diff --git a/CHANGELOG.md b/CHANGELOG.md
index c90ecdc5..9d9cb6be 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
- Add `sdwan_cisco_ospf_feature_template` resource and data source
- Add `sdwan_cisco_vpn_interface_ipsec_feature_template` resource and data source
+- Add `sdwan_cisco_secure_internet_gateway_feature_template` resource and data source
## 0.2.0
diff --git a/docs/data-sources/cisco_secure_internet_gateway_feature_template.md b/docs/data-sources/cisco_secure_internet_gateway_feature_template.md
new file mode 100644
index 00000000..5ddead86
--- /dev/null
+++ b/docs/data-sources/cisco_secure_internet_gateway_feature_template.md
@@ -0,0 +1,164 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "sdwan_cisco_secure_internet_gateway_feature_template Data Source - terraform-provider-sdwan"
+subcategory: "Feature Templates"
+description: |-
+ This data source can read the Cisco Secure Internet Gateway feature template.
+---
+
+# sdwan_cisco_secure_internet_gateway_feature_template (Data Source)
+
+This data source can read the Cisco Secure Internet Gateway feature template.
+
+## Example Usage
+
+```terraform
+data "sdwan_cisco_secure_internet_gateway_feature_template" "example" {
+ id = "f6b2c44c-693c-4763-b010-895aa3d236bd"
+}
+```
+
+
+## Schema
+
+### Required
+
+- `id` (String) The id of the feature template
+
+### Read-Only
+
+- `description` (String) The description of the feature template
+- `device_types` (List of String) List of supported device types
+- `interfaces` (Attributes List) Interface name: IPsec when present (see [below for nested schema](#nestedatt--interfaces))
+- `name` (String) The name of the feature template
+- `services` (Attributes List) Configure services (see [below for nested schema](#nestedatt--services))
+- `template_type` (String) The template type
+- `tracker_source_ip` (String) Source IP address for Tracker
+- `tracker_source_ip_variable` (String) Variable name
+- `trackers` (Attributes List) Tracker configuration (see [below for nested schema](#nestedatt--trackers))
+- `version` (Number) The version of the feature template
+- `vpn_id` (Number) List of VPN instances
+
+
+### Nested Schema for `interfaces`
+
+Read-Only:
+
+- `application` (String) Enable Application Tunnel Type
+- `auto_tunnel_mode` (Boolean) Auto Tunnel Mode
+- `dead_peer_detection_interval` (Number) IKE keepalive interval (seconds)
+- `dead_peer_detection_interval_variable` (String) Variable name
+- `dead_peer_detection_retries` (Number) IKE keepalive retries
+- `dead_peer_detection_retries_variable` (String) Variable name
+- `description` (String) Interface description
+- `description_variable` (String) Variable name
+- `ike_ciphersuite` (String) IKE identity the IKE preshared secret belongs to
+- `ike_ciphersuite_variable` (String) Variable name
+- `ike_group` (String) IKE Diffie Hellman Groups
+- `ike_group_variable` (String) Variable name
+- `ike_pre_shared_key` (String) Use preshared key to authenticate IKE peer
+- `ike_pre_shared_key_dynamic` (Boolean) Use preshared key to authenticate IKE peer
+- `ike_pre_shared_key_local_id` (String) IKE ID for the local endpoint. Input IPv4 address, domain name, or email address
+- `ike_pre_shared_key_local_id_variable` (String) Variable name
+- `ike_pre_shared_key_remote_id` (String) IKE ID for the remote endpoint. Input IPv4 address, domain name, or email address
+- `ike_pre_shared_key_remote_id_variable` (String) Variable name
+- `ike_pre_shared_key_variable` (String) Variable name
+- `ike_rekey_interval` (Number) IKE rekey interval <300..1209600> seconds
+- `ike_rekey_interval_variable` (String) Variable name
+- `ike_version` (Number) IKE Version <1..2>
+- `ike_version_variable` (String) Variable name
+- `ip_unnumbered` (Boolean) Unnumbered interface
+- `ipsec_ciphersuite` (String) IPsec(ESP) encryption and integrity protocol
+- `ipsec_ciphersuite_variable` (String) Variable name
+- `ipsec_perfect_forward_secrecy` (String) IPsec perfect forward secrecy settings
+- `ipsec_perfect_forward_secrecy_variable` (String) Variable name
+- `ipsec_rekey_interval` (Number) IPsec rekey interval <300..1209600> seconds
+- `ipsec_rekey_interval_variable` (String) Variable name
+- `ipsec_replay_window` (Number) Replay window size 32..8192 (must be a power of 2)
+- `ipsec_replay_window_variable` (String) Variable name
+- `ipv4_address` (String) Assign IPv4 address
+- `ipv4_address_variable` (String) Variable name
+- `mtu` (Number) Interface MTU <576..2000>, in bytes
+- `mtu_variable` (String) Variable name
+- `name` (String) Interface name: IPsec when present
+- `name_variable` (String) Variable name
+- `optional` (Boolean) Indicates if list item is considered optional.
+- `shutdown` (Boolean) Administrative state
+- `sig_provider` (String) SIG Tunnel Provider
+- `tcp_mss` (Number) TCP MSS on SYN packets, in bytes
+- `tcp_mss_variable` (String) Variable name
+- `track_enable` (Boolean) Enable/disable SIG tracking
+- `tunnel_dc_preference` (String) SIG Tunnel Data Center
+- `tunnel_destination` (String) Tunnel destination IP address
+- `tunnel_destination_variable` (String) Variable name
+- `tunnel_public_ip` (String) Public IP required to setup GRE tunnel to Zscaler
+- `tunnel_public_ip_variable` (String) Variable name
+- `tunnel_route_via` (String) <1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid
+- `tunnel_route_via_variable` (String) Variable name
+- `tunnel_source` (String) Tunnel source IP Address
+- `tunnel_source_interface` (String) <1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid
+- `tunnel_source_interface_variable` (String) Variable name
+- `tunnel_source_variable` (String) Variable name
+
+
+
+### Nested Schema for `services`
+
+Read-Only:
+
+- `aup_block_internet_until_accepted` (Boolean) For first-time Acceptable User Policy behavior, block Internet access
+- `aup_enabled` (Boolean) Enable Acceptable User Policy
+- `aup_force_ssl_inspection` (Boolean) For first-time Acceptable User Policy behavior, force SSL inspection
+- `aup_timeout` (Number) Custom Acceptable User Policy frequency in days
+- `interface_pairs` (Attributes List) Interface Pair for active and backup (see [below for nested schema](#nestedatt--services--interface_pairs))
+- `optional` (Boolean) Indicates if list item is considered optional.
+- `service_type` (String) Service Type
+- `umbrella_primary_data_center` (String) Umbrella Primary Datacenter
+- `umbrella_primary_data_center_variable` (String) Variable name
+- `umbrella_secondary_data_center` (String) Umbrella Secondary Datacenter
+- `umbrella_secondary_data_center_variable` (String) Variable name
+- `zscaler_authentication_required` (Boolean) Enforce Authentication
+- `zscaler_caution_enabled` (Boolean) Enable Caution
+- `zscaler_firewall_enabled` (Boolean) Firewall enabled
+- `zscaler_ips_control_enabled` (Boolean) Enable IPS Control
+- `zscaler_location_name` (String) Zscaler location name (optional)
+- `zscaler_location_name_variable` (String) Variable name
+- `zscaler_primary_data_center` (String) Custom Primary Datacenter
+- `zscaler_primary_data_center_variable` (String) Variable name
+- `zscaler_secondary_data_center` (String) Custom Secondary Datacenter
+- `zscaler_secondary_data_center_variable` (String) Variable name
+- `zscaler_surrogate_display_time_unit` (String) Display time unit
+- `zscaler_surrogate_idle_time` (Number) Idle time to disassociation
+- `zscaler_surrogate_ip` (Boolean) Enable Surrogate IP
+- `zscaler_surrogate_ip_enforce_for_known_browsers` (Boolean) Enforce Surrogate IP for known browsers
+- `zscaler_surrogate_refresh_time_unit` (String) Refresh Time unit
+- `zscaler_xff_forward` (Boolean) XFF forwarding enabled
+
+
+### Nested Schema for `services.interface_pairs`
+
+Read-Only:
+
+- `active_interface` (String) Active Tunnel Interface for SIG
+- `active_interface_weight` (Number) Active Tunnel Interface Weight
+- `backup_interface` (String) Backup Tunnel Interface for SIG
+- `backup_interface_weight` (Number) Backup Tunnel Interface Weight
+- `optional` (Boolean) Indicates if list item is considered optional.
+
+
+
+
+### Nested Schema for `trackers`
+
+Read-Only:
+
+- `endpoint_api_url` (String) API url of endpoint
+- `endpoint_api_url_variable` (String) Variable name
+- `multiplier` (Number) Probe failure multiplier <1..10> failed attempts
+- `multiplier_variable` (String) Variable name
+- `name` (String) Tracker name
+- `name_variable` (String) Variable name
+- `optional` (Boolean) Indicates if list item is considered optional.
+- `threshold` (Number) Probe Timeout threshold <100..1000> milliseconds
+- `threshold_variable` (String) Variable name
+- `tracker_type` (String)
diff --git a/docs/guides/changelog.md b/docs/guides/changelog.md
index b3fb9792..d16a076b 100644
--- a/docs/guides/changelog.md
+++ b/docs/guides/changelog.md
@@ -11,6 +11,7 @@ description: |-
- Add `sdwan_cisco_ospf_feature_template` resource and data source
- Add `sdwan_cisco_vpn_interface_ipsec_feature_template` resource and data source
+- Add `sdwan_cisco_secure_internet_gateway_feature_template` resource and data source
## 0.2.0
diff --git a/docs/resources/cisco_secure_internet_gateway_feature_template.md b/docs/resources/cisco_secure_internet_gateway_feature_template.md
new file mode 100644
index 00000000..913edd78
--- /dev/null
+++ b/docs/resources/cisco_secure_internet_gateway_feature_template.md
@@ -0,0 +1,327 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "sdwan_cisco_secure_internet_gateway_feature_template Resource - terraform-provider-sdwan"
+subcategory: "Feature Templates"
+description: |-
+ This resource can manage a Cisco Secure Internet Gateway feature template.
+ - Minimum vManage version: 15.0.0
+---
+
+# sdwan_cisco_secure_internet_gateway_feature_template (Resource)
+
+This resource can manage a Cisco Secure Internet Gateway feature template.
+ - Minimum vManage version: `15.0.0`
+
+## Example Usage
+
+```terraform
+resource "sdwan_cisco_secure_internet_gateway_feature_template" "example" {
+ name = "Example"
+ description = "My Example"
+ device_types = ["vedge-C8000V"]
+ vpn_id = 1
+ interfaces = [
+ {
+ name = "ipsec1"
+ auto_tunnel_mode = true
+ shutdown = true
+ description = "My Description"
+ ip_unnumbered = true
+ ipv4_address = "1.2.3.4/24"
+ tunnel_source = "3.3.3.3"
+ tunnel_source_interface = "ge0/1"
+ tunnel_route_via = "ge0/2"
+ tunnel_destination = "3.4.5.6"
+ application = "sig"
+ sig_provider = "secure-internet-gateway-umbrella"
+ tunnel_dc_preference = "primary-dc"
+ tcp_mss = 1400
+ mtu = 1500
+ dead_peer_detection_interval = 30
+ dead_peer_detection_retries = 5
+ ike_version = 1
+ ike_pre_shared_key = "A1234567"
+ ike_rekey_interval = 600
+ ike_ciphersuite = "aes256-cbc-sha2"
+ ike_group = "14"
+ ike_pre_shared_key_dynamic = false
+ ike_pre_shared_key_local_id = "1.2.3.4"
+ ike_pre_shared_key_remote_id = "2.3.4.5"
+ ipsec_rekey_interval = 7200
+ ipsec_replay_window = 1024
+ ipsec_ciphersuite = "aes256-cbc-sha1"
+ ipsec_perfect_forward_secrecy = "group-14"
+ track_enable = false
+ tunnel_public_ip = "5.5.5.5"
+ }
+ ]
+ services = [
+ {
+ service_type = "sig"
+ interface_pairs = [
+ {
+ active_interface = "e1"
+ active_interface_weight = 10
+ backup_interface = "e2"
+ backup_interface_weight = 20
+ }
+ ]
+ zscaler_authentication_required = true
+ zscaler_xff_forward = true
+ zscaler_firewall_enabled = true
+ zscaler_ips_control_enabled = true
+ zscaler_caution_enabled = true
+ zscaler_primary_data_center = "Auto"
+ zscaler_secondary_data_center = "Auto"
+ zscaler_surrogate_ip = true
+ zscaler_surrogate_idle_time = 100
+ zscaler_surrogate_display_time_unit = "MINUTE"
+ zscaler_surrogate_ip_enforce_for_known_browsers = true
+ zscaler_surrogate_refresh_time_unit = "MINUTE"
+ aup_enabled = true
+ aup_block_internet_until_accepted = true
+ aup_force_ssl_inspection = true
+ aup_timeout = 60
+ zscaler_location_name = "LOC1"
+ umbrella_primary_data_center = "Auto"
+ umbrella_secondary_data_center = "Auto"
+ }
+ ]
+ tracker_source_ip = "2.3.4.5"
+ trackers = [
+ {
+ name = "TRACKER1"
+ endpoint_api_url = "https://1.1.1.1"
+ threshold = 500
+ multiplier = 4
+ tracker_type = "SIG"
+ }
+ ]
+}
+```
+
+
+## Schema
+
+### Required
+
+- `description` (String) The description of the feature template
+- `device_types` (List of String) List of supported device types
+ - Choices: `vedge-C8000V`, `vedge-C8300-1N1S-4T2X`, `vedge-C8300-1N1S-6T`, `vedge-C8300-2N2S-6T`, `vedge-C8300-2N2S-4T2X`, `vedge-C8500-12X4QC`, `vedge-C8500-12X`, `vedge-C8500-20X6C`, `vedge-C8500L-8S4X`, `vedge-C8200-1N-4T`, `vedge-C8200L-1N-4T`
+- `name` (String) The name of the feature template
+
+### Optional
+
+- `interfaces` (Attributes List) Interface name: IPsec when present (see [below for nested schema](#nestedatt--interfaces))
+- `services` (Attributes List) Configure services (see [below for nested schema](#nestedatt--services))
+- `tracker_source_ip` (String) Source IP address for Tracker
+- `tracker_source_ip_variable` (String) Variable name
+- `trackers` (Attributes List) Tracker configuration (see [below for nested schema](#nestedatt--trackers))
+- `vpn_id` (Number) List of VPN instances
+ - Range: `0`-`65527`
+ - Default value: `0`
+
+### Read-Only
+
+- `id` (String) The id of the feature template
+- `template_type` (String) The template type
+- `version` (Number) The version of the feature template
+
+
+### Nested Schema for `interfaces`
+
+Optional:
+
+- `application` (String) Enable Application Tunnel Type
+ - Choices: `sig`
+ - Default value: `sig`
+- `auto_tunnel_mode` (Boolean) Auto Tunnel Mode
+ - Default value: `false`
+- `dead_peer_detection_interval` (Number) IKE keepalive interval (seconds)
+ - Range: `0`-`65535`
+ - Default value: `10`
+- `dead_peer_detection_interval_variable` (String) Variable name
+- `dead_peer_detection_retries` (Number) IKE keepalive retries
+ - Range: `0`-`255`
+ - Default value: `3`
+- `dead_peer_detection_retries_variable` (String) Variable name
+- `description` (String) Interface description
+- `description_variable` (String) Variable name
+- `ike_ciphersuite` (String) IKE identity the IKE preshared secret belongs to
+ - Choices: `aes256-cbc-sha1`, `aes256-cbc-sha2`, `aes128-cbc-sha1`, `aes128-cbc-sha2`
+ - Default value: `aes256-cbc-sha1`
+- `ike_ciphersuite_variable` (String) Variable name
+- `ike_group` (String) IKE Diffie Hellman Groups
+ - Choices: `2`, `14`, `15`, `16`
+ - Default value: `14`
+- `ike_group_variable` (String) Variable name
+- `ike_pre_shared_key` (String) Use preshared key to authenticate IKE peer
+- `ike_pre_shared_key_dynamic` (Boolean) Use preshared key to authenticate IKE peer
+ - Default value: `true`
+- `ike_pre_shared_key_local_id` (String) IKE ID for the local endpoint. Input IPv4 address, domain name, or email address
+- `ike_pre_shared_key_local_id_variable` (String) Variable name
+- `ike_pre_shared_key_remote_id` (String) IKE ID for the remote endpoint. Input IPv4 address, domain name, or email address
+- `ike_pre_shared_key_remote_id_variable` (String) Variable name
+- `ike_pre_shared_key_variable` (String) Variable name
+- `ike_rekey_interval` (Number) IKE rekey interval <300..1209600> seconds
+ - Range: `300`-`1209600`
+ - Default value: `14400`
+- `ike_rekey_interval_variable` (String) Variable name
+- `ike_version` (Number) IKE Version <1..2>
+ - Range: `1`-`2`
+ - Default value: `2`
+- `ike_version_variable` (String) Variable name
+- `ip_unnumbered` (Boolean) Unnumbered interface
+ - Default value: `true`
+- `ipsec_ciphersuite` (String) IPsec(ESP) encryption and integrity protocol
+ - Choices: `aes256-cbc-sha1`, `aes256-cbc-sha384`, `aes256-cbc-sha256`, `aes256-cbc-sha512`, `aes256-gcm`, `null-sha1`, `null-sha384`, `null-sha256`, `null-sha512`
+ - Default value: `aes256-gcm`
+- `ipsec_ciphersuite_variable` (String) Variable name
+- `ipsec_perfect_forward_secrecy` (String) IPsec perfect forward secrecy settings
+ - Choices: `group-2`, `group-14`, `group-15`, `group-16`, `none`
+ - Default value: `none`
+- `ipsec_perfect_forward_secrecy_variable` (String) Variable name
+- `ipsec_rekey_interval` (Number) IPsec rekey interval <300..1209600> seconds
+ - Range: `300`-`1209600`
+ - Default value: `3600`
+- `ipsec_rekey_interval_variable` (String) Variable name
+- `ipsec_replay_window` (Number) Replay window size 32..8192 (must be a power of 2)
+ - Range: `64`-`4096`
+ - Default value: `512`
+- `ipsec_replay_window_variable` (String) Variable name
+- `ipv4_address` (String) Assign IPv4 address
+- `ipv4_address_variable` (String) Variable name
+- `mtu` (Number) Interface MTU <576..2000>, in bytes
+ - Range: `576`-`2000`
+ - Default value: `1400`
+- `mtu_variable` (String) Variable name
+- `name` (String) Interface name: IPsec when present
+- `name_variable` (String) Variable name
+- `optional` (Boolean) Indicates if list item is considered optional.
