From d2fe57447d99caba4adde0fc246a4c8269dfcaee Mon Sep 17 00:00:00 2001 From: danischm Date: Fri, 14 Jul 2023 21:57:15 +0200 Subject: [PATCH] Add cisco secure internet gateway feature template resource and data source --- CHANGELOG.md | 1 + ...ecure_internet_gateway_feature_template.md | 164 ++ docs/guides/changelog.md | 1 + ...ecure_internet_gateway_feature_template.md | 327 +++ .../data-source.tf | 3 + .../import.sh | 1 + .../resource.tf | 83 + .../cisco_secure_internet_gateway.yaml | 176 ++ gen/generator.go | 1 + gen/schema/schema.yaml | 1 + gen/templates/feature_templates/resource.go | 16 +- ...ecure_internet_gateway_feature_template.go | 547 ++++ ..._internet_gateway_feature_template_test.go | 185 ++ ...ecure_internet_gateway_feature_template.go | 2313 +++++++++++++++++ internal/provider/provider.go | 2 + ...ecure_internet_gateway_feature_template.go | 760 ++++++ ..._internet_gateway_feature_template_test.go | 201 ++ templates/guides/changelog.md.tmpl | 1 + 18 files changed, 4775 insertions(+), 8 deletions(-) create mode 100644 docs/data-sources/cisco_secure_internet_gateway_feature_template.md create mode 100644 docs/resources/cisco_secure_internet_gateway_feature_template.md create mode 100644 examples/data-sources/sdwan_cisco_secure_internet_gateway_feature_template/data-source.tf create mode 100644 examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/import.sh create mode 100644 examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/resource.tf create mode 100644 gen/definitions/feature_templates/cisco_secure_internet_gateway.yaml create mode 100644 internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template.go create mode 100644 internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template_test.go create mode 100644 internal/provider/model_sdwan_cisco_secure_internet_gateway_feature_template.go create mode 100644 internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template.go create mode 100644 internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template_test.go diff --git a/CHANGELOG.md b/CHANGELOG.md index c90ecdc5..9d9cb6be 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ - Add `sdwan_cisco_ospf_feature_template` resource and data source - Add `sdwan_cisco_vpn_interface_ipsec_feature_template` resource and data source +- Add `sdwan_cisco_secure_internet_gateway_feature_template` resource and data source ## 0.2.0 diff --git a/docs/data-sources/cisco_secure_internet_gateway_feature_template.md b/docs/data-sources/cisco_secure_internet_gateway_feature_template.md new file mode 100644 index 00000000..5ddead86 --- /dev/null +++ b/docs/data-sources/cisco_secure_internet_gateway_feature_template.md @@ -0,0 +1,164 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "sdwan_cisco_secure_internet_gateway_feature_template Data Source - terraform-provider-sdwan" +subcategory: "Feature Templates" +description: |- + This data source can read the Cisco Secure Internet Gateway feature template. +--- + +# sdwan_cisco_secure_internet_gateway_feature_template (Data Source) + +This data source can read the Cisco Secure Internet Gateway feature template. + +## Example Usage + +```terraform +data "sdwan_cisco_secure_internet_gateway_feature_template" "example" { + id = "f6b2c44c-693c-4763-b010-895aa3d236bd" +} +``` + + +## Schema + +### Required + +- `id` (String) The id of the feature template + +### Read-Only + +- `description` (String) The description of the feature template +- `device_types` (List of String) List of supported device types +- `interfaces` (Attributes List) Interface name: IPsec when present (see [below for nested schema](#nestedatt--interfaces)) +- `name` (String) The name of the feature template +- `services` (Attributes List) Configure services (see [below for nested schema](#nestedatt--services)) +- `template_type` (String) The template type +- `tracker_source_ip` (String) Source IP address for Tracker +- `tracker_source_ip_variable` (String) Variable name +- `trackers` (Attributes List) Tracker configuration (see [below for nested schema](#nestedatt--trackers)) +- `version` (Number) The version of the feature template +- `vpn_id` (Number) List of VPN instances + + +### Nested Schema for `interfaces` + +Read-Only: + +- `application` (String) Enable Application Tunnel Type +- `auto_tunnel_mode` (Boolean) Auto Tunnel Mode +- `dead_peer_detection_interval` (Number) IKE keepalive interval (seconds) +- `dead_peer_detection_interval_variable` (String) Variable name +- `dead_peer_detection_retries` (Number) IKE keepalive retries +- `dead_peer_detection_retries_variable` (String) Variable name +- `description` (String) Interface description +- `description_variable` (String) Variable name +- `ike_ciphersuite` (String) IKE identity the IKE preshared secret belongs to +- `ike_ciphersuite_variable` (String) Variable name +- `ike_group` (String) IKE Diffie Hellman Groups +- `ike_group_variable` (String) Variable name +- `ike_pre_shared_key` (String) Use preshared key to authenticate IKE peer +- `ike_pre_shared_key_dynamic` (Boolean) Use preshared key to authenticate IKE peer +- `ike_pre_shared_key_local_id` (String) IKE ID for the local endpoint. Input IPv4 address, domain name, or email address +- `ike_pre_shared_key_local_id_variable` (String) Variable name +- `ike_pre_shared_key_remote_id` (String) IKE ID for the remote endpoint. Input IPv4 address, domain name, or email address +- `ike_pre_shared_key_remote_id_variable` (String) Variable name +- `ike_pre_shared_key_variable` (String) Variable name +- `ike_rekey_interval` (Number) IKE rekey interval <300..1209600> seconds +- `ike_rekey_interval_variable` (String) Variable name +- `ike_version` (Number) IKE Version <1..2> +- `ike_version_variable` (String) Variable name +- `ip_unnumbered` (Boolean) Unnumbered interface +- `ipsec_ciphersuite` (String) IPsec(ESP) encryption and integrity protocol +- `ipsec_ciphersuite_variable` (String) Variable name +- `ipsec_perfect_forward_secrecy` (String) IPsec perfect forward secrecy settings +- `ipsec_perfect_forward_secrecy_variable` (String) Variable name +- `ipsec_rekey_interval` (Number) IPsec rekey interval <300..1209600> seconds +- `ipsec_rekey_interval_variable` (String) Variable name +- `ipsec_replay_window` (Number) Replay window size 32..8192 (must be a power of 2) +- `ipsec_replay_window_variable` (String) Variable name +- `ipv4_address` (String) Assign IPv4 address +- `ipv4_address_variable` (String) Variable name +- `mtu` (Number) Interface MTU <576..2000>, in bytes +- `mtu_variable` (String) Variable name +- `name` (String) Interface name: IPsec when present +- `name_variable` (String) Variable name +- `optional` (Boolean) Indicates if list item is considered optional. +- `shutdown` (Boolean) Administrative state +- `sig_provider` (String) SIG Tunnel Provider +- `tcp_mss` (Number) TCP MSS on SYN packets, in bytes +- `tcp_mss_variable` (String) Variable name +- `track_enable` (Boolean) Enable/disable SIG tracking +- `tunnel_dc_preference` (String) SIG Tunnel Data Center +- `tunnel_destination` (String) Tunnel destination IP address +- `tunnel_destination_variable` (String) Variable name +- `tunnel_public_ip` (String) Public IP required to setup GRE tunnel to Zscaler +- `tunnel_public_ip_variable` (String) Variable name +- `tunnel_route_via` (String) <1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid +- `tunnel_route_via_variable` (String) Variable name +- `tunnel_source` (String) Tunnel source IP Address +- `tunnel_source_interface` (String) <1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid +- `tunnel_source_interface_variable` (String) Variable name +- `tunnel_source_variable` (String) Variable name + + + +### Nested Schema for `services` + +Read-Only: + +- `aup_block_internet_until_accepted` (Boolean) For first-time Acceptable User Policy behavior, block Internet access +- `aup_enabled` (Boolean) Enable Acceptable User Policy +- `aup_force_ssl_inspection` (Boolean) For first-time Acceptable User Policy behavior, force SSL inspection +- `aup_timeout` (Number) Custom Acceptable User Policy frequency in days +- `interface_pairs` (Attributes List) Interface Pair for active and backup (see [below for nested schema](#nestedatt--services--interface_pairs)) +- `optional` (Boolean) Indicates if list item is considered optional. +- `service_type` (String) Service Type +- `umbrella_primary_data_center` (String) Umbrella Primary Datacenter +- `umbrella_primary_data_center_variable` (String) Variable name +- `umbrella_secondary_data_center` (String) Umbrella Secondary Datacenter +- `umbrella_secondary_data_center_variable` (String) Variable name +- `zscaler_authentication_required` (Boolean) Enforce Authentication +- `zscaler_caution_enabled` (Boolean) Enable Caution +- `zscaler_firewall_enabled` (Boolean) Firewall enabled +- `zscaler_ips_control_enabled` (Boolean) Enable IPS Control +- `zscaler_location_name` (String) Zscaler location name (optional) +- `zscaler_location_name_variable` (String) Variable name +- `zscaler_primary_data_center` (String) Custom Primary Datacenter +- `zscaler_primary_data_center_variable` (String) Variable name +- `zscaler_secondary_data_center` (String) Custom Secondary Datacenter +- `zscaler_secondary_data_center_variable` (String) Variable name +- `zscaler_surrogate_display_time_unit` (String) Display time unit +- `zscaler_surrogate_idle_time` (Number) Idle time to disassociation +- `zscaler_surrogate_ip` (Boolean) Enable Surrogate IP +- `zscaler_surrogate_ip_enforce_for_known_browsers` (Boolean) Enforce Surrogate IP for known browsers +- `zscaler_surrogate_refresh_time_unit` (String) Refresh Time unit +- `zscaler_xff_forward` (Boolean) XFF forwarding enabled + + +### Nested Schema for `services.interface_pairs` + +Read-Only: + +- `active_interface` (String) Active Tunnel Interface for SIG +- `active_interface_weight` (Number) Active Tunnel Interface Weight +- `backup_interface` (String) Backup Tunnel Interface for SIG +- `backup_interface_weight` (Number) Backup Tunnel Interface Weight +- `optional` (Boolean) Indicates if list item is considered optional. + + + + +### Nested Schema for `trackers` + +Read-Only: + +- `endpoint_api_url` (String) API url of endpoint +- `endpoint_api_url_variable` (String) Variable name +- `multiplier` (Number) Probe failure multiplier <1..10> failed attempts +- `multiplier_variable` (String) Variable name +- `name` (String) Tracker name +- `name_variable` (String) Variable name +- `optional` (Boolean) Indicates if list item is considered optional. +- `threshold` (Number) Probe Timeout threshold <100..1000> milliseconds +- `threshold_variable` (String) Variable name +- `tracker_type` (String) diff --git a/docs/guides/changelog.md b/docs/guides/changelog.md index b3fb9792..d16a076b 100644 --- a/docs/guides/changelog.md +++ b/docs/guides/changelog.md @@ -11,6 +11,7 @@ description: |- - Add `sdwan_cisco_ospf_feature_template` resource and data source - Add `sdwan_cisco_vpn_interface_ipsec_feature_template` resource and data source +- Add `sdwan_cisco_secure_internet_gateway_feature_template` resource and data source ## 0.2.0 diff --git a/docs/resources/cisco_secure_internet_gateway_feature_template.md b/docs/resources/cisco_secure_internet_gateway_feature_template.md new file mode 100644 index 00000000..913edd78 --- /dev/null +++ b/docs/resources/cisco_secure_internet_gateway_feature_template.md @@ -0,0 +1,327 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "sdwan_cisco_secure_internet_gateway_feature_template Resource - terraform-provider-sdwan" +subcategory: "Feature Templates" +description: |- + This resource can manage a Cisco Secure Internet Gateway feature template. + - Minimum vManage version: 15.0.0 +--- + +# sdwan_cisco_secure_internet_gateway_feature_template (Resource) + +This resource can manage a Cisco Secure Internet Gateway feature template. + - Minimum vManage version: `15.0.0` + +## Example Usage + +```terraform +resource "sdwan_cisco_secure_internet_gateway_feature_template" "example" { + name = "Example" + description = "My Example" + device_types = ["vedge-C8000V"] + vpn_id = 1 + interfaces = [ + { + name = "ipsec1" + auto_tunnel_mode = true + shutdown = true + description = "My Description" + ip_unnumbered = true + ipv4_address = "1.2.3.4/24" + tunnel_source = "3.3.3.3" + tunnel_source_interface = "ge0/1" + tunnel_route_via = "ge0/2" + tunnel_destination = "3.4.5.6" + application = "sig" + sig_provider = "secure-internet-gateway-umbrella" + tunnel_dc_preference = "primary-dc" + tcp_mss = 1400 + mtu = 1500 + dead_peer_detection_interval = 30 + dead_peer_detection_retries = 5 + ike_version = 1 + ike_pre_shared_key = "A1234567" + ike_rekey_interval = 600 + ike_ciphersuite = "aes256-cbc-sha2" + ike_group = "14" + ike_pre_shared_key_dynamic = false + ike_pre_shared_key_local_id = "1.2.3.4" + ike_pre_shared_key_remote_id = "2.3.4.5" + ipsec_rekey_interval = 7200 + ipsec_replay_window = 1024 + ipsec_ciphersuite = "aes256-cbc-sha1" + ipsec_perfect_forward_secrecy = "group-14" + track_enable = false + tunnel_public_ip = "5.5.5.5" + } + ] + services = [ + { + service_type = "sig" + interface_pairs = [ + { + active_interface = "e1" + active_interface_weight = 10 + backup_interface = "e2" + backup_interface_weight = 20 + } + ] + zscaler_authentication_required = true + zscaler_xff_forward = true + zscaler_firewall_enabled = true + zscaler_ips_control_enabled = true + zscaler_caution_enabled = true + zscaler_primary_data_center = "Auto" + zscaler_secondary_data_center = "Auto" + zscaler_surrogate_ip = true + zscaler_surrogate_idle_time = 100 + zscaler_surrogate_display_time_unit = "MINUTE" + zscaler_surrogate_ip_enforce_for_known_browsers = true + zscaler_surrogate_refresh_time_unit = "MINUTE" + aup_enabled = true + aup_block_internet_until_accepted = true + aup_force_ssl_inspection = true + aup_timeout = 60 + zscaler_location_name = "LOC1" + umbrella_primary_data_center = "Auto" + umbrella_secondary_data_center = "Auto" + } + ] + tracker_source_ip = "2.3.4.5" + trackers = [ + { + name = "TRACKER1" + endpoint_api_url = "https://1.1.1.1" + threshold = 500 + multiplier = 4 + tracker_type = "SIG" + } + ] +} +``` + + +## Schema + +### Required + +- `description` (String) The description of the feature template +- `device_types` (List of String) List of supported device types + - Choices: `vedge-C8000V`, `vedge-C8300-1N1S-4T2X`, `vedge-C8300-1N1S-6T`, `vedge-C8300-2N2S-6T`, `vedge-C8300-2N2S-4T2X`, `vedge-C8500-12X4QC`, `vedge-C8500-12X`, `vedge-C8500-20X6C`, `vedge-C8500L-8S4X`, `vedge-C8200-1N-4T`, `vedge-C8200L-1N-4T` +- `name` (String) The name of the feature template + +### Optional + +- `interfaces` (Attributes List) Interface name: IPsec when present (see [below for nested schema](#nestedatt--interfaces)) +- `services` (Attributes List) Configure services (see [below for nested schema](#nestedatt--services)) +- `tracker_source_ip` (String) Source IP address for Tracker +- `tracker_source_ip_variable` (String) Variable name +- `trackers` (Attributes List) Tracker configuration (see [below for nested schema](#nestedatt--trackers)) +- `vpn_id` (Number) List of VPN instances + - Range: `0`-`65527` + - Default value: `0` + +### Read-Only + +- `id` (String) The id of the feature template +- `template_type` (String) The template type +- `version` (Number) The version of the feature template + + +### Nested Schema for `interfaces` + +Optional: + +- `application` (String) Enable Application Tunnel Type + - Choices: `sig` + - Default value: `sig` +- `auto_tunnel_mode` (Boolean) Auto Tunnel Mode + - Default value: `false` +- `dead_peer_detection_interval` (Number) IKE keepalive interval (seconds) + - Range: `0`-`65535` + - Default value: `10` +- `dead_peer_detection_interval_variable` (String) Variable name +- `dead_peer_detection_retries` (Number) IKE keepalive retries + - Range: `0`-`255` + - Default value: `3` +- `dead_peer_detection_retries_variable` (String) Variable name +- `description` (String) Interface description +- `description_variable` (String) Variable name +- `ike_ciphersuite` (String) IKE identity the IKE preshared secret belongs to + - Choices: `aes256-cbc-sha1`, `aes256-cbc-sha2`, `aes128-cbc-sha1`, `aes128-cbc-sha2` + - Default value: `aes256-cbc-sha1` +- `ike_ciphersuite_variable` (String) Variable name +- `ike_group` (String) IKE Diffie Hellman Groups + - Choices: `2`, `14`, `15`, `16` + - Default value: `14` +- `ike_group_variable` (String) Variable name +- `ike_pre_shared_key` (String) Use preshared key to authenticate IKE peer +- `ike_pre_shared_key_dynamic` (Boolean) Use preshared key to authenticate IKE peer + - Default value: `true` +- `ike_pre_shared_key_local_id` (String) IKE ID for the local endpoint. Input IPv4 address, domain name, or email address +- `ike_pre_shared_key_local_id_variable` (String) Variable name +- `ike_pre_shared_key_remote_id` (String) IKE ID for the remote endpoint. Input IPv4 address, domain name, or email address +- `ike_pre_shared_key_remote_id_variable` (String) Variable name +- `ike_pre_shared_key_variable` (String) Variable name +- `ike_rekey_interval` (Number) IKE rekey interval <300..1209600> seconds + - Range: `300`-`1209600` + - Default value: `14400` +- `ike_rekey_interval_variable` (String) Variable name +- `ike_version` (Number) IKE Version <1..2> + - Range: `1`-`2` + - Default value: `2` +- `ike_version_variable` (String) Variable name +- `ip_unnumbered` (Boolean) Unnumbered interface + - Default value: `true` +- `ipsec_ciphersuite` (String) IPsec(ESP) encryption and integrity protocol + - Choices: `aes256-cbc-sha1`, `aes256-cbc-sha384`, `aes256-cbc-sha256`, `aes256-cbc-sha512`, `aes256-gcm`, `null-sha1`, `null-sha384`, `null-sha256`, `null-sha512` + - Default value: `aes256-gcm` +- `ipsec_ciphersuite_variable` (String) Variable name +- `ipsec_perfect_forward_secrecy` (String) IPsec perfect forward secrecy settings + - Choices: `group-2`, `group-14`, `group-15`, `group-16`, `none` + - Default value: `none` +- `ipsec_perfect_forward_secrecy_variable` (String) Variable name +- `ipsec_rekey_interval` (Number) IPsec rekey interval <300..1209600> seconds + - Range: `300`-`1209600` + - Default value: `3600` +- `ipsec_rekey_interval_variable` (String) Variable name +- `ipsec_replay_window` (Number) Replay window size 32..8192 (must be a power of 2) + - Range: `64`-`4096` + - Default value: `512` +- `ipsec_replay_window_variable` (String) Variable name +- `ipv4_address` (String) Assign IPv4 address +- `ipv4_address_variable` (String) Variable name +- `mtu` (Number) Interface MTU <576..2000>, in bytes + - Range: `576`-`2000` + - Default value: `1400` +- `mtu_variable` (String) Variable name +- `name` (String) Interface name: IPsec when present +- `name_variable` (String) Variable name +- `optional` (Boolean) Indicates if list item is considered optional. +- `shutdown` (Boolean) Administrative state + - Default value: `false` +- `sig_provider` (String) SIG Tunnel Provider + - Choices: `secure-internet-gateway-umbrella`, `secure-internet-gateway-zscaler`, `secure-internet-gateway-other` + - Default value: `secure-internet-gateway-umbrella` +- `tcp_mss` (Number) TCP MSS on SYN packets, in bytes + - Range: `500`-`1460` +- `tcp_mss_variable` (String) Variable name +- `track_enable` (Boolean) Enable/disable SIG tracking + - Default value: `true` +- `tunnel_dc_preference` (String) SIG Tunnel Data Center + - Choices: `primary-dc`, `secondary-dc` + - Default value: `primary-dc` +- `tunnel_destination` (String) Tunnel destination IP address +- `tunnel_destination_variable` (String) Variable name +- `tunnel_public_ip` (String) Public IP required to setup GRE tunnel to Zscaler + - Default value: `Auto` +- `tunnel_public_ip_variable` (String) Variable name +- `tunnel_route_via` (String) <1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid +- `tunnel_route_via_variable` (String) Variable name +- `tunnel_source` (String) Tunnel source IP Address +- `tunnel_source_interface` (String) <1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid +- `tunnel_source_interface_variable` (String) Variable name +- `tunnel_source_variable` (String) Variable name + + + +### Nested Schema for `services` + +Optional: + +- `aup_block_internet_until_accepted` (Boolean) For first-time Acceptable User Policy behavior, block Internet access + - Default value: `false` +- `aup_enabled` (Boolean) Enable Acceptable User Policy + - Default value: `false` +- `aup_force_ssl_inspection` (Boolean) For first-time Acceptable User Policy behavior, force SSL inspection + - Default value: `false` +- `aup_timeout` (Number) Custom Acceptable User Policy frequency in days + - Default value: `0` +- `interface_pairs` (Attributes List) Interface Pair for active and backup (see [below for nested schema](#nestedatt--services--interface_pairs)) +- `optional` (Boolean) Indicates if list item is considered optional. +- `service_type` (String) Service Type + - Choices: `sig` + - Default value: `sig` +- `umbrella_primary_data_center` (String) Umbrella Primary Datacenter + - Default value: `Auto` +- `umbrella_primary_data_center_variable` (String) Variable name +- `umbrella_secondary_data_center` (String) Umbrella Secondary Datacenter + - Default value: `Auto` +- `umbrella_secondary_data_center_variable` (String) Variable name +- `zscaler_authentication_required` (Boolean) Enforce Authentication + - Default value: `false` +- `zscaler_caution_enabled` (Boolean) Enable Caution + - Default value: `false` +- `zscaler_firewall_enabled` (Boolean) Firewall enabled + - Default value: `false` +- `zscaler_ips_control_enabled` (Boolean) Enable IPS Control + - Default value: `false` +- `zscaler_location_name` (String) Zscaler location name (optional) + - Default value: `Auto` +- `zscaler_location_name_variable` (String) Variable name +- `zscaler_primary_data_center` (String) Custom Primary Datacenter + - Default value: `Auto` +- `zscaler_primary_data_center_variable` (String) Variable name +- `zscaler_secondary_data_center` (String) Custom Secondary Datacenter + - Default value: `Auto` +- `zscaler_secondary_data_center_variable` (String) Variable name +- `zscaler_surrogate_display_time_unit` (String) Display time unit + - Choices: `MINUTE`, `HOUR`, `DAY` + - Default value: `MINUTE` +- `zscaler_surrogate_idle_time` (Number) Idle time to disassociation + - Default value: `0` +- `zscaler_surrogate_ip` (Boolean) Enable Surrogate IP + - Default value: `false` +- `zscaler_surrogate_ip_enforce_for_known_browsers` (Boolean) Enforce Surrogate IP for known browsers + - Default value: `false` +- `zscaler_surrogate_refresh_time_unit` (String) Refresh Time unit + - Choices: `MINUTE`, `HOUR`, `DAY` + - Default value: `MINUTE` +- `zscaler_xff_forward` (Boolean) XFF forwarding enabled + - Default value: `false` + + +### Nested Schema for `services.interface_pairs` + +Optional: + +- `active_interface` (String) Active Tunnel Interface for SIG +- `active_interface_weight` (Number) Active Tunnel Interface Weight + - Range: `1`-`255` + - Default value: `1` +- `backup_interface` (String) Backup Tunnel Interface for SIG +- `backup_interface_weight` (Number) Backup Tunnel Interface Weight + - Range: `1`-`255` + - Default value: `1` +- `optional` (Boolean) Indicates if list item is considered optional. + + + + +### Nested Schema for `trackers` + +Optional: + +- `endpoint_api_url` (String) API url of endpoint +- `endpoint_api_url_variable` (String) Variable name +- `multiplier` (Number) Probe failure multiplier <1..10> failed attempts + - Range: `1`-`10` + - Default value: `3` +- `multiplier_variable` (String) Variable name +- `name` (String) Tracker name +- `name_variable` (String) Variable name +- `optional` (Boolean) Indicates if list item is considered optional. +- `threshold` (Number) Probe Timeout threshold <100..1000> milliseconds + - Range: `100`-`1000` + - Default value: `300` +- `threshold_variable` (String) Variable name +- `tracker_type` (String) - Choices: `SIG` + - Default value: ` SIG` + +## Import + +Import is supported using the following syntax: + +```shell +terraform import sdwan_cisco_secure_internet_gateway_feature_template.example "f6b2c44c-693c-4763-b010-895aa3d236bd" +``` diff --git a/examples/data-sources/sdwan_cisco_secure_internet_gateway_feature_template/data-source.tf b/examples/data-sources/sdwan_cisco_secure_internet_gateway_feature_template/data-source.tf new file mode 100644 index 00000000..3f2b9ef5 --- /dev/null +++ b/examples/data-sources/sdwan_cisco_secure_internet_gateway_feature_template/data-source.tf @@ -0,0 +1,3 @@ +data "sdwan_cisco_secure_internet_gateway_feature_template" "example" { + id = "f6b2c44c-693c-4763-b010-895aa3d236bd" +} diff --git a/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/import.sh b/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/import.sh new file mode 100644 index 00000000..6582e9d7 --- /dev/null +++ b/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/import.sh @@ -0,0 +1 @@ +terraform import sdwan_cisco_secure_internet_gateway_feature_template.example "f6b2c44c-693c-4763-b010-895aa3d236bd" diff --git a/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/resource.tf b/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/resource.tf new file mode 100644 index 00000000..226206b2 --- /dev/null +++ b/examples/resources/sdwan_cisco_secure_internet_gateway_feature_template/resource.tf @@ -0,0 +1,83 @@ +resource "sdwan_cisco_secure_internet_gateway_feature_template" "example" { + name = "Example" + description = "My Example" + device_types = ["vedge-C8000V"] + vpn_id = 1 + interfaces = [ + { + name = "ipsec1" + auto_tunnel_mode = true + shutdown = true + description = "My Description" + ip_unnumbered = true + ipv4_address = "1.2.3.4/24" + tunnel_source = "3.3.3.3" + tunnel_source_interface = "ge0/1" + tunnel_route_via = "ge0/2" + tunnel_destination = "3.4.5.6" + application = "sig" + sig_provider = "secure-internet-gateway-umbrella" + tunnel_dc_preference = "primary-dc" + tcp_mss = 1400 + mtu = 1500 + dead_peer_detection_interval = 30 + dead_peer_detection_retries = 5 + ike_version = 1 + ike_pre_shared_key = "A1234567" + ike_rekey_interval = 600 + ike_ciphersuite = "aes256-cbc-sha2" + ike_group = "14" + ike_pre_shared_key_dynamic = false + ike_pre_shared_key_local_id = "1.2.3.4" + ike_pre_shared_key_remote_id = "2.3.4.5" + ipsec_rekey_interval = 7200 + ipsec_replay_window = 1024 + ipsec_ciphersuite = "aes256-cbc-sha1" + ipsec_perfect_forward_secrecy = "group-14" + track_enable = false + tunnel_public_ip = "5.5.5.5" + } + ] + services = [ + { + service_type = "sig" + interface_pairs = [ + { + active_interface = "e1" + active_interface_weight = 10 + backup_interface = "e2" + backup_interface_weight = 20 + } + ] + zscaler_authentication_required = true + zscaler_xff_forward = true + zscaler_firewall_enabled = true + zscaler_ips_control_enabled = true + zscaler_caution_enabled = true + zscaler_primary_data_center = "Auto" + zscaler_secondary_data_center = "Auto" + zscaler_surrogate_ip = true + zscaler_surrogate_idle_time = 100 + zscaler_surrogate_display_time_unit = "MINUTE" + zscaler_surrogate_ip_enforce_for_known_browsers = true + zscaler_surrogate_refresh_time_unit = "MINUTE" + aup_enabled = true + aup_block_internet_until_accepted = true + aup_force_ssl_inspection = true + aup_timeout = 60 + zscaler_location_name = "LOC1" + umbrella_primary_data_center = "Auto" + umbrella_secondary_data_center = "Auto" + } + ] + tracker_source_ip = "2.3.4.5" + trackers = [ + { + name = "TRACKER1" + endpoint_api_url = "https://1.1.1.1" + threshold = 500 + multiplier = 4 + tracker_type = "SIG" + } + ] +} diff --git a/gen/definitions/feature_templates/cisco_secure_internet_gateway.yaml b/gen/definitions/feature_templates/cisco_secure_internet_gateway.yaml new file mode 100644 index 00000000..0970e1ed --- /dev/null +++ b/gen/definitions/feature_templates/cisco_secure_internet_gateway.yaml @@ -0,0 +1,176 @@ +--- +name: Cisco Secure Internet Gateway +minimum_version: 15.0.0 +attributes: + - model_name: vpn-id + example: 1 + - model_name: interface + tf_name: interfaces + attributes: + - model_name: if-name + tf_name: name + example: ipsec1 + - model_name: auto + tf_name: auto_tunnel_mode + example: true + - model_name: shutdown + example: true + - model_name: description + example: My Description + - model_name: unnumbered + tf_name: ip_unnumbered + example: true + - model_name: address + tf_name: ipv4_address + example: 1.2.3.4/24 + - model_name: tunnel-source + example: 3.3.3.3 + - model_name: tunnel-source-interface + example: ge0/1 + - model_name: tunnel-route-via + example: ge0/2 + - model_name: tunnel-destination + example: 3.4.5.6 + - model_name: application + example: sig + - model_name: tunnel-set + tf_name: sig_provider + example: secure-internet-gateway-umbrella + - model_name: tunnel-dc-preference + example: primary-dc + - model_name: tcp-mss-adjust + tf_name: tcp_mss + example: 1400 + - model_name: mtu + example: 1500 + - model_name: dpd-interval + tf_name: dead_peer_detection_interval + example: 30 + - model_name: dpd-retries + tf_name: dead_peer_detection_retries + example: 5 + - model_name: ike-version + example: 1 + - model_name: pre-shared-secret + tf_name: ike_pre_shared_key + example: A1234567 + - model_name: ike-rekey-interval + example: 600 + - model_name: ike-ciphersuite + example: aes256-cbc-sha2 + - model_name: ike-group + example: 14 + - model_name: pre-shared-key-dynamic + tf_name: ike_pre_shared_key_dynamic + example: false + - model_name: ike-local-id + tf_name: ike_pre_shared_key_local_id + example: 1.2.3.4 + - model_name: ike-remote-id + tf_name: ike_pre_shared_key_remote_id + example: 2.3.4.5 + - model_name: ipsec-rekey-interval + example: 7200 + - model_name: ipsec-replay-window + example: 1024 + - model_name: ipsec-ciphersuite + example: aes256-cbc-sha1 + - model_name: perfect-forward-secrecy + tf_name: ipsec_perfect_forward_secrecy + example: group-14 + - model_name: track-enable + example: false + - model_name: tunnel-public-ip + example: 5.5.5.5 + - model_name: service + tf_name: services + attributes: + - model_name: svc-type + tf_name: service_type + example: sig + - model_name: interface-pair + tf_name: interface_pairs + attributes: + - model_name: active-interface + ignore_enum: true + example: e1 + - model_name: active-interface-weight + example: 10 + - model_name: backup-interface + ignore_enum: true + example: e2 + - model_name: backup-interface-weight + example: 20 + - model_name: auth-required + tf_name: zscaler_authentication_required + example: true + - model_name: xff-forward-enabled + tf_name: zscaler_xff_forward + example: true + - model_name: ofw-enabled + tf_name: zscaler_firewall_enabled + example: true + - model_name: ips-control + tf_name: zscaler_ips_control_enabled + example: true + - model_name: caution-enabled + tf_name: zscaler_caution_enabled + example: true + - model_name: primary-data-center + tf_name: zscaler_primary_data_center + example: Auto + - model_name: secondary-data-center + tf_name: zscaler_secondary_data_center + example: Auto + - model_name: ip + tf_name: zscaler_surrogate_ip + example: true + - model_name: idle-time + tf_name: zscaler_surrogate_idle_time + example: 100 + - model_name: display-time-unit + tf_name: zscaler_surrogate_display_time_unit + example: MINUTE + - model_name: ip-enforced-for-known-browsers + tf_name: zscaler_surrogate_ip_enforce_for_known_browsers + example: true + - model_name: refresh-time-unit + tf_name: zscaler_surrogate_refresh_time_unit + example: MINUTE + - model_name: enabled + tf_name: aup_enabled + example: true + - model_name: block-internet-until-accepted + tf_name: aup_block_internet_until_accepted + example: true + - model_name: force-ssl-inspection + tf_name: aup_force_ssl_inspection + example: true + - model_name: timeout + tf_name: aup_timeout + example: 60 + - model_name: location-name + tf_name: zscaler_location_name + example: LOC1 + - model_name: data-center-primary + tf_name: umbrella_primary_data_center + example: Auto + - model_name: data-center-secondary + tf_name: umbrella_secondary_data_center + example: Auto + - model_name: tracker-src-ip + tf_name: tracker_source_ip + example: 2.3.4.5 + - model_name: tracker + tf_name: trackers + attributes: + - model_name: name + example: TRACKER1 + - model_name: endpoint-api-url + example: https://1.1.1.1 + - model_name: threshold + example: 500 + - model_name: multiplier + example: 4 + - model_name: tracker-type + example: SIG diff --git a/gen/generator.go b/gen/generator.go index b330beae..4167023d 100644 --- a/gen/generator.go +++ b/gen/generator.go @@ -215,6 +215,7 @@ type YamlConfigAttribute struct { Description string `yaml:"description"` Example string `yaml:"example"` EnumValues []string `yaml:"enum_values"` + IgnoreEnum bool `yaml:"ignore_enum"` MinList int64 `yaml:"min_list"` MaxList int64 `yaml:"max_list"` MinInt int64 `yaml:"min_int"` diff --git a/gen/schema/schema.yaml b/gen/schema/schema.yaml index 7c6f7b13..329cd73c 100644 --- a/gen/schema/schema.yaml +++ b/gen/schema/schema.yaml @@ -30,6 +30,7 @@ attribute: description: str(required=False) example: any(str(), int(), bool(), required=False) enum_values: list(str(), required=False) + ignore_enum: bool(required=False) min_list: int(required=False) max_list: int(required=False) min_int: int(required=False) diff --git a/gen/templates/feature_templates/resource.go b/gen/templates/feature_templates/resource.go index 2c92661e..77ad38bc 100644 --- a/gen/templates/feature_templates/resource.go +++ b/gen/templates/feature_templates/resource.go @@ -95,7 +95,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context, {{- range .Attributes}} "{{.TfName}}": schema.