyVersion`. This key tag will be present in the RRSIG and DS records associated with the key material for this `DnssecKeyVersion`. For more information about key tags, see [RFC 4034](https://tools.ietf.org/html/rfc4034). + * `length_in_bytes` - The length of the corresponding private key in bytes, expressed as an integer. + * `predecessor_dnssec_key_version_uuid` - When populated, this is the UUID of the `DnssecKeyVersion` that this `DnssecKeyVersion` will replace or has replaced. + * `successor_dnssec_key_version_uuid` - When populated, this is the UUID of the `DnssecKeyVersion` that will replace, or has replaced, this `DnssecKeyVersion`. + * `time_activated` - The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_created` - The date and time the key version was created, expressed in RFC 3339 timestamp format. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_expired` - The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if `PromoteZoneDnssecKeyVersion` has not been called on this `DnssecKeyVersion`'s successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_inactivated` - The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) `DnssecKeyVersion`, this is populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_promoted` - The date and time the key version was promoted expressed in RFC 3339 timestamp format. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_published` - The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_unpublished` - The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) `DnssecKeyVersion`, this is populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + + **Example:** `2016-07-22T17:23:59:00Z` + * `uuid` - The UUID of the `DnssecKeyVersion`. + * `zsk_dnssec_key_versions` - A read-only array of zone signing key (ZSK) versions. + * `algorithm` - The signing algorithm used for the key. + * `key_tag` - The key tag associated with the `DnssecKeyVersion`. This key tag will be present in the RRSIG and DS records associated with the key material for this `DnssecKeyVersion`. For more information about key tags, see [RFC 4034](https://tools.ietf.org/html/rfc4034). + * `length_in_bytes` - The length of the corresponding private key in bytes, expressed as an integer. + * `predecessor_dnssec_key_version_uuid` - When populated, this is the UUID of the `DnssecKeyVersion` that this `DnssecKeyVersion` will replace or has replaced. + * `successor_dnssec_key_version_uuid` - When populated, this is the UUID of the `DnssecKeyVersion` that will replace, or has replaced, this `DnssecKeyVersion`. + * `time_activated` - The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_created` - The date and time the key version was created, expressed in RFC 3339 timestamp format. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_expired` - The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if `PromoteZoneDnssecKeyVersion` has not been called on this `DnssecKeyVersion`'s successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_inactivated` - The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) `DnssecKeyVersion`, this is populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_promoted` - The date and time the key version was promoted expressed in RFC 3339 timestamp format. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_published` - The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_unpublished` - The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) `DnssecKeyVersion`, this is populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + + **Example:** `2016-07-22T17:23:59:00Z` + * `uuid` - The UUID of the `DnssecKeyVersion`. +* `dnssec_state` - The state of DNSSEC on the zone. + + For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain (or an independent trust anchor) must also have DNSSEC correctly set up. After enabling DNSSEC, you must add a DS record to the zone's parent zone containing the `KskDnssecKeyVersion` data. You can find the DS data in the `dsData` attribute of the `KskDnssecKeyVersion`. Then, use the `PromoteZoneDnssecKeyVersion` operation to promote the `KskDnssecKeyVersion`. + + New `KskDnssecKeyVersion`s are generated annually, a week before the existing `KskDnssecKeyVersion`'s expiration. To rollover a `KskDnssecKeyVersion`, you must replace the parent zone's DS record containing the old `KskDnssecKeyVersion` data with the data from the new `KskDnssecKeyVersion`. + + To remove the old DS record without causing service disruption, wait until the old DS record's TTL has expired, and the new DS record has propagated. After the DS replacement has been completed, then the `PromoteZoneDnssecKeyVersion` operation must be called. + + Metrics are emitted in the `oci_dns` namespace daily for each `KskDnssecKeyVersion` indicating how many days are left until expiration. We recommend that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the necessary parent zone updates can be made and the `PromoteZoneDnssecKeyVersion` operation can be called. + + Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency. + + For more information, see [DNSSEC](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). * `external_downstreams` - External secondary servers for the zone. This field is currently not supported when `zoneType` is `SECONDARY` or `scope` is `PRIVATE`. * `address` - The server's IP address (IPv4 or IPv6). * `port` - The server's port. Port value must be a value of 53, otherwise omit the port value. diff --git a/website/docs/d/golden_gate_deployment.html.markdown b/website/docs/d/golden_gate_deployment.html.markdown index d4d1903f317..cd82b93b1d9 100644 --- a/website/docs/d/golden_gate_deployment.html.markdown +++ b/website/docs/d/golden_gate_deployment.html.markdown @@ -33,6 +33,7 @@ The following arguments are supported: The following attributes are exported: +* `category` - The deployment category defines the broad separation of the deployment type into three categories. Currently the separation is 'DATA_REPLICATION', 'STREAM_ANALYTICS' and 'DATA_TRANSFORMS'. * `compartment_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment being referenced. * `cpu_core_count` - The Minimum number of OCPUs to be made available for this Deployment. * `defined_tags` - Tags defined for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` @@ -48,6 +49,7 @@ The following attributes are exported: * `deployment_url` - The URL of a resource. * `description` - Metadata about this specific object. * `display_name` - An object's Display Name. +* `environment_type` - Specifies whether the deployment is used in a production or development/testing environment. * `fqdn` - A three-label Fully Qualified Domain Name (FQDN) for a resource. * `freeform_tags` - A simple key-value pair that is applied without any predefined name, type, or scope. Exists for cross-compatibility only. Example: `{"bar-key": "value"}` * `id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the deployment being referenced. @@ -57,7 +59,7 @@ The following attributes are exported: * `is_healthy` - True if all of the aggregate resources are working correctly. * `is_latest_version` - Indicates if the resource is the the latest available version. * `is_public` - True if this object is publicly available. -* `is_storage_utilization_limit_exceeded` - Indicator will be true if the amount of storage being utilized exceeds the allowable storage utilization limit. Exceeding the limit may be an indication of a misconfiguration of the deployment's GoldenGate service. +* `is_storage_utilization_limit_exceeded` - Deprecated: This field is not updated and will be removed in future versions. If storage utilization exceeds the limit, the respective warning message will appear in deployment messages, which can be accessed through /messages?deploymentId=. Indicator will be true if the amount of storage being utilized exceeds the allowable storage utilization limit. Exceeding the limit may be an indication of a misconfiguration of the deployment's GoldenGate service. * `license_model` - The Oracle license model that applies to a Deployment. * `lifecycle_details` - Describes the object's current state in detail. For example, it can be used to provide actionable information for a resource in a Failed state. * `lifecycle_sub_state` - Possible GGS lifecycle sub-states. @@ -85,6 +87,11 @@ The following attributes are exported: * `certificate` - The base64 encoded content of the PEM file containing the SSL certificate. * `credential_store` - The type of credential store for OGG. * `deployment_name` - The name given to the GoldenGate service deployment. The name must be 1 to 32 characters long, must contain only alphanumeric characters and must start with a letter. + * `group_to_roles_mapping` - Defines the IDP Groups to GoldenGate roles mapping. This field is used only for IAM deployment and does not have any impact on non-IAM deployments. For IAM deployment, when user does not specify this mapping, then it has null value and default mapping is used. User belonging to each group can only perform the actions according to the role the respective group is mapped to. + * `administrator_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role administratorGroup. It grants full access to the user, including the ability to alter general, non-security related operational parameters and profiles of the server. + * `operator_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role operatorGroup. It allows users to perform only operational actions, like starting and stopping resources. Operators cannot alter the operational parameters or profiles of the MA server. + * `security_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role securityGroup. It grants administration of security related objects and invoke security related service requests. This role has full privileges. + * `user_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role userGroup. It allows information-only service requests, which do not alter or affect the operation of either the MA. Examples of query and read-only information include performance metric information and resource status and monitoring information * `identity_domain_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Identity Domain when IAM credential store is used. * `ogg_version` - Version of OGG * `password_secret_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Secret where the deployment password is stored. diff --git a/website/docs/d/golden_gate_deployment_environments.html.markdown b/website/docs/d/golden_gate_deployment_environments.html.markdown new file mode 100644 index 00000000000..567b6ec374a --- /dev/null +++ b/website/docs/d/golden_gate_deployment_environments.html.markdown @@ -0,0 +1,53 @@ +--- +subcategory: "Golden Gate" +layout: "oci" +page_title: "Oracle Cloud Infrastructure: oci_golden_gate_deployment_environments" +sidebar_current: "docs-oci-datasource-golden_gate-deployment_environments" +description: |- + Provides the list of Deployment Environments in Oracle Cloud Infrastructure Golden Gate service +--- + +# Data Source: oci_golden_gate_deployment_environments +This data source provides the list of Deployment Environments in Oracle Cloud Infrastructure Golden Gate service. + +Returns an array of DeploymentEnvironmentDescriptor + + +## Example Usage + +```hcl +data "oci_golden_gate_deployment_environments" "test_deployment_environments" { + #Required + compartment_id = var.compartment_id +} +``` + +## Argument Reference + +The following arguments are supported: + +* `compartment_id` - (Required) The OCID of the compartment that contains the work request. Work requests should be scoped to the same compartment as the resource the work request affects. If the work request concerns multiple resources, and those resources are not in the same compartment, it is up to the service team to pick the primary resource whose compartment should be used. + + +## Attributes Reference + +The following attributes are exported: + +* `deployment_environment_collection` - The list of deployment_environment_collection. + +### DeploymentEnvironment Reference + +The following attributes are exported: + +* `items` - Array of DeploymentEnvironmentSummary objects. + * `category` - The deployment category defines the broad separation of the deployment type into three categories. Currently the separation is 'DATA_REPLICATION', 'STREAM_ANALYTICS' and 'DATA_TRANSFORMS'. + * `default_cpu_core_count` - The default CPU core count. + * `display_name` - An object's Display Name. + * `environment_type` - Specifies whether the deployment is used in a production or development/testing environment. + * `is_auto_scaling_enabled_by_default` - Specifies whether the "Auto scaling" option should be enabled by default or not. + * `max_cpu_core_count` - The maximum CPU core count. + * `memory_per_ocpu_in_gbs` - The multiplier value between CPU core count and memory size. + * `min_cpu_core_count` - The minimum CPU core count. + * `network_bandwidth_per_ocpu_in_gbps` - The multiplier value between CPU core count and network bandwidth. + * `storage_usage_limit_per_ocpu_in_gbs` - The multiplier value between CPU core count and storage usage limit size. + diff --git a/website/docs/d/golden_gate_deployments.html.markdown b/website/docs/d/golden_gate_deployments.html.markdown index fe1b1b286d6..b3a4c686ebe 100644 --- a/website/docs/d/golden_gate_deployments.html.markdown +++ b/website/docs/d/golden_gate_deployments.html.markdown @@ -55,6 +55,7 @@ The following attributes are exported: The following attributes are exported: +* `category` - The deployment category defines the broad separation of the deployment type into three categories. Currently the separation is 'DATA_REPLICATION', 'STREAM_ANALYTICS' and 'DATA_TRANSFORMS'. * `compartment_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment being referenced. * `cpu_core_count` - The Minimum number of OCPUs to be made available for this Deployment. * `defined_tags` - Tags defined for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` @@ -70,6 +71,7 @@ The following attributes are exported: * `deployment_url` - The URL of a resource. * `description` - Metadata about this specific object. * `display_name` - An object's Display Name. +* `environment_type` - Specifies whether the deployment is used in a production or development/testing environment. * `fqdn` - A three-label Fully Qualified Domain Name (FQDN) for a resource. * `freeform_tags` - A simple key-value pair that is applied without any predefined name, type, or scope. Exists for cross-compatibility only. Example: `{"bar-key": "value"}` * `id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the deployment being referenced. @@ -79,7 +81,7 @@ The following attributes are exported: * `is_healthy` - True if all of the aggregate resources are working correctly. * `is_latest_version` - Indicates if the resource is the the latest available version. * `is_public` - True if this object is publicly available. -* `is_storage_utilization_limit_exceeded` - Indicator will be true if the amount of storage being utilized exceeds the allowable storage utilization limit. Exceeding the limit may be an indication of a misconfiguration of the deployment's GoldenGate service. +* `is_storage_utilization_limit_exceeded` - Deprecated: This field is not updated and will be removed in future versions. If storage utilization