Add features in bbc, iam and cce

baidubce · Oct 31, 2024 · 6a7dbb0 · 6a7dbb0
1 parent 5a9c816
commit 6a7dbb0
Show file tree

Hide file tree

Showing 22 changed files with 720 additions and 9 deletions.
diff --git a/bce/config.go b/bce/config.go
@@ -26,7 +26,7 @@ import (
 
 // Constants and default values for the package bce
 const (
-	SDK_VERSION                          = "0.9.196"
+	SDK_VERSION                          = "0.9.197"
 	URI_PREFIX                           = "/" // now support uri without prefix "v1" so just set root path
 	DEFAULT_DOMAIN                       = "baidubce.com"
 	DEFAULT_PROTOCOL                     = "http"

diff --git a/doc/BCC.md b/doc/BCC.md
@@ -3619,6 +3619,16 @@ args := &api.DeleteEhcClusterArg{
 err := BCC_CLIENT.DeleteEhcCluster(args)
 fmt.Println(err)
 ```
+### 查询预留实例券列表
+```go
+args := &api.ListReservedInstanceArgs{
+     ZoneName: "cn-bj-a",
+     MaxKeys:  10,
+}
+result, err := BCC_CLIENT.ListReservedInstances(args)
+ExpectEqual(t.Errorf, err, nil)
+fmt.Println(result)
+```
 
 ### 对预留实例券发起转移
 对预留实例券发起转移（仅支持0预付的预留实例券）
@@ -3706,6 +3716,33 @@ ExpectEqual(t.Errorf, err, nil)
 fmt.Println(result)
 ```
 
+### 续费预留实例劵
+续费预留实例劵
+```go
+args := &api.RenewReservedInstancesArgs{
+	// 客户端Token
+    ClientToken: "myClientToken",
+	// 预留实例券ids
+    ReservedInstanceIds: []string{
+        "test-renew",
+    },
+	// 预留实例券续费时长，支持3，6，9，12，24，36个月
+    ReservedInstanceTime:     1,
+	// 预留实例券购买时长单位，默认为month，不可变更
+    ReservedInstanceTimeUnit: "month",
+	// 预留实例券自动续费时长单位，默认为month，不可变更
+    AutoRenewTimeUnit:        "month",
+	// 预留实例券自动续费时长，支持3，6，9，12，24，36个月，autoRenew为true时，必选且必须与reservedInstanceTime一致
+    AutoRenewTime:            1,
+	// 自动续费开关，默认为false
+    AutoRenew:                true,
+}
+
+result, err := BCC_CLIENT.RenewReservedInstances(args)
+ExpectEqual(t.Errorf, err, nil)
+fmt.Println(result)
+```
+
 ### 查询实例套餐库存
 查询实例资源套餐规格对应的库存。
 ```go

diff --git a/doc/IAM.md b/doc/IAM.md
@@ -664,6 +664,29 @@ if err != nil {
 > **提示：**
 > - 详细的参数配置及限制条件，可以参考IAM API 文档[创建策略](https://cloud.baidu.com/doc/IAM/s/Wjx35jxes#%E5%88%9B%E5%BB%BA%E7%AD%96%E7%95%A5)
 
+### 更新策略
+通过以下代码创建策略
+```go
+
+updateArgs := &api.UpdatePolicyArgs{
+    PolicyName:  name,
+	Name:        "New_Name",
+	Document:    "{\"accessControlList\": [{\"region\":\"bj\",\"service\":\"bcc\"," +
+"\"resource\":[\"*\"],\"permission\":[\"*\"],\"effect\":\"Allow\"}]}",
+    Description: "New description",
+}
+
+result, err := client.UpdatePolicy(updateArgs)
+if err != nil {
+    fmt.Println("Update policy failed", err)
+} else {
+    fmt.Println("Update policy success", result)
+}
+```
+> **提示：**
+> - 详细的参数配置及限制条件，可以参考IAM API 文档[更新策略](https://cloud.baidu.com/doc/IAM/s/Wjx35jxes#%E6%9B%B4%E6%96%B0%E7%AD%96%E7%95%A5)
+
+
 ### 查询策略
 通过以下代码查询策略
 ```go

