From c199d0fc5dc5d523a6c509ec79fe5d8510b13dbd Mon Sep 17 00:00:00 2001 From: SevenEarth <391613297@qq.com> Date: Tue, 29 Oct 2024 16:17:04 +0800 Subject: [PATCH 1/3] add --- .../services/cam/resource_tc_cam_role.go | 12 +++++------- .../services/cam/service_tencentcloud_cam.go | 16 +++++----------- 2 files changed, 10 insertions(+), 18 deletions(-) diff --git a/tencentcloud/services/cam/resource_tc_cam_role.go b/tencentcloud/services/cam/resource_tc_cam_role.go index 029b614150..7d09c059b0 100644 --- a/tencentcloud/services/cam/resource_tc_cam_role.go +++ b/tencentcloud/services/cam/resource_tc_cam_role.go @@ -98,14 +98,12 @@ func resourceTencentCloudCamRoleCreate(d *schema.ResourceData, meta interface{}) name := d.Get("name").(string) document := d.Get("document").(string) - - camService := CamService{ - client: meta.(tccommon.ProviderMeta).GetAPIV3Conn(), + camService := CamService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()} + documentErr := camService.PolicyDocumentForceCheck(document) + if documentErr != nil { + return documentErr } - //documentErr := camService.PolicyDocumentForceCheck(document) - //if documentErr != nil { - // return documentErr - //} + request := cam.NewCreateRoleRequest() request.RoleName = &name request.PolicyDocument = &document diff --git a/tencentcloud/services/cam/service_tencentcloud_cam.go b/tencentcloud/services/cam/service_tencentcloud_cam.go index 474b9e5433..8c0c7a2fba 100644 --- a/tencentcloud/services/cam/service_tencentcloud_cam.go +++ b/tencentcloud/services/cam/service_tencentcloud_cam.go @@ -1191,8 +1191,8 @@ func (me *CamService) PolicyDocumentForceCheck(document string) error { type Statement struct { Resource interface{} `json:"resource"` //to avoid json unmarshal eats up with '/' - Action []json.RawMessage `json:"action"` - Principal Principal `json:"principal"` + Action interface{} `json:"action"` + Principal Principal `json:"principal"` } type Document struct { Version string `json:"version"` @@ -1212,15 +1212,9 @@ func (me *CamService) PolicyDocumentForceCheck(document string) error { } if state.Action != nil { - if reflect.TypeOf(state.Action) == reflect.TypeOf("string") { - return fmt.Errorf("The format of `action` in policy document is invalid, its type must be array.") - } - - } - //multi value case in elemant `principal.qcs`:input :root/[uin of the user], output:[uin of the user] - for _, qcs := range state.Principal.Qcs { - if strings.Contains(qcs, "root") { - return fmt.Errorf("`root` format is not supported, please replace it with uin.") + actionType := reflect.TypeOf(state.Action).Kind() + if actionType != reflect.String && actionType != reflect.Slice { + return fmt.Errorf("The format of `action` in policy document is invalid, its type must be array or string.") } } } From 561cce7c35cb215aa0872cc24b5c1f8396fb7dbb Mon Sep 17 00:00:00 2001 From: SevenEarth <391613297@qq.com> Date: Tue, 29 Oct 2024 16:19:46 +0800 Subject: [PATCH 2/3] add --- .changelog/2917.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/2917.txt diff --git a/.changelog/2917.txt b/.changelog/2917.txt new file mode 100644 index 0000000000..cf05a62038 --- /dev/null +++ b/.changelog/2917.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/tencentcloud_cam_role: fix attachment with ccn_uin +``` \ No newline at end of file From 0e1d305bf9703231ae1be43e352cba181bb61075 Mon Sep 17 00:00:00 2001 From: SevenEarth <391613297@qq.com> Date: Tue, 29 Oct 2024 16:20:34 +0800 Subject: [PATCH 3/3] add --- .changelog/2917.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.changelog/2917.txt b/.changelog/2917.txt index cf05a62038..0bbb3ab2a6 100644 --- a/.changelog/2917.txt +++ b/.changelog/2917.txt @@ -1,3 +1,3 @@ ```release-note:enhancement -resource/tencentcloud_cam_role: fix attachment with ccn_uin +resource/tencentcloud_cam_role: update the verification rules for field `document` ``` \ No newline at end of file