exceeds the limit, the respective warning message will appear in deployment messages, which can be accessed through /messages?deploymentId=. Indicator will be true if the amount of storage being utilized exceeds the allowable storage utilization limit. Exceeding the limit may be an indication of a misconfiguration of the deployment's GoldenGate service. * `license_model` - The Oracle license model that applies to a Deployment. * `lifecycle_details` - Describes the object's current state in detail. For example, it can be used to provide actionable information for a resource in a Failed state. * `lifecycle_sub_state` - Possible GGS lifecycle sub-states. @@ -107,6 +109,11 @@ The following attributes are exported: * `certificate` - The base64 encoded content of the PEM file containing the SSL certificate. * `credential_store` - The type of credential store for OGG. * `deployment_name` - The name given to the GoldenGate service deployment. The name must be 1 to 32 characters long, must contain only alphanumeric characters and must start with a letter. + * `group_to_roles_mapping` - Defines the IDP Groups to GoldenGate roles mapping. This field is used only for IAM deployment and does not have any impact on non-IAM deployments. For IAM deployment, when user does not specify this mapping, then it has null value and default mapping is used. User belonging to each group can only perform the actions according to the role the respective group is mapped to. + * `administrator_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role administratorGroup. It grants full access to the user, including the ability to alter general, non-security related operational parameters and profiles of the server. + * `operator_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role operatorGroup. It allows users to perform only operational actions, like starting and stopping resources. Operators cannot alter the operational parameters or profiles of the MA server. + * `security_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role securityGroup. It grants administration of security related objects and invoke security related service requests. This role has full privileges. + * `user_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role userGroup. It allows information-only service requests, which do not alter or affect the operation of either the MA. Examples of query and read-only information include performance metric information and resource status and monitoring information * `identity_domain_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Identity Domain when IAM credential store is used. * `ogg_version` - Version of OGG * `password_secret_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Secret where the deployment password is stored. diff --git a/website/docs/guides/resource_discovery.html.markdown b/website/docs/guides/resource_discovery.html.markdown index 06966f3ac38..ac1963156ad 100644 --- a/website/docs/guides/resource_discovery.html.markdown +++ b/website/docs/guides/resource_discovery.html.markdown @@ -587,6 +587,13 @@ data_safe * oci\_data\_safe\_sdm\_masking\_policy\_difference * oci\_data\_safe\_calculate\_audit\_volume\_available * oci\_data\_safe\_calculate\_audit\_volume\_collected +* oci\_data\_safe\_generate\_on\_prem\_connector\_configuration +* oci\_data\_safe\_security\_policy\_deployment +* oci\_data\_safe\_security\_policy +* oci\_data\_safe\_database\_security\_config +* oci\_data\_safe\_sql\_firewall\_policy +* oci\_data\_safe\_sql\_collection +* oci\_data\_safe\_target\_database\_peer\_target\_database database diff --git a/website/docs/r/containerengine_cluster.html.markdown b/website/docs/r/containerengine_cluster.html.markdown index b4e08d848be..a8d023ac7f9 100644 --- a/website/docs/r/containerengine_cluster.html.markdown +++ b/website/docs/r/containerengine_cluster.html.markdown @@ -67,6 +67,31 @@ resource "oci_containerengine_cluster" "test_cluster" { pods_cidr = var.cluster_options_kubernetes_network_config_pods_cidr services_cidr = var.cluster_options_kubernetes_network_config_services_cidr } + open_id_connect_token_authentication_config { + #Required + is_open_id_connect_auth_enabled = var.cluster_options_open_id_connect_token_authentication_config_is_open_id_connect_auth_enabled + + #Optional + ca_certificate = var.cluster_options_open_id_connect_token_authentication_config_ca_certificate + client_id = oci_containerengine_client.test_client.id + groups_claim = var.cluster_options_open_id_connect_token_authentication_config_groups_claim + groups_prefix = var.cluster_options_open_id_connect_token_authentication_config_groups_prefix + issuer_url = var.cluster_options_open_id_connect_token_authentication_config_issuer_url + required_claims { + + #Optional + key = var.cluster_options_open_id_connect_token_authentication_config_required_claims_key + value = var.cluster_options_open_id_connect_token_authentication_config_required_claims_value + } + signing_algorithms = var.cluster_options_open_id_connect_token_authentication_config_signing_algorithms + username_claim = var.cluster_options_open_id_connect_token_authentication_config_username_claim + username_prefix = var.cluster_options_open_id_connect_token_authentication_config_username_prefix + } + open_id_connect_discovery { + + #Optional + is_open_id_connect_discovery_enabled = var.cluster_options_open_id_connect_discovery_is_open_id_connect_discovery_enabled + } persistent_volume_config { #Optional @@ -114,6 +139,21 @@ The following arguments are supported: * `kubernetes_network_config` - (Optional) Network configuration for Kubernetes. * `pods_cidr` - (Optional) The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16. * `services_cidr` - (Optional) The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16. + * `open_id_connect_token_authentication_config` - (Optional) (Updatable) The properties that configure OIDC token authentication in kube-apiserver. For more information, see [Configuring the API Server](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#using-flags). + * `ca_certificate` - (Optional) (Updatable) A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate. + * `client_id` - (Optional) (Updatable) A client id that all tokens must be issued for. + * `groups_claim` - (Optional) (Updatable) JWT claim to use as the user's group. If the claim is present it must be an array of strings. + * `groups_prefix` - (Optional) (Updatable) Prefix prepended to group claims to prevent clashes with existing names (such as system:groups). + * `is_open_id_connect_auth_enabled` - (Required) (Updatable) Whether the cluster has OIDC Auth Config enabled. Defaults to false. + * `issuer_url` - (Optional) (Updatable) URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path. + * `required_claims` - (Optional) (Updatable) A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims. + * `key` - (Optional) (Updatable) The key of the pair. + * `value` - (Optional) (Updatable) The value of the pair. + * `signing_algorithms` - (Optional) (Updatable) The signing algorithms accepted. Default is ["RS256"]. + * `username_claim` - (Optional) (Updatable) JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins. + * `username_prefix` - (Optional) (Updatable) Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing. + * `open_id_connect_discovery` - (Optional) (Updatable) The property that define the status of the OIDC Discovery feature for a cluster. + * `is_open_id_connect_discovery_enabled` - (Optional) (Updatable) Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint. * `persistent_volume_config` - (Optional) (Updatable) Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC) * `defined_tags` - (Optional) (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` * `freeform_tags` - (Optional) (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` @@ -167,6 +207,7 @@ The following attributes are exported: * `updated_by_user_id` - The user who updated the cluster. * `updated_by_work_request_id` - The OCID of the work request which updated the cluster. * `name` - The name of the cluster. +* `open_id_connect_discovery_endpoint` - The cluster-specific OpenID Connect Discovery endpoint * `options` - Optional attributes for the cluster. * `add_ons` - Configurable cluster add-ons * `is_kubernetes_dashboard_enabled` - Whether or not to enable the Kubernetes Dashboard add-on. @@ -176,6 +217,21 @@ The following attributes are exported: * `kubernetes_network_config` - Network configuration for Kubernetes. * `pods_cidr` - The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16. * `services_cidr` - The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16. + * `open_id_connect_token_authentication_config` - The properties that configure OIDC token authentication in kube-apiserver. For more information, see [Configuring the API Server](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#using-flags). + * `ca_certificate` - A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate. + * `client_id` - A client id that all tokens must be issued for. + * `groups_claim` - JWT claim to use as the user's group. If the claim is present it must be an array of strings. + * `groups_prefix` - Prefix prepended to group claims to prevent clashes with existing names (such as system:groups). + * `is_open_id_connect_auth_enabled` - Whether the cluster has OIDC Auth Config enabled. Defaults to false. + * `issuer_url` - URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path. + * `required_claims` - A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims. + * `key` - The key of the pair. + * `value` - The value of the pair. + * `signing_algorithms` - The signing algorithms accepted. Default is ["RS256"]. + * `username_claim` - JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins. + * `username_prefix` - Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing. + * `open_id_connect_discovery` - The property that define the status of the OIDC Discovery feature for a cluster. + * `is_open_id_connect_discovery_enabled` - Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint. * `persistent_volume_config` - Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC) * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` * `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` diff --git a/website/docs/r/core_boot_volume.html.markdown b/website/docs/r/core_boot_volume.html.markdown index eccfcedc5b5..05739471884 100644 --- a/website/docs/r/core_boot_volume.html.markdown +++ b/website/docs/r/core_boot_volume.html.markdown @@ -24,8 +24,13 @@ resource "oci_core_boot_volume" "test_boot_volume" { compartment_id = var.compartment_id source_details { #Required - id = var.boot_volume_source_details_id type = var.boot_volume_source_details_type + + #Optional + change_block_size_in_bytes = var.boot_volume_source_details_change_block_size_in_bytes + first_backup_id = oci_database_backup.test_backup.id + id = var.boot_volume_source_details_id + second_backup_id = oci_database_backup.test_backup.id } #Optional @@ -44,6 +49,7 @@ resource "oci_core_boot_volume" "test_boot_volume" { #Optional display_name = var.boot_volume_boot_volume_replicas_display_name + xrr_kms_key_id = oci_kms_key.test_key.id } cluster_placement_group_id = oci_identity_group.test_group.id defined_tags = {"Operations.CostCenter"= "42"} @@ -53,7 +59,9 @@ resource "oci_core_boot_volume" "test_boot_volume" { kms_key_id = oci_kms_key.test_key.id size_in_gbs = var.boot_volume_size_in_gbs vpus_per_gb = var.boot_volume_vpus_per_gb - boot_volume_replicas_deletion = true + xrc_kms_key_id = oci_kms_key.test_key.id + boot_volume_replicas_deletion = true + } ``` @@ -69,6 +77,7 @@ The following arguments are supported: * `boot_volume_replicas` - (Optional) (Updatable) The list of boot volume replicas to be enabled for this boot volume in the specified destination availability domains. * `availability_domain` - (Required) (Updatable) The availability domain of the boot volume replica. Example: `Uocm:PHX-AD-1` * `display_name` - (Optional) (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. + * `xrr_kms_key_id` - (Optional) (Updatable) The OCID of the Vault service key which is the master encryption key for the cross region boot volume replicas, which will be used in the destination region to encrypt the boot volume replica's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `cluster_placement_group_id` - (Optional) The clusterPlacementGroup Id of the volume for volume placement. * `compartment_id` - (Required) (Updatable) The OCID of the compartment that contains the boot volume. * `defined_tags` - (Optional) (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` @@ -78,8 +87,11 @@ The following arguments are supported: * `kms_key_id` - (Optional) (Updatable) The OCID of the Vault service key to assign as the master encryption key for the boot volume. * `size_in_gbs` - (Optional) (Updatable) The size of the volume in GBs. * `source_details` - (Required) - * `id` - (Required) The OCID of the boot volume replica. - * `type` - (Required) The type can be one of these values: `bootVolume`, `bootVolumeBackup`, `bootVolumeReplica` + * `change_block_size_in_bytes` - (Applicable when type=bootVolumeBackupDelta) Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + * `first_backup_id` - (Required when type=bootVolumeBackupDelta) The OCID of the first boot volume backup. + * `id` - (Required when type=bootVolume | bootVolumeBackup | bootVolumeReplica) The OCID of the boot volume replica. + * `second_backup_id` - (Required when type=bootVolumeBackupDelta) The OCID of the second boot volume backup. + * `type` - (Required) The type can be one of these values: `bootVolume`, `bootVolumeBackup`, `bootVolumeBackupDelta`, `bootVolumeReplica` * `vpus_per_gb` - (Optional) (Updatable) The number of volume performance units (VPUs) that will be applied to this volume per GB, representing the Block Volume service's elastic performance options. See [Block Volume Performance Levels](https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) for more information. Allowed values: @@ -88,6 +100,7 @@ The following arguments are supported: * `30`-`120`: Represents the Ultra High Performance option. For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. +* `xrc_kms_key_id` - (Optional) The OCID of the Vault service key which is the master encryption key for the boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). ** IMPORTANT ** @@ -106,6 +119,7 @@ The following attributes are exported: * `availability_domain` - The availability domain of the boot volume replica. Example: `Uocm:PHX-AD-1` * `boot_volume_replica_id` - The boot volume replica's Oracle ID (OCID). * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. + * `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `cluster_placement_group_id` - The clusterPlacementGroup Id of the volume for volume placement. * `compartment_id` - The OCID of the compartment that contains the boot volume. * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` @@ -119,8 +133,11 @@ The following attributes are exported: * `size_in_gbs` - The size of the boot volume in GBs. * `size_in_mbs` - The size of the volume in MBs. The value must be a multiple of 1024. This field is deprecated. Please use `size_in_gbs`. * `source_details` - + * `change_block_size_in_bytes` - Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + * `first_backup_id` - The OCID of the first boot volume backup. * `id` - The OCID of the boot volume replica. - * `type` - The type can be one of these values: `bootVolume`, `bootVolumeBackup`, `bootVolumeReplica` + * `second_backup_id` - The OCID of the second boot volume backup. + * `type` - The type can be one of these values: `bootVolume`, `bootVolumeBackup`, `bootVolumeBackupDelta`, `bootVolumeReplica` * `state` - The current state of a boot volume. * `system_tags` - System tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` * `time_created` - The date and time the boot volume was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339). diff --git a/website/docs/r/core_instance_configuration.html.markdown b/website/docs/r/core_instance_configuration.html.markdown index f2bf8ab0c58..d327f32433d 100644 --- a/website/docs/r/core_instance_configuration.html.markdown +++ b/website/docs/r/core_instance_configuration.html.markdown @@ -80,6 +80,7 @@ resource "oci_core_instance_configuration" "test_instance_configuration" { id = var.instance_configuration_instance_details_block_volumes_create_details_source_details_id } vpus_per_gb = var.instance_configuration_instance_details_block_volumes_create_details_vpus_per_gb + xrc_kms_key_id = oci_kms_key.test_key.id } volume_id = oci_core_volume.test_volume.id } @@ -261,6 +262,7 @@ resource "oci_core_instance_configuration" "test_instance_configuration" { id = var.instance_configuration_instance_details_options_block_volumes_create_details_source_details_id } vpus_per_gb = var.instance_configuration_instance_details_options_block_volumes_create_details_vpus_per_gb + xrc_kms_key_id = oci_kms_key.test_key.id } volume_id = oci_core_volume.test_volume.id } @@ -477,7 +479,6 @@ The following arguments are supported: * `block_volume_replicas` - (Applicable when instance_type=compute) The list of block volume replicas to be enabled for this volume in the specified destination availability domains. * `availability_domain` - (Required when instance_type=compute) The availability domain of the block volume replica. Example: `Uocm:PHX-AD-1` * `display_name` - (Applicable when instance_type=compute) The display name of the block volume replica. You may optionally specify a *display name* for the block volume replica, otherwise a default is provided. - * `cluster_placement_group_id` - (Applicable when instance_type=compute) The clusterPlacementGroup Id of the volume for volume placement. * `compartment_id` - (Applicable when instance_type=compute) The OCID of the compartment that contains the volume. * `defined_tags` - (Applicable when instance_type=compute) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` * `display_name` - (Applicable when instance_type=compute) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. @@ -497,6 +498,7 @@ The following arguments are supported: * `30`-`120`: Represents the Ultra High Performance option. For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + * `xrc_kms_key_id` - (Applicable when instance_type=compute) The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_id` - (Applicable when instance_type=compute) The OCID of the volume. * `instance_type` - (Required) The type of instance details. Supported instanceType is compute * `launch_details` - (Applicable when instance_type=compute) Instance launch details for creating an instance from an instance configuration. Use the `sourceDetails` parameter to specify whether a boot volume or an image should be used to launch a new instance. @@ -732,8 +734,8 @@ The following arguments are supported: * `10`: Represents Balanced option. * `20`: Represents Higher Performance option. * `30`-`120`: Represents the Ultra High Performance option. - - For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + * `xrc_kms_key_id` - (Applicable when instance_type=instance_options) The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_id` - (Applicable when instance_type=instance_options) The OCID of the volume. * `launch_details` - (Applicable when instance_type=instance_options) Instance launch details for creating an instance from an instance configuration. Use the `sourceDetails` parameter to specify whether a boot volume or an image should be used to launch a new instance. @@ -1008,7 +1010,6 @@ The following attributes are exported: * `block_volume_replicas` - The list of block volume replicas to be enabled for this volume in the specified destination availability domains. * `availability_domain` - The availability domain of the block volume replica. Example: `Uocm:PHX-AD-1` * `display_name` - The display name of the block volume replica. You may optionally specify a *display name* for the block volume replica, otherwise a default is provided. - * `cluster_placement_group_id` - The clusterPlacementGroup Id of the volume for volume placement. * `compartment_id` - The OCID of the compartment that contains the volume. * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. @@ -1028,7 +1029,7 @@ The following attributes are exported: * `30`-`120`: Represents the Ultra High Performance option. For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. - + * `xrc_kms_key_id` - The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_id` - The OCID of the volume. * `instance_type` - The type of instance details. Supported instanceType is compute * `launch_details` - Instance launch details for creating an instance from an instance configuration. Use the `sourceDetails` parameter to specify whether a boot volume or an image should be used to launch a new instance. @@ -1256,8 +1257,8 @@ The following attributes are exported: * `10`: Represents Balanced option. * `20`: Represents Higher Performance option. * `30`-`120`: Represents the Ultra High Performance option. - - For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. + * `xrc_kms_key_id` - The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_id` - The OCID of the volume. * `launch_details` - Instance launch details for creating an instance from an instance configuration. Use the `sourceDetails` parameter to specify whether a boot volume or an image should be used to launch a new instance. @@ -1499,4 +1500,4 @@ InstanceConfigurations can be imported using the `id`, e.g. ``` $ terraform import oci_core_instance_configuration.test_instance_configuration "id" -``` \ No newline at end of file +``` diff --git a/website/docs/r/core_volume.html.markdown b/website/docs/r/core_volume.html.markdown index baebf9bd006..0d599b543ef 100644 --- a/website/docs/r/core_volume.html.markdown +++ b/website/docs/r/core_volume.html.markdown @@ -49,6 +49,7 @@ resource "oci_core_volume" "test_volume" { #Optional display_name = var.volume_block_volume_replicas_display_name + xrr_kms_key_id = oci_kms_key.test_key.id } cluster_placement_group_id = oci_identity_group.test_group.id defined_tags = {"Operations.CostCenter"= "42"} @@ -60,11 +61,18 @@ resource "oci_core_volume" "test_volume" { size_in_mbs = var.volume_size_in_mbs source_details { #Required - id = var.volume_source_details_id type = var.volume_source_details_type + + #Optional + change_block_size_in_bytes = var.volume_source_details_change_block_size_in_bytes + first_backup_id = oci_database_backup.test_backup.id + id = var.volume_source_details_id + second_backup_id = oci_database_backup.test_backup.id } vpus_per_gb = var.volume_vpus_per_gb - block_volume_replicas_deletion = true + xrc_kms_key_id = oci_kms_key.test_key.id + block_volume_replicas_deletion = true + } ``` @@ -81,6 +89,7 @@ The following arguments are supported: * `availability_domain` - (Required) (Updatable) The availability domain of the block volume replica. Example: `Uocm:PHX-AD-1` * `display_name` - (Optional) (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. * `cluster_placement_group_id` - (Optional) The clusterPlacementGroup Id of the volume for volume placement. + * `xrr_kms_key_id` - (Optional) (Updatable) The OCID of the Vault service key which is the master encryption key for the cross region block volume replicas, which will be used in the destination region to encrypt the block volume replica's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `compartment_id` - (Required) (Updatable) The OCID of the compartment that contains the volume. * `defined_tags` - (Optional) (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` * `display_name` - (Optional) (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. @@ -88,10 +97,13 @@ The following arguments are supported: * `is_auto_tune_enabled` - (Optional) (Updatable) Specifies whether the auto-tune performance is enabled for this volume. This field is deprecated. Use the `DetachedVolumeAutotunePolicy` instead to enable the volume for detached autotune. * `kms_key_id` - (Optional) (Updatable) The OCID of the Vault service key to assign as the master encryption key for the volume. * `size_in_gbs` - (Optional) (Updatable) The size of the volume in GBs. -* `size_in_mbs` - (Optional) The size of the volume in MBs. The value must be a multiple of 1024. This field is deprecated. Use `size_in_gbs` instead. -* `source_details` - (Optional) - * `id` - (Required) The OCID of the block volume replica. - * `type` - (Required) The type can be one of these values: `blockVolumeReplica`, `volume`, `volumeBackup` +* `size_in_mbs` - (Optional) The size of the volume in MBs. The value must be a multiple of 1024. This field is deprecated. Use sizeInGBs instead. +* `source_details` - (Optional) Specifies the volume source details for a new Block volume. The volume source is either another Block volume in the same Availability Domain or a Block volume backup. This is an optional field. If not specified or set to null, the new Block volume will be empty. When specified, the new Block volume will contain data from the source volume or backup. + * `change_block_size_in_bytes` - (Applicable when type=volumeBackupDelta) Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + * `first_backup_id` - (Required when type=volumeBackupDelta) The OCID of the first volume backup. + * `id` - (Required when type=blockVolumeReplica | volume | volumeBackup) The OCID of the block volume replica. + * `second_backup_id` - (Required when type=volumeBackupDelta) The OCID of the second volume backup. + * `type` - (Required) The type can be one of these values: `blockVolumeReplica`, `volume`, `volumeBackup`, `volumeBackupDelta` * `volume_backup_id` - (Optional) The OCID of the volume backup from which the data should be restored on the newly created volume. This field is deprecated. Use the sourceDetails field instead to specify the backup for the volume. * `vpus_per_gb` - (Optional) (Updatable) The number of volume performance units (VPUs) that will be applied to this volume per GB, representing the Block Volume service's elastic performance options. See [Block Volume Performance Levels](https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) for more information. @@ -102,6 +114,7 @@ The following arguments are supported: * `30`-`120`: Represents the Ultra High Performance option. For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. +* `xrc_kms_key_id` - (Optional) The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). ** IMPORTANT ** @@ -120,6 +133,7 @@ The following attributes are exported: * `availability_domain` - The availability domain of the block volume replica. Example: `Uocm:PHX-AD-1` * `block_volume_replica_id` - The block volume replica's Oracle ID (OCID). * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. + * `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `cluster_placement_group_id` - The clusterPlacementGroup Id of the volume for volume placement. * `compartment_id` - The OCID of the compartment that contains the volume. * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Operations.CostCenter": "42"}` @@ -130,10 +144,13 @@ The following attributes are exported: * `is_hydrated` - Specifies whether the cloned volume's data has finished copying from the source volume or backup. * `kms_key_id` - The OCID of the Vault service key which is the master encryption key for the volume. * `size_in_gbs` - The size of the volume in GBs. -* `size_in_mbs` - The size of the volume in MBs. This field is deprecated. Use `size_in_gbs` instead. -* `source_details` - - * `id` - The OCID of the block volume replica. - * `type` - The type can be one of these values: `blockVolumeReplica`, `volume`, `volumeBackup` +* `size_in_mbs` - The size of the volume in MBs. This field is deprecated. Use sizeInGBs instead. +* `source_details` - + * `change_block_size_in_bytes` - Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + * `first_backup_id` - The OCID of the first volume backup. + * `id` - The OCID of the block volume replica or volume backup. + * `second_backup_id` - The OCID of the second volume backup. + * `type` - The type can be one of these values: `blockVolumeReplica`, `volume`, `volumeBackup`, `volumeBackupDelta` * `state` - The current state of a volume. * `system_tags` - System tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` * `time_created` - The date and time the volume was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339). diff --git a/website/docs/r/core_volume_backup_policy_assignment.html.markdown b/website/docs/r/core_volume_backup_policy_assignment.html.markdown index 2933bc2df66..8c0556fc0e0 100644 --- a/website/docs/r/core_volume_backup_policy_assignment.html.markdown +++ b/website/docs/r/core_volume_backup_policy_assignment.html.markdown @@ -22,6 +22,9 @@ resource "oci_core_volume_backup_policy_assignment" "test_volume_backup_policy_a #Required asset_id = oci_core_volume.test_volume.id policy_id = oci_core_volume_backup_policy.test_volume_backup_policy.id + + #Optional + xrc_kms_key_id = oci_kms_key.test_key.id } ``` @@ -31,6 +34,7 @@ The following arguments are supported: * `asset_id` - (Required) The OCID of the volume or volume group to assign the policy to. * `policy_id` - (Required) The OCID of the volume backup policy to assign to the volume. +* `xrc_kms_key_id` - (Optional) The OCID of the Vault service key which is the master encryption key for the block / boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). ** IMPORTANT ** @@ -44,6 +48,7 @@ The following attributes are exported: * `id` - The OCID of the volume backup policy assignment. * `policy_id` - The OCID of the volume backup policy that has been assigned to the volume or volume group. For a volume group, only the **user defined** policy is allowed to use. For more information, see [Policy-Based Backups](https://docs.oracle.com/en-us/iaas/Content/Block/Tasks/schedulingvolumebackups.htm). * `time_created` - The date and time the volume backup policy was assigned to the volume. The format is defined by [RFC3339](https://tools.ietf.org/html/rfc3339). +* `xrc_kms_key_id` - The OCID of the Vault service key which is the master encryption key for the block / boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). ## Timeouts diff --git a/website/docs/r/core_volume_group.html.markdown b/website/docs/r/core_volume_group.html.markdown index ba71091e3fd..6c13d9ba4c6 100644 --- a/website/docs/r/core_volume_group.html.markdown +++ b/website/docs/r/core_volume_group.html.markdown @@ -45,8 +45,10 @@ resource "oci_core_volume_group" "test_volume_group" { #Optional display_name = var.volume_group_volume_group_replicas_display_name + xrr_kms_key_id = oci_kms_key.test_key.id } volume_ids = [var.volume_group_source_id] + xrc_kms_key_id = oci_kms_key.test_key.id } ``` @@ -70,6 +72,9 @@ The following arguments are supported: * `volume_group_replicas` - (Optional) (Updatable) The list of volume group replicas that this volume group will be enabled to have in the specified destination availability domains. * `availability_domain` - (Required) (Updatable) The availability domain of the volume group replica. Example: `Uocm:PHX-AD-1` * `display_name` - (Optional) (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. + * `xrr_kms_key_id` - (Optional) (Updatable) The OCID of the Vault service key which is the master encryption key for the cross region volume group's replicas, which will be used in the destination region to encrypt the volume group's replicas encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). +* `xrc_kms_key_id` - (Optional) The OCID of the Vault service key which is the master encryption key for the volume's cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. For more information about the Vault service and encryption keys, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + * `volume_ids` - (Optional) (Updatable) Use this for update operation only. This field is not supported during creation. For create use `volume_ids` under `source_details`. ** IMPORTANT ** @@ -99,6 +104,7 @@ The following attributes are exported: * `volume_group_replicas` - The list of volume group replicas of this volume group. * `availability_domain` - The availability domain of the boot volume replica replica. Example: `Uocm:PHX-AD-1` * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. + * `kms_key_id` - The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see [Overview of Vault service](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and [Using Keys](https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). * `volume_group_replica_id` - The volume group replica's Oracle ID (OCID). * `volume_ids` - OCIDs for the current volumes in this volume group. diff --git a/website/docs/r/data_safe_generate_on_prem_connector_configuration.html.markdown b/website/docs/r/data_safe_generate_on_prem_connector_configuration.html.markdown new file mode 100644 index 00000000000..2430340b85d --- /dev/null +++ b/website/docs/r/data_safe_generate_on_prem_connector_configuration.html.markdown @@ -0,0 +1,57 @@ +--- +subcategory: "Data Safe" +layout: "oci" +page_title: "Oracle Cloud Infrastructure: oci_data_safe_generate_on_prem_connector_configuration" +sidebar_current: "docs-oci-resource-data_safe-generate_on_prem_connector_configuration" +description: |- + Provides the Generate On Prem Connector Configuration resource in Oracle Cloud Infrastructure Data Safe service +--- + +# oci_data_safe_generate_on_prem_connector_configuration +This resource provides the Generate On Prem Connector Configuration resource in Oracle Cloud Infrastructure Data Safe service. + +Creates and downloads the configuration of the specified on-premises connector. + + +## Example Usage + +```hcl +resource "oci_data_safe_generate_on_prem_connector_configuration" "test_generate_on_prem_connector_configuration" { + #Required + on_prem_connector_id = oci_data_safe_on_prem_connector.test_on_prem_connector.id + password = var.generate_on_prem_connector_configuration_password +} +``` + +## Argument Reference + +The following arguments are supported: + +* `on_prem_connector_id` - (Required) The OCID of the on-premises connector. +* `password` - (Required) The password to encrypt the keys inside the wallet included as part of the configuration. The password must be between 12 and 30 characters long and must contain atleast 1 uppercase, 1 lowercase, 1 numeric, and 1 special character. + + +** IMPORTANT ** +Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values + +## Attributes Reference + +The following attributes are exported: + + +## Timeouts + +The `timeouts` block allows you to specify [timeouts](https://registry.terraform.io/providers/oracle/oci/latest/docs/guides/changing_timeouts) for certain operations: + * `create` - (Defaults to 20 minutes), when creating the Generate On Prem Connector Configuration + * `update` - (Defaults to 20 minutes), when updating the Generate On Prem Connector Configuration + * `delete` - (Defaults to 20 minutes), when destroying the Generate On Prem Connector Configuration + + +## Import + +GenerateOnPremConnectorConfiguration can be imported using the `id`, e.g. + +``` +$ terraform import oci_data_safe_generate_on_prem_connector_configuration.test_generate_on_prem_connector_configuration "id" +``` + diff --git a/website/docs/r/desktops_desktop_pool.html.markdown b/website/docs/r/desktops_desktop_pool.html.markdown index 2bc67f4a5e7..b85a1a06fba 100644 --- a/website/docs/r/desktops_desktop_pool.html.markdown +++ b/website/docs/r/desktops_desktop_pool.html.markdown @@ -20,7 +20,8 @@ resource "oci_desktops_desktop_pool" "test_desktop_pool" { are_privileged_users = var.desktop_pool_are_privileged_users availability_domain = var.desktop_pool_availability_domain availability_policy { - #Required + + #Optional start_schedule { #Required cron_expression = "0 10 8 ? * 2" @@ -78,12 +79,30 @@ resource "oci_desktops_desktop_pool" "test_desktop_pool" { ocpus = var.desktop_pool_shape_config_ocpus } private_access_details { - #Required - subnet_id = oci_core_subnet.test_subnet.id + #Required + subnet_id = oci_core_subnet.test_subnet.id + + #Optional + nsg_ids = var.desktop_pool_private_access_details_nsg_ids + private_ip = var.desktop_pool_private_access_details_private_ip + } + session_lifecycle_actions { #Optional - nsg_ids = var.desktop_pool_private_access_details_nsg_ids - private_ip = var.desktop_pool_private_access_details_private_ip + disconnect { + #Required + action = "STOP" + + #Optional + grace_period_in_minutes = var.desktop_pool_session_lifecycle_actions_disconnect_grace_period_in_minutes + } + inactivity { + #Required + action = "DISCONNECT" + + #Optional + grace_period_in_minutes = var.desktop_pool_session_lifecycle_actions_inactivity_grace_period_in_minutes + } } time_start_scheduled = var.desktop_pool_time_start_scheduled time_stop_scheduled = var.desktop_pool_time_stop_scheduled @@ -98,10 +117,10 @@ The following arguments are supported: * `are_privileged_users` - (Required) Indicates whether desktop pool users have administrative privileges on their desktop. * `availability_domain` - (Required) The availability domain of the desktop pool. * `availability_policy` - (Required) (Updatable) Provides the start and stop schedule information for desktop availability of the desktop pool. - * `start_schedule` - (Required) (Updatable) Provides the schedule information for a desktop. + * `start_schedule` - (Optional) (Updatable) Provides the schedule information for a desktop. * `cron_expression` - (Required) (Updatable) A cron expression describing the desktop's schedule. * `timezone` - (Required) (Updatable) The timezone of the desktop's schedule. - * `stop_schedule` - (Required) (Updatable) Provides the schedule information for a desktop. + * `stop_schedule` - (Optional) (Updatable) Provides the schedule information for a desktop. * `cron_expression` - (Required) (Updatable) A cron expression describing the desktop's schedule. * `timezone` - (Required) (Updatable) The timezone of the desktop's schedule. * `compartment_id` - (Required) (Updatable) The OCID of the compartment which will contain the desktop pool. @@ -134,14 +153,18 @@ The following arguments are supported: * `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. * `BASELINE_1_1` - baseline usage is the entire OCPU. This represents a non-burstable instance. * `memory_in_gbs` - (Optional) The total amount of memory available in gigabytes for each desktop compute instance in the desktop pool. - * `ocpus` - (Optional) The total number of OCPUs available for each desktop compute instance in the desktop pool. - * `subnet_id` - (Required) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. - * `vcn_id` - (Required) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. -* `nsg_ids` - (Optional) A list of network security groups for the private access. + * `ocpus` - (Optional) The total number of OCPUs available for each desktop compute instance in the desktop pool. * `private_access_details` - (Optional) The details of the desktop's private access network connectivity to be set up for the desktop pool. * `nsg_ids` - (Optional) A list of network security groups for the private access. * `private_ip` - (Optional) The IPv4 address from the provided Oracle Cloud Infrastructure subnet which needs to be assigned to the VNIC. If not provided, it will be auto-assigned with an available IPv4 address from the subnet. - * `subnet_id` - (Required) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. + * `subnet_id` - (Required) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the private subnet in the customer VCN where the connectivity will be established. +* `session_lifecycle_actions` - (Optional) The details of action to be triggered in case of inactivity or disconnect + * `disconnect` - (Optional) (Updatable) Action and grace period for disconnect + * `action` - (Required) (Updatable) a disconnect action to be triggered + * `grace_period_in_minutes` - (Optional) (Updatable) The period of time (in minutes) after disconnect before any action occurs. If the value is not provided, a default value is used. + * `inactivity` - (Optional) (Updatable) Action and grace period for inactivity + * `action` - (Required) (Updatable) an inactivity action to be triggered + * `grace_period_in_minutes` - (Optional) (Updatable) The period of time (in minutes) during which the session must remain inactive before any action occurs. If the value is not provided, a default value is used. * `shape_name` - (Required) The shape of the desktop pool. * `standby_size` - (Required) (Updatable) The maximum number of standby desktops available in the desktop pool. * `storage_backup_policy_id` - (Required) The backup policy OCID of the storage. @@ -199,16 +222,20 @@ The following attributes are exported: * `BASELINE_1_2` - baseline usage is 1/2 of an OCPU. * `BASELINE_1_1` - baseline usage is the entire OCPU. This represents a non-burstable instance. * `memory_in_gbs` - The total amount of memory available in gigabytes for each desktop compute instance in the desktop pool. - * `ocpus` - The total number of OCPUs available for each desktop compute instance in the desktop pool. - * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. - * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. -* `nsg_ids` - A list of network security groups for the network. + * `ocpus` - The total number of OCPUs available for each desktop compute instance in the desktop pool. * `private_access_details` - The details of the desktop's private access network connectivity that were used to create the pool. * `endpoint_fqdn` - The three-label FQDN to use for the private endpoint. The customer VCN's DNS records are updated with this FQDN. This enables the customer to use the FQDN instead of the private endpoint's private IP address to access the service (for example, xyz.oraclecloud.com). * `nsg_ids` - A list of network security groups for the private access. * `private_ip` - The IPv4 address from the provided Oracle Cloud Infrastructure subnet which needs to be assigned to the VNIC. If not provided, it will be auto-assigned with an available IPv4 address from the subnet. * `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet in the customer VCN where the connectivity will be established. - * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. + * `vcn_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the customer VCN. +* `session_lifecycle_actions` - Action to be triggered on inactivity or disconnect + * `disconnect` - Action and grace period for disconnect + * `action` - a disconnect action to be triggered + * `grace_period_in_minutes` - The period of time (in minutes) after disconnect before any action occurs. If the value is not provided, a default value is used. + * `inactivity` - Action and grace period for inactivity + * `action` - an inactivity action to be triggered + * `grace_period_in_minutes` - The period of time (in minutes) during which the session must remain inactive before any action occurs. If the value is not provided, a default value is used. * `shape_name` - The shape of the desktop pool. * `standby_size` - The maximum number of standby desktops available in the desktop pool. * `state` - The current state of the desktop pool. diff --git a/website/docs/r/dns_action_create_zone_from_zone_file.html.markdown b/website/docs/r/dns_action_create_zone_from_zone_file.html.markdown index 94f59d314d9..e7a96979631 100644 --- a/website/docs/r/dns_action_create_zone_from_zone_file.html.markdown +++ b/website/docs/r/dns_action_create_zone_from_zone_file.html.markdown @@ -10,7 +10,7 @@ description: |- # oci_dns_action_create_zone_from_zone_file This resource provides the Action Create Zone From Zone File resource in Oracle Cloud Infrastructure DNS service. -Creates a new zone from a zone file in the specified compartment. +Creates a new zone from a zone file in the specified compartment. Not supported for private zones. After the zone has been created, it should be further managed by importing it to an `oci_dns_zone` resource. diff --git a/website/docs/r/dns_record.html.markdown b/website/docs/r/dns_record.html.markdown index 33442b02ab6..c992f861e8c 100644 --- a/website/docs/r/dns_record.html.markdown +++ b/website/docs/r/dns_record.html.markdown @@ -13,11 +13,12 @@ description: |- This resource provides the Record resource in Oracle Cloud Infrastructure DNS service. -Replaces records in the specified zone with the records specified in the -request body. If a specified record does not exist, it will be created. -If the record exists, then it will be updated to represent the record in -the body of the request. If a record in the zone does not exist in the -request body, the record will be removed from the zone. + Updates a collection of records in the specified zone. + +You can update one record or all records for the specified zone depending on the changes provided in the +request body. You can also add or remove records using this function. When the zone name is provided as +a path parameter and `PRIVATE` is used for the scope query parameter then the viewId query parameter is +required. ## Example Usage @@ -30,7 +31,6 @@ resource "oci_dns_record" "test_record" { rtype = var.record_items_rtype #Optional - compartment_id = var.compartment_id rdata = var.record_items_rdata ttl = var.record_items_ttl } @@ -62,7 +62,7 @@ The following attributes are exported: * `record_hash` - A unique identifier for the record within its zone. * `rrset_version` - The latest version of the record's zone in which its RRSet differs from the preceding version. * `rtype` - The canonical name for the record's type, such as A or CNAME. For more information, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). -* `ttl` - The Time To Live for the record, in seconds. +* `ttl` - The Time To Live for the record, in seconds. Using a TTL lower than 30 seconds is not recommended. * `zone_name_or_id` - The name or OCID of the target