+- `shutdown` (Boolean) Administrative state
+ - Default value: `false`
+- `sig_provider` (String) SIG Tunnel Provider
+ - Choices: `secure-internet-gateway-umbrella`, `secure-internet-gateway-zscaler`, `secure-internet-gateway-other`
+ - Default value: `secure-internet-gateway-umbrella`
+- `tcp_mss` (Number) TCP MSS on SYN packets, in bytes
+ - Range: `500`-`1460`
+- `tcp_mss_variable` (String) Variable name
+- `track_enable` (Boolean) Enable/disable SIG tracking
+ - Default value: `true`
+- `tunnel_dc_preference` (String) SIG Tunnel Data Center
+ - Choices: `primary-dc`, `secondary-dc`
+ - Default value: `primary-dc`
+- `tunnel_destination` (String) Tunnel destination IP address
+- `tunnel_destination_variable` (String) Variable name
+- `tunnel_public_ip` (String) Public IP required to setup GRE tunnel to Zscaler
+ - Default value: `Auto`
+- `tunnel_public_ip_variable` (String) Variable name
+- `tunnel_route_via` (String) <1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid
+- `tunnel_route_via_variable` (String) Variable name
+- `tunnel_source` (String) Tunnel source IP Address
+- `tunnel_source_interface` (String) <1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid
+- `tunnel_source_interface_variable` (String) Variable name
+- `tunnel_source_variable` (String) Variable name
+
+
+
+### Nested Schema for `services`
+
+Optional:
+
+- `aup_block_internet_until_accepted` (Boolean) For first-time Acceptable User Policy behavior, block Internet access
+ - Default value: `false`
+- `aup_enabled` (Boolean) Enable Acceptable User Policy
+ - Default value: `false`
+- `aup_force_ssl_inspection` (Boolean) For first-time Acceptable User Policy behavior, force SSL inspection
+ - Default value: `false`
+- `aup_timeout` (Number) Custom Acceptable User Policy frequency in days
+ - Default value: `0`
+- `interface_pairs` (Attributes List) Interface Pair for active and backup (see [below for nested schema](#nestedatt--services--interface_pairs))
+- `optional` (Boolean) Indicates if list item is considered optional.
+- `service_type` (String) Service Type
+ - Choices: `sig`
+ - Default value: `sig`
+- `umbrella_primary_data_center` (String) Umbrella Primary Datacenter
+ - Default value: `Auto`
+- `umbrella_primary_data_center_variable` (String) Variable name
+- `umbrella_secondary_data_center` (String) Umbrella Secondary Datacenter
+ - Default value: `Auto`
+- `umbrella_secondary_data_center_variable` (String) Variable name
+- `zscaler_authentication_required` (Boolean) Enforce Authentication
+ - Default value: `false`
+- `zscaler_caution_enabled` (Boolean) Enable Caution
+ - Default value: `false`
+- `zscaler_firewall_enabled` (Boolean) Firewall enabled
+ - Default value: `false`
+- `zscaler_ips_control_enabled` (Boolean) Enable IPS Control
+ - Default value: `false`
+- `zscaler_location_name` (String) Zscaler location name (optional)
+ - Default value: `Auto`
+- `zscaler_location_name_variable` (String) Variable name
+- `zscaler_primary_data_center` (String) Custom Primary Datacenter
+ - Default value: `Auto`
+- `zscaler_primary_data_center_variable` (String) Variable name
+- `zscaler_secondary_data_center` (String) Custom Secondary Datacenter
+ - Default value: `Auto`
+- `zscaler_secondary_data_center_variable` (String) Variable name
+- `zscaler_surrogate_display_time_unit` (String) Display time unit
+ - Choices: `MINUTE`, `HOUR`, `DAY`
+ - Default value: `MINUTE`
+- `zscaler_surrogate_idle_time` (Number) Idle time to disassociation
+ - Default value: `0`
+- `zscaler_surrogate_ip` (Boolean) Enable Surrogate IP
+ - Default value: `false`
+- `zscaler_surrogate_ip_enforce_for_known_browsers` (Boolean) Enforce Surrogate IP for known browsers
+ - Default value: `false`
+- `zscaler_surrogate_refresh_time_unit` (String) Refresh Time unit
+ - Choices: `MINUTE`, `HOUR`, `DAY`
+ - Default value: `MINUTE`
+- `zscaler_xff_forward` (Boolean) XFF forwarding enabled
+ - Default value: `false`
+
+
+### Nested Schema for `services.interface_pairs`
+
+Optional:
+
+- `active_interface` (String) Active Tunnel Interface for SIG
+- `active_interface_weight` (Number) Active Tunnel Interface Weight
+ - Range: `1`-`255`
+ - Default value: `1`
+- `backup_interface` (String) Backup Tunnel Interface for SIG
+- `backup_interface_weight` (Number) Backup Tunnel Interface Weight
+ - Range: `1`-`255`
+ - Default value: `1`
+- `optional` (Boolean) Indicates if list item is considered optional.
+
+
+
+
+### Nested Schema for `trackers`
+
+Optional:
+
+- `endpoint_api_url` (String) API url of endpoint
+- `endpoint_api_url_variable` (String) Variable name
+- `multiplier` (Number) Probe failure multiplier <1..10> failed attempts
+ - Range: `1`-`10`
+ - Default value: `3`
+- `multiplier_variable` (String) Variable name
+- `name` (String) Tracker name
+- `name_variable` (String) Variable name
+- `optional` (Boolean) Indicates if list item is considered optional.
+- `threshold` (Number) Probe Timeout threshold <100..1000> milliseconds
+ - Range: `100`-`1000`
+ - Default value: `300`
+- `threshold_variable` (String) Variable name
+- `tracker_type` (String) - Choices: `SIG`
+ - Default value: ` SIG`
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import sdwan_cisco_secure_internet_gateway_feature_template.example "f6b2c44c-693c-4763-b010-895aa3d236bd"
+```
diff --git a/examples/data-sources/sdwan_cisco_secure_internet_gateway_feature_template/data-source.tf b/examples/data-sources/sdwan_cisco_secure_internet_gateway_feature_template/data-source.tf
new file mode 100644
index 00000000..3f2b9ef5
--- /dev/null
+++ b/examples/data-sources/sdwan_cisco_secure_internet_gateway_feature_template/data-source.tf
@@ -0,0 +1,3 @@
+data "sdwan_cisco_secure_internet_gateway_feature_template" "example" {
+ id = "f6b2c44c-693c-4763-b010-895aa3d236bd"
+}
diff --git a/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/import.sh b/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/import.sh
new file mode 100644
index 00000000..6582e9d7
--- /dev/null
+++ b/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/import.sh
@@ -0,0 +1 @@
+terraform import sdwan_cisco_secure_internet_gateway_feature_template.example "f6b2c44c-693c-4763-b010-895aa3d236bd"
diff --git a/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/resource.tf b/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/resource.tf
new file mode 100644
index 00000000..226206b2
--- /dev/null
+++ b/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/resource.tf
@@ -0,0 +1,83 @@
+resource "sdwan_cisco_secure_internet_gateway_feature_template" "example" {
+ name = "Example"
+ description = "My Example"
+ device_types = ["vedge-C8000V"]
+ vpn_id = 1
+ interfaces = [
+ {
+ name = "ipsec1"
+ auto_tunnel_mode = true
+ shutdown = true
+ description = "My Description"
+ ip_unnumbered = true
+ ipv4_address = "1.2.3.4/24"
+ tunnel_source = "3.3.3.3"
+ tunnel_source_interface = "ge0/1"
+ tunnel_route_via = "ge0/2"
+ tunnel_destination = "3.4.5.6"
+ application = "sig"
+ sig_provider = "secure-internet-gateway-umbrella"
+ tunnel_dc_preference = "primary-dc"
+ tcp_mss = 1400
+ mtu = 1500
+ dead_peer_detection_interval = 30
+ dead_peer_detection_retries = 5
+ ike_version = 1
+ ike_pre_shared_key = "A1234567"
+ ike_rekey_interval = 600
+ ike_ciphersuite = "aes256-cbc-sha2"
+ ike_group = "14"
+ ike_pre_shared_key_dynamic = false
+ ike_pre_shared_key_local_id = "1.2.3.4"
+ ike_pre_shared_key_remote_id = "2.3.4.5"
+ ipsec_rekey_interval = 7200
+ ipsec_replay_window = 1024
+ ipsec_ciphersuite = "aes256-cbc-sha1"
+ ipsec_perfect_forward_secrecy = "group-14"
+ track_enable = false
+ tunnel_public_ip = "5.5.5.5"
+ }
+ ]
+ services = [
+ {
+ service_type = "sig"
+ interface_pairs = [
+ {
+ active_interface = "e1"
+ active_interface_weight = 10
+ backup_interface = "e2"
+ backup_interface_weight = 20
+ }
+ ]
+ zscaler_authentication_required = true
+ zscaler_xff_forward = true
+ zscaler_firewall_enabled = true
+ zscaler_ips_control_enabled = true
+ zscaler_caution_enabled = true
+ zscaler_primary_data_center = "Auto"
+ zscaler_secondary_data_center = "Auto"
+ zscaler_surrogate_ip = true
+ zscaler_surrogate_idle_time = 100
+ zscaler_surrogate_display_time_unit = "MINUTE"
+ zscaler_surrogate_ip_enforce_for_known_browsers = true
+ zscaler_surrogate_refresh_time_unit = "MINUTE"
+ aup_enabled = true
+ aup_block_internet_until_accepted = true
+ aup_force_ssl_inspection = true
+ aup_timeout = 60
+ zscaler_location_name = "LOC1"
+ umbrella_primary_data_center = "Auto"
+ umbrella_secondary_data_center = "Auto"
+ }
+ ]
+ tracker_source_ip = "2.3.4.5"
+ trackers = [
+ {
+ name = "TRACKER1"
+ endpoint_api_url = "https://1.1.1.1"
+ threshold = 500
+ multiplier = 4
+ tracker_type = "SIG"
+ }
+ ]
+}
diff --git a/gen/definitions/feature_templates/cisco_secure_internet_gateway.yaml b/gen/definitions/feature_templates/cisco_secure_internet_gateway.yaml
new file mode 100644
index 00000000..0970e1ed
--- /dev/null
+++ b/gen/definitions/feature_templates/cisco_secure_internet_gateway.yaml
@@ -0,0 +1,176 @@
+---
+name: Cisco Secure Internet Gateway
+minimum_version: 15.0.0
+attributes:
+ - model_name: vpn-id
+ example: 1
+ - model_name: interface
+ tf_name: interfaces
+ attributes:
+ - model_name: if-name
+ tf_name: name
+ example: ipsec1
+ - model_name: auto
+ tf_name: auto_tunnel_mode
+ example: true
+ - model_name: shutdown
+ example: true
+ - model_name: description
+ example: My Description
+ - model_name: unnumbered
+ tf_name: ip_unnumbered
+ example: true
+ - model_name: address
+ tf_name: ipv4_address
+ example: 1.2.3.4/24
+ - model_name: tunnel-source
+ example: 3.3.3.3
+ - model_name: tunnel-source-interface
+ example: ge0/1
+ - model_name: tunnel-route-via
+ example: ge0/2
+ - model_name: tunnel-destination
+ example: 3.4.5.6
+ - model_name: application
+ example: sig
+ - model_name: tunnel-set
+ tf_name: sig_provider
+ example: secure-internet-gateway-umbrella
+ - model_name: tunnel-dc-preference
+ example: primary-dc
+ - model_name: tcp-mss-adjust
+ tf_name: tcp_mss
+ example: 1400
+ - model_name: mtu
+ example: 1500
+ - model_name: dpd-interval
+ tf_name: dead_peer_detection_interval
+ example: 30
+ - model_name: dpd-retries
+ tf_name: dead_peer_detection_retries
+ example: 5
+ - model_name: ike-version
+ example: 1
+ - model_name: pre-shared-secret
+ tf_name: ike_pre_shared_key
+ example: A1234567
+ - model_name: ike-rekey-interval
+ example: 600
+ - model_name: ike-ciphersuite
+ example: aes256-cbc-sha2
+ - model_name: ike-group
+ example: 14
+ - model_name: pre-shared-key-dynamic
+ tf_name: ike_pre_shared_key_dynamic
+ example: false
+ - model_name: ike-local-id
+ tf_name: ike_pre_shared_key_local_id
+ example: 1.2.3.4
+ - model_name: ike-remote-id
+ tf_name: ike_pre_shared_key_remote_id
+ example: 2.3.4.5
+ - model_name: ipsec-rekey-interval
+ example: 7200
+ - model_name: ipsec-replay-window
+ example: 1024
+ - model_name: ipsec-ciphersuite
+ example: aes256-cbc-sha1
+ - model_name: perfect-forward-secrecy
+ tf_name: ipsec_perfect_forward_secrecy
+ example: group-14
+ - model_name: track-enable
+ example: false
+ - model_name: tunnel-public-ip
+ example: 5.5.5.5
+ - model_name: service
+ tf_name: services
+ attributes:
+ - model_name: svc-type
+ tf_name: service_type
+ example: sig
+ - model_name: interface-pair
+ tf_name: interface_pairs
+ attributes:
+ - model_name: active-interface
+ ignore_enum: true
+ example: e1
+ - model_name: active-interface-weight
+ example: 10
+ - model_name: backup-interface
+ ignore_enum: true
+ example: e2
+ - model_name: backup-interface-weight
+ example: 20
+ - model_name: auth-required
+ tf_name: zscaler_authentication_required
+ example: true
+ - model_name: xff-forward-enabled
+ tf_name: zscaler_xff_forward
+ example: true
+ - model_name: ofw-enabled
+ tf_name: zscaler_firewall_enabled
+ example: true
+ - model_name: ips-control
+ tf_name: zscaler_ips_control_enabled
+ example: true
+ - model_name: caution-enabled
+ tf_name: zscaler_caution_enabled
+ example: true
+ - model_name: primary-data-center
+ tf_name: zscaler_primary_data_center
+ example: Auto
+ - model_name: secondary-data-center
+ tf_name: zscaler_secondary_data_center
+ example: Auto
+ - model_name: ip
+ tf_name: zscaler_surrogate_ip
+ example: true
+ - model_name: idle-time
+ tf_name: zscaler_surrogate_idle_time
+ example: 100
+ - model_name: display-time-unit
+ tf_name: zscaler_surrogate_display_time_unit
+ example: MINUTE
+ - model_name: ip-enforced-for-known-browsers
+ tf_name: zscaler_surrogate_ip_enforce_for_known_browsers
+ example: true
+ - model_name: refresh-time-unit
+ tf_name: zscaler_surrogate_refresh_time_unit
+ example: MINUTE
+ - model_name: enabled
+ tf_name: aup_enabled
+ example: true
+ - model_name: block-internet-until-accepted
+ tf_name: aup_block_internet_until_accepted
+ example: true
+ - model_name: force-ssl-inspection
+ tf_name: aup_force_ssl_inspection
+ example: true
+ - model_name: timeout
+ tf_name: aup_timeout
+ example: 60
+ - model_name: location-name
+ tf_name: zscaler_location_name
+ example: LOC1
+ - model_name: data-center-primary
+ tf_name: umbrella_primary_data_center
+ example: Auto
+ - model_name: data-center-secondary
+ tf_name: umbrella_secondary_data_center
+ example: Auto
+ - model_name: tracker-src-ip
+ tf_name: tracker_source_ip
+ example: 2.3.4.5
+ - model_name: tracker
+ tf_name: trackers
+ attributes:
+ - model_name: name
+ example: TRACKER1
+ - model_name: endpoint-api-url
+ example: https://1.1.1.1
+ - model_name: threshold
+ example: 500
+ - model_name: multiplier
+ example: 4
+ - model_name: tracker-type
+ example: SIG
diff --git a/gen/generator.go b/gen/generator.go
index b330beae..4167023d 100644
--- a/gen/generator.go
+++ b/gen/generator.go
@@ -215,6 +215,7 @@ type YamlConfigAttribute struct {
Description string `yaml:"description"`
Example string `yaml:"example"`
EnumValues []string `yaml:"enum_values"`
+ IgnoreEnum bool `yaml:"ignore_enum"`
MinList int64 `yaml:"min_list"`
MaxList int64 `yaml:"max_list"`
MinInt int64 `yaml:"min_int"`
diff --git a/gen/schema/schema.yaml b/gen/schema/schema.yaml
index 7c6f7b13..329cd73c 100644
--- a/gen/schema/schema.yaml
+++ b/gen/schema/schema.yaml
@@ -30,6 +30,7 @@ attribute:
description: str(required=False)
example: any(str(), int(), bool(), required=False)
enum_values: list(str(), required=False)
+ ignore_enum: bool(required=False)
min_list: int(required=False)
max_list: int(required=False)
min_int: int(required=False)
diff --git a/gen/templates/feature_templates/resource.go b/gen/templates/feature_templates/resource.go
index 2c92661e..77ad38bc 100644
--- a/gen/templates/feature_templates/resource.go
+++ b/gen/templates/feature_templates/resource.go
@@ -95,7 +95,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context,
{{- range .Attributes}}
"{{.TfName}}": schema.{{if eq .Type "List"}}ListNested{{else if eq .Type "ListString"}}List{{else}}{{.Type}}{{end}}Attribute{
MarkdownDescription: helpers.NewAttributeDescription("{{.Description}}")
- {{- if len .EnumValues -}}
+ {{- if and (len .EnumValues) (not .IgnoreEnum) -}}
.AddStringEnumDescription({{range .EnumValues}}"{{.}}", {{end}})
{{- end -}}
{{- if or (ne .MinInt 0) (ne .MaxInt 0) -}}
@@ -112,7 +112,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context,
ElementType: types.StringType,
{{- end}}
Optional: true,
- {{- if len .EnumValues}}
+ {{- if and (len .EnumValues) (not .IgnoreEnum)}}
Validators: []validator.String{
stringvalidator.OneOf({{range .EnumValues}}"{{.}}", {{end}}),
},
@@ -140,7 +140,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context,
{{- range .Attributes}}
"{{.TfName}}": schema.{{if eq .Type "List"}}ListNested{{else if eq .Type "ListString"}}List{{else}}{{.Type}}{{end}}Attribute{
MarkdownDescription: helpers.NewAttributeDescription("{{.Description}}")
- {{- if len .EnumValues -}}
+ {{- if and (len .EnumValues) (not .IgnoreEnum) -}}
.AddStringEnumDescription({{range .EnumValues}}"{{.}}", {{end}})
{{- end -}}
{{- if or (ne .MinInt 0) (ne .MaxInt 0) -}}
@@ -157,7 +157,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context,
ElementType: types.StringType,
{{- end}}
Optional: true,
- {{- if len .EnumValues}}
+ {{- if and (len .EnumValues) (not .IgnoreEnum)}}
Validators: []validator.String{
stringvalidator.OneOf({{range .EnumValues}}"{{.}}", {{end}}),
},
@@ -185,7 +185,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context,
{{- range .Attributes}}
"{{.TfName}}": schema.{{if eq .Type "List"}}ListNested{{else if eq .Type "ListString"}}List{{else}}{{.Type}}{{end}}Attribute{
MarkdownDescription: helpers.NewAttributeDescription("{{.Description}}")
- {{- if len .EnumValues -}}
+ {{- if and (len .EnumValues) (not .IgnoreEnum) -}}
.AddStringEnumDescription({{range .EnumValues}}"{{.}}", {{end}})
{{- end -}}
{{- if or (ne .MinInt 0) (ne .MaxInt 0) -}}
@@ -202,7 +202,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context,
ElementType: types.StringType,
{{- end}}
Optional: true,
- {{- if len .EnumValues}}
+ {{- if and (len .EnumValues) (not .IgnoreEnum)}}
Validators: []validator.String{
stringvalidator.OneOf({{range .EnumValues}}"{{.}}", {{end}}),
},
@@ -230,7 +230,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context,
{{- range .Attributes}}
"{{.TfName}}": schema.{{if eq .Type "ListString"}}List{{else}}{{.Type}}{{end}}Attribute{
MarkdownDescription: helpers.NewAttributeDescription("{{.Description}}")
- {{- if len .EnumValues -}}
+ {{- if and (len .EnumValues) (not .IgnoreEnum) -}}
.AddStringEnumDescription({{range .EnumValues}}"{{.}}", {{end}})
{{- end -}}
{{- if or (ne .MinInt 0) (ne .MaxInt 0) -}}
@@ -247,7 +247,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context,
ElementType: types.StringType,
{{- end}}
Optional: true,
- {{- if len .EnumValues}}
+ {{- if and (len .EnumValues) (not .IgnoreEnum)}}
Validators: []validator.String{
stringvalidator.OneOf({{range .EnumValues}}"{{.}}", {{end}}),
},
diff --git a/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template.go b/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template.go
new file mode 100644
index 00000000..cbb821c4
--- /dev/null
+++ b/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template.go
@@ -0,0 +1,547 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "context"
+ "fmt"
+
+ "github.com/CiscoDevNet/terraform-provider-sdwan/internal/provider/helpers"
+ "github.com/hashicorp/terraform-plugin-framework/datasource"
+ "github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/hashicorp/terraform-plugin-log/tflog"
+ "github.com/netascode/go-sdwan"
+)
+
+// Ensure the implementation satisfies the expected interfaces.
