add

tencentcloud/provider.go

@@ -1280,6 +1280,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_kubernetes_serverless_node_pool":                                          tke.ResourceTencentCloudKubernetesServerlessNodePool(),
 			"tencentcloud_kubernetes_encryption_protection":                                         tke.ResourceTencentCloudKubernetesEncryptionProtection(),
 			"tencentcloud_kubernetes_cluster_master_attachment":                                     tke.ResourceTencentCloudKubernetesClusterMasterAttachment(),
+			"tencentcloud_kubernetes_cluster_audit":                                                 tke.ResourceTencentCloudKubernetesClusterAudit(),
 			"tencentcloud_mysql_backup_policy":                                                      cdb.ResourceTencentCloudMysqlBackupPolicy(),
 			"tencentcloud_mysql_account":                                                            cdb.ResourceTencentCloudMysqlAccount(),
 			"tencentcloud_mysql_account_privilege":                                                  cdb.ResourceTencentCloudMysqlAccountPrivilege(),

tencentcloud/provider.md

@@ -690,6 +690,7 @@ Tencent Kubernetes Engine(TKE)
     tencentcloud_kubernetes_health_check_policy
     tencentcloud_kubernetes_log_config
     tencentcloud_kubernetes_cluster_master_attachment
+    tencentcloud_kubernetes_cluster_audit
 
 TDMQ for Pulsar(tpulsar)
   Data Source

tencentcloud/services/tke/resource_tc_kubernetes_cluster_audit.md

@@ -0,0 +1,32 @@
+Provides a resource to create a kubernetes cluster audit
+
+Example Usage
+
+Automatic creation of log sets and topics
+
+```hcl
+resource "tencentcloud_kubernetes_cluster_audit" "example" {
+  cluster_id              = "cls-fdy7hm1q"
+  delete_logset_and_topic = true
+}
+```
+
+Manually fill in log sets and topics
+
+```hcl
+resource "tencentcloud_kubernetes_cluster_audit" "example" {
+  cluster_id              = "cls-fdy7hm1q"
+  logset_id               = "30d32c56-e650-4175-9c70-5280cddee48c"
+  topic_id                = "cfc056ca-517f-46fd-be68-9c5cad518b2f"
+  topic_region            = "ap-guangzhou"
+  delete_logset_and_topic = false
+}
+```
+
+Import
+
+kubernetes cluster audit can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_kubernetes_cluster_audit.example cls-fdy7hm1q
+```

tencentcloud/services/tke/resource_tc_kubernetes_cluster_audit_extension.go

@@ -0,0 +1,39 @@
+package tke
+
+import (
+	"context"
+	"fmt"
+	"log"
+
+	tkev20180525 "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke/v20180525"
+	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+)
+
+func resourceTencentCloudKubernetesClusterAuditReadPreHandleResponse0(ctx context.Context, resp *tkev20180525.DescribeLogSwitchesResponseParams) error {
+	logId := tccommon.GetLogId(ctx)
+	d := tccommon.ResourceDataFromContext(ctx)
+	if d == nil {
+		return fmt.Errorf("resource data can not be nil")
+	}
+
+	if resp.SwitchSet == nil {
+		d.SetId("")
+		log.Printf("[WARN]%s resource `kubernetes_cluster_audit` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		return nil
+	}
+
+	auditInfo := resp.SwitchSet[0].Audit
+	if auditInfo.LogsetId != nil {
+		_ = d.Set("logset_id", auditInfo.LogsetId)
+	}
+
+	if auditInfo.TopicId != nil {
+		_ = d.Set("topic_id", auditInfo.TopicId)
+	}
+
+	if auditInfo.TopicRegion != nil {
+		_ = d.Set("topic_region", auditInfo.TopicRegion)
+	}
+
+	return nil
+}

tencentcloud/services/tke/resource_tc_kubernetes_cluster_audit_test.go

@@ -0,0 +1,41 @@
+package tke_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudKubernetesClusterAuditResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			tcacctest.AccPreCheck(t)
+		},
+		Providers: tcacctest.AccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccKubernetesClusterAudit,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("tencentcloud_kubernetes_cluster_audit.example", "id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_kubernetes_cluster_audit.example", "cluster_id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_kubernetes_cluster_audit.example", "delete_logset_and_topic"),
+				),
+			},
+			{
+				ResourceName:      "tencentcloud_kubernetes_cluster_audit.example",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+const testAccKubernetesClusterAudit = `
+resource "tencentcloud_kubernetes_cluster_audit" "example" {
+  cluster_id              = "cls-fdy7hm1q"
+  delete_logset_and_topic = true
+}
+`

tencentcloud/services/tke/service_tencentcloud_tke.go

@@ -3738,3 +3738,28 @@ func (me *TkeService) DescribeKubernetesClusterMasterAttachmentById2(ctx context
 	ret = response.Response
 	return
 }
+
+func (me *TkeService) DescribeKubernetesClusterAuditById(ctx context.Context, clusterId string) (ret *tke.DescribeLogSwitchesResponseParams, errRet error) {
+	logId := tccommon.GetLogId(ctx)
+
+	request := tke.NewDescribeLogSwitchesRequest()
+	request.ClusterIds = []*string{helper.String(clusterId)}
+
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+		}
+	}()
+
+	ratelimit.Check(request.GetAction())
+
+	response, err := me.client.UseTkeV20180525Client().DescribeLogSwitches(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+	ret = response.Response
+	return
+}