aliyun · xiaozhu36 · Dec 20, 2024 · Dec 20, 2024
diff --git a/alicloud/connectivity/endpoint.go b/alicloud/connectivity/endpoint.go
@@ -339,6 +339,14 @@ var irregularProductEndpointForIntlAccount = map[string]string{
 	"esa":            "esa.ap-southeast-1.aliyuncs.com",
 }
 
+// irregularProductEndpointForIntlRegion specially records those product codes that
+// cannot be parsed out by the location service and sensitive to region.
+// These products adapt to international region, and conflict with irregularProductEndpointForIntlAccount
+// Key: product code, its value equals to the gateway code of the API after converting it to lowercase and using underscores
+// Value: product endpoint
+// The priority of this configuration is higher than location service, lower than user environment variable configuration
+var irregularProductEndpointForIntlRegion = map[string]string{}
+
 // regularProductEndpoint specially records those product codes that have been confirmed to be
 // regional or central endpoints.
 // Key: product code, its value equals to the gateway code of the API after converting it to lowercase and using underscores
@@ -483,6 +491,9 @@ func (client *AliyunClient) loadEndpoint(productCode string) error {
 		if v, ok := irregularProductEndpointForIntlAccount[productCode]; ok && strings.ToLower(client.config.AccountType) == "international" {
 			endpointFmt = v
 		}
+		if v, ok := irregularProductEndpointForIntlRegion[productCode]; ok && !strings.HasPrefix(client.RegionId, "cn-") {
+			endpointFmt = v
+		}
 		if strings.Contains(endpointFmt, "%s") {
 			endpointFmt = fmt.Sprintf(endpointFmt, client.RegionId)
 		}

diff --git a/alicloud/data_source_alicloud_cloud_firewall_address_books.go b/alicloud/data_source_alicloud_cloud_firewall_address_books.go
@@ -6,7 +6,6 @@ import (
 	"time"
 
 	"github.com/PaesslerAG/jsonpath"
-	util "github.com/alibabacloud-go/tea-utils/service"
 	"github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
@@ -139,30 +138,24 @@ func dataSourceAliCloudCloudFirewallAddressBooksRead(d *schema.ResourceData, met
 	}
 
 	var response map[string]interface{}
-	conn, err := client.NewCloudfwClient()
-	if err != nil {
-		return WrapError(err)
-	}
+	var err error
+	var endpoint string
 
 	for {
-		runtime := util.RuntimeOptions{}
-		runtime.SetAutoretry(true)
 		wait := incrementalWait(3*time.Second, 3*time.Second)
 		err = resource.Retry(5*time.Minute, func() *resource.RetryError {
-			response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2017-12-07"), StringPointer("AK"), nil, request, &runtime)
+			response, err = client.RpcPostWithEndpoint("Cloudfw", "2017-12-07", action, nil, request, true, endpoint)
 			if err != nil {
 				if NeedRetry(err) {
 					wait()
 					return resource.RetryableError(err)
+				} else if IsExpectedErrors(err, []string{"not buy user"}) {
+					endpoint = connectivity.CloudFirewallOpenAPIEndpointControlPolicy
+					return resource.RetryableError(err)
 				}
 				return resource.NonRetryableError(err)
 			}
 
-			if fmt.Sprint(response["Message"]) == "not buy user" {
-				conn.Endpoint = String(connectivity.CloudFirewallOpenAPIEndpointControlPolicy)
-				return resource.RetryableError(fmt.Errorf("%s", response))
-			}
-
 			return nil
 		})
 		addDebug(action, response, request)

diff --git a/alicloud/data_source_alicloud_cloud_firewall_control_policies.go b/alicloud/data_source_alicloud_cloud_firewall_control_policies.go
@@ -5,7 +5,6 @@ import (
 	"time"
 
 	"github.com/PaesslerAG/jsonpath"
-	util "github.com/alibabacloud-go/tea-utils/service"
 	"github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
@@ -237,30 +236,24 @@ func dataSourceAliCloudCloudFirewallControlPoliciesRead(d *schema.ResourceData,
 
 	var objects []map[string]interface{}
 	var response map[string]interface{}
-	conn, err := client.NewCloudfwClient()
-	if err != nil {
-		return WrapError(err)
-	}
+	var err error
+	var endpoint string
 
 	for {
-		runtime := util.RuntimeOptions{}
-		runtime.SetAutoretry(true)
 		wait := incrementalWait(3*time.Second, 3*time.Second)
 		err = resource.Retry(5*time.Minute, func() *resource.RetryError {
-			response, err = conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2017-12-07"), StringPointer("AK"), nil, request, &runtime)
+			response, err = client.RpcPostWithEndpoint("Cloudfw", "2017-12-07", action, nil, request, true, endpoint)
 			if err != nil {
 				if NeedRetry(err) {
 					wait()
 					return resource.RetryableError(err)
+				} else if IsExpectedErrors(err, []string{"not buy user"}) {
+					endpoint = connectivity.CloudFirewallOpenAPIEndpointControlPolicy
+					return resource.RetryableError(err)
 				}
 				return resource.NonRetryableError(err)
 			}
 