+var (
+ _ datasource.DataSource = &CiscoSecureInternetGatewayFeatureTemplateDataSource{}
+ _ datasource.DataSourceWithConfigure = &CiscoSecureInternetGatewayFeatureTemplateDataSource{}
+)
+
+func NewCiscoSecureInternetGatewayFeatureTemplateDataSource() datasource.DataSource {
+ return &CiscoSecureInternetGatewayFeatureTemplateDataSource{}
+}
+
+type CiscoSecureInternetGatewayFeatureTemplateDataSource struct {
+ client *sdwan.Client
+}
+
+func (d *CiscoSecureInternetGatewayFeatureTemplateDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+ resp.TypeName = req.ProviderTypeName + "_cisco_secure_internet_gateway_feature_template"
+}
+
+func (d *CiscoSecureInternetGatewayFeatureTemplateDataSource) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ // This description is used by the documentation generator and the language server.
+ MarkdownDescription: "This data source can read the Cisco Secure Internet Gateway feature template.",
+
+ Attributes: map[string]schema.Attribute{
+ "id": schema.StringAttribute{
+ MarkdownDescription: "The id of the feature template",
+ Required: true,
+ },
+ "version": schema.Int64Attribute{
+ MarkdownDescription: "The version of the feature template",
+ Computed: true,
+ },
+ "template_type": schema.StringAttribute{
+ MarkdownDescription: "The template type",
+ Computed: true,
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: "The name of the feature template",
+ Computed: true,
+ },
+ "description": schema.StringAttribute{
+ MarkdownDescription: "The description of the feature template",
+ Computed: true,
+ },
+ "device_types": schema.ListAttribute{
+ MarkdownDescription: "List of supported device types",
+ ElementType: types.StringType,
+ Computed: true,
+ },
+ "vpn_id": schema.Int64Attribute{
+ MarkdownDescription: "List of VPN instances",
+ Computed: true,
+ },
+ "interfaces": schema.ListNestedAttribute{
+ MarkdownDescription: "Interface name: IPsec when present",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ MarkdownDescription: "Interface name: IPsec when present",
+ Computed: true,
+ },
+ "name_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "auto_tunnel_mode": schema.BoolAttribute{
+ MarkdownDescription: "Auto Tunnel Mode",
+ Computed: true,
+ },
+ "shutdown": schema.BoolAttribute{
+ MarkdownDescription: "Administrative state",
+ Computed: true,
+ },
+ "description": schema.StringAttribute{
+ MarkdownDescription: "Interface description",
+ Computed: true,
+ },
+ "description_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ip_unnumbered": schema.BoolAttribute{
+ MarkdownDescription: "Unnumbered interface",
+ Computed: true,
+ },
+ "ipv4_address": schema.StringAttribute{
+ MarkdownDescription: "Assign IPv4 address",
+ Computed: true,
+ },
+ "ipv4_address_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "tunnel_source": schema.StringAttribute{
+ MarkdownDescription: "Tunnel source IP Address",
+ Computed: true,
+ },
+ "tunnel_source_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "tunnel_source_interface": schema.StringAttribute{
+ MarkdownDescription: "<1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid",
+ Computed: true,
+ },
+ "tunnel_source_interface_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "tunnel_route_via": schema.StringAttribute{
+ MarkdownDescription: "<1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid",
+ Computed: true,
+ },
+ "tunnel_route_via_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "tunnel_destination": schema.StringAttribute{
+ MarkdownDescription: "Tunnel destination IP address",
+ Computed: true,
+ },
+ "tunnel_destination_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "application": schema.StringAttribute{
+ MarkdownDescription: "Enable Application Tunnel Type",
+ Computed: true,
+ },
+ "sig_provider": schema.StringAttribute{
+ MarkdownDescription: "SIG Tunnel Provider",
+ Computed: true,
+ },
+ "tunnel_dc_preference": schema.StringAttribute{
+ MarkdownDescription: "SIG Tunnel Data Center",
+ Computed: true,
+ },
+ "tcp_mss": schema.Int64Attribute{
+ MarkdownDescription: "TCP MSS on SYN packets, in bytes",
+ Computed: true,
+ },
+ "tcp_mss_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "mtu": schema.Int64Attribute{
+ MarkdownDescription: "Interface MTU <576..2000>, in bytes",
+ Computed: true,
+ },
+ "mtu_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "dead_peer_detection_interval": schema.Int64Attribute{
+ MarkdownDescription: "IKE keepalive interval (seconds)",
+ Computed: true,
+ },
+ "dead_peer_detection_interval_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "dead_peer_detection_retries": schema.Int64Attribute{
+ MarkdownDescription: "IKE keepalive retries",
+ Computed: true,
+ },
+ "dead_peer_detection_retries_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ike_version": schema.Int64Attribute{
+ MarkdownDescription: "IKE Version <1..2>",
+ Computed: true,
+ },
+ "ike_version_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ike_pre_shared_key": schema.StringAttribute{
+ MarkdownDescription: "Use preshared key to authenticate IKE peer",
+ Computed: true,
+ },
+ "ike_pre_shared_key_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ike_rekey_interval": schema.Int64Attribute{
+ MarkdownDescription: "IKE rekey interval <300..1209600> seconds",
+ Computed: true,
+ },
+ "ike_rekey_interval_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ike_ciphersuite": schema.StringAttribute{
+ MarkdownDescription: "IKE identity the IKE preshared secret belongs to",
+ Computed: true,
+ },
+ "ike_ciphersuite_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ike_group": schema.StringAttribute{
+ MarkdownDescription: "IKE Diffie Hellman Groups",
+ Computed: true,
+ },
+ "ike_group_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ike_pre_shared_key_dynamic": schema.BoolAttribute{
+ MarkdownDescription: "Use preshared key to authenticate IKE peer",
+ Computed: true,
+ },
+ "ike_pre_shared_key_local_id": schema.StringAttribute{
+ MarkdownDescription: "IKE ID for the local endpoint. Input IPv4 address, domain name, or email address",
+ Computed: true,
+ },
+ "ike_pre_shared_key_local_id_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ike_pre_shared_key_remote_id": schema.StringAttribute{
+ MarkdownDescription: "IKE ID for the remote endpoint. Input IPv4 address, domain name, or email address",
+ Computed: true,
+ },
+ "ike_pre_shared_key_remote_id_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ipsec_rekey_interval": schema.Int64Attribute{
+ MarkdownDescription: "IPsec rekey interval <300..1209600> seconds",
+ Computed: true,
+ },
+ "ipsec_rekey_interval_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ipsec_replay_window": schema.Int64Attribute{
+ MarkdownDescription: "Replay window size 32..8192 (must be a power of 2)",
+ Computed: true,
+ },
+ "ipsec_replay_window_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ipsec_ciphersuite": schema.StringAttribute{
+ MarkdownDescription: "IPsec(ESP) encryption and integrity protocol",
+ Computed: true,
+ },
+ "ipsec_ciphersuite_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "ipsec_perfect_forward_secrecy": schema.StringAttribute{
+ MarkdownDescription: "IPsec perfect forward secrecy settings",
+ Computed: true,
+ },
+ "ipsec_perfect_forward_secrecy_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "track_enable": schema.BoolAttribute{
+ MarkdownDescription: "Enable/disable SIG tracking",
+ Computed: true,
+ },
+ "tunnel_public_ip": schema.StringAttribute{
+ MarkdownDescription: "Public IP required to setup GRE tunnel to Zscaler",
+ Computed: true,
+ },
+ "tunnel_public_ip_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "optional": schema.BoolAttribute{
+ MarkdownDescription: "Indicates if list item is considered optional.",
+ Computed: true,
+ },
+ },
+ },
+ },
+ "services": schema.ListNestedAttribute{
+ MarkdownDescription: "Configure services",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "service_type": schema.StringAttribute{
+ MarkdownDescription: "Service Type",
+ Computed: true,
+ },
+ "interface_pairs": schema.ListNestedAttribute{
+ MarkdownDescription: "Interface Pair for active and backup",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "active_interface": schema.StringAttribute{
+ MarkdownDescription: "Active Tunnel Interface for SIG",
+ Computed: true,
+ },
+ "active_interface_weight": schema.Int64Attribute{
+ MarkdownDescription: "Active Tunnel Interface Weight",
+ Computed: true,
+ },
+ "backup_interface": schema.StringAttribute{
+ MarkdownDescription: "Backup Tunnel Interface for SIG",
+ Computed: true,
+ },
+ "backup_interface_weight": schema.Int64Attribute{
+ MarkdownDescription: "Backup Tunnel Interface Weight",
+ Computed: true,
+ },
+ "optional": schema.BoolAttribute{
+ MarkdownDescription: "Indicates if list item is considered optional.",
+ Computed: true,
+ },
+ },
+ },
+ },
+ "zscaler_authentication_required": schema.BoolAttribute{
+ MarkdownDescription: "Enforce Authentication",
+ Computed: true,
+ },
+ "zscaler_xff_forward": schema.BoolAttribute{
+ MarkdownDescription: "XFF forwarding enabled",
+ Computed: true,
+ },
+ "zscaler_firewall_enabled": schema.BoolAttribute{
+ MarkdownDescription: "Firewall enabled",
+ Computed: true,
+ },
+ "zscaler_ips_control_enabled": schema.BoolAttribute{
+ MarkdownDescription: "Enable IPS Control",
+ Computed: true,
+ },
+ "zscaler_caution_enabled": schema.BoolAttribute{
+ MarkdownDescription: "Enable Caution",
+ Computed: true,
+ },
+ "zscaler_primary_data_center": schema.StringAttribute{
+ MarkdownDescription: "Custom Primary Datacenter",
+ Computed: true,
+ },
+ "zscaler_primary_data_center_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "zscaler_secondary_data_center": schema.StringAttribute{
+ MarkdownDescription: "Custom Secondary Datacenter",
+ Computed: true,
+ },
+ "zscaler_secondary_data_center_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "zscaler_surrogate_ip": schema.BoolAttribute{
+ MarkdownDescription: "Enable Surrogate IP",
+ Computed: true,
+ },
+ "zscaler_surrogate_idle_time": schema.Int64Attribute{
+ MarkdownDescription: "Idle time to disassociation",
+ Computed: true,
+ },
+ "zscaler_surrogate_display_time_unit": schema.StringAttribute{
+ MarkdownDescription: "Display time unit",
+ Computed: true,
+ },
+ "zscaler_surrogate_ip_enforce_for_known_browsers": schema.BoolAttribute{
+ MarkdownDescription: "Enforce Surrogate IP for known browsers",
+ Computed: true,
+ },
+ "zscaler_surrogate_refresh_time_unit": schema.StringAttribute{
+ MarkdownDescription: "Refresh Time unit",
+ Computed: true,
+ },
+ "aup_enabled": schema.BoolAttribute{
+ MarkdownDescription: "Enable Acceptable User Policy",
+ Computed: true,
+ },
+ "aup_block_internet_until_accepted": schema.BoolAttribute{
+ MarkdownDescription: "For first-time Acceptable User Policy behavior, block Internet access",
+ Computed: true,
+ },
+ "aup_force_ssl_inspection": schema.BoolAttribute{
+ MarkdownDescription: "For first-time Acceptable User Policy behavior, force SSL inspection",
+ Computed: true,
+ },
+ "aup_timeout": schema.Int64Attribute{
+ MarkdownDescription: "Custom Acceptable User Policy frequency in days",
+ Computed: true,
+ },
+ "zscaler_location_name": schema.StringAttribute{
+ MarkdownDescription: "Zscaler location name (optional)",
+ Computed: true,
+ },
+ "zscaler_location_name_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "umbrella_primary_data_center": schema.StringAttribute{
+ MarkdownDescription: "Umbrella Primary Datacenter",
+ Computed: true,
+ },
+ "umbrella_primary_data_center_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "umbrella_secondary_data_center": schema.StringAttribute{
+ MarkdownDescription: "Umbrella Secondary Datacenter",
+ Computed: true,
+ },
+ "umbrella_secondary_data_center_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "optional": schema.BoolAttribute{
+ MarkdownDescription: "Indicates if list item is considered optional.",
+ Computed: true,
+ },
+ },
+ },
+ },
+ "tracker_source_ip": schema.StringAttribute{
+ MarkdownDescription: "Source IP address for Tracker",
+ Computed: true,
+ },
+ "tracker_source_ip_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "trackers": schema.ListNestedAttribute{
+ MarkdownDescription: "Tracker configuration",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ MarkdownDescription: "Tracker name",
+ Computed: true,
+ },
+ "name_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "endpoint_api_url": schema.StringAttribute{
+ MarkdownDescription: "API url of endpoint",
+ Computed: true,
+ },
+ "endpoint_api_url_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "threshold": schema.Int64Attribute{
+ MarkdownDescription: "Probe Timeout threshold <100..1000> milliseconds",
+ Computed: true,
+ },
+ "threshold_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "multiplier": schema.Int64Attribute{
+ MarkdownDescription: "Probe failure multiplier <1..10> failed attempts",
+ Computed: true,
+ },
+ "multiplier_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Computed: true,
+ },
+ "tracker_type": schema.StringAttribute{
+ MarkdownDescription: "",
+ Computed: true,
+ },
+ "optional": schema.BoolAttribute{
+ MarkdownDescription: "Indicates if list item is considered optional.",
+ Computed: true,
+ },
+ },
+ },
+ },
+ },
+ }
+}
+
+func (d *CiscoSecureInternetGatewayFeatureTemplateDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, _ *datasource.ConfigureResponse) {
+ if req.ProviderData == nil {
+ return
+ }
+
+ d.client = req.ProviderData.(*SdwanProviderData).Client
+}
+
+func (d *CiscoSecureInternetGatewayFeatureTemplateDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+ var config CiscoSecureInternetGateway
+
+ // Read config
+ diags := req.Config.Get(ctx, &config)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Read", config.Id.String()))
+
+ res, err := d.client.Get("/template/feature/object/" + config.Id.ValueString())
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to retrieve object, got error: %s", err))
+ return
+ }
+
+ config.fromBody(ctx, res)
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Read finished successfully", config.Name.ValueString()))
+
+ diags = resp.State.Set(ctx, &config)
+ resp.Diagnostics.Append(diags...)