zone. ## Timeouts diff --git a/website/docs/r/dns_resolver.html.markdown b/website/docs/r/dns_resolver.html.markdown index c42cc4f2394..fff9737f3ad 100644 --- a/website/docs/r/dns_resolver.html.markdown +++ b/website/docs/r/dns_resolver.html.markdown @@ -65,8 +65,8 @@ The following arguments are supported: * `client_address_conditions` - (Optional) (Updatable) A list of CIDR blocks. The query must come from a client within one of the blocks in order for the rule action to apply. * `destination_addresses` - (Required) (Updatable) IP addresses to which queries should be forwarded. Currently limited to a single address. * `qname_cover_conditions` - (Optional) (Updatable) A list of domain names. The query must be covered by one of the domains in order for the rule action to apply. - * `source_endpoint_name` - (Required) (Updatable) Name of an endpoint, that is a sub-resource of the resolver, to use as the forwarding interface. The endpoint must have isForwarding set to true. -* `scope` - (Optional) If specified, must be `PRIVATE` when creating private name resolvers. + * `source_endpoint_name` - (Required) (Updatable) Case-insensitive name of an endpoint, that is a sub-resource of the resolver, to use as the forwarding interface. The endpoint must have isForwarding set to true. +* `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. ** IMPORTANT ** @@ -138,3 +138,4 @@ Resolvers can be imported using their OCID, e.g. ``` $ terraform import oci_dns_resolver.test_resolver "id" ``` + diff --git a/website/docs/r/dns_resolver_endpoint.html.markdown b/website/docs/r/dns_resolver_endpoint.html.markdown index f9eb239261e..ab601aafdd4 100644 --- a/website/docs/r/dns_resolver_endpoint.html.markdown +++ b/website/docs/r/dns_resolver_endpoint.html.markdown @@ -10,7 +10,7 @@ description: |- # oci_dns_resolver_endpoint This resource provides the Resolver Endpoint resource in Oracle Cloud Infrastructure DNS service. -Creates a new resolver endpoint. Requires a `PRIVATE` scope query parameter. +Creates a new resolver endpoint in the same compartment as the resolver. ## Example Usage diff --git a/website/docs/r/dns_rrset.html.markdown b/website/docs/r/dns_rrset.html.markdown index 2d449c1dbe3..404a25100e9 100644 --- a/website/docs/r/dns_rrset.html.markdown +++ b/website/docs/r/dns_rrset.html.markdown @@ -10,8 +10,10 @@ description: |- # oci_dns_rrset This resource provides the Rrset resource in Oracle Cloud Infrastructure DNS service. -Replaces records in the specified RRSet. When the zone name is provided as a path parameter -and the zone has a scope of `PRIVATE` then the viewId query parameter is required. + Updates records in the specified RRSet. + +When the zone name is provided as a path parameter and `PRIVATE` is used for the scope query +parameter then the viewId query parameter is required. ## Example Usage @@ -23,7 +25,6 @@ resource "oci_dns_rrset" "test_rrset" { zone_name_or_id = oci_dns_zone.test_zone.id #Optional - compartment_id = var.compartment_id items { #Required domain = var.rrset_items_domain @@ -40,18 +41,19 @@ resource "oci_dns_rrset" "test_rrset" { The following arguments are supported: -* `compartment_id` - (Optional) (Updatable) The OCID of the compartment the resource belongs to. +* `compartment_id` - (Optional) (Updatable) The OCID of the compartment the zone belongs to. + + This parameter is deprecated and should be omitted. * `domain` - (Required) The target fully-qualified domain name (FQDN) within the target zone. * `items` - (Optional) (Updatable) - **NOTE** Omitting `items` at time of create, will delete any existing records in the RRSet + **NOTE** Omitting `items` at time of create will delete any existing records in the RRSet * `domain` - (Required) The fully qualified domain name where the record can be located. * `rdata` - (Required) (Updatable) The record's data, as whitespace-delimited tokens in type-specific presentation format. All RDATA is normalized and the returned presentation of your RDATA may differ from its initial input. For more information about RDATA, see [Supported DNS Resource Record Types](https://docs.cloud.oracle.com/iaas/Content/DNS/Reference/supporteddnsresource.htm) - * `rtype` - (Required) The canonical name for the record's type, such as A or CNAME. For more information, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). - * `ttl` - (Required) (Updatable) The Time To Live for the record, in seconds. + * `rtype` - (Required) The type of DNS record, such as A or CNAME. For more information, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). + * `ttl` - (Required) (Updatable) The Time To Live for the record, in seconds. Using a TTL lower than 30 seconds is not recommended. * `rtype` - (Required) The type of the target RRSet within the target zone. * `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. -This value will be null for zones in the global DNS and `PRIVATE` when creating private Rrsets. -* `view_id` - (Optional) The OCID of the view the resource is associated with. +* `view_id` - (Optional) The OCID of the view the zone is associated with. Required when accessing a private zone by name. * `zone_name_or_id` - (Required) The name or OCID of the target zone. @@ -69,7 +71,7 @@ The following attributes are exported: * `record_hash` - A unique identifier for the record within its zone. * `rrset_version` - The latest version of the record's zone in which its RRSet differs from the preceding version. * `rtype` - The type of DNS record, such as A or CNAME. For more information, see [Resource Record (RR) TYPEs](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4). - * `ttl` - The Time To Live for the record, in seconds. + * `ttl` - The Time To Live for the record, in seconds. Using a TTL lower than 30 seconds is not recommended. ## Timeouts diff --git a/website/docs/r/dns_steering_policy.html.markdown b/website/docs/r/dns_steering_policy.html.markdown index ccc7cff5a55..322c689e670 100644 --- a/website/docs/r/dns_steering_policy.html.markdown +++ b/website/docs/r/dns_steering_policy.html.markdown @@ -96,7 +96,7 @@ The following arguments are supported: * `answer_condition` - (Applicable when rule_type=FILTER | PRIORITY | WEIGHTED) An expression that is used to select a set of answers that match a condition. For example, answers with matching pool properties. * `should_keep` - (Applicable when rule_type=FILTER) Keeps the answer only if the value is `true`. * `value` - (Required when rule_type=PRIORITY | WEIGHTED) The rank assigned to the set of answers that match the expression in `answerCondition`. Answers with the lowest values move to the beginning of the list without changing the relative order of those with the same value. Answers can be given a value between `0` and `255`. - * `case_condition` - (Applicable when rule_type=FILTER | HEALTH | LIMIT | PRIORITY | WEIGHTED) An expression that uses conditions at the time of a DNS query to indicate whether a case matches. Conditions may include the geographical location, IP subnet, or ASN the DNS query originated. **Example:** If you have an office that uses the subnet `192.0.2.0/24` you could use a `caseCondition` expression `query.client.subnet in ('192.0.2.0/24')` to define a case that matches queries from that office. + * `case_condition` - (Applicable when rule_type=FILTER | HEALTH | LIMIT | PRIORITY | WEIGHTED) An expression that uses conditions at the time of a DNS query to indicate whether a case matches. Conditions may include the geographical location, IP subnet, or ASN the DNS query originated. **Example:** If you have an office that uses the subnet `192.0.2.0/24` you could use a `caseCondition` expression `query.client.address in ('192.0.2.0/24')` to define a case that matches queries from that office. * `count` - (Required when rule_type=LIMIT) The number of answers allowed to remain after the limit rule has been processed, keeping only the first of the remaining answers in the list. Example: If the `count` property is set to `2` and four answers remain before the limit rule is processed, only the first two answers in the list will remain after the limit rule has been processed. * `default_answer_data` - (Applicable when rule_type=FILTER | PRIORITY | WEIGHTED) Defines a default set of answer conditions and values that are applied to an answer when `cases` is not defined for the rule, or a matching case does not have any matching `answerCondition`s in its `answerData`. `defaultAnswerData` is not applied if `cases` is defined and there are no matching cases. In this scenario, the next rule will be processed. * `answer_condition` - (Applicable when rule_type=FILTER | PRIORITY | WEIGHTED) An expression that is used to select a set of answers that match a condition. For example, answers with matching pool properties. @@ -157,7 +157,7 @@ The following attributes are exported: * `answer_condition` - An expression that is used to select a set of answers that match a condition. For example, answers with matching pool properties. * `should_keep` - Keeps the answer only if the value is `true`. * `value` - The rank assigned to the set of answers that match the expression in `answerCondition`. Answers with the lowest values move to the beginning of the list without changing the relative order of those with the same value. Answers can be given a value between `0` and `255`. - * `case_condition` - An expression that uses conditions at the time of a DNS query to indicate whether a case matches. Conditions may include the geographical location, IP subnet, or ASN the DNS query originated. **Example:** If you have an office that uses the subnet `192.0.2.0/24` you could use a `caseCondition` expression `query.client.subnet in ('192.0.2.0/24')` to define a case that matches queries from that office. + * `case_condition` - An expression that uses conditions at the time of a DNS query to indicate whether a case matches. Conditions may include the geographical location, IP subnet, or ASN the DNS query originated. **Example:** If you have an office that uses the subnet `192.0.2.0/24` you could use a `caseCondition` expression `query.client.address in ('192.0.2.0/24')` to define a case that matches queries from that office. * `count` - The number of answers allowed to remain after the limit rule has been processed, keeping only the first of the remaining answers in the list. Example: If the `count` property is set to `2` and four answers remain before the limit rule is processed, only the first two answers in the list will remain after the limit rule has been processed. * `default_answer_data` - Defines a default set of answer conditions and values that are applied to an answer when `cases` is not defined for the rule, or a matching case does not have any matching `answerCondition`s in its `answerData`. `defaultAnswerData` is not applied if `cases` is defined and there are no matching cases. In this scenario, the next rule will be processed. * `answer_condition` - An expression that is used to select a set of answers that match a condition. For example, answers with matching pool properties. diff --git a/website/docs/r/dns_zone.html.markdown b/website/docs/r/dns_zone.html.markdown index 8834b1f2d06..276dbdb113d 100644 --- a/website/docs/r/dns_zone.html.markdown +++ b/website/docs/r/dns_zone.html.markdown @@ -10,11 +10,10 @@ description: |- # oci_dns_zone This resource provides the Zone resource in Oracle Cloud Infrastructure DNS service. -Creates a new zone in the specified compartment. For global zones, if the `Content-Type` header for the request -is `text/dns`, the `compartmentId` query parameter is required. `text/dns` for the `Content-Type` header is -not supported for private zones. Query parameter scope with a value of `PRIVATE` is required when creating a -private zone. Private zones must have a zone type of `PRIMARY`. Creating a private zone at or under -`oraclevcn.com` within the default protected view of a VCN-dedicated resolver is not permitted. +Creates a new zone in the specified compartment. + +Private zones must have a zone type of `PRIMARY`. Creating a private zone at or under `oraclevcn.com` +within the default protected view of a VCN-dedicated resolver is not permitted. ## Example Usage @@ -28,6 +27,7 @@ resource "oci_dns_zone" "test_zone" { #Optional defined_tags = var.zone_defined_tags + dnssec_state = var.zone_dnssec_state external_downstreams { #Required address = var.zone_external_downstreams_address @@ -54,10 +54,23 @@ resource "oci_dns_zone" "test_zone" { The following arguments are supported: -* `compartment_id` - (Required) (Updatable) The OCID of the compartment the resource belongs to. +* `compartment_id` - (Required) (Updatable) The OCID of the compartment containing the zone. * `defined_tags` - (Optional) (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). **Example:** `{"Operations": {"CostCenter": "42"}}` +* `dnssec_state` - (Optional) (Updatable) The state of DNSSEC on the zone. + + For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain (or an independent trust anchor) must also have DNSSEC correctly set up. After enabling DNSSEC, you must add a DS record to the zone's parent zone containing the `KskDnssecKeyVersion` data. You can find the DS data in the `dsData` attribute of the `KskDnssecKeyVersion`. Then, use the `PromoteZoneDnssecKeyVersion` operation to promote the `KskDnssecKeyVersion`. + + New `KskDnssecKeyVersion`s are generated annually, a week before the existing `KskDnssecKeyVersion`'s expiration. To rollover a `KskDnssecKeyVersion`, you must replace the parent zone's DS record containing the old `KskDnssecKeyVersion` data with the data from the new `KskDnssecKeyVersion`. + + To remove the old DS record without causing service disruption, wait until the old DS record's TTL has expired, and the new DS record has propagated. After the DS replacement has been completed, then the `PromoteZoneDnssecKeyVersion` operation must be called. + + Metrics are emitted in the `oci_dns` namespace daily for each `KskDnssecKeyVersion` indicating how many days are left until expiration. We recommend that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the necessary parent zone updates can be made and the `PromoteZoneDnssecKeyVersion` operation can be called. + + Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency. + + For more information, see [DNSSEC](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). * `external_downstreams` - (Optional) (Updatable) External secondary servers for the zone. This field is currently not supported when `zoneType` is `SECONDARY` or `scope` is `PRIVATE`. * `address` - (Required) (Updatable) The server's IP address (IPv4 or IPv6). * `port` - (Optional) (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value. @@ -87,6 +100,81 @@ The following attributes are exported: * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). **Example:** `{"Operations": {"CostCenter": "42"}}` +* `dnssec_config` - DNSSEC configuration data. + + A zone may have a maximum of 10 `DnssecKeyVersions`, regardless of signing key type. + * `ksk_dnssec_key_versions` - A read-only array of key signing key (KSK) versions. + * `algorithm` - The signing algorithm used for the key. + * `ds_data` - An array of data for DS records corresponding with this key version. An entry will exist for each supported DS digest algorithm. + * `digest_type` - The type of the digest associated with the rdata. + * `rdata` - Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, see [Supported DNS Resource Record Types](https://docs.cloud.oracle.com/iaas/Content/DNS/Reference/supporteddnsresource.htm) + * `key_tag` - The key tag associated with the `DnssecKeyVersion`. This key tag will be present in the RRSIG and DS records associated with the key material for this `DnssecKeyVersion`. For more information about key tags, see [RFC 4034](https://tools.ietf.org/html/rfc4034). + * `length_in_bytes` - The length of the corresponding private key in bytes, expressed as an integer. + * `predecessor_dnssec_key_version_uuid` - When populated, this is the UUID of the `DnssecKeyVersion` that this `DnssecKeyVersion` will replace or has replaced. + * `successor_dnssec_key_version_uuid` - When populated, this is the UUID of the `DnssecKeyVersion` that will replace, or has replaced, this `DnssecKeyVersion`. + * `time_activated` - The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_created` - The date and time the key version was created, expressed in RFC 3339 timestamp format. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_expired` - The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if `PromoteZoneDnssecKeyVersion` has not been called on this `DnssecKeyVersion`'s successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_inactivated` - The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) `DnssecKeyVersion`, this is populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_promoted` - The date and time the key version was promoted expressed in RFC 3339 timestamp format. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_published` - The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_unpublished` - The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) `DnssecKeyVersion`, this is populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + + **Example:** `2016-07-22T17:23:59:00Z` + * `uuid` - The UUID of the `DnssecKeyVersion`. + * `zsk_dnssec_key_versions` - A read-only array of zone signing key (ZSK) versions. + * `algorithm` - The signing algorithm used for the key. + * `key_tag` - The key tag associated with the `DnssecKeyVersion`. This key tag will be present in the RRSIG and DS records associated with the key material for this `DnssecKeyVersion`. For more information about key tags, see [RFC 4034](https://tools.ietf.org/html/rfc4034). + * `length_in_bytes` - The length of the corresponding private key in bytes, expressed as an integer. + * `predecessor_dnssec_key_version_uuid` - When populated, this is the UUID of the `DnssecKeyVersion` that this `DnssecKeyVersion` will replace or has replaced. + * `successor_dnssec_key_version_uuid` - When populated, this is the UUID of the `DnssecKeyVersion` that will replace, or has replaced, this `DnssecKeyVersion`. + * `time_activated` - The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_created` - The date and time the key version was created, expressed in RFC 3339 timestamp format. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_expired` - The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if `PromoteZoneDnssecKeyVersion` has not been called on this `DnssecKeyVersion`'s successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_inactivated` - The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) `DnssecKeyVersion`, this is populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_promoted` - The date and time the key version was promoted expressed in RFC 3339 timestamp format. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_published` - The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material. + + **Example:** `2016-07-22T17:23:59:00Z` + * `time_unpublished` - The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) `DnssecKeyVersion`, this is populated after `PromoteZoneDnssecKeyVersion` has been called on its successor `DnssecKeyVersion`. + + **Example:** `2016-07-22T17:23:59:00Z` + * `uuid` - The UUID of the `DnssecKeyVersion`. +* `dnssec_state` - The state of DNSSEC on the zone. + + For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain (or an independent trust anchor) must also have DNSSEC correctly set up. After enabling DNSSEC, you must add a DS record to the zone's parent zone containing the `KskDnssecKeyVersion` data. You can find the DS data in the `dsData` attribute of the `KskDnssecKeyVersion`. Then, use the `PromoteZoneDnssecKeyVersion` operation to promote the `KskDnssecKeyVersion`. + + New `KskDnssecKeyVersion`s are generated annually, a week before the existing `KskDnssecKeyVersion`'s expiration. To rollover a `KskDnssecKeyVersion`, you must replace the parent zone's DS record containing the old `KskDnssecKeyVersion` data with the data from the new `KskDnssecKeyVersion`. + + To remove the old DS record without causing service disruption, wait until the old DS record's TTL has expired, and the new DS record has propagated. After the DS replacement has been completed, then the `PromoteZoneDnssecKeyVersion` operation must be called. + + Metrics are emitted in the `oci_dns` namespace daily for each `KskDnssecKeyVersion` indicating how many days are left until expiration. We recommend that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the necessary parent zone updates can be made and the `PromoteZoneDnssecKeyVersion` operation can be called. + + Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency. + + For more information, see [DNSSEC](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). * `external_downstreams` - External secondary servers for the zone. This field is currently not supported when `zoneType` is `SECONDARY` or `scope` is `PRIVATE`. * `address` - The server's IP address (IPv4 or IPv6). * `port` - The server's port. Port value must be a value of 53, otherwise omit the port value. diff --git a/website/docs/r/dns_zone_promote_dnssec_key_version.html.markdown b/website/docs/r/dns_zone_promote_dnssec_key_version.html.markdown new file mode 100644 index 00000000000..10937d48d69 --- /dev/null +++ b/website/docs/r/dns_zone_promote_dnssec_key_version.html.markdown @@ -0,0 +1,66 @@ +--- +subcategory: "DNS" +layout: "oci" +page_title: "Oracle Cloud Infrastructure: oci_dns_zone_promote_dnssec_key_version" +sidebar_current: "docs-oci-resource-dns-zone_promote_dnssec_key_version" +description: |- + Provides the Zone Promote Dnssec Key Version resource in Oracle Cloud Infrastructure DNS service +--- + +# oci_dns_zone_promote_dnssec_key_version +This resource provides the Zone Promote Dnssec Key Version resource in Oracle Cloud Infrastructure DNS service. + +Promotes a specified `DnssecKeyVersion` on the zone. + +If the `DnssecKeyVersion` identified in the request body is a key signing key (KSK) that is replacing +another `DnssecKeyVersion`, then the old `DnssecKeyVersion` is scheduled for removal from the zone. + +For key signing keys (KSKs), you must create the DS record with the new key information **before** promoting +the new key to establish a chain of trust. To avoid a service disruption, remove the old DS record as soon +as its TTL (time to live) expires. + +For more information, see [DNSSEC](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm). + + +## Example Usage + +```hcl +resource "oci_dns_zone_promote_dnssec_key_version" "test_zone_promote_dnssec_key_version" { + #Required + dnssec_key_version_uuid = var.zone_promote_dnssec_key_version_dnssec_key_version_uuid + zone_id = oci_dns_zone.test_zone.id + + #Optional + scope = var.zone_promote_dnssec_key_version_scope +} +``` + +## Argument Reference + +The following arguments are supported: + +* `dnssec_key_version_uuid` - (Required) The UUID of the `DnssecKeyVersion` that is being promoted. +* `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. +* `zone_id` - (Required) The OCID of the target zone. + + +** IMPORTANT ** +Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values + +## Attributes Reference + +The following attributes are exported: + + +## Timeouts + +The `timeouts` block allows you to specify [timeouts](https://registry.terraform.io/providers/oracle/oci/latest/docs/guides/changing_timeouts) for certain operations: + * `create` - (Defaults to 20 minutes), when creating the Zone Promote Dnssec Key Version + * `update` - (Defaults to 20 minutes), when updating the Zone Promote Dnssec Key Version + * `delete` - (Defaults to 20 minutes), when destroying the Zone Promote Dnssec Key Version + + +## Import + +Import is not supported for this resource. + diff --git a/website/docs/r/dns_zone_stage_dnssec_key_version.html.markdown b/website/docs/r/dns_zone_stage_dnssec_key_version.html.markdown new file mode 100644 index 00000000000..bed5ceaf09e --- /dev/null +++ b/website/docs/r/dns_zone_stage_dnssec_key_version.html.markdown @@ -0,0 +1,61 @@ +--- +subcategory: "DNS" +layout: "oci" +page_title: "Oracle Cloud Infrastructure: oci_dns_zone_stage_dnssec_key_version" +sidebar_current: "docs-oci-resource-dns-zone_stage_dnssec_key_version" +description: |- + Provides the Zone Stage Dnssec Key Version resource in Oracle Cloud Infrastructure DNS service +--- + +# oci_dns_zone_stage_dnssec_key_version +This resource provides the Zone Stage Dnssec Key Version resource in Oracle Cloud Infrastructure DNS service. + +Stages a new `DnssecKeyVersion` on the zone. Staging is a process that generates a new "successor" key version +that replaces an existing "predecessor" key version. +**Note:** A new key-signing key (KSK) version is inert until you update the parent zone DS records. + +For more information, see the [DNSSEC](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm) documentation. + + +## Example Usage + +```hcl +resource "oci_dns_zone_stage_dnssec_key_version" "test_zone_stage_dnssec_key_version" { + #Required + predecessor_dnssec_key_version_uuid = var.zone_stage_dnssec_key_version_predecessor_dnssec_key_version_uuid + zone_id = oci_dns_zone.test_zone.id + + #Optional + scope = var.zone_stage_dnssec_key_version_scope +} +``` + +## Argument Reference + +The following arguments are supported: + +* `predecessor_dnssec_key_version_uuid` - (Required) The UUID of the `DnssecKeyVersion` for which a new successor should be generated. +* `scope` - (Optional) Specifies to operate only on resources that have a matching DNS scope. +* `zone_id` - (Required) The OCID of the target zone. + + +** IMPORTANT ** +Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values + +## Attributes Reference + +The following attributes are exported: + + +## Timeouts + +The `timeouts` block allows you to specify [timeouts](https://registry.terraform.io/providers/oracle/oci/latest/docs/guides/changing_timeouts) for certain operations: + * `create` - (Defaults to 20 minutes), when creating the Zone Stage Dnssec Key Version + * `update` - (Defaults to 20 minutes), when updating the Zone Stage Dnssec Key Version + * `delete` - (Defaults to 20 minutes), when destroying the Zone Stage Dnssec Key Version + + +## Import + +Import is not supported for this resource. + diff --git a/website/docs/r/golden_gate_connection.html.markdown b/website/docs/r/golden_gate_connection.html.markdown index 52cad863fb5..8418d7a8b95 100644 --- a/website/docs/r/golden_gate_connection.html.markdown +++ b/website/docs/r/golden_gate_connection.html.markdown @@ -122,17 +122,18 @@ The following arguments are supported: * `access_key_id` - (Required when connection_type=AMAZON_KINESIS | AMAZON_S3) (Updatable) Access key ID to access the Amazon S3 bucket. e.g.: "this-is-not-the-secret" * `account_key` - (Applicable when connection_type=AZURE_DATA_LAKE_STORAGE) (Updatable) Azure storage account key. This property is required when 'authenticationType' is set to 'SHARED_KEY'. e.g.: pa3WbhVATzj56xD4DH1VjOUhApRGEGHvOo58eQJVWIzX+j8j4CUVFcTjpIqDSRaSa1Wo2LbWY5at+AStEgLOIQ== -* `account_name` - (Required when connection_type=AZURE_DATA_LAKE_STORAGE) (Updatable) Sets the Azure storage account name. -* `additional_attributes` - (Applicable when connection_type=MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) An array of name-value pair attribute entries. Used as additional parameters in connection string. - * `name` - (Required when connection_type=MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) The name of the property entry. - * `value` - (Required when connection_type=MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) The value of the property entry. -* `authentication_mode` - (Applicable when connection_type=ORACLE) (Updatable) Authentication mode. It can be provided at creation of Oracle Autonomous Database Serverless connections, when a databaseId is provided. The default value is MTLS. -* `authentication_type` - (Required when connection_type=AZURE_DATA_LAKE_STORAGE | ELASTICSEARCH | JAVA_MESSAGE_SERVICE | KAFKA_SCHEMA_REGISTRY | REDIS | SNOWFLAKE) (Updatable) Authentication type for Java Message Service. If not provided, default is NONE. Optional until 2024-06-27, in the release after it will be made required. -* `azure_tenant_id` - (Applicable when connection_type=AZURE_DATA_LAKE_STORAGE) (Updatable) Azure tenant ID of the application. This property is required when 'authenticationType' is set to 'AZURE_ACTIVE_DIRECTORY'. e.g.: 14593954-d337-4a61-a364-9f758c64f97f +* `account_name` - (Required when connection_type=AZURE_DATA_LAKE_STORAGE) (Updatable) Sets the Azure storage account name. +* `additional_attributes` - (Applicable when connection_type=DB2 | MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) An array of name-value pair attribute entries. Used as additional parameters in connection string. + * `name` - (Required when connection_type=DB2 | MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) The name of the property entry. + * `value` - (Required when connection_type=DB2 | MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) The value of the property entry. +* `authentication_mode` - (Applicable when connection_type=ORACLE) (Updatable) Authentication mode. It can be provided at creation of Oracle Autonomous Database Serverless connections, when a databaseId is provided. The default value is MTLS. +* `authentication_type` - (Required when connection_type=AZURE_DATA_LAKE_STORAGE | ELASTICSEARCH | JAVA_MESSAGE_SERVICE | KAFKA_SCHEMA_REGISTRY | REDIS | SNOWFLAKE) (Updatable) Authentication type for Java Message Service. If not provided, default is NONE. Optional until 2024-06-27, in the release after it will be made required. +* `azure_tenant_id` - (Applicable when connection_type=AZURE_DATA_LAKE_STORAGE) (Updatable) Azure tenant ID of the application. This property is required when 'authenticationType' is set to 'AZURE_ACTIVE_DIRECTORY'. e.g.: 14593954-d337-4a61-a364-9f758c64f97f * `bootstrap_servers` - (Applicable when connection_type=KAFKA) (Updatable) Kafka bootstrap. Equivalent of bootstrap.servers configuration property in Kafka: list of KafkaBootstrapServer objects specified by host/port. Used for establishing the initial connection to the Kafka cluster. Example: `"server1.example.com:9092,server2.example.com:9092"` * `host` - (Required when connection_type=KAFKA) (Updatable) The name or address of a host. - * `port` - (Applicable when connection_type=KAFKA) (Updatable) The port of an endpoint usually specified for a connection. + * `port` - (Applicable when connection_type=KAFKA) (Updatable) The port of an endpoint usually