CSK cluster support RBAC #3495
Merged
CSK cluster support RBAC #3495
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
xiaozhu36
requested changes
Apr 25, 2021
| }, | ||
| "permissions": { | ||
| Optional: true, | ||
| Type: schema.TypeList, |
There was a problem hiding this comment.
I think its type should be TypeSet
| _, _ = describeUserPermission(client, uid) | ||
| //if _err != nil { | ||
| // return WrapErrorf(err, DefaultErrorMsg, ResourceName, "DescribeUserPermission", err) | ||
| //} |
There was a problem hiding this comment.
If there is an error, it should be return.
| } | ||
|
|
||
| // Query existing permissions, DescribeUserPermission | ||
| uid := d.Get("uid").(string) |
| return WrapErrorf(err, DefaultErrorMsg, ResourceName, "InitializeClient", err) | ||
| } | ||
|
|
||
| uid := d.Get("uid").(string) |
| return nil | ||
| } | ||
|
|
||
| func initCsClient(meta interface{}) (*cs.Client, error) { |
There was a problem hiding this comment.
I think it should be inited in the client.go
There was a problem hiding this comment.
将这段逻辑支持,在connectivity里支持了。
| vswitch_name = "${var.name}" | ||
| vpc_id = "${alicloud_vpc.default.id}" | ||
| cidr_block = "10.1.1.0/24" | ||
| availability_zone = "${data.alicloud_zones.default.zones.0.id}" |
| } | ||
|
|
||
| data "alicloud_instance_types" "default" { | ||
| availability_zone = "${data.alicloud_zones.default.zones.0.id}" |
There was a problem hiding this comment.
There is no need to using grammar "${}" and just using data.alicloud_zones.default.zones.0.id or var.name is ok.
| -> **NOTE:** If you call this operation as a RAM user, make sure that this RAM user has the permissions to grant other RAM users the permissions to manage ACK clusters. Otherwise, the `StatusForbidden` or `ForbiddenGrantPermissions` errors will be returned. For more information, see [Use a RAM user to grant RBAC permissions to other RAM users](https://www.alibabacloud.com/help/faq-detail/119035.htm). | ||
|
|
||
| -> **NOTE:** This operation overwrites the permissions that have been granted to the specified RAM user. When you call this operation, make sure that the required permissions are included. | ||
|
|
There was a problem hiding this comment.
Please adds an availability note.
xiaozhu36
requested changes
Apr 28, 2021
| } | ||
|
|
||
| func dataAlicloudCSKubernetesPermissionsRead(d *schema.ResourceData, meta interface{}) error { | ||
| client, err := cs.NewClient(&openapi.Config{ |
There was a problem hiding this comment.
Please move the client to connectivity.
There was a problem hiding this comment.
update in :cf231d5
| } | ||
|
|
||
| func resourceAlicloudCSKubernetesPermissionsCreate(d *schema.ResourceData, meta interface{}) error { | ||
| client, err := cs.NewClient(&openapi.Config{ |
There was a problem hiding this comment.
update in: cf231d5
xiaozhu36
requested changes
Apr 28, 2021
| } | ||
|
|
||
| addDebug("GrantPermissions", grantPermissionsRequest, err) | ||
| _ = d.Set("uid", uid) |
There was a problem hiding this comment.
The line 93 is useless and please delete it.
| Schema: map[string]*schema.Schema{ | ||
| "uid": { | ||
| Type: schema.TypeString, | ||
| Required: true, |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.