feat(api_gateway_environment):import api_gateway_environment resource…

… and add unit test and document

docs/resources/api_gateway_environment.md

@@ -0,0 +1,47 @@
+---
+subcategory: "API Gateway (Shared APIG)"
+---
+
+# huaweicloud_api_gateway_environment
+
+Manages a shared APIG environment resource within HuaweiCloud.
+
+## Example Usage
+
+```hcl
+resource "huaweicloud_api_gateway_environment" "test_env" {
+  name        = "test"
+  description = "test env"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `region` - (Optional, String, ForceNew) Specifies the region where the shared APIG environment is located.
+  If omitted, the provider-level region will be used. Changing this will create a new resource.
+
+* `name` - (Required, String) Specifies the environment name.
+  The valid length is limited from `3` to `64`, only letters, digits and underscores (_) are allowed.
+  The name must start with a letter.
+
+* `description` - (Optional, String) Specifies the environment description.
+  The value can contain a maximum of `255` characters.
+  Chinese characters must be in **UTF-8** or **Unicode** format.
+
+## Attribute Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - The environment ID.
+
+* `created_at` - The time when the shared APIG environment was created.
+
+## Import
+
+APIG environments can be imported using the `id`, e.g.
+
+```
+$ terraform import huaweicloud_api_gateway_environment.test_env 774438a28a574ac8a496325d1bf51807
+```

docs/resources/apig_acl_policy.md

@@ -0,0 +1,91 @@
+---
+subcategory: "API Gateway (Dedicated APIG)"
+---
+
+# huaweicloud_apig_acl_policy
+
+Manages an ACL policy resource within HuaweiCloud.
+
+## Example Usage
+
+### Create an ACL policy with IP control
+
+```hcl
+variable "instance_id" {}
+variable "policy_name" {}
+variable "ip_addresses" {
+  type = list(stirng)
+}
+
+resource "huaweicloud_apig_acl_policy" "ip_rule" {
+  instance_id = var.instance_id
+  name        = var.policy_name
+  type        = "PERMIT"
+  entity_type = "IP"
+  value       = join(var.ip_addresses, ",")
+}
+```
+
+### Create an ACL policy with account control (via domain names)
+
+```hcl
+variable "instance_id" {}
+variable "policy_name" {}
+variable "domain_names" {
+  type = list(stirng)
+}
+
+resource "huaweicloud_apig_acl_policy" "domain_rule" {
+  instance_id = var.instance_id
+  name        = var.policy_name
+  type        = "PERMIT"
+  entity_type = "DOMAIN"
+  value       = join(var.domain_names, ",")
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `region` - (Optional, String, ForceNew) Specifies the region where the ACL policy is located.  
+  If omitted, the provider-level region will be used. Changing this will create a new resource.
+
+* `instance_id` - (Required, String, ForceNew) Specifies the ID of the dedicated instance to which the ACL
+  policy belongs.  
+  Changing this will create a new resource.
+
+* `name` - (Required, String) Specifies the name of the ACL policy.  
+  The valid length is limited from `3` to `64`, only English letters, Chinese characters, digits and underscores (_) are
+  allowed. The name must start with an English letter or Chinese character.
+
+* `type` - (Required, String) Specifies the type of the ACL policy.
+  The valid values are as follows:
+  + **PERMIT**: Allow specific IPs or accounts to access API.
+  + **DENY**: Forbid specific IPs or accounts to access API.
+
+* `entity_type` - (Required, String, ForceNew) Specifies the entity type of the ACL policy.
+  The valid values are as follows:
+  + **IP**: This rule is specified to control access to the API for specific IPs.
+  + **DOMAIN**: This rule is specified to control access to the API for specific accounts (specified by domain name).
+
+  Changing this will create a new resource.
+
+* `value` - (Required, String) Specifies one or more objects from which the access will be controlled.  
+  Separate multiple objects with commas (,).
+
+## Attribute Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - The ID of the ACL policy.
+
+* `updated_at` - The latest update time of the ACL policy.
+
+## Import
+
+ACL Policies can be imported using their `id` and related dedicated instance ID, separated by a slash, e.g.
+
+```bash
+$ terraform import huaweicloud_apig_acl_policy.test <instance_id>/<id>
+```

flexibleengine/acceptance/resource_flexibleengine_api_gateway_environment_test.go

@@ -0,0 +1,99 @@
+package acceptance
+
+import (
+	"fmt"
+	"log"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+
+	"github.com/chnsz/golangsdk"
+	"github.com/chnsz/golangsdk/openstack/apigw/shared/v1/environments"
+
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/config"
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/acceptance"
+)
+
+func getEnvironmentFunc(cfg *config.Config, state *terraform.ResourceState) (interface{}, error) {
+	client, err := cfg.ApiGatewayV1Client(OS_REGION_NAME)
+	envId := state.Primary.ID
+	log.Printf("[DEBUG] env id is : %s", envId)
+	if err != nil {
+		return nil, fmt.Errorf("error creating APIG client %s", err)
+	}
+
+	envs, err := environments.List(client, environments.ListOpts{
+		EnvName: state.Primary.Attributes["name"],
+	})
+	if err != nil {
+		return nil, err
+	}
+	log.Printf("[DEBUG] List of shared APIG environments: %#v", envs)
+	for i, v := range envs {
+		if v.Id == envId {
+			return &envs[i], nil
+		}
+	}
+
+	return nil, golangsdk.ErrDefault404{}
+}
+
+func TestAccEnvironment_basic(t *testing.T) {
+	var env environments.Environment
+	rName := "flexibleengine_api_gateway_environment.test_env"
+	name := acceptance.RandomAccResourceName()
+	updateName := acceptance.RandomAccResourceName()
+
+	rc := acceptance.InitResourceCheck(rName, &env, getEnvironmentFunc)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		ProviderFactories: TestAccProviderFactories,
+		CheckDestroy:      rc.CheckResourceDestroy(),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccEnvironment_basic(name),
+				Check: resource.ComposeTestCheckFunc(
+					rc.CheckResourceExists(),
+					resource.TestCheckResourceAttr(rName, "name", name),
+					resource.TestCheckResourceAttr(rName, "description", "created by acc test"),
+					resource.TestCheckResourceAttrSet(rName, "created_at"),
+				),
+			},
+			{
+				Config: testAccEnvironment_update(updateName),
+				Check: resource.ComposeTestCheckFunc(
+					rc.CheckResourceExists(),
+					resource.TestCheckResourceAttr(rName, "name", updateName),
+					resource.TestCheckResourceAttr(rName, "description", "updated by acc test"),
+				),
+			},
+			{
+				ResourceName:      rName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func testAccEnvironment_basic(rName string) string {
+	return fmt.Sprintf(`
+resource "flexibleengine_api_gateway_environment" "test_env" {
+  name        = "%s"
+  description = "created by acc test"
+}
+`, rName)
+}
+
+func testAccEnvironment_update(rNameUpdate string) string {
+	return fmt.Sprintf(`
+resource "flexibleengine_api_gateway_environment" "test_env" {
+  name        = "%s"
+  description = "updated by acc test"
+}
+`, rNameUpdate)
+}