+}
diff --git a/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template_test.go b/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template_test.go
new file mode 100644
index 00000000..9f8f660e
--- /dev/null
+++ b/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template_test.go
@@ -0,0 +1,185 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+func TestAccDataSourceSdwanCiscoSecureInternetGatewayFeatureTemplate(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccDataSourceSdwanCiscoSecureInternetGatewayFeatureTemplateConfig,
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "vpn_id", "1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.name", "ipsec1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.auto_tunnel_mode", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.shutdown", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.description", "My Description"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ip_unnumbered", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipv4_address", "1.2.3.4/24"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_source", "3.3.3.3"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_source_interface", "ge0/1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_route_via", "ge0/2"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_destination", "3.4.5.6"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.application", "sig"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.sig_provider", "secure-internet-gateway-umbrella"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_dc_preference", "primary-dc"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tcp_mss", "1400"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.mtu", "1500"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.dead_peer_detection_interval", "30"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.dead_peer_detection_retries", "5"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_version", "1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key", "A1234567"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_rekey_interval", "600"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_ciphersuite", "aes256-cbc-sha2"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_group", "14"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_dynamic", "false"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_local_id", "1.2.3.4"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_remote_id", "2.3.4.5"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_rekey_interval", "7200"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_replay_window", "1024"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_ciphersuite", "aes256-cbc-sha1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_perfect_forward_secrecy", "group-14"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.track_enable", "false"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_public_ip", "5.5.5.5"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.service_type", "sig"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.active_interface", "e1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.active_interface_weight", "10"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.backup_interface", "e2"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.backup_interface_weight", "20"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_authentication_required", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_xff_forward", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_firewall_enabled", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_ips_control_enabled", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_caution_enabled", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_primary_data_center", "Auto"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_secondary_data_center", "Auto"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_ip", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_idle_time", "100"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_display_time_unit", "MINUTE"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_ip_enforce_for_known_browsers", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_refresh_time_unit", "MINUTE"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_enabled", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_block_internet_until_accepted", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_force_ssl_inspection", "true"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_timeout", "60"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_location_name", "LOC1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.umbrella_primary_data_center", "Auto"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.umbrella_secondary_data_center", "Auto"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "tracker_source_ip", "2.3.4.5"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.name", "TRACKER1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.endpoint_api_url", "https://1.1.1.1"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.threshold", "500"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.multiplier", "4"),
+ resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.tracker_type", "SIG"),
+ ),
+ },
+ },
+ })
+}
+
+const testAccDataSourceSdwanCiscoSecureInternetGatewayFeatureTemplateConfig = `
+
+resource "sdwan_cisco_secure_internet_gateway_feature_template" "test" {
+ name = "TF_TEST_MIN"
+ description = "Terraform integration test"
+ device_types = ["vedge-C8000V"]
+ vpn_id = 1
+ interfaces = [{
+ name = "ipsec1"
+ auto_tunnel_mode = true
+ shutdown = true
+ description = "My Description"
+ ip_unnumbered = true
+ ipv4_address = "1.2.3.4/24"
+ tunnel_source = "3.3.3.3"
+ tunnel_source_interface = "ge0/1"
+ tunnel_route_via = "ge0/2"
+ tunnel_destination = "3.4.5.6"
+ application = "sig"
+ sig_provider = "secure-internet-gateway-umbrella"
+ tunnel_dc_preference = "primary-dc"
+ tcp_mss = 1400
+ mtu = 1500
+ dead_peer_detection_interval = 30
+ dead_peer_detection_retries = 5
+ ike_version = 1
+ ike_pre_shared_key = "A1234567"
+ ike_rekey_interval = 600
+ ike_ciphersuite = "aes256-cbc-sha2"
+ ike_group = "14"
+ ike_pre_shared_key_dynamic = false
+ ike_pre_shared_key_local_id = "1.2.3.4"
+ ike_pre_shared_key_remote_id = "2.3.4.5"
+ ipsec_rekey_interval = 7200
+ ipsec_replay_window = 1024
+ ipsec_ciphersuite = "aes256-cbc-sha1"
+ ipsec_perfect_forward_secrecy = "group-14"
+ track_enable = false
+ tunnel_public_ip = "5.5.5.5"
+ }]
+ services = [{
+ service_type = "sig"
+ interface_pairs = [{
+ active_interface = "e1"
+ active_interface_weight = 10
+ backup_interface = "e2"
+ backup_interface_weight = 20
+ }]
+ zscaler_authentication_required = true
+ zscaler_xff_forward = true
+ zscaler_firewall_enabled = true
+ zscaler_ips_control_enabled = true
+ zscaler_caution_enabled = true
+ zscaler_primary_data_center = "Auto"
+ zscaler_secondary_data_center = "Auto"
+ zscaler_surrogate_ip = true
+ zscaler_surrogate_idle_time = 100
+ zscaler_surrogate_display_time_unit = "MINUTE"
+ zscaler_surrogate_ip_enforce_for_known_browsers = true
+ zscaler_surrogate_refresh_time_unit = "MINUTE"
+ aup_enabled = true
+ aup_block_internet_until_accepted = true
+ aup_force_ssl_inspection = true
+ aup_timeout = 60
+ zscaler_location_name = "LOC1"
+ umbrella_primary_data_center = "Auto"
+ umbrella_secondary_data_center = "Auto"
+ }]
+ tracker_source_ip = "2.3.4.5"
+ trackers = [{
+ name = "TRACKER1"
+ endpoint_api_url = "https://1.1.1.1"
+ threshold = 500
+ multiplier = 4
+ tracker_type = "SIG"
+ }]
+}
+
+data "sdwan_cisco_secure_internet_gateway_feature_template" "test" {
+ id = sdwan_cisco_secure_internet_gateway_feature_template.test.id
+}
+`
diff --git a/internal/provider/model_sdwan_cisco_secure_internet_gateway_feature_template.go b/internal/provider/model_sdwan_cisco_secure_internet_gateway_feature_template.go
new file mode 100644
index 00000000..52a04fc5
--- /dev/null
+++ b/internal/provider/model_sdwan_cisco_secure_internet_gateway_feature_template.go
@@ -0,0 +1,2313 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "context"
+ "strconv"
+
+ "github.com/CiscoDevNet/terraform-provider-sdwan/internal/provider/helpers"
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/tidwall/gjson"
+ "github.com/tidwall/sjson"
+)
+
+type CiscoSecureInternetGateway struct {
+ Id types.String `tfsdk:"id"`
+ Version types.Int64 `tfsdk:"version"`
+ TemplateType types.String `tfsdk:"template_type"`
+ Name types.String `tfsdk:"name"`
+ Description types.String `tfsdk:"description"`
+ DeviceTypes types.List `tfsdk:"device_types"`
+ VpnId types.Int64 `tfsdk:"vpn_id"`
+ Interfaces []CiscoSecureInternetGatewayInterfaces `tfsdk:"interfaces"`
+ Services []CiscoSecureInternetGatewayServices `tfsdk:"services"`
+ TrackerSourceIp types.String `tfsdk:"tracker_source_ip"`
+ TrackerSourceIpVariable types.String `tfsdk:"tracker_source_ip_variable"`
+ Trackers []CiscoSecureInternetGatewayTrackers `tfsdk:"trackers"`
+}
+
+type CiscoSecureInternetGatewayInterfaces struct {
+ Optional types.Bool `tfsdk:"optional"`
+ Name types.String `tfsdk:"name"`
+ NameVariable types.String `tfsdk:"name_variable"`
+ AutoTunnelMode types.Bool `tfsdk:"auto_tunnel_mode"`
+ Shutdown types.Bool `tfsdk:"shutdown"`
+ Description types.String `tfsdk:"description"`
+ DescriptionVariable types.String `tfsdk:"description_variable"`
+ IpUnnumbered types.Bool `tfsdk:"ip_unnumbered"`
+ Ipv4Address types.String `tfsdk:"ipv4_address"`
+ Ipv4AddressVariable types.String `tfsdk:"ipv4_address_variable"`
+ TunnelSource types.String `tfsdk:"tunnel_source"`
+ TunnelSourceVariable types.String `tfsdk:"tunnel_source_variable"`
+ TunnelSourceInterface types.String `tfsdk:"tunnel_source_interface"`
+ TunnelSourceInterfaceVariable types.String `tfsdk:"tunnel_source_interface_variable"`
+ TunnelRouteVia types.String `tfsdk:"tunnel_route_via"`
+ TunnelRouteViaVariable types.String `tfsdk:"tunnel_route_via_variable"`
+ TunnelDestination types.String `tfsdk:"tunnel_destination"`
+ TunnelDestinationVariable types.String `tfsdk:"tunnel_destination_variable"`
+ Application types.String `tfsdk:"application"`
+ SigProvider types.String `tfsdk:"sig_provider"`
+ TunnelDcPreference types.String `tfsdk:"tunnel_dc_preference"`
+ TcpMss types.Int64 `tfsdk:"tcp_mss"`
+ TcpMssVariable types.String `tfsdk:"tcp_mss_variable"`
+ Mtu types.Int64 `tfsdk:"mtu"`
+ MtuVariable types.String `tfsdk:"mtu_variable"`
+ DeadPeerDetectionInterval types.Int64 `tfsdk:"dead_peer_detection_interval"`
+ DeadPeerDetectionIntervalVariable types.String `tfsdk:"dead_peer_detection_interval_variable"`
+ DeadPeerDetectionRetries types.Int64 `tfsdk:"dead_peer_detection_retries"`
+ DeadPeerDetectionRetriesVariable types.String `tfsdk:"dead_peer_detection_retries_variable"`
+ IkeVersion types.Int64 `tfsdk:"ike_version"`
+ IkeVersionVariable types.String `tfsdk:"ike_version_variable"`
+ IkePreSharedKey types.String `tfsdk:"ike_pre_shared_key"`
+ IkePreSharedKeyVariable types.String `tfsdk:"ike_pre_shared_key_variable"`
+ IkeRekeyInterval types.Int64 `tfsdk:"ike_rekey_interval"`
+ IkeRekeyIntervalVariable types.String `tfsdk:"ike_rekey_interval_variable"`
+ IkeCiphersuite types.String `tfsdk:"ike_ciphersuite"`
+ IkeCiphersuiteVariable types.String `tfsdk:"ike_ciphersuite_variable"`
+ IkeGroup types.String `tfsdk:"ike_group"`
+ IkeGroupVariable types.String `tfsdk:"ike_group_variable"`
+ IkePreSharedKeyDynamic types.Bool `tfsdk:"ike_pre_shared_key_dynamic"`
+ IkePreSharedKeyLocalId types.String `tfsdk:"ike_pre_shared_key_local_id"`
+ IkePreSharedKeyLocalIdVariable types.String `tfsdk:"ike_pre_shared_key_local_id_variable"`
+ IkePreSharedKeyRemoteId types.String `tfsdk:"ike_pre_shared_key_remote_id"`
+ IkePreSharedKeyRemoteIdVariable types.String `tfsdk:"ike_pre_shared_key_remote_id_variable"`
+ IpsecRekeyInterval types.Int64 `tfsdk:"ipsec_rekey_interval"`
+ IpsecRekeyIntervalVariable types.String `tfsdk:"ipsec_rekey_interval_variable"`
+ IpsecReplayWindow types.Int64 `tfsdk:"ipsec_replay_window"`
+ IpsecReplayWindowVariable types.String `tfsdk:"ipsec_replay_window_variable"`
+ IpsecCiphersuite types.String `tfsdk:"ipsec_ciphersuite"`
+ IpsecCiphersuiteVariable types.String `tfsdk:"ipsec_ciphersuite_variable"`
+ IpsecPerfectForwardSecrecy types.String `tfsdk:"ipsec_perfect_forward_secrecy"`
+ IpsecPerfectForwardSecrecyVariable types.String `tfsdk:"ipsec_perfect_forward_secrecy_variable"`
+ TrackEnable types.Bool `tfsdk:"track_enable"`
+ TunnelPublicIp types.String `tfsdk:"tunnel_public_ip"`
+ TunnelPublicIpVariable types.String `tfsdk:"tunnel_public_ip_variable"`
+}
+
+type CiscoSecureInternetGatewayServices struct {
+ Optional types.Bool `tfsdk:"optional"`
+ ServiceType types.String `tfsdk:"service_type"`
+ InterfacePairs []CiscoSecureInternetGatewayServicesInterfacePairs `tfsdk:"interface_pairs"`
+ ZscalerAuthenticationRequired types.Bool `tfsdk:"zscaler_authentication_required"`
+ ZscalerXffForward types.Bool `tfsdk:"zscaler_xff_forward"`
+ ZscalerFirewallEnabled types.Bool `tfsdk:"zscaler_firewall_enabled"`
+ ZscalerIpsControlEnabled types.Bool `tfsdk:"zscaler_ips_control_enabled"`
+ ZscalerCautionEnabled types.Bool `tfsdk:"zscaler_caution_enabled"`
+ ZscalerPrimaryDataCenter types.String `tfsdk:"zscaler_primary_data_center"`
+ ZscalerPrimaryDataCenterVariable types.String `tfsdk:"zscaler_primary_data_center_variable"`
+ ZscalerSecondaryDataCenter types.String `tfsdk:"zscaler_secondary_data_center"`
+ ZscalerSecondaryDataCenterVariable types.String `tfsdk:"zscaler_secondary_data_center_variable"`
+ ZscalerSurrogateIp types.Bool `tfsdk:"zscaler_surrogate_ip"`
+ ZscalerSurrogateIdleTime types.Int64 `tfsdk:"zscaler_surrogate_idle_time"`
+ ZscalerSurrogateDisplayTimeUnit types.String `tfsdk:"zscaler_surrogate_display_time_unit"`
+ ZscalerSurrogateIpEnforceForKnownBrowsers types.Bool `tfsdk:"zscaler_surrogate_ip_enforce_for_known_browsers"`
+ ZscalerSurrogateRefreshTimeUnit types.String `tfsdk:"zscaler_surrogate_refresh_time_unit"`
+ AupEnabled types.Bool `tfsdk:"aup_enabled"`
+ AupBlockInternetUntilAccepted types.Bool `tfsdk:"aup_block_internet_until_accepted"`
+ AupForceSslInspection types.Bool `tfsdk:"aup_force_ssl_inspection"`
+ AupTimeout types.Int64 `tfsdk:"aup_timeout"`
+ ZscalerLocationName types.String `tfsdk:"zscaler_location_name"`
+ ZscalerLocationNameVariable types.String `tfsdk:"zscaler_location_name_variable"`
+ UmbrellaPrimaryDataCenter types.String `tfsdk:"umbrella_primary_data_center"`
+ UmbrellaPrimaryDataCenterVariable types.String `tfsdk:"umbrella_primary_data_center_variable"`
+ UmbrellaSecondaryDataCenter types.String `tfsdk:"umbrella_secondary_data_center"`
+ UmbrellaSecondaryDataCenterVariable types.String `tfsdk:"umbrella_secondary_data_center_variable"`
+}
+
+type CiscoSecureInternetGatewayTrackers struct {
+ Optional types.Bool `tfsdk:"optional"`
+ Name types.String `tfsdk:"name"`
+ NameVariable types.String `tfsdk:"name_variable"`
+ EndpointApiUrl types.String `tfsdk:"endpoint_api_url"`
+ EndpointApiUrlVariable types.String `tfsdk:"endpoint_api_url_variable"`
+ Threshold types.Int64 `tfsdk:"threshold"`
+ ThresholdVariable types.String `tfsdk:"threshold_variable"`
+ Multiplier types.Int64 `tfsdk:"multiplier"`
+ MultiplierVariable types.String `tfsdk:"multiplier_variable"`
+ TrackerType types.String `tfsdk:"tracker_type"`
+}
+
+type CiscoSecureInternetGatewayServicesInterfacePairs struct {
+ Optional types.Bool `tfsdk:"optional"`
+ ActiveInterface types.String `tfsdk:"active_interface"`
+ ActiveInterfaceWeight types.Int64 `tfsdk:"active_interface_weight"`
+ BackupInterface types.String `tfsdk:"backup_interface"`
+ BackupInterfaceWeight types.Int64 `tfsdk:"backup_interface_weight"`
+}
+
+func (data CiscoSecureInternetGateway) getModel() string {
+ return "cisco_secure_internet_gateway"
+}
+
+func (data CiscoSecureInternetGateway) toBody(ctx context.Context) string {
+ body := ""
+
+ var device_types []string
+ data.DeviceTypes.ElementsAs(ctx, &device_types, false)
+ body, _ = sjson.Set(body, "deviceType", device_types)
+ body, _ = sjson.Set(body, "factoryDefault", false)
+ body, _ = sjson.Set(body, "templateDescription", data.Description.ValueString())
+ body, _ = sjson.Set(body, "templateMinVersion", "15.0.0")
+ body, _ = sjson.Set(body, "templateName", data.Name.ValueString())
+ body, _ = sjson.Set(body, "templateType", "cisco_secure_internet_gateway")
+ body, _ = sjson.Set(body, "templateDefinition", map[string]interface{}{})
+
+ path := "templateDefinition."
+ if data.VpnId.IsNull() {
+ } else {
+ body, _ = sjson.Set(body, path+"vpn-id."+"vipObjectType", "object")
+ body, _ = sjson.Set(body, path+"vpn-id."+"vipType", "constant")
+ body, _ = sjson.Set(body, path+"vpn-id."+"vipValue", data.VpnId.ValueInt64())
+ }
+ if len(data.Interfaces) > 0 {
+ body, _ = sjson.Set(body, path+"interface."+"vipObjectType", "tree")
+ body, _ = sjson.Set(body, path+"interface."+"vipType", "constant")
+ body, _ = sjson.Set(body, path+"interface."+"vipPrimaryKey", []string{"if-name"})
+ body, _ = sjson.Set(body, path+"interface."+"vipValue", []interface{}{})
+ } else {
+ body, _ = sjson.Set(body, path+"interface."+"vipObjectType", "tree")
+ body, _ = sjson.Set(body, path+"interface."+"vipType", "ignore")
+ body, _ = sjson.Set(body, path+"interface."+"vipPrimaryKey", []string{"if-name"})
+ body, _ = sjson.Set(body, path+"interface."+"vipValue", []interface{}{})
+ }
+ for _, item := range data.Interfaces {
+ itemBody := ""
+ itemAttributes := make([]string, 0)
+ itemAttributes = append(itemAttributes, "if-name")
+
+ if !item.NameVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "if-name."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "if-name."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "if-name."+"vipVariableName", item.NameVariable.ValueString())
+ } else if item.Name.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "if-name."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "if-name."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "if-name."+"vipValue", item.Name.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "auto")
+ if item.AutoTunnelMode.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "auto."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "auto."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "auto."+"vipValue", strconv.FormatBool(item.AutoTunnelMode.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "shutdown")
+ if item.Shutdown.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "shutdown."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "shutdown."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "shutdown."+"vipValue", strconv.FormatBool(item.Shutdown.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "description")
+
+ if !item.DescriptionVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "description."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "description."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "description."+"vipVariableName", item.DescriptionVariable.ValueString())
+ } else if item.Description.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "description."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "description."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "description."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "description."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "description."+"vipValue", item.Description.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "unnumbered")
+ if item.IpUnnumbered.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ip", map[string]interface{}{})
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ip.unnumbered."+"vipObjectType", "node-only")
+ itemBody, _ = sjson.Set(itemBody, "ip.unnumbered."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ip.unnumbered."+"vipValue", strconv.FormatBool(item.IpUnnumbered.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "address")
+
+ if !item.Ipv4AddressVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipVariableName", item.Ipv4AddressVariable.ValueString())
+ } else if item.Ipv4Address.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipValue", item.Ipv4Address.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "tunnel-source")
+
+ if !item.TunnelSourceVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipVariableName", item.TunnelSourceVariable.ValueString())
+ } else if item.TunnelSource.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipValue", item.TunnelSource.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "tunnel-source-interface")
+
+ if !item.TunnelSourceInterfaceVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipVariableName", item.TunnelSourceInterfaceVariable.ValueString())
+ } else if item.TunnelSourceInterface.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipValue", item.TunnelSourceInterface.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "tunnel-route-via")
+
+ if !item.TunnelRouteViaVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipVariableName", item.TunnelRouteViaVariable.ValueString())
+ } else if item.TunnelRouteVia.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipValue", item.TunnelRouteVia.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "tunnel-destination")
+
+ if !item.TunnelDestinationVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipVariableName", item.TunnelDestinationVariable.ValueString())
+ } else if item.TunnelDestination.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipValue", item.TunnelDestination.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "application")
+ if item.Application.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "application."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "application."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "application."+"vipValue", item.Application.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "tunnel-set")
+ if item.SigProvider.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-set."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-set."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-set."+"vipValue", item.SigProvider.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "tunnel-dc-preference")