diff --git a/examples/cce/rbac/example_create_rbac.go b/examples/cce/rbac/example_create_rbac.go
@@ -0,0 +1,97 @@
+package rbac
+
+import (
+	"encoding/json"
+	"fmt"
+	v2 "github.com/baidubce/bce-sdk-go/services/cce/v2"
+	"github.com/baidubce/bce-sdk-go/services/cce/v2/model"
+)
+
+// CreateRBACForAllCluster 为指定用户授权所有集群
+func CreateRBACForAllCluster() {
+	// 用户的Access Key ID和Secret Access Key
+	AK, SK := "", ""
+
+	// 用户指定的endpoint
+	ENDPOINT := ""
+
+	// 初始化一个CCEClient
+	ccev2Client, err := v2.NewClient(AK, SK, ENDPOINT)
+	if err != nil {
+		panic(err)
+	}
+
+	args := &model.RBACRequest{
+		ClusterID: model.AllCluster, // 仅对当前已存在的集群生效，后续新增集群不生效。
+		UserID:    "待授权的用户 ID",
+		Role:      model.RoleReadonly,
+	}
+
+	resp, err := ccev2Client.CreateRBAC(args)
+	if err != nil {
+		fmt.Println(err.Error())
+		return
+	}
+	s, _ := json.MarshalIndent(resp, "", "\t")
+	fmt.Println("Response:" + string(s))
+}
+
+// CreateRBACForAllNamespace 为指定用户授权指定集群的所有 namepsace
+func CreateRBACForAllNamespace() {
+	// 用户的Access Key ID和Secret Access Key
+	AK, SK := "", ""
+
+	// 用户指定的endpoint
+	ENDPOINT := ""
+
+	// 初始化一个CCEClient
+	ccev2Client, err := v2.NewClient(AK, SK, ENDPOINT)
+	if err != nil {
+		panic(err)
+	}
+
+	args := &model.RBACRequest{
+		ClusterID: "待授权的集群 ID",
+		UserID:    "待授权的用户 ID",
+		Namespace: model.AllNamespace,
+		Role:      model.RoleReadonly,
+	}
+
+	resp, err := ccev2Client.CreateRBAC(args)
+	if err != nil {
+		fmt.Println(err.Error())
+		return
+	}
+	s, _ := json.MarshalIndent(resp, "", "\t")
+	fmt.Println("Response:" + string(s))
+}
+
+// CreateRBACForOneNamespace 为指定用户授权指定集群的指定 namepsace
+func CreateRBACForOneNamespace() {
+	// 用户的Access Key ID和Secret Access Key
+	AK, SK := "", ""
+
+	// 用户指定的endpoint
+	ENDPOINT := ""
+
+	// 初始化一个CCEClient
+	ccev2Client, err := v2.NewClient(AK, SK, ENDPOINT)
+	if err != nil {
+		panic(err)
+	}
+
+	args := &model.RBACRequest{
+		ClusterID: "待授权的集群 ID",
+		UserID:    "待授权的用户 ID",
+		Namespace: "待授权的 namespace",
+		Role:      model.RoleReadonly,
+	}
+
+	resp, err := ccev2Client.CreateRBAC(args)
+	if err != nil {
+		fmt.Println(err.Error())
+		return
+	}
+	s, _ := json.MarshalIndent(resp, "", "\t")
+	fmt.Println("Response:" + string(s))
+}
diff --git a/examples/cce/rbac/example_delete_rbac.go b/examples/cce/rbac/example_delete_rbac.go
@@ -0,0 +1,66 @@
+package rbac
+
+import (
+	"encoding/json"
+	"fmt"
+	v2 "github.com/baidubce/bce-sdk-go/services/cce/v2"
+	"github.com/baidubce/bce-sdk-go/services/cce/v2/model"
+)
+
+// DeleteRBACForNamespace 删除指定用户、指定集群 RBAC 权限，该授权为指定 namespace
+func DeleteRBACForNamespace() {
+	// 用户的Access Key ID和Secret Access Key
+	AK, SK := "", ""
+
+	// 用户指定的endpoint
+	ENDPOINT := ""
+
+	// 初始化一个CCEClient
+	ccev2Client, err := v2.NewClient(AK, SK, ENDPOINT)
+	if err != nil {
+		panic(err)
+	}
+
+	args := &model.RBACRequest{
+		ClusterID: "集群 ID", // 必须指定具体的 clusterID
+		UserID:    "用户 ID",
+		Namespace: "已授权的 namespace", // namespace 需跟授权时保持一致，如果授权时是 all，则删除时必须也是 all。
+	}
+
+	resp, err := ccev2Client.DeleteRBAC(args)
+	if err != nil {
+		fmt.Println(err.Error())
+		return
+	}
+	s, _ := json.MarshalIndent(resp, "", "\t")