-			if fmt.Sprint(response["Message"]) == "not buy user" {
-				conn.Endpoint = String(connectivity.CloudFirewallOpenAPIEndpointControlPolicy)
-				return resource.RetryableError(fmt.Errorf("%s", response))
-			}
-
 			return nil
 		})
 		addDebug(action, response, request)

diff --git a/alicloud/data_source_alicloud_cloud_firewall_control_policies_test.go b/alicloud/data_source_alicloud_cloud_firewall_control_policies_test.go
@@ -8,7 +8,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
 )
 
-func TestAccCheckAliCloudCloudFirewallControlPoliciesDataSource(t *testing.T) {
+func TestAccAliCloudCloudFirewallControlPoliciesDataSource(t *testing.T) {
 	rand := acctest.RandInt()
 	aclActionConf := dataSourceTestAccConfig{
 		existConfig: testAccCheckAliCloudCloudFirewallControlPoliciesDataSourceName(rand, map[string]string{
@@ -18,14 +18,6 @@ func TestAccCheckAliCloudCloudFirewallControlPoliciesDataSource(t *testing.T) {
 			"acl_action": `"drop"`,
 		}),
 	}
-	aclUuidConf := dataSourceTestAccConfig{
-		existConfig: testAccCheckAliCloudCloudFirewallControlPoliciesDataSourceName(rand, map[string]string{
-			"acl_uuid": `"${alicloud_cloud_firewall_control_policy.default.acl_uuid}"`,
-		}),
-		fakeConfig: testAccCheckAliCloudCloudFirewallControlPoliciesDataSourceName(rand, map[string]string{
-			"acl_uuid": `"${alicloud_cloud_firewall_control_policy.default.acl_uuid}_fake"`,
-		}),
-	}
 	descriptionConf := dataSourceTestAccConfig{
 		existConfig: testAccCheckAliCloudCloudFirewallControlPoliciesDataSourceName(rand, map[string]string{
 			"description": `"${alicloud_cloud_firewall_control_policy.default.description}"`,
@@ -70,7 +62,6 @@ func TestAccCheckAliCloudCloudFirewallControlPoliciesDataSource(t *testing.T) {
 	allConf := dataSourceTestAccConfig{
 		existConfig: testAccCheckAliCloudCloudFirewallControlPoliciesDataSourceName(rand, map[string]string{
 			"acl_action":  `"${alicloud_cloud_firewall_control_policy.default.acl_action}"`,
-			"acl_uuid":    `"${alicloud_cloud_firewall_control_policy.default.acl_uuid}"`,
 			"description": `"${alicloud_cloud_firewall_control_policy.default.description}"`,
 			"destination": `"${alicloud_cloud_firewall_control_policy.default.destination}"`,
 			"ip_version":  `"${alicloud_cloud_firewall_control_policy.default.ip_version}"`,
@@ -79,7 +70,6 @@ func TestAccCheckAliCloudCloudFirewallControlPoliciesDataSource(t *testing.T) {
 		}),
 		fakeConfig: testAccCheckAliCloudCloudFirewallControlPoliciesDataSourceName(rand, map[string]string{
 			"acl_action":  `"drop"`,
-			"acl_uuid":    `"${alicloud_cloud_firewall_control_policy.default.acl_uuid}_fake"`,
 			"description": `"${alicloud_cloud_firewall_control_policy.default.description}_fake"`,
 			"destination": `"${alicloud_cloud_firewall_control_policy.default.destination}_fake"`,
 			"ip_version":  `"6"`,
@@ -132,7 +122,7 @@ func TestAccCheckAliCloudCloudFirewallControlPoliciesDataSource(t *testing.T) {
 	preCheck := func() {
 		testAccPreCheck(t)
 	}
-	alicloudCloudFirewallControlPoliciesCheckInfo.dataSourceTestCheckWithPreCheck(t, rand, preCheck, aclActionConf, aclUuidConf, descriptionConf, destinationConf, ipVersionConf, protoConf, sourceConf, allConf)
+	alicloudCloudFirewallControlPoliciesCheckInfo.dataSourceTestCheckWithPreCheck(t, rand, preCheck, aclActionConf, descriptionConf, destinationConf, ipVersionConf, protoConf, sourceConf, allConf)
 }
 