+ if item.TunnelDcPreference.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-dc-preference."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-dc-preference."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-dc-preference."+"vipValue", item.TunnelDcPreference.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "tcp-mss-adjust")
+
+ if !item.TcpMssVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipVariableName", item.TcpMssVariable.ValueString())
+ } else if item.TcpMss.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipValue", item.TcpMss.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "mtu")
+
+ if !item.MtuVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "mtu."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "mtu."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "mtu."+"vipVariableName", item.MtuVariable.ValueString())
+ } else if item.Mtu.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "mtu."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "mtu."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "mtu."+"vipValue", item.Mtu.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "dpd-interval")
+
+ if !item.DeadPeerDetectionIntervalVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipVariableName", item.DeadPeerDetectionIntervalVariable.ValueString())
+ } else if item.DeadPeerDetectionInterval.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipValue", item.DeadPeerDetectionInterval.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "dpd-retries")
+
+ if !item.DeadPeerDetectionRetriesVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipVariableName", item.DeadPeerDetectionRetriesVariable.ValueString())
+ } else if item.DeadPeerDetectionRetries.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipValue", item.DeadPeerDetectionRetries.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "ike-version")
+
+ if !item.IkeVersionVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipVariableName", item.IkeVersionVariable.ValueString())
+ } else if item.IkeVersion.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipValue", item.IkeVersion.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "pre-shared-secret")
+
+ if !item.IkePreSharedKeyVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipVariableName", item.IkePreSharedKeyVariable.ValueString())
+ } else if item.IkePreSharedKey.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipValue", item.IkePreSharedKey.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "ike-rekey-interval")
+
+ if !item.IkeRekeyIntervalVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipVariableName", item.IkeRekeyIntervalVariable.ValueString())
+ } else if item.IkeRekeyInterval.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipValue", item.IkeRekeyInterval.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "ike-ciphersuite")
+
+ if !item.IkeCiphersuiteVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipVariableName", item.IkeCiphersuiteVariable.ValueString())
+ } else if item.IkeCiphersuite.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipValue", item.IkeCiphersuite.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "ike-group")
+
+ if !item.IkeGroupVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipVariableName", item.IkeGroupVariable.ValueString())
+ } else if item.IkeGroup.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike", map[string]interface{}{})
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipValue", item.IkeGroup.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "pre-shared-key-dynamic")
+ if item.IkePreSharedKeyDynamic.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type", map[string]interface{}{})
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key-dynamic."+"vipObjectType", "node-only")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key-dynamic."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key-dynamic."+"vipValue", strconv.FormatBool(item.IkePreSharedKeyDynamic.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "ike-local-id")
+
+ if !item.IkePreSharedKeyLocalIdVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipVariableName", item.IkePreSharedKeyLocalIdVariable.ValueString())
+ } else if item.IkePreSharedKeyLocalId.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipValue", item.IkePreSharedKeyLocalId.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "ike-remote-id")
+
+ if !item.IkePreSharedKeyRemoteIdVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipVariableName", item.IkePreSharedKeyRemoteIdVariable.ValueString())
+ } else if item.IkePreSharedKeyRemoteId.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipValue", item.IkePreSharedKeyRemoteId.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "ipsec-rekey-interval")
+
+ if !item.IpsecRekeyIntervalVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipVariableName", item.IpsecRekeyIntervalVariable.ValueString())
+ } else if item.IpsecRekeyInterval.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipValue", item.IpsecRekeyInterval.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "ipsec-replay-window")
+
+ if !item.IpsecReplayWindowVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipVariableName", item.IpsecReplayWindowVariable.ValueString())
+ } else if item.IpsecReplayWindow.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipValue", item.IpsecReplayWindow.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "ipsec-ciphersuite")
+
+ if !item.IpsecCiphersuiteVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipVariableName", item.IpsecCiphersuiteVariable.ValueString())
+ } else if item.IpsecCiphersuite.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ipsec", map[string]interface{}{})
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipValue", item.IpsecCiphersuite.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "perfect-forward-secrecy")
+
+ if !item.IpsecPerfectForwardSecrecyVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipVariableName", item.IpsecPerfectForwardSecrecyVariable.ValueString())
+ } else if item.IpsecPerfectForwardSecrecy.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "ipsec", map[string]interface{}{})
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipValue", item.IpsecPerfectForwardSecrecy.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "track-enable")
+ if item.TrackEnable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipValue", strconv.FormatBool(item.TrackEnable.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "tunnel-public-ip")
+
+ if !item.TunnelPublicIpVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipVariableName", item.TunnelPublicIpVariable.ValueString())
+ } else if item.TunnelPublicIp.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipValue", item.TunnelPublicIp.ValueString())
+ }
+ if !item.Optional.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "vipOptional", item.Optional.ValueBool())
+ itemBody, _ = sjson.Set(itemBody, "priority-order", itemAttributes)
+ }
+ body, _ = sjson.SetRaw(body, path+"interface."+"vipValue.-1", itemBody)
+ }
+ if len(data.Services) > 0 {
+ body, _ = sjson.Set(body, path+"service."+"vipObjectType", "tree")
+ body, _ = sjson.Set(body, path+"service."+"vipType", "constant")
+ body, _ = sjson.Set(body, path+"service."+"vipPrimaryKey", []string{"svc-type"})
+ body, _ = sjson.Set(body, path+"service."+"vipValue", []interface{}{})
+ } else {
+ body, _ = sjson.Set(body, path+"service."+"vipObjectType", "tree")
+ body, _ = sjson.Set(body, path+"service."+"vipType", "ignore")
+ body, _ = sjson.Set(body, path+"service."+"vipPrimaryKey", []string{"svc-type"})
+ body, _ = sjson.Set(body, path+"service."+"vipValue", []interface{}{})
+ }
+ for _, item := range data.Services {
+ itemBody := ""
+ itemAttributes := make([]string, 0)
+ itemAttributes = append(itemAttributes, "svc-type")
+ if item.ServiceType.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "svc-type."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "svc-type."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "svc-type."+"vipValue", item.ServiceType.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "interface-pair")
+ if len(item.InterfacePairs) > 0 {
+ itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipObjectType", "tree")
+ itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipPrimaryKey", []string{"active-interface", "backup-interface"})
+ itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipValue", []interface{}{})
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipObjectType", "tree")
+ itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipType", "ignore")
+ itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipPrimaryKey", []string{"active-interface", "backup-interface"})
+ itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipValue", []interface{}{})
+ }
+ for _, childItem := range item.InterfacePairs {
+ itemChildBody := ""
+ itemChildAttributes := make([]string, 0)
+ itemChildAttributes = append(itemChildAttributes, "active-interface")
+ if childItem.ActiveInterface.IsNull() {
+ } else {
+ itemChildBody, _ = sjson.Set(itemChildBody, "active-interface."+"vipObjectType", "object")
+ itemChildBody, _ = sjson.Set(itemChildBody, "active-interface."+"vipType", "constant")
+ itemChildBody, _ = sjson.Set(itemChildBody, "active-interface."+"vipValue", childItem.ActiveInterface.ValueString())
+ }
+ itemChildAttributes = append(itemChildAttributes, "active-interface-weight")
+ if childItem.ActiveInterfaceWeight.IsNull() {
+ } else {
+ itemChildBody, _ = sjson.Set(itemChildBody, "active-interface-weight."+"vipObjectType", "object")
+ itemChildBody, _ = sjson.Set(itemChildBody, "active-interface-weight."+"vipType", "constant")
+ itemChildBody, _ = sjson.Set(itemChildBody, "active-interface-weight."+"vipValue", childItem.ActiveInterfaceWeight.ValueInt64())
+ }
+ itemChildAttributes = append(itemChildAttributes, "backup-interface")
+ if childItem.BackupInterface.IsNull() {
+ } else {
+ itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface."+"vipObjectType", "object")
+ itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface."+"vipType", "constant")
+ itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface."+"vipValue", childItem.BackupInterface.ValueString())
+ }
+ itemChildAttributes = append(itemChildAttributes, "backup-interface-weight")
+ if childItem.BackupInterfaceWeight.IsNull() {
+ } else {
+ itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface-weight."+"vipObjectType", "object")
+ itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface-weight."+"vipType", "constant")
+ itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface-weight."+"vipValue", childItem.BackupInterfaceWeight.ValueInt64())
+ }
+ if !childItem.Optional.IsNull() {
+ itemChildBody, _ = sjson.Set(itemChildBody, "vipOptional", childItem.Optional.ValueBool())
+ itemChildBody, _ = sjson.Set(itemChildBody, "priority-order", itemChildAttributes)
+ }
+ itemBody, _ = sjson.SetRaw(itemBody, "ha-pairs.interface-pair."+"vipValue.-1", itemChildBody)
+ }
+ itemAttributes = append(itemAttributes, "auth-required")
+ if item.ZscalerAuthenticationRequired.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipValue", strconv.FormatBool(item.ZscalerAuthenticationRequired.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "xff-forward-enabled")
+ if item.ZscalerXffForward.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipValue", strconv.FormatBool(item.ZscalerXffForward.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "ofw-enabled")
+ if item.ZscalerFirewallEnabled.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipValue", strconv.FormatBool(item.ZscalerFirewallEnabled.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "ips-control")
+ if item.ZscalerIpsControlEnabled.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipValue", strconv.FormatBool(item.ZscalerIpsControlEnabled.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "caution-enabled")
+ if item.ZscalerCautionEnabled.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipValue", strconv.FormatBool(item.ZscalerCautionEnabled.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "primary-data-center")
+
+ if !item.ZscalerPrimaryDataCenterVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipVariableName", item.ZscalerPrimaryDataCenterVariable.ValueString())
+ } else if item.ZscalerPrimaryDataCenter.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipValue", item.ZscalerPrimaryDataCenter.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "secondary-data-center")
+
+ if !item.ZscalerSecondaryDataCenterVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipVariableName", item.ZscalerSecondaryDataCenterVariable.ValueString())
+ } else if item.ZscalerSecondaryDataCenter.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipValue", item.ZscalerSecondaryDataCenter.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "ip")
+ if item.ZscalerSurrogateIp.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipValue", strconv.FormatBool(item.ZscalerSurrogateIp.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "idle-time")
+ if item.ZscalerSurrogateIdleTime.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipValue", item.ZscalerSurrogateIdleTime.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "display-time-unit")
+ if item.ZscalerSurrogateDisplayTimeUnit.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipValue", item.ZscalerSurrogateDisplayTimeUnit.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "ip-enforced-for-known-browsers")
+ if item.ZscalerSurrogateIpEnforceForKnownBrowsers.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipValue", strconv.FormatBool(item.ZscalerSurrogateIpEnforceForKnownBrowsers.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "refresh-time-unit")
+ if item.ZscalerSurrogateRefreshTimeUnit.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipValue", item.ZscalerSurrogateRefreshTimeUnit.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "enabled")
+ if item.AupEnabled.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipValue", strconv.FormatBool(item.AupEnabled.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "block-internet-until-accepted")
+ if item.AupBlockInternetUntilAccepted.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipValue", strconv.FormatBool(item.AupBlockInternetUntilAccepted.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "force-ssl-inspection")
+ if item.AupForceSslInspection.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipValue", strconv.FormatBool(item.AupForceSslInspection.ValueBool()))
+ }
+ itemAttributes = append(itemAttributes, "timeout")
+ if item.AupTimeout.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipValue", item.AupTimeout.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "location-name")
+
+ if !item.ZscalerLocationNameVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipVariableName", item.ZscalerLocationNameVariable.ValueString())
+ } else if item.ZscalerLocationName.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipValue", item.ZscalerLocationName.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "data-center-primary")
+
+ if !item.UmbrellaPrimaryDataCenterVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipVariableName", item.UmbrellaPrimaryDataCenterVariable.ValueString())
+ } else if item.UmbrellaPrimaryDataCenter.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipValue", item.UmbrellaPrimaryDataCenter.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "data-center-secondary")
+
+ if !item.UmbrellaSecondaryDataCenterVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipVariableName", item.UmbrellaSecondaryDataCenterVariable.ValueString())
+ } else if item.UmbrellaSecondaryDataCenter.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipValue", item.UmbrellaSecondaryDataCenter.ValueString())
+ }
+ if !item.Optional.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "vipOptional", item.Optional.ValueBool())
+ itemBody, _ = sjson.Set(itemBody, "priority-order", itemAttributes)
+ }
+ body, _ = sjson.SetRaw(body, path+"service."+"vipValue.-1", itemBody)
+ }
+
+ if !data.TrackerSourceIpVariable.IsNull() {
+ body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipObjectType", "object")
+ body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipType", "variableName")
+ body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipVariableName", data.TrackerSourceIpVariable.ValueString())
+ } else if data.TrackerSourceIp.IsNull() {
+ } else {
+ body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipObjectType", "object")
+ body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipType", "constant")
+ body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipValue", data.TrackerSourceIp.ValueString())
+ }
+ if len(data.Trackers) > 0 {
+ body, _ = sjson.Set(body, path+"tracker."+"vipObjectType", "tree")
+ body, _ = sjson.Set(body, path+"tracker."+"vipType", "constant")
+ body, _ = sjson.Set(body, path+"tracker."+"vipPrimaryKey", []string{"tracker-type", "name"})
+ body, _ = sjson.Set(body, path+"tracker."+"vipValue", []interface{}{})
+ } else {
+ body, _ = sjson.Set(body, path+"tracker."+"vipObjectType", "tree")
+ body, _ = sjson.Set(body, path+"tracker."+"vipType", "ignore")
+ body, _ = sjson.Set(body, path+"tracker."+"vipPrimaryKey", []string{"tracker-type", "name"})
+ body, _ = sjson.Set(body, path+"tracker."+"vipValue", []interface{}{})
+ }
+ for _, item := range data.Trackers {
+ itemBody := ""
+ itemAttributes := make([]string, 0)
+ itemAttributes = append(itemAttributes, "name")
+
+ if !item.NameVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "name."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "name."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "name."+"vipVariableName", item.NameVariable.ValueString())
+ } else if item.Name.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "name."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "name."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "name."+"vipValue", item.Name.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "endpoint-api-url")
+
+ if !item.EndpointApiUrlVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipVariableName", item.EndpointApiUrlVariable.ValueString())
+ } else if item.EndpointApiUrl.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipValue", item.EndpointApiUrl.ValueString())
+ }
+ itemAttributes = append(itemAttributes, "threshold")
+
+ if !item.ThresholdVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "threshold."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "threshold."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "threshold."+"vipVariableName", item.ThresholdVariable.ValueString())
+ } else if item.Threshold.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "threshold."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "threshold."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "threshold."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "threshold."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "threshold."+"vipValue", item.Threshold.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "multiplier")
+
+ if !item.MultiplierVariable.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipType", "variableName")
+ itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipVariableName", item.MultiplierVariable.ValueString())
+ } else if item.Multiplier.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipType", "ignore")
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipValue", item.Multiplier.ValueInt64())
+ }
+ itemAttributes = append(itemAttributes, "tracker-type")
+ if item.TrackerType.IsNull() {
+ } else {
+ itemBody, _ = sjson.Set(itemBody, "tracker-type."+"vipObjectType", "object")
+ itemBody, _ = sjson.Set(itemBody, "tracker-type."+"vipType", "constant")
+ itemBody, _ = sjson.Set(itemBody, "tracker-type."+"vipValue", item.TrackerType.ValueString())
+ }
+ if !item.Optional.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "vipOptional", item.Optional.ValueBool())
+ itemBody, _ = sjson.Set(itemBody, "priority-order", itemAttributes)
+ }
+ body, _ = sjson.SetRaw(body, path+"tracker."+"vipValue.-1", itemBody)
+ }
+ return body
+}
+
+func (data *CiscoSecureInternetGateway) fromBody(ctx context.Context, res gjson.Result) {
+ if value := res.Get("deviceType"); value.Exists() {
+ data.DeviceTypes = helpers.GetStringList(value.Array())
+ } else {
+ data.DeviceTypes = types.ListNull(types.StringType)
+ }
+ if value := res.Get("templateDescription"); value.Exists() && value.String() != "" {
+ data.Description = types.StringValue(value.String())
+ } else {
+ data.Description = types.StringNull()
+ }
+ if value := res.Get("templateName"); value.Exists() {
+ data.Name = types.StringValue(value.String())
+ } else {
+ data.Name = types.StringNull()
+ }
+ if value := res.Get("templateType"); value.Exists() {
+ data.TemplateType = types.StringValue(value.String())
+ } else {
+ data.TemplateType = types.StringNull()
+ }
+
+ path := "templateDefinition."
+ if value := res.Get(path + "vpn-id.vipType"); value.Exists() {
+ if value.String() == "variableName" {
+ data.VpnId = types.Int64Null()
+
+ } else if value.String() == "ignore" {
+ data.VpnId = types.Int64Null()
+
+ } else if value.String() == "constant" {
+ v := res.Get(path + "vpn-id.vipValue")
+ data.VpnId = types.Int64Value(v.Int())
+
+ }
+ } else {
+ data.VpnId = types.Int64Null()
+
+ }
+ if value := res.Get(path + "interface.vipValue"); len(value.Array()) > 0 {
+ data.Interfaces = make([]CiscoSecureInternetGatewayInterfaces, 0)
+ value.ForEach(func(k, v gjson.Result) bool {
+ item := CiscoSecureInternetGatewayInterfaces{}
+ if cValue := v.Get("vipOptional"); cValue.Exists() {
+ item.Optional = types.BoolValue(cValue.Bool())
+ } else {
+ item.Optional = types.BoolNull()
+ }
+ if cValue := v.Get("if-name.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Name = types.StringNull()
+
+ cv := v.Get("if-name.vipVariableName")
+ item.NameVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.Name = types.StringNull()
+ item.NameVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("if-name.vipValue")
+ item.Name = types.StringValue(cv.String())
+ item.NameVariable = types.StringNull()
+ }
+ } else {
+ item.Name = types.StringNull()
+ item.NameVariable = types.StringNull()
+ }
+ if cValue := v.Get("auto.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.AutoTunnelMode = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.AutoTunnelMode = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("auto.vipValue")