+	fmt.Println("Response:" + string(s))
+}
+
+// DeleteRBACForAllNamespace 删除指定用户、指定集群 RBAC 权限，该授权为所有命名空间
+func DeleteRBACForAllNamespace() {
+	// 用户的Access Key ID和Secret Access Key
+	AK, SK := "", ""
+
+	// 用户指定的endpoint
+	ENDPOINT := ""
+
+	// 初始化一个CCEClient
+	ccev2Client, err := v2.NewClient(AK, SK, ENDPOINT)
+	if err != nil {
+		panic(err)
+	}
+
+	args := &model.RBACRequest{
+		ClusterID: "集群 ID", // 必须指定具体的 clusterID
+		UserID:    "用户 ID",
+		Namespace: model.AllNamespace, // namespace 需跟授权时保持一致，如果授权时是 all，则删除时必须也是 all。
+	}
+
+	resp, err := ccev2Client.DeleteRBAC(args)
+	if err != nil {
+		fmt.Println(err.Error())
+		return
+	}
+	s, _ := json.MarshalIndent(resp, "", "\t")
+	fmt.Println("Response:" + string(s))
+}
diff --git a/examples/cce/rbac/example_list_rbac.go b/examples/cce/rbac/example_list_rbac.go
@@ -0,0 +1,35 @@
+package rbac
+
+import (
+	"encoding/json"
+	"fmt"
+	v2 "github.com/baidubce/bce-sdk-go/services/cce/v2"
+	"github.com/baidubce/bce-sdk-go/services/cce/v2/model"
+)
+
+// ListRBAC 根据用户 ID 查询该用户已有的 RBAC 权限
+func ListRBAC() {
+	// 用户的Access Key ID和Secret Access Key
+	AK, SK := "", ""
+
+	// 用户指定的endpoint
+	ENDPOINT := ""
+
+	// 初始化一个CCEClient
+	ccev2Client, err := v2.NewClient(AK, SK, ENDPOINT)
+	if err != nil {
+		panic(err)
+	}
+
+	args := &model.RBACRequest{
+		UserID: "用户 ID", // 仅支持根据用户 ID 查询 RBAC 信息
+	}
+
+	resp, err := ccev2Client.ListRBAC(args)
+	if err != nil {
+		fmt.Println(err.Error())
+		return
+	}
+	s, _ := json.MarshalIndent(resp, "", "\t")
+	fmt.Println("Response:" + string(s))
+}
diff --git a/examples/cce/rbac/example_renew_rbac.go b/examples/cce/rbac/example_renew_rbac.go
@@ -0,0 +1,66 @@
+package rbac
+
+import (
+	"encoding/json"
+	"fmt"
+	v2 "github.com/baidubce/bce-sdk-go/services/cce/v2"
+	"github.com/baidubce/bce-sdk-go/services/cce/v2/model"
+)
+
+func RenewRBACForNamespace() {
+	// 用户的Access Key ID和Secret Access Key
+	AK, SK := "", ""
+
+	// 用户指定的endpoint
+	ENDPOINT := ""
+
+	// 初始化一个CCEClient
+	ccev2Client, err := v2.NewClient(AK, SK, ENDPOINT)
+	if err != nil {
+		panic(err)
+	}
+
+	args := &model.RBACRequest{
+		ClusterID: "集群 ID", // 必须指定具体的 clusterID
+		UserID:    "用户 ID",
+		Namespace: "已授权的 namespace",   // 该值需跟授权时保持一致，如果授权时是 all，则重置时必须也是 all。
+		Role:      model.RoleReadonly, // 该值需跟授权时保持一致
+	}
+
+	resp, err := ccev2Client.RenewRBAC(args)
+	if err != nil {
+		fmt.Println(err.Error())
+		return
+	}
+	s, _ := json.MarshalIndent(resp, "", "\t")
+	fmt.Println("Response:" + string(s))
+}
+
+func RenewRBACForAllNamespace() {
+	// 用户的Access Key ID和Secret Access Key
+	AK, SK := "", ""
+
+	// 用户指定的endpoint
+	ENDPOINT := ""
+
+	// 初始化一个CCEClient
+	ccev2Client, err := v2.NewClient(AK, SK, ENDPOINT)
+	if err != nil {
+		panic(err)
+	}
+
+	args := &model.RBACRequest{
+		ClusterID: "集群 ID", // 必须指定具体的 clusterID
+		UserID:    "用户 ID",
+		Namespace: model.AllNamespace, // 该值需跟授权时保持一致，如果授权时是 all，则重置时必须也是 all。
+		Role:      model.RoleReadonly, // 该值需跟授权时保持一致
+	}
+
+	resp, err := ccev2Client.RenewRBAC(args)
+	if err != nil {
+		fmt.Println(err.Error())
+		return
+	}
+	s, _ := json.MarshalIndent(resp, "", "\t")
+	fmt.Println("Response:" + string(s))
+}