specified for a connection. * `private_ip` - (Applicable when connection_type=KAFKA) (Updatable) Deprecated: this field will be removed in future versions. Either specify the private IP in the connectionString or host field, or make sure the host name is resolvable in the target VCN. + The private IP address of the connection's endpoint in the customer's VCN, typically a database endpoint or a big data endpoint (e.g. Kafka bootstrap server). In case the privateIp is provided, the subnetId must also be provided. In case the privateIp (and the subnetId) is not provided it is assumed the datasource is publicly accessible. In case the connection is accessible only privately, the lack of privateIp will result in not being able to access the connection. * `client_id` - (Applicable when connection_type=AZURE_DATA_LAKE_STORAGE) (Updatable) Azure client ID of the application. This property is required when 'authenticationType' is set to 'AZURE_ACTIVE_DIRECTORY'. e.g.: 06ecaabf-8b80-4ec8-a0ec-20cbf463703d * `client_secret` - (Applicable when connection_type=AZURE_DATA_LAKE_STORAGE) (Updatable) Azure client secret (aka application password) for authentication. This property is required when 'authenticationType' is set to 'AZURE_ACTIVE_DIRECTORY'. e.g.: dO29Q~F5-VwnA.lZdd11xFF_t5NAXCaGwDl9NbT1 @@ -149,7 +150,7 @@ The following arguments are supported: * `defined_tags` - (Optional) (Updatable) Tags defined for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` * `deployment_id` - (Applicable when connection_type=GOLDENGATE) (Updatable) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the deployment being referenced. * `description` - (Optional) (Updatable) Metadata about this specific object. -* `display_name` - (Required) (Updatable) An object's Display Name. +* `display_name` - (Required) (Updatable) An object's Display Name. * `endpoint` - (Applicable when connection_type=AZURE_DATA_LAKE_STORAGE) (Updatable) Azure Storage service endpoint. e.g: https://test.blob.core.windows.net * `fingerprint` - (Applicable when connection_type=ELASTICSEARCH) (Updatable) Fingerprint required by TLS security protocol. Eg.: '6152b2dfbff200f973c5074a5b91d06ab3b472c07c09a1ea57bb7fd406cdce9c' * `freeform_tags` - (Optional) (Updatable) A simple key-value pair that is applied without any predefined name, type, or scope. Exists for cross-compatibility only. Example: `{"bar-key": "value"}` @@ -170,6 +171,7 @@ The following arguments are supported: * `password` - (Required when connection_type=AMAZON_REDSHIFT | AZURE_SYNAPSE_ANALYTICS | DB2 | ELASTICSEARCH | GOLDENGATE | JAVA_MESSAGE_SERVICE | KAFKA | KAFKA_SCHEMA_REGISTRY | MICROSOFT_SQLSERVER | MONGODB | MYSQL | ORACLE | POSTGRESQL | REDIS | SNOWFLAKE) (Updatable) The password Oracle GoldenGate uses to connect the associated system of the given technology. It must conform to the specific security requirements including length, case sensitivity, and so on. * `port` - (Required when connection_type=DB2 | GOLDENGATE | MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) The port of an endpoint usually specified for a connection. * `private_ip` - (Applicable when connection_type=GOLDENGATE | JAVA_MESSAGE_SERVICE | KAFKA_SCHEMA_REGISTRY | MICROSOFT_SQLSERVER | MYSQL | ORACLE | POSTGRESQL) (Updatable) Deprecated: this field will be removed in future versions. Either specify the private IP in the connectionString or host field, or make sure the host name is resolvable in the target VCN. + The private IP address of the connection's endpoint in the customer's VCN, typically a database endpoint or a big data endpoint (e.g. Kafka bootstrap server). In case the privateIp is provided, the subnetId must also be provided. In case the privateIp (and the subnetId) is not provided it is assumed the datasource is publicly accessible. In case the connection is accessible only privately, the lack of privateIp will result in not being able to access the connection. * `private_key_file` - (Required when connection_type=OCI_OBJECT_STORAGE | ORACLE_NOSQL | SNOWFLAKE) (Updatable) The base64 encoded content of the private key file (PEM file) corresponding to the API key of the fingerprint. See documentation: https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managingcredentials.htm * `private_key_passphrase` - (Applicable when connection_type=OCI_OBJECT_STORAGE | ORACLE_NOSQL | SNOWFLAKE) (Updatable) Password if the private key file is encrypted. @@ -186,12 +188,12 @@ The following arguments are supported: * `session_mode` - (Applicable when connection_type=ORACLE) (Updatable) The mode of the database connection session to be established by the data client. 'REDIRECT' - for a RAC database, 'DIRECT' - for a non-RAC database. Connection to a RAC database involves a redirection received from the SCAN listeners to the database node to connect to. By default the mode would be DIRECT. * `should_use_jndi` - (Required when connection_type=JAVA_MESSAGE_SERVICE) (Updatable) If set to true, Java Naming and Directory Interface (JNDI) properties should be provided. * `should_validate_server_certificate` - (Applicable when connection_type=MICROSOFT_SQLSERVER) (Updatable) If set to true, the driver validates the certificate that is sent by the database server. -* `ssl_ca` - (Applicable when connection_type=MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) Database Certificate - The base64 encoded content of pem file containing the server public key (for 1-way SSL). -* `ssl_cert` - (Applicable when connection_type=MYSQL | POSTGRESQL) (Updatable) Client Certificate - The base64 encoded content of client-cert.pem file containing the client public key (for 2-way SSL). -* `ssl_client_keystash` - (Applicable when connection_type=DB2) (Updatable) The base64 encoded keystash file which contains the encrypted password to the key database file. -* `ssl_client_keystoredb` - (Applicable when connection_type=DB2) (Updatable) The base64 encoded keystore file created at the client containing the server certificate / CA root certificate. -* `ssl_crl` - (Applicable when connection_type=MYSQL | POSTGRESQL) (Updatable) Certificates revoked by certificate authorities (CA). Server certificate must not be on this list (for 1 and 2-way SSL). Note: This is an optional and that too only applicable if TLS/MTLS option is selected. -* `ssl_key` - (Applicable when connection_type=MYSQL | POSTGRESQL) (Updatable) Client Key - The client-key.pem containing the client private key (for 2-way SSL). +* `ssl_ca` - (Applicable when connection_type=MICROSOFT_SQLSERVER | MYSQL | POSTGRESQL) (Updatable) The base64 encoded certificate of the trusted certificate authorities (Trusted CA) for PostgreSQL. The supported file formats are .pem and .crt. +* `ssl_cert` - (Applicable when connection_type=MYSQL | POSTGRESQL) (Updatable) Client Certificate - The base64 encoded content of a .pem or .crt file. containing the client public key (for 2-way SSL). +* `ssl_client_keystash` - (Applicable when connection_type=DB2) (Updatable) The base64 encoded keystash file which contains the encrypted password to the key database file. +* `ssl_client_keystoredb` - (Applicable when connection_type=DB2) (Updatable) The base64 encoded keystore file created at the client containing the server certificate / CA root certificate. +* `ssl_crl` - (Applicable when connection_type=MYSQL | POSTGRESQL) (Updatable) The base64 encoded list of certificates revoked by the trusted certificate authorities (Trusted CA). Note: This is an optional property and only applicable if TLS/MTLS option is selected. +* `ssl_key` - (Applicable when connection_type=MYSQL | POSTGRESQL) (Updatable) Client Key – The base64 encoded content of a .pem or .crt file containing the client private key (for 2-way SSL). * `ssl_key_password` - (Applicable when connection_type=JAVA_MESSAGE_SERVICE | KAFKA | KAFKA_SCHEMA_REGISTRY) (Updatable) The password for the cert inside of the KeyStore. In case it differs from the KeyStore password, it should be provided. * `ssl_mode` - (Applicable when connection_type=MYSQL | POSTGRESQL) (Updatable) SSL modes for PostgreSQL. * `ssl_server_certificate` - (Applicable when connection_type=DB2) (Updatable) The base64 encoded file which contains the self-signed server certificate / Certificate Authority (CA) certificate. @@ -205,7 +207,8 @@ The following arguments are supported: * `user_id` - (Applicable when connection_type=OCI_OBJECT_STORAGE | ORACLE_NOSQL) (Updatable) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Oracle Cloud Infrastructure user who will access the Oracle NoSQL database. The user must have write access to the table they want to connect to. * `username` - (Required when connection_type=AMAZON_REDSHIFT | AZURE_SYNAPSE_ANALYTICS | DB2 | ELASTICSEARCH | GOLDENGATE | JAVA_MESSAGE_SERVICE | KAFKA | KAFKA_SCHEMA_REGISTRY | MICROSOFT_SQLSERVER | MONGODB | MYSQL | ORACLE | POSTGRESQL | REDIS | SNOWFLAKE) (Updatable) The username Oracle GoldenGate uses to connect the associated system of the given technology. This username must already exist and be available by the system/application to be connected to and must conform to the case sensitivty requirments defined in it. * `vault_id` - (Optional) (Updatable) Refers to the customer's vault OCID. If provided, it references a vault where GoldenGate can manage secrets. Customers must add policies to permit GoldenGate to manage secrets contained within this vault. -* `wallet` - (Applicable when connection_type=ORACLE) (Updatable) The wallet contents Oracle GoldenGate uses to make connections to a database. This attribute is expected to be base64 encoded. +* `wallet` - (Applicable when connection_type=ORACLE) (Updatable) The wallet contents Oracle GoldenGate uses to make connections to a database. This attribute is expected to be base64 encoded. + ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values @@ -263,39 +266,40 @@ The following attributes are exported: * `key_id` - Refers to the customer's master key OCID. If provided, it references a key to manage secrets. Customers must add policies to permit GoldenGate to use this key. * `lifecycle_details` - Describes the object's current state in detail. For example, it can be used to provide actionable information for a resource in a Failed state. * `locks` - Locks associated with this resource. - * `message` - A message added by the creator of the lock. This is typically used to give an indication of why the resource is locked. - * `related_resource_id` - The id of the resource that is locking this resource. Indicates that deleting this resource will remove the lock. + * `message` - A message added by the creator of the lock. This is typically used to give an indication of why the resource is locked. + * `related_resource_id` - The id of the resource that is locking this resource. Indicates that deleting this resource will remove the lock. * `time_created` - When the lock was created. * `type` - Type of the lock. -* `nsg_ids` - An array of Network Security Group OCIDs used to define network access for either Deployments or Connections. -* `port` - The port of an endpoint usually specified for a connection. +* `nsg_ids` - An array of Network Security Group OCIDs used to define network access for either Deployments or Connections. +* `port` - The port of an endpoint usually specified for a connection. * `private_ip` - Deprecated: this field will be removed in future versions. Either specify the private IP in the connectionString or host field, or make sure the host name is resolvable in the target VCN. - The private IP address of the connection's endpoint in the customer's VCN, typically a database endpoint or a big data endpoint (e.g. Kafka bootstrap server). In case the privateIp is provided, the subnetId must also be provided. In case the privateIp (and the subnetId) is not provided it is assumed the datasource is publicly accessible. In case the connection is accessible only privately, the lack of privateIp will result in not being able to access the connection. -* `redis_cluster_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Redis cluster. -* `region` - The name of the region. e.g.: us-ashburn-1 -* `routing_method` - Controls the network traffic direction to the target: SHARED_SERVICE_ENDPOINT: Traffic flows through the Goldengate Service's network to public hosts. Cannot be used for private targets. SHARED_DEPLOYMENT_ENDPOINT: Network traffic flows from the assigned deployment's private endpoint through the deployment's subnet. DEDICATED_ENDPOINT: A dedicated private endpoint is created in the target VCN subnet for the connection. The subnetId is required when DEDICATED_ENDPOINT networking is selected. + + The private IP address of the connection's endpoint in the customer's VCN, typically a database endpoint or a big data endpoint (e.g. Kafka bootstrap server). In case the privateIp is provided, the subnetId must also be provided. In case the privateIp (and the subnetId) is not provided it is assumed the datasource is publicly accessible. In case the connection is accessible only privately, the lack of privateIp will result in not being able to access the connection. +* `redis_cluster_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Redis cluster. +* `region` - The name of the region. e.g.: us-ashburn-1 +* `routing_method` - Controls the network traffic direction to the target: SHARED_SERVICE_ENDPOINT: Traffic flows through the Goldengate Service's network to public hosts. Cannot be used for private targets. SHARED_DEPLOYMENT_ENDPOINT: Network traffic flows from the assigned deployment's private endpoint through the deployment's subnet. DEDICATED_ENDPOINT: A dedicated private endpoint is created in the target VCN subnet for the connection. The subnetId is required when DEDICATED_ENDPOINT networking is selected. * `security_protocol` - Security Protocol to be provided for the following connection types: ELASTICSEARCH, JAVA_MESSAGE_SERVICE, KAFKA, MICROSOFT_SQLSERVER, MYSQL, POSTGRESQL, REDIS * JAVA_MESSAGE_SERVICE - If not provided, default is NONE. Optional until 2024-06-27, in the release after it will be made required. * `servers` - Comma separated list of server addresses, specified as host:port entries, where :port is optional. Example: `"server1.example.com:4000,server2.example.com:4000"` If port is not specified, a default value is set, in case of ELASTICSEARCH: 9200, for REDIS 6379. -* `session_mode` - The mode of the database connection session to be established by the data client. 'REDIRECT' - for a RAC database, 'DIRECT' - for a non-RAC database. Connection to a RAC database involves a redirection received from the SCAN listeners to the database node to connect to. By default the mode would be DIRECT. -* `should_use_jndi` - If set to true, Java Naming and Directory Interface (JNDI) properties should be provided. -* `should_validate_server_certificate` - If set to true, the driver validates the certificate that is sent by the database server. -* `ssl_ca` - Database Certificate - The base64 encoded content of pem file containing the server public key (for 1-way SSL). +* `session_mode` - The mode of the database connection session to be established by the data client. 