+ item.AutoTunnelMode = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.AutoTunnelMode = types.BoolNull()
+
+ }
+ if cValue := v.Get("shutdown.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Shutdown = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.Shutdown = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("shutdown.vipValue")
+ item.Shutdown = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.Shutdown = types.BoolNull()
+
+ }
+ if cValue := v.Get("description.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Description = types.StringNull()
+
+ cv := v.Get("description.vipVariableName")
+ item.DescriptionVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.Description = types.StringNull()
+ item.DescriptionVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("description.vipValue")
+ item.Description = types.StringValue(cv.String())
+ item.DescriptionVariable = types.StringNull()
+ }
+ } else {
+ item.Description = types.StringNull()
+ item.DescriptionVariable = types.StringNull()
+ }
+ if cValue := v.Get("ip.unnumbered.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IpUnnumbered = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.IpUnnumbered = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ip.unnumbered.vipValue")
+ item.IpUnnumbered = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.IpUnnumbered = types.BoolNull()
+
+ }
+ if cValue := v.Get("ip.address.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Ipv4Address = types.StringNull()
+
+ cv := v.Get("ip.address.vipVariableName")
+ item.Ipv4AddressVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.Ipv4Address = types.StringNull()
+ item.Ipv4AddressVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ip.address.vipValue")
+ item.Ipv4Address = types.StringValue(cv.String())
+ item.Ipv4AddressVariable = types.StringNull()
+ }
+ } else {
+ item.Ipv4Address = types.StringNull()
+ item.Ipv4AddressVariable = types.StringNull()
+ }
+ if cValue := v.Get("tunnel-source.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TunnelSource = types.StringNull()
+
+ cv := v.Get("tunnel-source.vipVariableName")
+ item.TunnelSourceVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.TunnelSource = types.StringNull()
+ item.TunnelSourceVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tunnel-source.vipValue")
+ item.TunnelSource = types.StringValue(cv.String())
+ item.TunnelSourceVariable = types.StringNull()
+ }
+ } else {
+ item.TunnelSource = types.StringNull()
+ item.TunnelSourceVariable = types.StringNull()
+ }
+ if cValue := v.Get("tunnel-source-interface.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TunnelSourceInterface = types.StringNull()
+
+ cv := v.Get("tunnel-source-interface.vipVariableName")
+ item.TunnelSourceInterfaceVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.TunnelSourceInterface = types.StringNull()
+ item.TunnelSourceInterfaceVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tunnel-source-interface.vipValue")
+ item.TunnelSourceInterface = types.StringValue(cv.String())
+ item.TunnelSourceInterfaceVariable = types.StringNull()
+ }
+ } else {
+ item.TunnelSourceInterface = types.StringNull()
+ item.TunnelSourceInterfaceVariable = types.StringNull()
+ }
+ if cValue := v.Get("tunnel-route-via.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TunnelRouteVia = types.StringNull()
+
+ cv := v.Get("tunnel-route-via.vipVariableName")
+ item.TunnelRouteViaVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.TunnelRouteVia = types.StringNull()
+ item.TunnelRouteViaVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tunnel-route-via.vipValue")
+ item.TunnelRouteVia = types.StringValue(cv.String())
+ item.TunnelRouteViaVariable = types.StringNull()
+ }
+ } else {
+ item.TunnelRouteVia = types.StringNull()
+ item.TunnelRouteViaVariable = types.StringNull()
+ }
+ if cValue := v.Get("tunnel-destination.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TunnelDestination = types.StringNull()
+
+ cv := v.Get("tunnel-destination.vipVariableName")
+ item.TunnelDestinationVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.TunnelDestination = types.StringNull()
+ item.TunnelDestinationVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tunnel-destination.vipValue")
+ item.TunnelDestination = types.StringValue(cv.String())
+ item.TunnelDestinationVariable = types.StringNull()
+ }
+ } else {
+ item.TunnelDestination = types.StringNull()
+ item.TunnelDestinationVariable = types.StringNull()
+ }
+ if cValue := v.Get("application.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Application = types.StringNull()
+
+ } else if cValue.String() == "ignore" {
+ item.Application = types.StringNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("application.vipValue")
+ item.Application = types.StringValue(cv.String())
+
+ }
+ } else {
+ item.Application = types.StringNull()
+
+ }
+ if cValue := v.Get("tunnel-set.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.SigProvider = types.StringNull()
+
+ } else if cValue.String() == "ignore" {
+ item.SigProvider = types.StringNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tunnel-set.vipValue")
+ item.SigProvider = types.StringValue(cv.String())
+
+ }
+ } else {
+ item.SigProvider = types.StringNull()
+
+ }
+ if cValue := v.Get("tunnel-dc-preference.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TunnelDcPreference = types.StringNull()
+
+ } else if cValue.String() == "ignore" {
+ item.TunnelDcPreference = types.StringNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tunnel-dc-preference.vipValue")
+ item.TunnelDcPreference = types.StringValue(cv.String())
+
+ }
+ } else {
+ item.TunnelDcPreference = types.StringNull()
+
+ }
+ if cValue := v.Get("tcp-mss-adjust.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TcpMss = types.Int64Null()
+
+ cv := v.Get("tcp-mss-adjust.vipVariableName")
+ item.TcpMssVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.TcpMss = types.Int64Null()
+ item.TcpMssVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tcp-mss-adjust.vipValue")
+ item.TcpMss = types.Int64Value(cv.Int())
+ item.TcpMssVariable = types.StringNull()
+ }
+ } else {
+ item.TcpMss = types.Int64Null()
+ item.TcpMssVariable = types.StringNull()
+ }
+ if cValue := v.Get("mtu.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Mtu = types.Int64Null()
+
+ cv := v.Get("mtu.vipVariableName")
+ item.MtuVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.Mtu = types.Int64Null()
+ item.MtuVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("mtu.vipValue")
+ item.Mtu = types.Int64Value(cv.Int())
+ item.MtuVariable = types.StringNull()
+ }
+ } else {
+ item.Mtu = types.Int64Null()
+ item.MtuVariable = types.StringNull()
+ }
+ if cValue := v.Get("dead-peer-detection.dpd-interval.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.DeadPeerDetectionInterval = types.Int64Null()
+
+ cv := v.Get("dead-peer-detection.dpd-interval.vipVariableName")
+ item.DeadPeerDetectionIntervalVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.DeadPeerDetectionInterval = types.Int64Null()
+ item.DeadPeerDetectionIntervalVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("dead-peer-detection.dpd-interval.vipValue")
+ item.DeadPeerDetectionInterval = types.Int64Value(cv.Int())
+ item.DeadPeerDetectionIntervalVariable = types.StringNull()
+ }
+ } else {
+ item.DeadPeerDetectionInterval = types.Int64Null()
+ item.DeadPeerDetectionIntervalVariable = types.StringNull()
+ }
+ if cValue := v.Get("dead-peer-detection.dpd-retries.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.DeadPeerDetectionRetries = types.Int64Null()
+
+ cv := v.Get("dead-peer-detection.dpd-retries.vipVariableName")
+ item.DeadPeerDetectionRetriesVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.DeadPeerDetectionRetries = types.Int64Null()
+ item.DeadPeerDetectionRetriesVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("dead-peer-detection.dpd-retries.vipValue")
+ item.DeadPeerDetectionRetries = types.Int64Value(cv.Int())
+ item.DeadPeerDetectionRetriesVariable = types.StringNull()
+ }
+ } else {
+ item.DeadPeerDetectionRetries = types.Int64Null()
+ item.DeadPeerDetectionRetriesVariable = types.StringNull()
+ }
+ if cValue := v.Get("ike.ike-version.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IkeVersion = types.Int64Null()
+
+ cv := v.Get("ike.ike-version.vipVariableName")
+ item.IkeVersionVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IkeVersion = types.Int64Null()
+ item.IkeVersionVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ike.ike-version.vipValue")
+ item.IkeVersion = types.Int64Value(cv.Int())
+ item.IkeVersionVariable = types.StringNull()
+ }
+ } else {
+ item.IkeVersion = types.Int64Null()
+ item.IkeVersionVariable = types.StringNull()
+ }
+ if cValue := v.Get("ike.authentication-type.pre-shared-key.pre-shared-secret.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IkePreSharedKey = types.StringNull()
+
+ cv := v.Get("ike.authentication-type.pre-shared-key.pre-shared-secret.vipVariableName")
+ item.IkePreSharedKeyVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IkePreSharedKey = types.StringNull()
+ item.IkePreSharedKeyVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ike.authentication-type.pre-shared-key.pre-shared-secret.vipValue")
+ item.IkePreSharedKey = types.StringValue(cv.String())
+ item.IkePreSharedKeyVariable = types.StringNull()
+ }
+ } else {
+ item.IkePreSharedKey = types.StringNull()
+ item.IkePreSharedKeyVariable = types.StringNull()
+ }
+ if cValue := v.Get("ike.ike-rekey-interval.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IkeRekeyInterval = types.Int64Null()
+
+ cv := v.Get("ike.ike-rekey-interval.vipVariableName")
+ item.IkeRekeyIntervalVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IkeRekeyInterval = types.Int64Null()
+ item.IkeRekeyIntervalVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ike.ike-rekey-interval.vipValue")
+ item.IkeRekeyInterval = types.Int64Value(cv.Int())
+ item.IkeRekeyIntervalVariable = types.StringNull()
+ }
+ } else {
+ item.IkeRekeyInterval = types.Int64Null()
+ item.IkeRekeyIntervalVariable = types.StringNull()
+ }
+ if cValue := v.Get("ike.ike-ciphersuite.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IkeCiphersuite = types.StringNull()
+
+ cv := v.Get("ike.ike-ciphersuite.vipVariableName")
+ item.IkeCiphersuiteVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IkeCiphersuite = types.StringNull()
+ item.IkeCiphersuiteVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ike.ike-ciphersuite.vipValue")
+ item.IkeCiphersuite = types.StringValue(cv.String())
+ item.IkeCiphersuiteVariable = types.StringNull()
+ }
+ } else {
+ item.IkeCiphersuite = types.StringNull()
+ item.IkeCiphersuiteVariable = types.StringNull()
+ }
+ if cValue := v.Get("ike.ike-group.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IkeGroup = types.StringNull()
+
+ cv := v.Get("ike.ike-group.vipVariableName")
+ item.IkeGroupVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IkeGroup = types.StringNull()
+ item.IkeGroupVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ike.ike-group.vipValue")
+ item.IkeGroup = types.StringValue(cv.String())
+ item.IkeGroupVariable = types.StringNull()
+ }
+ } else {
+ item.IkeGroup = types.StringNull()
+ item.IkeGroupVariable = types.StringNull()
+ }
+ if cValue := v.Get("ike.authentication-type.pre-shared-key-dynamic.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IkePreSharedKeyDynamic = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.IkePreSharedKeyDynamic = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ike.authentication-type.pre-shared-key-dynamic.vipValue")
+ item.IkePreSharedKeyDynamic = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.IkePreSharedKeyDynamic = types.BoolNull()
+
+ }
+ if cValue := v.Get("ike.authentication-type.pre-shared-key.ike-local-id.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IkePreSharedKeyLocalId = types.StringNull()
+
+ cv := v.Get("ike.authentication-type.pre-shared-key.ike-local-id.vipVariableName")
+ item.IkePreSharedKeyLocalIdVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IkePreSharedKeyLocalId = types.StringNull()
+ item.IkePreSharedKeyLocalIdVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ike.authentication-type.pre-shared-key.ike-local-id.vipValue")
+ item.IkePreSharedKeyLocalId = types.StringValue(cv.String())
+ item.IkePreSharedKeyLocalIdVariable = types.StringNull()
+ }
+ } else {
+ item.IkePreSharedKeyLocalId = types.StringNull()
+ item.IkePreSharedKeyLocalIdVariable = types.StringNull()
+ }
+ if cValue := v.Get("ike.authentication-type.pre-shared-key.ike-remote-id.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IkePreSharedKeyRemoteId = types.StringNull()
+
+ cv := v.Get("ike.authentication-type.pre-shared-key.ike-remote-id.vipVariableName")
+ item.IkePreSharedKeyRemoteIdVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IkePreSharedKeyRemoteId = types.StringNull()
+ item.IkePreSharedKeyRemoteIdVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ike.authentication-type.pre-shared-key.ike-remote-id.vipValue")
+ item.IkePreSharedKeyRemoteId = types.StringValue(cv.String())
+ item.IkePreSharedKeyRemoteIdVariable = types.StringNull()
+ }
+ } else {
+ item.IkePreSharedKeyRemoteId = types.StringNull()
+ item.IkePreSharedKeyRemoteIdVariable = types.StringNull()
+ }
+ if cValue := v.Get("ipsec.ipsec-rekey-interval.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IpsecRekeyInterval = types.Int64Null()
+
+ cv := v.Get("ipsec.ipsec-rekey-interval.vipVariableName")
+ item.IpsecRekeyIntervalVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IpsecRekeyInterval = types.Int64Null()
+ item.IpsecRekeyIntervalVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ipsec.ipsec-rekey-interval.vipValue")
+ item.IpsecRekeyInterval = types.Int64Value(cv.Int())
+ item.IpsecRekeyIntervalVariable = types.StringNull()
+ }
+ } else {
+ item.IpsecRekeyInterval = types.Int64Null()
+ item.IpsecRekeyIntervalVariable = types.StringNull()
+ }
+ if cValue := v.Get("ipsec.ipsec-replay-window.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IpsecReplayWindow = types.Int64Null()
+
+ cv := v.Get("ipsec.ipsec-replay-window.vipVariableName")
+ item.IpsecReplayWindowVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IpsecReplayWindow = types.Int64Null()
+ item.IpsecReplayWindowVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ipsec.ipsec-replay-window.vipValue")
+ item.IpsecReplayWindow = types.Int64Value(cv.Int())
+ item.IpsecReplayWindowVariable = types.StringNull()
+ }
+ } else {
+ item.IpsecReplayWindow = types.Int64Null()
+ item.IpsecReplayWindowVariable = types.StringNull()
+ }
+ if cValue := v.Get("ipsec.ipsec-ciphersuite.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IpsecCiphersuite = types.StringNull()
+
+ cv := v.Get("ipsec.ipsec-ciphersuite.vipVariableName")
+ item.IpsecCiphersuiteVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IpsecCiphersuite = types.StringNull()
+ item.IpsecCiphersuiteVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ipsec.ipsec-ciphersuite.vipValue")
+ item.IpsecCiphersuite = types.StringValue(cv.String())
+ item.IpsecCiphersuiteVariable = types.StringNull()
+ }
+ } else {
+ item.IpsecCiphersuite = types.StringNull()
+ item.IpsecCiphersuiteVariable = types.StringNull()
+ }
+ if cValue := v.Get("ipsec.perfect-forward-secrecy.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.IpsecPerfectForwardSecrecy = types.StringNull()
+
+ cv := v.Get("ipsec.perfect-forward-secrecy.vipVariableName")
+ item.IpsecPerfectForwardSecrecyVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.IpsecPerfectForwardSecrecy = types.StringNull()
+ item.IpsecPerfectForwardSecrecyVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("ipsec.perfect-forward-secrecy.vipValue")
+ item.IpsecPerfectForwardSecrecy = types.StringValue(cv.String())
+ item.IpsecPerfectForwardSecrecyVariable = types.StringNull()
+ }
+ } else {
+ item.IpsecPerfectForwardSecrecy = types.StringNull()
+ item.IpsecPerfectForwardSecrecyVariable = types.StringNull()
+ }
+ if cValue := v.Get("track-enable.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TrackEnable = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.TrackEnable = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("track-enable.vipValue")
+ item.TrackEnable = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.TrackEnable = types.BoolNull()
+
+ }
+ if cValue := v.Get("tunnel-public-ip.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TunnelPublicIp = types.StringNull()
+
+ cv := v.Get("tunnel-public-ip.vipVariableName")
+ item.TunnelPublicIpVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.TunnelPublicIp = types.StringNull()
+ item.TunnelPublicIpVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tunnel-public-ip.vipValue")
+ item.TunnelPublicIp = types.StringValue(cv.String())
+ item.TunnelPublicIpVariable = types.StringNull()
+ }
+ } else {
+ item.TunnelPublicIp = types.StringNull()
+ item.TunnelPublicIpVariable = types.StringNull()
+ }
+ data.Interfaces = append(data.Interfaces, item)
+ return true
+ })
+ }
+ if value := res.Get(path + "service.vipValue"); len(value.Array()) > 0 {
+ data.Services = make([]CiscoSecureInternetGatewayServices, 0)
+ value.ForEach(func(k, v gjson.Result) bool {
+ item := CiscoSecureInternetGatewayServices{}
+ if cValue := v.Get("vipOptional"); cValue.Exists() {
+ item.Optional = types.BoolValue(cValue.Bool())
+ } else {
+ item.Optional = types.BoolNull()
+ }
+ if cValue := v.Get("svc-type.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ServiceType = types.StringNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ServiceType = types.StringNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("svc-type.vipValue")
+ item.ServiceType = types.StringValue(cv.String())
+
+ }
+ } else {
+ item.ServiceType = types.StringNull()
+
+ }
+ if cValue := v.Get("ha-pairs.interface-pair.vipValue"); len(cValue.Array()) > 0 {
+ item.InterfacePairs = make([]CiscoSecureInternetGatewayServicesInterfacePairs, 0)
+ cValue.ForEach(func(ck, cv gjson.Result) bool {
+ cItem := CiscoSecureInternetGatewayServicesInterfacePairs{}
+ if ccValue := cv.Get("vipOptional"); ccValue.Exists() {
+ cItem.Optional = types.BoolValue(ccValue.Bool())
+ } else {
+ cItem.Optional = types.BoolNull()
+ }
+ if ccValue := cv.Get("active-interface.vipType"); ccValue.Exists() {
+ if ccValue.String() == "variableName" {
+ cItem.ActiveInterface = types.StringNull()
+
+ } else if ccValue.String() == "ignore" {
+ cItem.ActiveInterface = types.StringNull()
+
+ } else if ccValue.String() == "constant" {
+ ccv := cv.Get("active-interface.vipValue")
+ cItem.ActiveInterface = types.StringValue(ccv.String())
+
+ }
+ } else {
+ cItem.ActiveInterface = types.StringNull()
+
+ }
+ if ccValue := cv.Get("active-interface-weight.vipType"); ccValue.Exists() {
+ if ccValue.String() == "variableName" {
+ cItem.ActiveInterfaceWeight = types.Int64Null()
+
+ } else if ccValue.String() == "ignore" {
+ cItem.ActiveInterfaceWeight = types.Int64Null()
+
+ } else if ccValue.String() == "constant" {
+ ccv := cv.Get("active-interface-weight.vipValue")
+ cItem.ActiveInterfaceWeight = types.Int64Value(ccv.Int())
+
+ }
+ } else {
+ cItem.ActiveInterfaceWeight = types.Int64Null()
+
+ }
+ if ccValue := cv.Get("backup-interface.vipType"); ccValue.Exists() {
+ if ccValue.String() == "variableName" {
+ cItem.BackupInterface = types.StringNull()
+
+ } else if ccValue.String() == "ignore" {
+ cItem.BackupInterface = types.StringNull()
+
+ } else if ccValue.String() == "constant" {
+ ccv := cv.Get("backup-interface.vipValue")
+ cItem.BackupInterface = types.StringValue(ccv.String())
+
+ }
+ } else {
+ cItem.BackupInterface = types.StringNull()
+
+ }
+ if ccValue := cv.Get("backup-interface-weight.vipType"); ccValue.Exists() {
+ if ccValue.String() == "variableName" {
+ cItem.BackupInterfaceWeight = types.Int64Null()
+
+ } else if ccValue.String() == "ignore" {
+ cItem.BackupInterfaceWeight = types.Int64Null()
+
+ } else if ccValue.String() == "constant" {
+ ccv := cv.Get("backup-interface-weight.vipValue")
+ cItem.BackupInterfaceWeight = types.Int64Value(ccv.Int())
+
+ }
+ } else {
+ cItem.BackupInterfaceWeight = types.Int64Null()
+
+ }
+ item.InterfacePairs = append(item.InterfacePairs, cItem)
+ return true
+ })
+ }
+ if cValue := v.Get("zscaler-location-settings.auth-required.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerAuthenticationRequired = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerAuthenticationRequired = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.auth-required.vipValue")
+ item.ZscalerAuthenticationRequired = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.ZscalerAuthenticationRequired = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.xff-forward-enabled.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerXffForward = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerXffForward = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.xff-forward-enabled.vipValue")
+ item.ZscalerXffForward = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.ZscalerXffForward = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.ofw-enabled.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerFirewallEnabled = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerFirewallEnabled = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.ofw-enabled.vipValue")
+ item.ZscalerFirewallEnabled = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.ZscalerFirewallEnabled = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.ips-control.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerIpsControlEnabled = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerIpsControlEnabled = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.ips-control.vipValue")
+ item.ZscalerIpsControlEnabled = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.ZscalerIpsControlEnabled = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.caution-enabled.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerCautionEnabled = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerCautionEnabled = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.caution-enabled.vipValue")
