[CCE] Add possibility to encrypt data volumes (#1117)

[CCE] Add possibility to encrypt data volumes

Summary of the Pull Request
Add new field kms_id in data_volumes spec to perform encryption with KMS
Resolves: #1109
PR Checklist

 Refers to: #1109
 Tests added/passed.
 Documentation updated.
 Schema updated.

Acceptance Steps Performed
=== RUN   TestAccCCENodesV3Basic
--- PASS: TestAccCCENodesV3Basic (734.55s)
=== RUN   TestAccCCENodesV3EncryptedVolume
--- PASS: TestAccCCENodesV3EncryptedVolume (1686.42s)
PASS


Process finished with the exit code 0

Reviewed-by: Anton Sidelnikov <None>
Reviewed-by: None <None>
Reviewed-by: Anton Kachurin <katchuring@gmail.com>
Reviewed-by: Rodion Gyrbu <fpsoff@outlook.com>

docs/resources/cce_node_v3.md

@@ -67,7 +67,7 @@ The following arguments are supported:
 
 * `eip_ids` - (Optional) List of existing elastic IP IDs.
 
--> **Note:** If the `eip_ids` parameter is configured, you do not need to configure the `eip_count` and `bandwidth` parameters:
+-> If the `eip_ids` parameter is configured, you do not need to configure the `eip_count` and `bandwidth` parameters:
 `iptype`, `bandwidth_charge_mode`, `bandwidth_size` and `share_type`.
 
 * `eip_count` - (Optional) Number of elastic IPs to be dynamically created.
@@ -76,7 +76,7 @@ The following arguments are supported:
 
 * `bandwidth_size` - (Optional) Bandwidth size.
 
--> **Note:** If the `bandwidth_size` parameter is configured, you do not need to configure the
+-> If the `bandwidth_size` parameter is configured, you do not need to configure the
   `eip_count`, `bandwidth_charge_mode`, `sharetype` and `iptype` parameters.
 
 * `bandwidth_charge_mode` - (Optional) Bandwidth billing type.
@@ -113,6 +113,11 @@ The following arguments are supported:
   * `size` - (Required) Disk size in GB.
   * `volumetype` - (Required) Disk type.
   * `extend_param` - (Optional) Disk expansion parameters.
+  * `kms_id` - (Optional) The Encryption KMS ID of the data volume. By default, it tries to get from env by `OS_KMS_ID`.
+
+-> To enable encryption with the KMS. Firstly, you need to create the agency to grant KMS rights to EVS.
+The agency has to be created for a new project first with a user who has security `admin` permissions.
+It is created automatically with the first encrypted EVS disk via UI.
 
 ## Attributes Reference
 

go.mod

@@ -13,7 +13,7 @@ require (
 	github.com/jen20/awspolicyequivalence v1.1.0
 	github.com/jinzhu/copier v0.2.3
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/opentelekomcloud/gophertelekomcloud v0.4.1
+	github.com/opentelekomcloud/gophertelekomcloud v0.4.2-0.20210610105657-237b4413e40c
 	github.com/unknwon/com v1.0.1
 	gopkg.in/yaml.v2 v2.4.0
 )

go.sum

@@ -284,8 +284,8 @@ github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k
 github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce/go.mod h1:uFMI8w+ref4v2r9jz+c9i1IfIttS/OkmLfrk1jne5hs=
 github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
-github.com/opentelekomcloud/gophertelekomcloud v0.4.1 h1:Y22eR5WuxuyDErm/3Vw+90Oyx1SwuQ5kioO+t5tS4UE=
-github.com/opentelekomcloud/gophertelekomcloud v0.4.1/go.mod h1:pzEP1kduNwv+hrI9R6/DFU/NiX7Kr9NiFjpQ7kJQTsM=
+github.com/opentelekomcloud/gophertelekomcloud v0.4.2-0.20210610105657-237b4413e40c h1:YJkWZYQXdw3tsD0QfOZVC0oxwipHtLdL8TuZCww1oSY=
+github.com/opentelekomcloud/gophertelekomcloud v0.4.2-0.20210610105657-237b4413e40c/go.mod h1:pzEP1kduNwv+hrI9R6/DFU/NiX7Kr9NiFjpQ7kJQTsM=
 github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=