 func testAccCheckAliCloudCloudFirewallControlPoliciesDataSourceName(rand int, attrMap map[string]string) string {
@@ -161,7 +151,8 @@ func testAccCheckAliCloudCloudFirewallControlPoliciesDataSourceName(rand int, at
 	}
 
 	data "alicloud_cloud_firewall_control_policies" "default" {
-  		direction = alicloud_cloud_firewall_control_policy.default.direction
+		direction = alicloud_cloud_firewall_control_policy.default.direction
+  		acl_uuid = alicloud_cloud_firewall_control_policy.default.acl_uuid
 		%s
 	}
 `, rand, strings.Join(pairs, " \n "))

diff --git a/alicloud/data_source_alicloud_cloud_firewall_instance_members.go b/alicloud/data_source_alicloud_cloud_firewall_instance_members.go
@@ -5,7 +5,6 @@ import (
 	"time"
 
 	"github.com/PaesslerAG/jsonpath"
-	util "github.com/alibabacloud-go/tea-utils/service"
 	"github.com/aliyun/terraform-provider-alicloud/alicloud/connectivity"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
@@ -110,28 +109,26 @@ func dataSourceAlicloudCloudFirewallInstanceMembersRead(d *schema.ResourceData,
 		}
 	}
 
-	conn, err := client.NewCloudfirewallClient()
-	if err != nil {
-		return WrapError(err)
-	}
+	var err error
+	var endpoint string
 	var objects []interface{}
 	var response map[string]interface{}
 
 	for {
 		action := "DescribeInstanceMembers"
-		runtime := util.RuntimeOptions{}
-		runtime.SetAutoretry(true)
 		wait := incrementalWait(3*time.Second, 3*time.Second)
 		err = resource.Retry(5*time.Minute, func() *resource.RetryError {
-			resp, err := conn.DoRequest(StringPointer(action), nil, StringPointer("POST"), StringPointer("2017-12-07"), StringPointer("AK"), nil, request, &runtime)
+			response, err = client.RpcPostWithEndpoint("Cloudfw", "2017-12-07", action, nil, request, true, endpoint)
 			if err != nil {
 				if NeedRetry(err) {
 					wait()
 					return resource.RetryableError(err)
+				} else if IsExpectedErrors(err, []string{"not buy user"}) {
+					endpoint = connectivity.CloudFirewallOpenAPIEndpointControlPolicy
+					return resource.RetryableError(err)
 				}
 				return resource.NonRetryableError(err)
 			}
-			response = resp
 			addDebug(action, response, request)
 			return nil
 		})

diff --git a/alicloud/data_source_alicloud_cloud_firewall_instance_members_test.go b/alicloud/data_source_alicloud_cloud_firewall_instance_members_test.go
@@ -8,7 +8,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
 )
 
-func TestAccAlicloudCloudFirewallInstanceMemberDataSource(t *testing.T) {
+func TestAccAliCloudCloudFirewallInstanceMemberDataSource(t *testing.T) {
 	rand := acctest.RandIntRange(1000000, 9999999)
 
 	idsConf := dataSourceTestAccConfig{
@@ -29,7 +29,13 @@ func TestAccAlicloudCloudFirewallInstanceMemberDataSource(t *testing.T) {
 		}),
 	}
 
-	CloudFirewallInstanceMemberCheckInfo.dataSourceTestCheck(t, rand, idsConf, allConf)
+	preCheck := func() {
+		testAccPreCheck(t)
+		// currently, international test account has not enabled RD
+		testAccPreCheckWithAccountSiteType(t, DomesticSite)
+	}
+
+	CloudFirewallInstanceMemberCheckInfo.dataSourceTestCheckWithPreCheck(t, rand, preCheck, idsConf, allConf)
 }
 
 var existCloudFirewallInstanceMemberMapFunc = func(rand int) map[string]string {
@@ -63,6 +69,7 @@ variable "name" {
 
 resource "alicloud_resource_manager_account" "default" {
   display_name = var.name
+  abandon_able_check_id = ["SP_fc_fc"]
 }
 
 resource "alicloud_cloud_firewall_instance_member" "default" {