+ item.ZscalerCautionEnabled = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.ZscalerCautionEnabled = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.datacenters.primary-data-center.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerPrimaryDataCenter = types.StringNull()
+
+ cv := v.Get("zscaler-location-settings.datacenters.primary-data-center.vipVariableName")
+ item.ZscalerPrimaryDataCenterVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerPrimaryDataCenter = types.StringNull()
+ item.ZscalerPrimaryDataCenterVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.datacenters.primary-data-center.vipValue")
+ item.ZscalerPrimaryDataCenter = types.StringValue(cv.String())
+ item.ZscalerPrimaryDataCenterVariable = types.StringNull()
+ }
+ } else {
+ item.ZscalerPrimaryDataCenter = types.StringNull()
+ item.ZscalerPrimaryDataCenterVariable = types.StringNull()
+ }
+ if cValue := v.Get("zscaler-location-settings.datacenters.secondary-data-center.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerSecondaryDataCenter = types.StringNull()
+
+ cv := v.Get("zscaler-location-settings.datacenters.secondary-data-center.vipVariableName")
+ item.ZscalerSecondaryDataCenterVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerSecondaryDataCenter = types.StringNull()
+ item.ZscalerSecondaryDataCenterVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.datacenters.secondary-data-center.vipValue")
+ item.ZscalerSecondaryDataCenter = types.StringValue(cv.String())
+ item.ZscalerSecondaryDataCenterVariable = types.StringNull()
+ }
+ } else {
+ item.ZscalerSecondaryDataCenter = types.StringNull()
+ item.ZscalerSecondaryDataCenterVariable = types.StringNull()
+ }
+ if cValue := v.Get("zscaler-location-settings.surrogate.ip.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerSurrogateIp = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerSurrogateIp = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.surrogate.ip.vipValue")
+ item.ZscalerSurrogateIp = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.ZscalerSurrogateIp = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.surrogate.idle-time.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerSurrogateIdleTime = types.Int64Null()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerSurrogateIdleTime = types.Int64Null()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.surrogate.idle-time.vipValue")
+ item.ZscalerSurrogateIdleTime = types.Int64Value(cv.Int())
+
+ }
+ } else {
+ item.ZscalerSurrogateIdleTime = types.Int64Null()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.surrogate.display-time-unit.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerSurrogateDisplayTimeUnit = types.StringNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerSurrogateDisplayTimeUnit = types.StringNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.surrogate.display-time-unit.vipValue")
+ item.ZscalerSurrogateDisplayTimeUnit = types.StringValue(cv.String())
+
+ }
+ } else {
+ item.ZscalerSurrogateDisplayTimeUnit = types.StringNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.surrogate.ip-enforced-for-known-browsers.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerSurrogateIpEnforceForKnownBrowsers = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerSurrogateIpEnforceForKnownBrowsers = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.surrogate.ip-enforced-for-known-browsers.vipValue")
+ item.ZscalerSurrogateIpEnforceForKnownBrowsers = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.ZscalerSurrogateIpEnforceForKnownBrowsers = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.surrogate.refresh-time-unit.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerSurrogateRefreshTimeUnit = types.StringNull()
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerSurrogateRefreshTimeUnit = types.StringNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.surrogate.refresh-time-unit.vipValue")
+ item.ZscalerSurrogateRefreshTimeUnit = types.StringValue(cv.String())
+
+ }
+ } else {
+ item.ZscalerSurrogateRefreshTimeUnit = types.StringNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.aup.enabled.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.AupEnabled = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.AupEnabled = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.aup.enabled.vipValue")
+ item.AupEnabled = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.AupEnabled = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.aup.block-internet-until-accepted.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.AupBlockInternetUntilAccepted = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.AupBlockInternetUntilAccepted = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.aup.block-internet-until-accepted.vipValue")
+ item.AupBlockInternetUntilAccepted = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.AupBlockInternetUntilAccepted = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.aup.force-ssl-inspection.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.AupForceSslInspection = types.BoolNull()
+
+ } else if cValue.String() == "ignore" {
+ item.AupForceSslInspection = types.BoolNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.aup.force-ssl-inspection.vipValue")
+ item.AupForceSslInspection = types.BoolValue(cv.Bool())
+
+ }
+ } else {
+ item.AupForceSslInspection = types.BoolNull()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.aup.timeout.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.AupTimeout = types.Int64Null()
+
+ } else if cValue.String() == "ignore" {
+ item.AupTimeout = types.Int64Null()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.aup.timeout.vipValue")
+ item.AupTimeout = types.Int64Value(cv.Int())
+
+ }
+ } else {
+ item.AupTimeout = types.Int64Null()
+
+ }
+ if cValue := v.Get("zscaler-location-settings.location-name.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.ZscalerLocationName = types.StringNull()
+
+ cv := v.Get("zscaler-location-settings.location-name.vipVariableName")
+ item.ZscalerLocationNameVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.ZscalerLocationName = types.StringNull()
+ item.ZscalerLocationNameVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("zscaler-location-settings.location-name.vipValue")
+ item.ZscalerLocationName = types.StringValue(cv.String())
+ item.ZscalerLocationNameVariable = types.StringNull()
+ }
+ } else {
+ item.ZscalerLocationName = types.StringNull()
+ item.ZscalerLocationNameVariable = types.StringNull()
+ }
+ if cValue := v.Get("umbrella-data-center.data-center-primary.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.UmbrellaPrimaryDataCenter = types.StringNull()
+
+ cv := v.Get("umbrella-data-center.data-center-primary.vipVariableName")
+ item.UmbrellaPrimaryDataCenterVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.UmbrellaPrimaryDataCenter = types.StringNull()
+ item.UmbrellaPrimaryDataCenterVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("umbrella-data-center.data-center-primary.vipValue")
+ item.UmbrellaPrimaryDataCenter = types.StringValue(cv.String())
+ item.UmbrellaPrimaryDataCenterVariable = types.StringNull()
+ }
+ } else {
+ item.UmbrellaPrimaryDataCenter = types.StringNull()
+ item.UmbrellaPrimaryDataCenterVariable = types.StringNull()
+ }
+ if cValue := v.Get("umbrella-data-center.data-center-secondary.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.UmbrellaSecondaryDataCenter = types.StringNull()
+
+ cv := v.Get("umbrella-data-center.data-center-secondary.vipVariableName")
+ item.UmbrellaSecondaryDataCenterVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.UmbrellaSecondaryDataCenter = types.StringNull()
+ item.UmbrellaSecondaryDataCenterVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("umbrella-data-center.data-center-secondary.vipValue")
+ item.UmbrellaSecondaryDataCenter = types.StringValue(cv.String())
+ item.UmbrellaSecondaryDataCenterVariable = types.StringNull()
+ }
+ } else {
+ item.UmbrellaSecondaryDataCenter = types.StringNull()
+ item.UmbrellaSecondaryDataCenterVariable = types.StringNull()
+ }
+ data.Services = append(data.Services, item)
+ return true
+ })
+ }
+ if value := res.Get(path + "tracker-src-ip.vipType"); value.Exists() {
+ if value.String() == "variableName" {
+ data.TrackerSourceIp = types.StringNull()
+
+ v := res.Get(path + "tracker-src-ip.vipVariableName")
+ data.TrackerSourceIpVariable = types.StringValue(v.String())
+
+ } else if value.String() == "ignore" {
+ data.TrackerSourceIp = types.StringNull()
+ data.TrackerSourceIpVariable = types.StringNull()
+ } else if value.String() == "constant" {
+ v := res.Get(path + "tracker-src-ip.vipValue")
+ data.TrackerSourceIp = types.StringValue(v.String())
+ data.TrackerSourceIpVariable = types.StringNull()
+ }
+ } else {
+ data.TrackerSourceIp = types.StringNull()
+ data.TrackerSourceIpVariable = types.StringNull()
+ }
+ if value := res.Get(path + "tracker.vipValue"); len(value.Array()) > 0 {
+ data.Trackers = make([]CiscoSecureInternetGatewayTrackers, 0)
+ value.ForEach(func(k, v gjson.Result) bool {
+ item := CiscoSecureInternetGatewayTrackers{}
+ if cValue := v.Get("vipOptional"); cValue.Exists() {
+ item.Optional = types.BoolValue(cValue.Bool())
+ } else {
+ item.Optional = types.BoolNull()
+ }
+ if cValue := v.Get("name.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Name = types.StringNull()
+
+ cv := v.Get("name.vipVariableName")
+ item.NameVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.Name = types.StringNull()
+ item.NameVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("name.vipValue")
+ item.Name = types.StringValue(cv.String())
+ item.NameVariable = types.StringNull()
+ }
+ } else {
+ item.Name = types.StringNull()
+ item.NameVariable = types.StringNull()
+ }
+ if cValue := v.Get("endpoint-api-url.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.EndpointApiUrl = types.StringNull()
+
+ cv := v.Get("endpoint-api-url.vipVariableName")
+ item.EndpointApiUrlVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.EndpointApiUrl = types.StringNull()
+ item.EndpointApiUrlVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("endpoint-api-url.vipValue")
+ item.EndpointApiUrl = types.StringValue(cv.String())
+ item.EndpointApiUrlVariable = types.StringNull()
+ }
+ } else {
+ item.EndpointApiUrl = types.StringNull()
+ item.EndpointApiUrlVariable = types.StringNull()
+ }
+ if cValue := v.Get("threshold.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Threshold = types.Int64Null()
+
+ cv := v.Get("threshold.vipVariableName")
+ item.ThresholdVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.Threshold = types.Int64Null()
+ item.ThresholdVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("threshold.vipValue")
+ item.Threshold = types.Int64Value(cv.Int())
+ item.ThresholdVariable = types.StringNull()
+ }
+ } else {
+ item.Threshold = types.Int64Null()
+ item.ThresholdVariable = types.StringNull()
+ }
+ if cValue := v.Get("multiplier.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.Multiplier = types.Int64Null()
+
+ cv := v.Get("multiplier.vipVariableName")
+ item.MultiplierVariable = types.StringValue(cv.String())
+
+ } else if cValue.String() == "ignore" {
+ item.Multiplier = types.Int64Null()
+ item.MultiplierVariable = types.StringNull()
+ } else if cValue.String() == "constant" {
+ cv := v.Get("multiplier.vipValue")
+ item.Multiplier = types.Int64Value(cv.Int())
+ item.MultiplierVariable = types.StringNull()
+ }
+ } else {
+ item.Multiplier = types.Int64Null()
+ item.MultiplierVariable = types.StringNull()
+ }
+ if cValue := v.Get("tracker-type.vipType"); cValue.Exists() {
+ if cValue.String() == "variableName" {
+ item.TrackerType = types.StringNull()
+
+ } else if cValue.String() == "ignore" {
+ item.TrackerType = types.StringNull()
+
+ } else if cValue.String() == "constant" {
+ cv := v.Get("tracker-type.vipValue")
+ item.TrackerType = types.StringValue(cv.String())
+
+ }
+ } else {
+ item.TrackerType = types.StringNull()
+
+ }
+ data.Trackers = append(data.Trackers, item)
+ return true
+ })
+ }
+}
+
+func (data *CiscoSecureInternetGateway) hasChanges(ctx context.Context, state *CiscoSecureInternetGateway) bool {
+ hasChanges := false
+ if !data.VpnId.Equal(state.VpnId) {
+ hasChanges = true
+ }
+ if len(data.Interfaces) != len(state.Interfaces) {
+ hasChanges = true
+ } else {
+ for i := range data.Interfaces {
+ if !data.Interfaces[i].Name.Equal(state.Interfaces[i].Name) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].AutoTunnelMode.Equal(state.Interfaces[i].AutoTunnelMode) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].Shutdown.Equal(state.Interfaces[i].Shutdown) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].Description.Equal(state.Interfaces[i].Description) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IpUnnumbered.Equal(state.Interfaces[i].IpUnnumbered) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].Ipv4Address.Equal(state.Interfaces[i].Ipv4Address) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].TunnelSource.Equal(state.Interfaces[i].TunnelSource) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].TunnelSourceInterface.Equal(state.Interfaces[i].TunnelSourceInterface) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].TunnelRouteVia.Equal(state.Interfaces[i].TunnelRouteVia) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].TunnelDestination.Equal(state.Interfaces[i].TunnelDestination) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].Application.Equal(state.Interfaces[i].Application) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].SigProvider.Equal(state.Interfaces[i].SigProvider) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].TunnelDcPreference.Equal(state.Interfaces[i].TunnelDcPreference) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].TcpMss.Equal(state.Interfaces[i].TcpMss) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].Mtu.Equal(state.Interfaces[i].Mtu) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].DeadPeerDetectionInterval.Equal(state.Interfaces[i].DeadPeerDetectionInterval) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].DeadPeerDetectionRetries.Equal(state.Interfaces[i].DeadPeerDetectionRetries) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IkeVersion.Equal(state.Interfaces[i].IkeVersion) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IkePreSharedKey.Equal(state.Interfaces[i].IkePreSharedKey) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IkeRekeyInterval.Equal(state.Interfaces[i].IkeRekeyInterval) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IkeCiphersuite.Equal(state.Interfaces[i].IkeCiphersuite) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IkeGroup.Equal(state.Interfaces[i].IkeGroup) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IkePreSharedKeyDynamic.Equal(state.Interfaces[i].IkePreSharedKeyDynamic) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IkePreSharedKeyLocalId.Equal(state.Interfaces[i].IkePreSharedKeyLocalId) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IkePreSharedKeyRemoteId.Equal(state.Interfaces[i].IkePreSharedKeyRemoteId) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IpsecRekeyInterval.Equal(state.Interfaces[i].IpsecRekeyInterval) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IpsecReplayWindow.Equal(state.Interfaces[i].IpsecReplayWindow) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IpsecCiphersuite.Equal(state.Interfaces[i].IpsecCiphersuite) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].IpsecPerfectForwardSecrecy.Equal(state.Interfaces[i].IpsecPerfectForwardSecrecy) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].TrackEnable.Equal(state.Interfaces[i].TrackEnable) {
+ hasChanges = true
+ }
+ if !data.Interfaces[i].TunnelPublicIp.Equal(state.Interfaces[i].TunnelPublicIp) {
+ hasChanges = true
+ }
+ }
+ }
+ if len(data.Services) != len(state.Services) {
+ hasChanges = true
+ } else {
+ for i := range data.Services {
+ if !data.Services[i].ServiceType.Equal(state.Services[i].ServiceType) {
+ hasChanges = true
+ }
+ if len(data.Services[i].InterfacePairs) != len(state.Services[i].InterfacePairs) {
+ hasChanges = true
+ } else {
+ for ii := range data.Services[i].InterfacePairs {
+ if !data.Services[i].InterfacePairs[ii].ActiveInterface.Equal(state.Services[i].InterfacePairs[ii].ActiveInterface) {
+ hasChanges = true
+ }
+ if !data.Services[i].InterfacePairs[ii].ActiveInterfaceWeight.Equal(state.Services[i].InterfacePairs[ii].ActiveInterfaceWeight) {
+ hasChanges = true
+ }
+ if !data.Services[i].InterfacePairs[ii].BackupInterface.Equal(state.Services[i].InterfacePairs[ii].BackupInterface) {
+ hasChanges = true
+ }
+ if !data.Services[i].InterfacePairs[ii].BackupInterfaceWeight.Equal(state.Services[i].InterfacePairs[ii].BackupInterfaceWeight) {
+ hasChanges = true
+ }
+ }
+ }
+ if !data.Services[i].ZscalerAuthenticationRequired.Equal(state.Services[i].ZscalerAuthenticationRequired) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerXffForward.Equal(state.Services[i].ZscalerXffForward) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerFirewallEnabled.Equal(state.Services[i].ZscalerFirewallEnabled) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerIpsControlEnabled.Equal(state.Services[i].ZscalerIpsControlEnabled) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerCautionEnabled.Equal(state.Services[i].ZscalerCautionEnabled) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerPrimaryDataCenter.Equal(state.Services[i].ZscalerPrimaryDataCenter) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerSecondaryDataCenter.Equal(state.Services[i].ZscalerSecondaryDataCenter) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerSurrogateIp.Equal(state.Services[i].ZscalerSurrogateIp) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerSurrogateIdleTime.Equal(state.Services[i].ZscalerSurrogateIdleTime) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerSurrogateDisplayTimeUnit.Equal(state.Services[i].ZscalerSurrogateDisplayTimeUnit) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerSurrogateIpEnforceForKnownBrowsers.Equal(state.Services[i].ZscalerSurrogateIpEnforceForKnownBrowsers) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerSurrogateRefreshTimeUnit.Equal(state.Services[i].ZscalerSurrogateRefreshTimeUnit) {
+ hasChanges = true
+ }
+ if !data.Services[i].AupEnabled.Equal(state.Services[i].AupEnabled) {
+ hasChanges = true
+ }
+ if !data.Services[i].AupBlockInternetUntilAccepted.Equal(state.Services[i].AupBlockInternetUntilAccepted) {
+ hasChanges = true
+ }
+ if !data.Services[i].AupForceSslInspection.Equal(state.Services[i].AupForceSslInspection) {
+ hasChanges = true
+ }
+ if !data.Services[i].AupTimeout.Equal(state.Services[i].AupTimeout) {
+ hasChanges = true
+ }
+ if !data.Services[i].ZscalerLocationName.Equal(state.Services[i].ZscalerLocationName) {
+ hasChanges = true
+ }
+ if !data.Services[i].UmbrellaPrimaryDataCenter.Equal(state.Services[i].UmbrellaPrimaryDataCenter) {
+ hasChanges = true
+ }
+ if !data.Services[i].UmbrellaSecondaryDataCenter.Equal(state.Services[i].UmbrellaSecondaryDataCenter) {
+ hasChanges = true
+ }
+ }
+ }
+ if !data.TrackerSourceIp.Equal(state.TrackerSourceIp) {
+ hasChanges = true
+ }
+ if len(data.Trackers) != len(state.Trackers) {
+ hasChanges = true
+ } else {
+ for i := range data.Trackers {
+ if !data.Trackers[i].Name.Equal(state.Trackers[i].Name) {
+ hasChanges = true
+ }
+ if !data.Trackers[i].EndpointApiUrl.Equal(state.Trackers[i].EndpointApiUrl) {
+ hasChanges = true
+ }
+ if !data.Trackers[i].Threshold.Equal(state.Trackers[i].Threshold) {
+ hasChanges = true
+ }
+ if !data.Trackers[i].Multiplier.Equal(state.Trackers[i].Multiplier) {
+ hasChanges = true
+ }
+ if !data.Trackers[i].TrackerType.Equal(state.Trackers[i].TrackerType) {
+ hasChanges = true
+ }
+ }
+ }
+ return hasChanges
+}
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
index 7d5fbbd5..0ef4d973 100644
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -251,6 +251,7 @@ func (p *SdwanProvider) Resources(ctx context.Context) []func() resource.Resourc
NewCiscoNTPFeatureTemplateResource,
NewCiscoOMPFeatureTemplateResource,
NewCiscoOSPFFeatureTemplateResource,
+ NewCiscoSecureInternetGatewayFeatureTemplateResource,
NewCiscoSecurityFeatureTemplateResource,
NewCiscoSIGCredentialsFeatureTemplateResource,
NewCiscoSNMPFeatureTemplateResource,
@@ -304,6 +305,7 @@ func (p *SdwanProvider) DataSources(ctx context.Context) []func() datasource.Dat
NewCiscoNTPFeatureTemplateDataSource,
NewCiscoOMPFeatureTemplateDataSource,
NewCiscoOSPFFeatureTemplateDataSource,
+ NewCiscoSecureInternetGatewayFeatureTemplateDataSource,
NewCiscoSecurityFeatureTemplateDataSource,
NewCiscoSIGCredentialsFeatureTemplateDataSource,
NewCiscoSNMPFeatureTemplateDataSource,
diff --git a/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template.go b/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template.go
new file mode 100644
index 00000000..871154c8
--- /dev/null
+++ b/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template.go
@@ -0,0 +1,760 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "context"
+ "fmt"
+ "sync"
+
+ "github.com/CiscoDevNet/terraform-provider-sdwan/internal/provider/helpers"
+ "github.com/hashicorp/terraform-plugin-framework-validators/int64validator"
+ "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
+ "github.com/hashicorp/terraform-plugin-framework/path"
+ "github.com/hashicorp/terraform-plugin-framework/resource"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/schema/validator"
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/hashicorp/terraform-plugin-log/tflog"
+ "github.com/netascode/go-sdwan"
+)
+
+// Ensure provider defined types fully satisfy framework interfaces
+var _ resource.Resource = &CiscoSecureInternetGatewayFeatureTemplateResource{}
+var _ resource.ResourceWithImportState = &CiscoSecureInternetGatewayFeatureTemplateResource{}
+
+func NewCiscoSecureInternetGatewayFeatureTemplateResource() resource.Resource {
+ return &CiscoSecureInternetGatewayFeatureTemplateResource{}
+}
+
+type CiscoSecureInternetGatewayFeatureTemplateResource struct {
+ client *sdwan.Client
+ updateMutex *sync.Mutex
+}
+
+func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+ resp.TypeName = req.ProviderTypeName + "_cisco_secure_internet_gateway_feature_template"
+}
+
+func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ // This description is used by the documentation generator and the language server.