'REDIRECT' - for a RAC database, 'DIRECT' - for a non-RAC database. Connection to a RAC database involves a redirection received from the SCAN listeners to the database node to connect to. By default the mode would be DIRECT. +* `should_use_jndi` - If set to true, Java Naming and Directory Interface (JNDI) properties should be provided. +* `should_validate_server_certificate` - If set to true, the driver validates the certificate that is sent by the database server. +* `ssl_ca` - Database Certificate - The base64 encoded content of a .pem or .crt file. containing the server public key (for 1-way SSL). * `ssl_mode` - SSL mode to be provided for the following connection types: MYSQL, POSTGRESQL. -* `state` - Possible lifecycle states for connection. -* `stream_pool_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the stream pool being referenced. -* `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the target subnet of the dedicated connection. -* `system_tags` - The system tags associated with this resource, if any. The system tags are set by Oracle Cloud Infrastructure services. Each key is predefined and scoped to namespaces. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{orcl-cloud: {free-tier-retain: true}}` +* `state` - Possible lifecycle states for connection. +* `stream_pool_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the stream pool being referenced. +* `subnet_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the target subnet of the dedicated connection. +* `system_tags` - The system tags associated with this resource, if any. The system tags are set by Oracle Cloud Infrastructure services. Each key is predefined and scoped to namespaces. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{orcl-cloud: {free-tier-retain: true}}` * `technology_type` - The technology type. -* `tenancy_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the related Oracle Cloud Infrastructure tenancy. -* `time_created` - The time the resource was created. The format is defined by [RFC3339](https://tools.ietf.org/html/rfc3339), such as `2016-08-25T21:10:29.600Z`. -* `time_updated` - The time the resource was last updated. The format is defined by [RFC3339](https://tools.ietf.org/html/rfc3339), such as `2016-08-25T21:10:29.600Z`. -* `url` - Kafka Schema Registry URL. e.g.: 'https://server1.us.oracle.com:8081' -* `user_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Oracle Cloud Infrastructure user who will access the Oracle NoSQL database/Object Storage. The user must have write access. -* `username` - The username Oracle GoldenGate uses to connect the associated system of the given technology. This username must already exist and be available by the system/application to be connected to and must conform to the case sensitivity requirements defined in it. -* `vault_id` - Refers to the customer's vault OCID. If provided, it references a vault where GoldenGate can manage secrets. Customers must add policies to permit GoldenGate to manage secrets contained within this vault. +* `tenancy_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the related Oracle Cloud Infrastructure tenancy. +* `time_created` - The time the resource was created. The format is defined by [RFC3339](https://tools.ietf.org/html/rfc3339), such as `2016-08-25T21:10:29.600Z`. +* `time_updated` - The time the resource was last updated. The format is defined by [RFC3339](https://tools.ietf.org/html/rfc3339), such as `2016-08-25T21:10:29.600Z`. +* `url` - Kafka Schema Registry URL. e.g.: 'https://server1.us.oracle.com:8081' +* `user_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Oracle Cloud Infrastructure user who will access the Oracle NoSQL database. The user must have write access to the table they want to connect to. +* `username` - The username Oracle GoldenGate uses to connect the associated system of the given technology. This username must already exist and be available by the system/application to be connected to and must conform to the case sensitivty requirments defined in it. +* `vault_id` - Refers to the customer's vault OCID. If provided, it references a vault where GoldenGate can manage secrets. Customers must add policies to permit GoldenGate to manage secrets contained within this vault. ## Timeouts diff --git a/website/docs/r/golden_gate_database_registration.html.markdown b/website/docs/r/golden_gate_database_registration.html.markdown index b351850a8ea..1b09d3458cf 100644 --- a/website/docs/r/golden_gate_database_registration.html.markdown +++ b/website/docs/r/golden_gate_database_registration.html.markdown @@ -63,7 +63,7 @@ The following arguments are supported: * `subnet_id` - (Optional) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the target subnet of the dedicated connection. * `username` - (Required) (Updatable) The username Oracle GoldenGate uses to connect the associated system of the given technology. This username must already exist and be available by the system/application to be connected to and must conform to the case sensitivty requirments defined in it. * `vault_id` - (Optional) Refers to the customer's vault OCID. If provided, it references a vault where GoldenGate can manage secrets. Customers must add policies to permit GoldenGate to manage secrets contained within this vault. -* `wallet` - (Optional) (Updatable) The wallet contents Oracle GoldenGate uses to make connections to a database. This attribute is expected to be base64 encoded. +* `wallet` - (Optional) (Updatable) The wallet contents Oracle GoldenGate uses to make connections to a database. This attribute is expected to be base64 encoded. ** IMPORTANT ** diff --git a/website/docs/r/golden_gate_deployment.html.markdown b/website/docs/r/golden_gate_deployment.html.markdown index 6eb387cd647..67e91bdbb82 100644 --- a/website/docs/r/golden_gate_deployment.html.markdown +++ b/website/docs/r/golden_gate_deployment.html.markdown @@ -30,6 +30,7 @@ resource "oci_golden_gate_deployment" "test_deployment" { defined_tags = {"foo-namespace.bar-key"= "value"} deployment_backup_id = oci_golden_gate_deployment_backup.test_deployment_backup.id description = var.deployment_description + environment_type = var.deployment_environment_type fqdn = var.deployment_fqdn freeform_tags = {"bar-key"= "value"} is_public = var.deployment_is_public @@ -65,6 +66,15 @@ resource "oci_golden_gate_deployment" "test_deployment" { admin_username = var.deployment_ogg_data_admin_username certificate = var.deployment_ogg_data_certificate credential_store = var.deployment_ogg_data_credential_store + group_to_roles_mapping { + #Required + security_group_id = oci_identity_group.test_group.id + + #Optional + administrator_group_id = oci_identity_group.test_group.id + operator_group_id = oci_identity_group.test_group.id + user_group_id = oci_identity_group.test_group.id + } identity_domain_id = oci_identity_domain.test_domain.id key = var.deployment_ogg_data_key ogg_version = var.deployment_ogg_data_ogg_version @@ -85,6 +95,7 @@ The following arguments are supported: * `deployment_type` - (Required) The type of deployment, which can be any one of the Allowed values. NOTE: Use of the value 'OGG' is maintained for backward compatibility purposes. Its use is discouraged in favor of 'DATABASE_ORACLE'. * `description` - (Optional) (Updatable) Metadata about this specific object. * `display_name` - (Required) (Updatable) An object's Display Name. +* `environment_type` - (Optional) (Updatable) Specifies whether the deployment is used in a production or development/testing environment. * `fqdn` - (Optional) (Updatable) A three-label Fully Qualified Domain Name (FQDN) for a resource. * `freeform_tags` - (Optional) (Updatable) A simple key-value pair that is applied without any predefined name, type, or scope. Exists for cross-compatibility only. Example: `{"bar-key": "value"}` * `is_auto_scaling_enabled` - (Required) (Updatable) Indicates if auto scaling is enabled for the Deployment's CPU core count. @@ -110,6 +121,11 @@ The following arguments are supported: * `certificate` - (Optional) (Updatable) The base64 encoded content of the PEM file containing the SSL certificate. * `credential_store` - (Optional) (Updatable) The type of credential store for OGG. * `deployment_name` - (Required) The name given to the GoldenGate service deployment. The name must be 1 to 32 characters long, must contain only alphanumeric characters and must start with a letter. + * `group_to_roles_mapping` - (Optional) (Updatable) Defines the IDP Groups to GoldenGate roles mapping. This field is used only for IAM deployment and does not have any impact on non-IAM deployments. For IAM deployment, when user does not specify this mapping, then it has null value and default mapping is used. User belonging to each group can only perform the actions according to the role the respective group is mapped to. + * `administrator_group_id` - (Optional) (Updatable) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role administratorGroup. It grants full access to the user, including the ability to alter general, non-security related operational parameters and profiles of the server. + * `operator_group_id` - (Optional) (Updatable) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role operatorGroup. It allows users to perform only operational actions, like starting and stopping resources. Operators cannot alter the operational parameters or profiles of the MA server. + * `security_group_id` - (Required) (Updatable) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role securityGroup. It grants administration of security related objects and invoke security related service requests. This role has full privileges. + * `user_group_id` - (Optional) (Updatable) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role userGroup. It allows information-only service requests, which do not alter or affect the operation of either the MA. Examples of query and read-only information include performance metric information and resource status and monitoring information * `identity_domain_id` - (Optional) (Updatable) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Identity Domain when IAM credential store is used. * `key` - (Optional) (Updatable) The base64 encoded content of the PEM file containing the private key. * `ogg_version` - (Optional) Version of OGG @@ -125,6 +141,7 @@ Any change to a property that does not support update will force the destruction The following attributes are exported: +* `category` - The deployment category defines the broad separation of the deployment type into three categories. Currently the separation is 'DATA_REPLICATION', 'STREAM_ANALYTICS' and 'DATA_TRANSFORMS'. * `compartment_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment being referenced. * `cpu_core_count` - The Minimum number of OCPUs to be made available for this Deployment. * `defined_tags` - Tags defined for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}` @@ -140,6 +157,7 @@ The following attributes are exported: * `deployment_url` - The URL of a resource. * `description` - Metadata about this specific object. * `display_name` - An object's Display Name. +* `environment_type` - Specifies whether the deployment is used in a production or development/testing environment. * `fqdn` - A three-label Fully Qualified Domain Name (FQDN) for a resource. * `freeform_tags` - A simple key-value pair that is applied without any predefined name, type, or scope. Exists for cross-compatibility only. Example: `{"bar-key": "value"}` * `id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the deployment being referenced. @@ -149,7 +167,7 @@ The following attributes are exported: * `is_healthy` - True if all of the aggregate resources are working correctly. * `is_latest_version` - Indicates if the resource is the the latest available version. * `is_public` - True if this object is publicly available. -* `is_storage_utilization_limit_exceeded` - Indicator will be true if the amount of storage being utilized exceeds the allowable storage utilization limit. Exceeding the limit may be an indication of a misconfiguration of the deployment's GoldenGate service. +* `is_storage_utilization_limit_exceeded` - Deprecated: This field is not updated and will be removed in future versions. If storage utilization exceeds the limit, the respective warning message will appear in deployment messages, which can be accessed through /messages?deploymentId=. Indicator will be true if the amount of storage being utilized exceeds the allowable storage utilization limit. Exceeding the limit may be an indication of a misconfiguration of the deployment's GoldenGate service. * `license_model` - The Oracle license model that applies to a Deployment. * `lifecycle_details` - Describes the object's current state in detail. For example, it can be used to provide actionable information for a resource in a Failed state. * `lifecycle_sub_state` - Possible GGS lifecycle sub-states. @@ -177,6 +195,11 @@ The following attributes are exported: * `certificate` - The base64 encoded content of the PEM file containing the SSL certificate. * `credential_store` - The type of credential store for OGG. * `deployment_name` - The name given to the GoldenGate service deployment. The name must be 1 to 32 characters long, must contain only alphanumeric characters and must start with a letter. + * `group_to_roles_mapping` - Defines the IDP Groups to GoldenGate roles mapping. This field is used only for IAM deployment and does not have any impact on non-IAM deployments. For IAM deployment, when user does not specify this mapping, then it has null value and default mapping is used. User belonging to each group can only perform the actions according to the role the respective group is mapped to. + * `administrator_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role administratorGroup. It grants full access to the user, including the ability to alter general, non-security related operational parameters and profiles of the server. + * `operator_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role operatorGroup. It allows users to perform only operational actions, like starting and stopping resources. Operators cannot alter the operational parameters or profiles of the MA server. + * `security_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role securityGroup. It grants administration of security related objects and invoke security related service requests. This role has full privileges. + * `user_group_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the IDP group which will be mapped to goldengate role userGroup. It allows information-only service requests, which do not alter or affect the operation of either the MA. Examples of query and read-only information include performance metric information and resource status and monitoring information * `identity_domain_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Identity Domain when IAM credential store is used. * `ogg_version` - Version of OGG * `password_secret_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Secret where the deployment password is stored. diff --git a/website/oci.erb b/website/oci.erb index 161b339f547..596e60afdfc 100644 --- a/website/oci.erb +++ b/website/oci.erb @@ -4582,9 +4582,6 @@
  • oci_dns_rrset
    • -
  • - oci_dns_rrsets -
  • oci_dns_steering_policies
    • @@ -4617,9 +4614,6 @@ > Resources @@ -5254,6 +5254,9 @@
  • oci_golden_gate_deployment_certificates
    • +
  • + oci_golden_gate_deployment_environments +
  • oci_golden_gate_deployment_type