+ MarkdownDescription: helpers.NewAttributeDescription("This resource can manage a Cisco Secure Internet Gateway feature template.").AddMinimumVersionDescription("15.0.0").String,
+
+ Attributes: map[string]schema.Attribute{
+ "id": schema.StringAttribute{
+ MarkdownDescription: "The id of the feature template",
+ Computed: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.UseStateForUnknown(),
+ },
+ },
+ "version": schema.Int64Attribute{
+ MarkdownDescription: "The version of the feature template",
+ Computed: true,
+ },
+ "template_type": schema.StringAttribute{
+ MarkdownDescription: "The template type",
+ Computed: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.UseStateForUnknown(),
+ },
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: "The name of the feature template",
+ Required: true,
+ },
+ "description": schema.StringAttribute{
+ MarkdownDescription: "The description of the feature template",
+ Required: true,
+ },
+ "device_types": schema.ListAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("List of supported device types").AddStringEnumDescription("vedge-C8000V", "vedge-C8300-1N1S-4T2X", "vedge-C8300-1N1S-6T", "vedge-C8300-2N2S-6T", "vedge-C8300-2N2S-4T2X", "vedge-C8500-12X4QC", "vedge-C8500-12X", "vedge-C8500-20X6C", "vedge-C8500L-8S4X", "vedge-C8200-1N-4T", "vedge-C8200L-1N-4T").String,
+ ElementType: types.StringType,
+ Required: true,
+ },
+ "vpn_id": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("List of VPN instances").AddIntegerRangeDescription(0, 65527).AddDefaultValueDescription("0").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(0, 65527),
+ },
+ },
+ "interfaces": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Interface name: IPsec when present").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Interface name: IPsec when present").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(4, 8),
+ },
+ },
+ "name_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "auto_tunnel_mode": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Auto Tunnel Mode").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "shutdown": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Administrative state").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "description": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Interface description").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(1, 128),
+ },
+ },
+ "description_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ip_unnumbered": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Unnumbered interface").AddDefaultValueDescription("true").String,
+ Optional: true,
+ },
+ "ipv4_address": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Assign IPv4 address").String,
+ Optional: true,
+ },
+ "ipv4_address_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "tunnel_source": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Tunnel source IP Address").String,
+ Optional: true,
+ },
+ "tunnel_source_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "tunnel_source_interface": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("<1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(1, 32),
+ },
+ },
+ "tunnel_source_interface_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "tunnel_route_via": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("<1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(1, 32),
+ },
+ },
+ "tunnel_route_via_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "tunnel_destination": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Tunnel destination IP address").String,
+ Optional: true,
+ },
+ "tunnel_destination_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "application": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Application Tunnel Type").AddStringEnumDescription("sig").AddDefaultValueDescription("sig").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("sig"),
+ },
+ },
+ "sig_provider": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("SIG Tunnel Provider").AddStringEnumDescription("secure-internet-gateway-umbrella", "secure-internet-gateway-zscaler", "secure-internet-gateway-other").AddDefaultValueDescription("secure-internet-gateway-umbrella").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("secure-internet-gateway-umbrella", "secure-internet-gateway-zscaler", "secure-internet-gateway-other"),
+ },
+ },
+ "tunnel_dc_preference": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("SIG Tunnel Data Center").AddStringEnumDescription("primary-dc", "secondary-dc").AddDefaultValueDescription("primary-dc").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("primary-dc", "secondary-dc"),
+ },
+ },
+ "tcp_mss": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("TCP MSS on SYN packets, in bytes").AddIntegerRangeDescription(500, 1460).String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(500, 1460),
+ },
+ },
+ "tcp_mss_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "mtu": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Interface MTU <576..2000>, in bytes").AddIntegerRangeDescription(576, 2000).AddDefaultValueDescription("1400").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(576, 2000),
+ },
+ },
+ "mtu_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "dead_peer_detection_interval": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IKE keepalive interval (seconds)").AddIntegerRangeDescription(0, 65535).AddDefaultValueDescription("10").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(0, 65535),
+ },
+ },
+ "dead_peer_detection_interval_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "dead_peer_detection_retries": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IKE keepalive retries").AddIntegerRangeDescription(0, 255).AddDefaultValueDescription("3").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(0, 255),
+ },
+ },
+ "dead_peer_detection_retries_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ike_version": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IKE Version <1..2>").AddIntegerRangeDescription(1, 2).AddDefaultValueDescription("2").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(1, 2),
+ },
+ },
+ "ike_version_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ike_pre_shared_key": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Use preshared key to authenticate IKE peer").String,
+ Optional: true,
+ },
+ "ike_pre_shared_key_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ike_rekey_interval": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IKE rekey interval <300..1209600> seconds").AddIntegerRangeDescription(300, 1209600).AddDefaultValueDescription("14400").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(300, 1209600),
+ },
+ },
+ "ike_rekey_interval_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ike_ciphersuite": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IKE identity the IKE preshared secret belongs to").AddStringEnumDescription("aes256-cbc-sha1", "aes256-cbc-sha2", "aes128-cbc-sha1", "aes128-cbc-sha2").AddDefaultValueDescription("aes256-cbc-sha1").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("aes256-cbc-sha1", "aes256-cbc-sha2", "aes128-cbc-sha1", "aes128-cbc-sha2"),
+ },
+ },
+ "ike_ciphersuite_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ike_group": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IKE Diffie Hellman Groups").AddStringEnumDescription("2", "14", "15", "16").AddDefaultValueDescription("14").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("2", "14", "15", "16"),
+ },
+ },
+ "ike_group_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ike_pre_shared_key_dynamic": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Use preshared key to authenticate IKE peer").AddDefaultValueDescription("true").String,
+ Optional: true,
+ },
+ "ike_pre_shared_key_local_id": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IKE ID for the local endpoint. Input IPv4 address, domain name, or email address").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(1, 63),
+ },
+ },
+ "ike_pre_shared_key_local_id_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ike_pre_shared_key_remote_id": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IKE ID for the remote endpoint. Input IPv4 address, domain name, or email address").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(1, 63),
+ },
+ },
+ "ike_pre_shared_key_remote_id_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ipsec_rekey_interval": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IPsec rekey interval <300..1209600> seconds").AddIntegerRangeDescription(300, 1209600).AddDefaultValueDescription("3600").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(300, 1209600),
+ },
+ },
+ "ipsec_rekey_interval_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ipsec_replay_window": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Replay window size 32..8192 (must be a power of 2)").AddIntegerRangeDescription(64, 4096).AddDefaultValueDescription("512").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(64, 4096),
+ },
+ },
+ "ipsec_replay_window_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ipsec_ciphersuite": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IPsec(ESP) encryption and integrity protocol").AddStringEnumDescription("aes256-cbc-sha1", "aes256-cbc-sha384", "aes256-cbc-sha256", "aes256-cbc-sha512", "aes256-gcm", "null-sha1", "null-sha384", "null-sha256", "null-sha512").AddDefaultValueDescription("aes256-gcm").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("aes256-cbc-sha1", "aes256-cbc-sha384", "aes256-cbc-sha256", "aes256-cbc-sha512", "aes256-gcm", "null-sha1", "null-sha384", "null-sha256", "null-sha512"),
+ },
+ },
+ "ipsec_ciphersuite_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "ipsec_perfect_forward_secrecy": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("IPsec perfect forward secrecy settings").AddStringEnumDescription("group-2", "group-14", "group-15", "group-16", "none").AddDefaultValueDescription("none").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("group-2", "group-14", "group-15", "group-16", "none"),
+ },
+ },
+ "ipsec_perfect_forward_secrecy_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "track_enable": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable/disable SIG tracking").AddDefaultValueDescription("true").String,
+ Optional: true,
+ },
+ "tunnel_public_ip": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Public IP required to setup GRE tunnel to Zscaler").AddDefaultValueDescription("Auto").String,
+ Optional: true,
+ },
+ "tunnel_public_ip_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "optional": schema.BoolAttribute{
+ MarkdownDescription: "Indicates if list item is considered optional.",
+ Optional: true,
+ },
+ },
+ },
+ },
+ "services": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Configure services").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "service_type": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Service Type").AddStringEnumDescription("sig").AddDefaultValueDescription("sig").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("sig"),
+ },
+ },
+ "interface_pairs": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Interface Pair for active and backup").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "active_interface": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Active Tunnel Interface for SIG").String,
+ Optional: true,
+ },
+ "active_interface_weight": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Active Tunnel Interface Weight").AddIntegerRangeDescription(1, 255).AddDefaultValueDescription("1").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(1, 255),
+ },
+ },
+ "backup_interface": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Backup Tunnel Interface for SIG").String,
+ Optional: true,
+ },
+ "backup_interface_weight": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Backup Tunnel Interface Weight").AddIntegerRangeDescription(1, 255).AddDefaultValueDescription("1").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(1, 255),
+ },
+ },
+ "optional": schema.BoolAttribute{
+ MarkdownDescription: "Indicates if list item is considered optional.",
+ Optional: true,
+ },
+ },
+ },
+ },
+ "zscaler_authentication_required": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enforce Authentication").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "zscaler_xff_forward": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("XFF forwarding enabled").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "zscaler_firewall_enabled": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Firewall enabled").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "zscaler_ips_control_enabled": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable IPS Control").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "zscaler_caution_enabled": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Caution").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "zscaler_primary_data_center": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Custom Primary Datacenter").AddDefaultValueDescription("Auto").String,
+ Optional: true,
+ },
+ "zscaler_primary_data_center_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "zscaler_secondary_data_center": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Custom Secondary Datacenter").AddDefaultValueDescription("Auto").String,
+ Optional: true,
+ },
+ "zscaler_secondary_data_center_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "zscaler_surrogate_ip": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Surrogate IP").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "zscaler_surrogate_idle_time": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Idle time to disassociation").AddDefaultValueDescription("0").String,
+ Optional: true,
+ },
+ "zscaler_surrogate_display_time_unit": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Display time unit").AddStringEnumDescription("MINUTE", "HOUR", "DAY").AddDefaultValueDescription("MINUTE").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("MINUTE", "HOUR", "DAY"),
+ },
+ },
+ "zscaler_surrogate_ip_enforce_for_known_browsers": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enforce Surrogate IP for known browsers").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "zscaler_surrogate_refresh_time_unit": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Refresh Time unit").AddStringEnumDescription("MINUTE", "HOUR", "DAY").AddDefaultValueDescription("MINUTE").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("MINUTE", "HOUR", "DAY"),
+ },
+ },
+ "aup_enabled": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Acceptable User Policy").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "aup_block_internet_until_accepted": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("For first-time Acceptable User Policy behavior, block Internet access").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "aup_force_ssl_inspection": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("For first-time Acceptable User Policy behavior, force SSL inspection").AddDefaultValueDescription("false").String,
+ Optional: true,
+ },
+ "aup_timeout": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Custom Acceptable User Policy frequency in days").AddDefaultValueDescription("0").String,
+ Optional: true,
+ },
+ "zscaler_location_name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Zscaler location name (optional)").AddDefaultValueDescription("Auto").String,
+ Optional: true,
+ },
+ "zscaler_location_name_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "umbrella_primary_data_center": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Umbrella Primary Datacenter").AddDefaultValueDescription("Auto").String,
+ Optional: true,
+ },
+ "umbrella_primary_data_center_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "umbrella_secondary_data_center": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Umbrella Secondary Datacenter").AddDefaultValueDescription("Auto").String,
+ Optional: true,
+ },
+ "umbrella_secondary_data_center_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "optional": schema.BoolAttribute{
+ MarkdownDescription: "Indicates if list item is considered optional.",
+ Optional: true,
+ },
+ },
+ },
+ },
+ "tracker_source_ip": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Source IP address for Tracker").String,
+ Optional: true,
+ },
+ "tracker_source_ip_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "trackers": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Tracker configuration").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Tracker name").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(1, 128),
+ },
+ },
+ "name_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "endpoint_api_url": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("API url of endpoint").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(0, 512),
+ },
+ },
+ "endpoint_api_url_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "threshold": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Probe Timeout threshold <100..1000> milliseconds").AddIntegerRangeDescription(100, 1000).AddDefaultValueDescription("300").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(100, 1000),
+ },
+ },
+ "threshold_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "multiplier": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Probe failure multiplier <1..10> failed attempts").AddIntegerRangeDescription(1, 10).AddDefaultValueDescription("3").String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(1, 10),
+ },
+ },
+ "multiplier_variable": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Variable name").String,
+ Optional: true,
+ },
+ "tracker_type": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("").AddStringEnumDescription("SIG").AddDefaultValueDescription(" SIG").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("SIG"),
+ },
+ },
+ "optional": schema.BoolAttribute{
+ MarkdownDescription: "Indicates if list item is considered optional.",
+ Optional: true,
+ },
+ },
+ },
+ },
+ },
+ }
+}
+
+func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Configure(_ context.Context, req resource.ConfigureRequest, _ *resource.ConfigureResponse) {
+ if req.ProviderData == nil {
+ return
+ }
+
+ r.client = req.ProviderData.(*SdwanProviderData).Client
+ r.updateMutex = req.ProviderData.(*SdwanProviderData).UpdateMutex
+}
+
+func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+ var plan CiscoSecureInternetGateway
+
+ // Read plan
+ diags := req.Plan.Get(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Create", plan.Name.ValueString()))
+
+ // Create object
+ body := plan.toBody(ctx)
+
+ res, err := r.client.Post("/template/feature", body)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to configure object (POST), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ plan.Id = types.StringValue(res.Get("templateId").String())
+ plan.Version = types.Int64Value(0)
+ plan.TemplateType = types.StringValue(plan.getModel())
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Create finished successfully", plan.Name.ValueString()))
+
+ diags = resp.State.Set(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+}
+
+func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+ var state CiscoSecureInternetGateway
+
+ // Read state
+ diags := req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Read", state.Name.String()))
+
+ res, err := r.client.Get("/template/feature/object/" + state.Id.ValueString())
+ if res.Get("error.message").String() == "Invalid Template Id" {
+ resp.State.RemoveResource(ctx)
+ return
+ } else if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to retrieve object (GET), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ state.fromBody(ctx, res)
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Read finished successfully", state.Name.ValueString()))
+
+ diags = resp.State.Set(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+}
+
+func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+ var plan, state CiscoSecureInternetGateway
+
+ // Read plan
+ diags := req.Plan.Get(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+ // Read state
+ diags = req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Update", plan.Name.ValueString()))
+
+ body := plan.toBody(ctx)
+ r.updateMutex.Lock()
+ res, err := r.client.Put("/template/feature/"+plan.Id.ValueString(), body)
+ r.updateMutex.Unlock()
+ if err != nil {
+ if res.Get("error.message").String() == "Template locked in edit mode." {
+ resp.Diagnostics.AddWarning("Client Warning", fmt.Sprintf("Failed to modify template due to template being locked by another change. Template changes will not be applied. Re-run 'terraform apply' to try again."))
+ } else {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to configure object (PUT), got error: %s, %s", err, res.String()))
+ return
+ }
+ }
+
+ if plan.hasChanges(ctx, &state) {
+ plan.Version = types.Int64Value(state.Version.ValueInt64() + 1)
+ } else {
+ plan.Version = state.Version
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Update finished successfully", plan.Name.ValueString()))
+
+ diags = resp.State.Set(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+}
+
+func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+ var state CiscoSecureInternetGateway
+
+ // Read state
+ diags := req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Delete", state.Name.ValueString()))
+
+ res, err := r.client.Delete("/template/feature/" + state.Id.ValueString())
+ if err != nil && res.Get("error.message").String() != "Invalid Template Id" {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to delete object (DELETE), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Delete finished successfully", state.Name.ValueString()))
+
+ resp.State.RemoveResource(ctx)
+}
+
+func (r *CiscoSecureInternetGatewayFeatureTemplateResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
+ resource.ImportStatePassthroughID(ctx, path.Root("id"), req, resp)
+}
diff --git a/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template_test.go b/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template_test.go
new file mode 100644
index 00000000..5da6b453
--- /dev/null
+++ b/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template_test.go
@@ -0,0 +1,201 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+func TestAccSdwanCiscoSecureInternetGatewayFeatureTemplate(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccSdwanCiscoSecureInternetGatewayFeatureTemplateConfig_minimum(),
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "vpn_id", "1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "tracker_source_ip", "2.3.4.5"),
+ ),
+ },
+ {
+ Config: testAccSdwanCiscoSecureInternetGatewayFeatureTemplateConfig_all(),
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "vpn_id", "1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.name", "ipsec1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.auto_tunnel_mode", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.shutdown", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.description", "My Description"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ip_unnumbered", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipv4_address", "1.2.3.4/24"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_source", "3.3.3.3"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_source_interface", "ge0/1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_route_via", "ge0/2"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_destination", "3.4.5.6"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.application", "sig"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.sig_provider", "secure-internet-gateway-umbrella"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_dc_preference", "primary-dc"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tcp_mss", "1400"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.mtu", "1500"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.dead_peer_detection_interval", "30"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.dead_peer_detection_retries", "5"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_version", "1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key", "A1234567"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_rekey_interval", "600"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_ciphersuite", "aes256-cbc-sha2"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_group", "14"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_dynamic", "false"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_local_id", "1.2.3.4"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_remote_id", "2.3.4.5"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_rekey_interval", "7200"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_replay_window", "1024"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_ciphersuite", "aes256-cbc-sha1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_perfect_forward_secrecy", "group-14"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.track_enable", "false"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_public_ip", "5.5.5.5"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.service_type", "sig"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.active_interface", "e1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.active_interface_weight", "10"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.backup_interface", "e2"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.backup_interface_weight", "20"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_authentication_required", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_xff_forward", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_firewall_enabled", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_ips_control_enabled", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_caution_enabled", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_primary_data_center", "Auto"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_secondary_data_center", "Auto"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_ip", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_idle_time", "100"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_display_time_unit", "MINUTE"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_ip_enforce_for_known_browsers", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_refresh_time_unit", "MINUTE"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_enabled", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_block_internet_until_accepted", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_force_ssl_inspection", "true"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_timeout", "60"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_location_name", "LOC1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.umbrella_primary_data_center", "Auto"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.umbrella_secondary_data_center", "Auto"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "tracker_source_ip", "2.3.4.5"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.name", "TRACKER1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.endpoint_api_url", "https://1.1.1.1"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.threshold", "500"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.multiplier", "4"),
+ resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.tracker_type", "SIG"),
+ ),
+ },
+ },
+ })
+}
+
+func testAccSdwanCiscoSecureInternetGatewayFeatureTemplateConfig_minimum() string {
+ return `
+ resource "sdwan_cisco_secure_internet_gateway_feature_template" "test" {
+ name = "TF_TEST_MIN"
+ description = "Terraform integration test"
+ device_types = ["vedge-C8000V"]
+ vpn_id = 1
+ tracker_source_ip = "2.3.4.5"
+ }
+ `
+}
+
+func testAccSdwanCiscoSecureInternetGatewayFeatureTemplateConfig_all() string {
+ return `
+ resource "sdwan_cisco_secure_internet_gateway_feature_template" "test" {
+ name = "TF_TEST_ALL"
+ description = "Terraform integration test"
+ device_types = ["vedge-C8000V"]
+ vpn_id = 1
+ interfaces = [{
+ name = "ipsec1"
+ auto_tunnel_mode = true
+ shutdown = true
+ description = "My Description"
+ ip_unnumbered = true
+ ipv4_address = "1.2.3.4/24"
+ tunnel_source = "3.3.3.3"
+ tunnel_source_interface = "ge0/1"
+ tunnel_route_via = "ge0/2"
+ tunnel_destination = "3.4.5.6"
+ application = "sig"
+ sig_provider = "secure-internet-gateway-umbrella"
+ tunnel_dc_preference = "primary-dc"
+ tcp_mss = 1400
+ mtu = 1500
+ dead_peer_detection_interval = 30
+ dead_peer_detection_retries = 5
+ ike_version = 1
+ ike_pre_shared_key = "A1234567"
+ ike_rekey_interval = 600
+ ike_ciphersuite = "aes256-cbc-sha2"
+ ike_group = "14"
+ ike_pre_shared_key_dynamic = false
+ ike_pre_shared_key_local_id = "1.2.3.4"
+ ike_pre_shared_key_remote_id = "2.3.4.5"
+ ipsec_rekey_interval = 7200
+ ipsec_replay_window = 1024
+ ipsec_ciphersuite = "aes256-cbc-sha1"
+ ipsec_perfect_forward_secrecy = "group-14"
+ track_enable = false
+ tunnel_public_ip = "5.5.5.5"
+ }]
+ services = [{
+ service_type = "sig"
+ interface_pairs = [{
+ active_interface = "e1"
+ active_interface_weight = 10
+ backup_interface = "e2"
+ backup_interface_weight = 20
+ }]
+ zscaler_authentication_required = true
+ zscaler_xff_forward = true
+ zscaler_firewall_enabled = true
+ zscaler_ips_control_enabled = true
+ zscaler_caution_enabled = true
+ zscaler_primary_data_center = "Auto"
+ zscaler_secondary_data_center = "Auto"
+ zscaler_surrogate_ip = true
+ zscaler_surrogate_idle_time = 100
+ zscaler_surrogate_display_time_unit = "MINUTE"
+ zscaler_surrogate_ip_enforce_for_known_browsers = true
+ zscaler_surrogate_refresh_time_unit = "MINUTE"
+ aup_enabled = true
+ aup_block_internet_until_accepted = true
+ aup_force_ssl_inspection = true
+ aup_timeout = 60
+ zscaler_location_name = "LOC1"
+ umbrella_primary_data_center = "Auto"
+ umbrella_secondary_data_center = "Auto"
+ }]
+ tracker_source_ip = "2.3.4.5"
+ trackers = [{
+ name = "TRACKER1"
+ endpoint_api_url = "https://1.1.1.1"
+ threshold = 500
+ multiplier = 4
+ tracker_type = "SIG"
+ }]
+ }
+ `
+}
diff --git a/templates/guides/changelog.md.tmpl b/templates/guides/changelog.md.tmpl
index b3fb9792..d16a076b 100644
--- a/templates/guides/changelog.md.tmpl
+++ b/templates/guides/changelog.md.tmpl
@@ -11,6 +11,7 @@ description: |-
- Add `sdwan_cisco_ospf_feature_template` resource and data source
- Add `sdwan_cisco_vpn_interface_ipsec_feature_template` resource and data source
+- Add `sdwan_cisco_secure_internet_gateway_feature_template` resource and data source
## 0.2.0