{{if eq .Type "List"}}ListNested{{else if eq .Type "ListString"}}List{{else}}{{.Type}}{{end}}Attribute{ MarkdownDescription: helpers.NewAttributeDescription("{{.Description}}") - {{- if len .EnumValues -}} + {{- if and (len .EnumValues) (not .IgnoreEnum) -}} .AddStringEnumDescription({{range .EnumValues}}"{{.}}", {{end}}) {{- end -}} {{- if or (ne .MinInt 0) (ne .MaxInt 0) -}} @@ -112,7 +112,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context, ElementType: types.StringType, {{- end}} Optional: true, - {{- if len .EnumValues}} + {{- if and (len .EnumValues) (not .IgnoreEnum)}} Validators: []validator.String{ stringvalidator.OneOf({{range .EnumValues}}"{{.}}", {{end}}), }, @@ -140,7 +140,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context, {{- range .Attributes}} "{{.TfName}}": schema.{{if eq .Type "List"}}ListNested{{else if eq .Type "ListString"}}List{{else}}{{.Type}}{{end}}Attribute{ MarkdownDescription: helpers.NewAttributeDescription("{{.Description}}") - {{- if len .EnumValues -}} + {{- if and (len .EnumValues) (not .IgnoreEnum) -}} .AddStringEnumDescription({{range .EnumValues}}"{{.}}", {{end}}) {{- end -}} {{- if or (ne .MinInt 0) (ne .MaxInt 0) -}} @@ -157,7 +157,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context, ElementType: types.StringType, {{- end}} Optional: true, - {{- if len .EnumValues}} + {{- if and (len .EnumValues) (not .IgnoreEnum)}} Validators: []validator.String{ stringvalidator.OneOf({{range .EnumValues}}"{{.}}", {{end}}), }, @@ -185,7 +185,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context, {{- range .Attributes}} "{{.TfName}}": schema.{{if eq .Type "List"}}ListNested{{else if eq .Type "ListString"}}List{{else}}{{.Type}}{{end}}Attribute{ MarkdownDescription: helpers.NewAttributeDescription("{{.Description}}") - {{- if len .EnumValues -}} + {{- if and (len .EnumValues) (not .IgnoreEnum) -}} .AddStringEnumDescription({{range .EnumValues}}"{{.}}", {{end}}) {{- end -}} {{- if or (ne .MinInt 0) (ne .MaxInt 0) -}} @@ -202,7 +202,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context, ElementType: types.StringType, {{- end}} Optional: true, - {{- if len .EnumValues}} + {{- if and (len .EnumValues) (not .IgnoreEnum)}} Validators: []validator.String{ stringvalidator.OneOf({{range .EnumValues}}"{{.}}", {{end}}), }, @@ -230,7 +230,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context, {{- range .Attributes}} "{{.TfName}}": schema.{{if eq .Type "ListString"}}List{{else}}{{.Type}}{{end}}Attribute{ MarkdownDescription: helpers.NewAttributeDescription("{{.Description}}") - {{- if len .EnumValues -}} + {{- if and (len .EnumValues) (not .IgnoreEnum) -}} .AddStringEnumDescription({{range .EnumValues}}"{{.}}", {{end}}) {{- end -}} {{- if or (ne .MinInt 0) (ne .MaxInt 0) -}} @@ -247,7 +247,7 @@ func (r *{{camelCase .Name}}FeatureTemplateResource) Schema(ctx context.Context, ElementType: types.StringType, {{- end}} Optional: true, - {{- if len .EnumValues}} + {{- if and (len .EnumValues) (not .IgnoreEnum)}} Validators: []validator.String{ stringvalidator.OneOf({{range .EnumValues}}"{{.}}", {{end}}), }, diff --git a/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template.go b/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template.go new file mode 100644 index 00000000..cbb821c4 --- /dev/null +++ b/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template.go @@ -0,0 +1,547 @@ +// Copyright © 2023 Cisco Systems, Inc. and its affiliates. +// All rights reserved. +// +// Licensed under the Mozilla Public License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://mozilla.org/MPL/2.0/ +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// SPDX-License-Identifier: MPL-2.0 + +// Code generated by "gen/generator.go"; DO NOT EDIT. + +package provider + +import ( + "context" + "fmt" + + "github.com/CiscoDevNet/terraform-provider-sdwan/internal/provider/helpers" + "github.com/hashicorp/terraform-plugin-framework/datasource" + "github.com/hashicorp/terraform-plugin-framework/datasource/schema" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-plugin-log/tflog" + "github.com/netascode/go-sdwan" +) + +// Ensure the implementation satisfies the expected interfaces. +var ( + _ datasource.DataSource = &CiscoSecureInternetGatewayFeatureTemplateDataSource{} + _ datasource.DataSourceWithConfigure = &CiscoSecureInternetGatewayFeatureTemplateDataSource{} +) + +func NewCiscoSecureInternetGatewayFeatureTemplateDataSource() datasource.DataSource { + return &CiscoSecureInternetGatewayFeatureTemplateDataSource{} +} + +type CiscoSecureInternetGatewayFeatureTemplateDataSource struct { + client *sdwan.Client +} + +func (d *CiscoSecureInternetGatewayFeatureTemplateDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) { + resp.TypeName = req.ProviderTypeName + "_cisco_secure_internet_gateway_feature_template" +} + +func (d *CiscoSecureInternetGatewayFeatureTemplateDataSource) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) { + resp.Schema = schema.Schema{ + // This description is used by the documentation generator and the language server. + MarkdownDescription: "This data source can read the Cisco Secure Internet Gateway feature template.", + + Attributes: map[string]schema.Attribute{ + "id": schema.StringAttribute{ + MarkdownDescription: "The id of the feature template", + Required: true, + }, + "version": schema.Int64Attribute{ + MarkdownDescription: "The version of the feature template", + Computed: true, + }, + "template_type": schema.StringAttribute{ + MarkdownDescription: "The template type", + Computed: true, + }, + "name": schema.StringAttribute{ + MarkdownDescription: "The name of the feature template", + Computed: true, + }, + "description": schema.StringAttribute{ + MarkdownDescription: "The description of the feature template", + Computed: true, + }, + "device_types": schema.ListAttribute{ + MarkdownDescription: "List of supported device types", + ElementType: types.StringType, + Computed: true, + }, + "vpn_id": schema.Int64Attribute{ + MarkdownDescription: "List of VPN instances", + Computed: true, + }, + "interfaces": schema.ListNestedAttribute{ + MarkdownDescription: "Interface name: IPsec when present", + Computed: true, + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "name": schema.StringAttribute{ + MarkdownDescription: "Interface name: IPsec when present", + Computed: true, + }, + "name_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "auto_tunnel_mode": schema.BoolAttribute{ + MarkdownDescription: "Auto Tunnel Mode", + Computed: true, + }, + "shutdown": schema.BoolAttribute{ + MarkdownDescription: "Administrative state", + Computed: true, + }, + "description": schema.StringAttribute{ + MarkdownDescription: "Interface description", + Computed: true, + }, + "description_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ip_unnumbered": schema.BoolAttribute{ + MarkdownDescription: "Unnumbered interface", + Computed: true, + }, + "ipv4_address": schema.StringAttribute{ + MarkdownDescription: "Assign IPv4 address", + Computed: true, + }, + "ipv4_address_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "tunnel_source": schema.StringAttribute{ + MarkdownDescription: "Tunnel source IP Address", + Computed: true, + }, + "tunnel_source_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "tunnel_source_interface": schema.StringAttribute{ + MarkdownDescription: "<1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid", + Computed: true, + }, + "tunnel_source_interface_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "tunnel_route_via": schema.StringAttribute{ + MarkdownDescription: "<1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid", + Computed: true, + }, + "tunnel_route_via_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "tunnel_destination": schema.StringAttribute{ + MarkdownDescription: "Tunnel destination IP address", + Computed: true, + }, + "tunnel_destination_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "application": schema.StringAttribute{ + MarkdownDescription: "Enable Application Tunnel Type", + Computed: true, + }, + "sig_provider": schema.StringAttribute{ + MarkdownDescription: "SIG Tunnel Provider", + Computed: true, + }, + "tunnel_dc_preference": schema.StringAttribute{ + MarkdownDescription: "SIG Tunnel Data Center", + Computed: true, + }, + "tcp_mss": schema.Int64Attribute{ + MarkdownDescription: "TCP MSS on SYN packets, in bytes", + Computed: true, + }, + "tcp_mss_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "mtu": schema.Int64Attribute{ + MarkdownDescription: "Interface MTU <576..2000>, in bytes", + Computed: true, + }, + "mtu_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "dead_peer_detection_interval": schema.Int64Attribute{ + MarkdownDescription: "IKE keepalive interval (seconds)", + Computed: true, + }, + "dead_peer_detection_interval_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "dead_peer_detection_retries": schema.Int64Attribute{ + MarkdownDescription: "IKE keepalive retries", + Computed: true, + }, + "dead_peer_detection_retries_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ike_version": schema.Int64Attribute{ + MarkdownDescription: "IKE Version <1..2>", + Computed: true, + }, + "ike_version_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ike_pre_shared_key": schema.StringAttribute{ + MarkdownDescription: "Use preshared key to authenticate IKE peer", + Computed: true, + }, + "ike_pre_shared_key_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ike_rekey_interval": schema.Int64Attribute{ + MarkdownDescription: "IKE rekey interval <300..1209600> seconds", + Computed: true, + }, + "ike_rekey_interval_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ike_ciphersuite": schema.StringAttribute{ + MarkdownDescription: "IKE identity the IKE preshared secret belongs to", + Computed: true, + }, + "ike_ciphersuite_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ike_group": schema.StringAttribute{ + MarkdownDescription: "IKE Diffie Hellman Groups", + Computed: true, + }, + "ike_group_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ike_pre_shared_key_dynamic": schema.BoolAttribute{ + MarkdownDescription: "Use preshared key to authenticate IKE peer", + Computed: true, + }, + "ike_pre_shared_key_local_id": schema.StringAttribute{ + MarkdownDescription: "IKE ID for the local endpoint. Input IPv4 address, domain name, or email address", + Computed: true, + }, + "ike_pre_shared_key_local_id_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ike_pre_shared_key_remote_id": schema.StringAttribute{ + MarkdownDescription: "IKE ID for the remote endpoint. Input IPv4 address, domain name, or email address", + Computed: true, + }, + "ike_pre_shared_key_remote_id_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ipsec_rekey_interval": schema.Int64Attribute{ + MarkdownDescription: "IPsec rekey interval <300..1209600> seconds", + Computed: true, + }, + "ipsec_rekey_interval_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ipsec_replay_window": schema.Int64Attribute{ + MarkdownDescription: "Replay window size 32..8192 (must be a power of 2)", + Computed: true, + }, + "ipsec_replay_window_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ipsec_ciphersuite": schema.StringAttribute{ + MarkdownDescription: "IPsec(ESP) encryption and integrity protocol", + Computed: true, + }, + "ipsec_ciphersuite_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "ipsec_perfect_forward_secrecy": schema.StringAttribute{ + MarkdownDescription: "IPsec perfect forward secrecy settings", + Computed: true, + }, + "ipsec_perfect_forward_secrecy_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "track_enable": schema.BoolAttribute{ + MarkdownDescription: "Enable/disable SIG tracking", + Computed: true, + }, + "tunnel_public_ip": schema.StringAttribute{ + MarkdownDescription: "Public IP required to setup GRE tunnel to Zscaler", + Computed: true, + }, + "tunnel_public_ip_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "optional": schema.BoolAttribute{ + MarkdownDescription: "Indicates if list item is considered optional.", + Computed: true, + }, + }, + }, + }, + "services": schema.ListNestedAttribute{ + MarkdownDescription: "Configure services", + Computed: true, + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "service_type": schema.StringAttribute{ + MarkdownDescription: "Service Type", + Computed: true, + }, + "interface_pairs": schema.ListNestedAttribute{ + MarkdownDescription: "Interface Pair for active and backup", + Computed: true, + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "active_interface": schema.StringAttribute{ + MarkdownDescription: "Active Tunnel Interface for SIG", + Computed: true, + }, + "active_interface_weight": schema.Int64Attribute{ + MarkdownDescription: "Active Tunnel Interface Weight", + Computed: true, + }, + "backup_interface": schema.StringAttribute{ + MarkdownDescription: "Backup Tunnel Interface for SIG", + Computed: true, + }, + "backup_interface_weight": schema.Int64Attribute{ + MarkdownDescription: "Backup Tunnel Interface Weight", + Computed: true, + }, + "optional": schema.BoolAttribute{ + MarkdownDescription: "Indicates if list item is considered optional.", + Computed: true, + }, + }, + }, + }, + "zscaler_authentication_required": schema.BoolAttribute{ + MarkdownDescription: "Enforce Authentication", + Computed: true, + }, + "zscaler_xff_forward": schema.BoolAttribute{ + MarkdownDescription: "XFF forwarding enabled", + Computed: true, + }, + "zscaler_firewall_enabled": schema.BoolAttribute{ + MarkdownDescription: "Firewall enabled", + Computed: true, + }, + "zscaler_ips_control_enabled": schema.BoolAttribute{ + MarkdownDescription: "Enable IPS Control", + Computed: true, + }, + "zscaler_caution_enabled": schema.BoolAttribute{ + MarkdownDescription: "Enable Caution", + Computed: true, + }, + "zscaler_primary_data_center": schema.StringAttribute{ + MarkdownDescription: "Custom Primary Datacenter", + Computed: true, + }, + "zscaler_primary_data_center_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "zscaler_secondary_data_center": schema.StringAttribute{ + MarkdownDescription: "Custom Secondary Datacenter", + Computed: true, + }, + "zscaler_secondary_data_center_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "zscaler_surrogate_ip": schema.BoolAttribute{ + MarkdownDescription: "Enable Surrogate IP", + Computed: true, + }, + "zscaler_surrogate_idle_time": schema.Int64Attribute{ + MarkdownDescription: "Idle time to disassociation", + Computed: true, + }, + "zscaler_surrogate_display_time_unit": schema.StringAttribute{ + MarkdownDescription: "Display time unit", + Computed: true, + }, + "zscaler_surrogate_ip_enforce_for_known_browsers": schema.BoolAttribute{ + MarkdownDescription: "Enforce Surrogate IP for known browsers", + Computed: true, + }, + "zscaler_surrogate_refresh_time_unit": schema.StringAttribute{ + MarkdownDescription: "Refresh Time unit", + Computed: true, + }, + "aup_enabled": schema.BoolAttribute{ + MarkdownDescription: "Enable Acceptable User Policy", + Computed: true, + }, + "aup_block_internet_until_accepted": schema.BoolAttribute{ + MarkdownDescription: "For first-time Acceptable User Policy behavior, block Internet access", + Computed: true, + }, + "aup_force_ssl_inspection": schema.BoolAttribute{ + MarkdownDescription: "For first-time Acceptable User Policy behavior, force SSL inspection", + Computed: true, + }, + "aup_timeout": schema.Int64Attribute{ + MarkdownDescription: "Custom Acceptable User Policy frequency in days", + Computed: true, + }, + "zscaler_location_name": schema.StringAttribute{ + MarkdownDescription: "Zscaler location name (optional)", + Computed: true, + }, + "zscaler_location_name_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "umbrella_primary_data_center": schema.StringAttribute{ + MarkdownDescription: "Umbrella Primary Datacenter", + Computed: true, + }, + "umbrella_primary_data_center_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "umbrella_secondary_data_center": schema.StringAttribute{ + MarkdownDescription: "Umbrella Secondary Datacenter", + Computed: true, + }, + "umbrella_secondary_data_center_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "optional": schema.BoolAttribute{ + MarkdownDescription: "Indicates if list item is considered optional.", + Computed: true, + }, + }, + }, + }, + "tracker_source_ip": schema.StringAttribute{ + MarkdownDescription: "Source IP address for Tracker", + Computed: true, + }, + "tracker_source_ip_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "trackers": schema.ListNestedAttribute{ + MarkdownDescription: "Tracker configuration", + Computed: true, + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "name": schema.StringAttribute{ + MarkdownDescription: "Tracker name", + Computed: true, + }, + "name_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "endpoint_api_url": schema.StringAttribute{ + MarkdownDescription: "API url of endpoint", + Computed: true, + }, + "endpoint_api_url_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "threshold": schema.Int64Attribute{ + MarkdownDescription: "Probe Timeout threshold <100..1000> milliseconds", + Computed: true, + }, + "threshold_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "multiplier": schema.Int64Attribute{ + MarkdownDescription: "Probe failure multiplier <1..10> failed attempts", + Computed: true, + }, + "multiplier_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Computed: true, + }, + "tracker_type": schema.StringAttribute{ + MarkdownDescription: "", + Computed: true, + }, + "optional": schema.BoolAttribute{ + MarkdownDescription: "Indicates if list item is considered optional.", + Computed: true, + }, + }, + }, + }, + }, + } +} + +func (d *CiscoSecureInternetGatewayFeatureTemplateDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, _ *datasource.ConfigureResponse) { + if req.ProviderData == nil { + return + } + + d.client = req.ProviderData.(*SdwanProviderData).Client +} + +func (d *CiscoSecureInternetGatewayFeatureTemplateDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) { + var config CiscoSecureInternetGateway + + // Read config + diags := req.Config.Get(ctx, &config) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Read", config.Id.String())) + + res, err := d.client.Get("/template/feature/object/" + config.Id.ValueString()) + if err != nil { + resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to retrieve object, got error: %s", err)) + return + } + + config.fromBody(ctx, res) + + tflog.Debug(ctx, fmt.Sprintf("%s: Read finished successfully", config.Name.ValueString())) + + diags = resp.State.Set(ctx, &config) + resp.Diagnostics.Append(diags...) +} diff --git a/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template_test.go b/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template_test.go new file mode 100644 index 00000000..9f8f660e --- /dev/null +++ b/internal/provider/data_source_sdwan_cisco_secure_internet_gateway_feature_template_test.go @@ -0,0 +1,185 @@ +// Copyright © 2023 Cisco Systems, Inc. and its affiliates. +// All rights reserved. +// +// Licensed under the Mozilla Public License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://mozilla.org/MPL/2.0/ +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// SPDX-License-Identifier: MPL-2.0 + +// Code generated by "gen/generator.go"; DO NOT EDIT. + +package provider + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-testing/helper/resource" +) + +func TestAccDataSourceSdwanCiscoSecureInternetGatewayFeatureTemplate(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProtoV6ProviderFactories, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceSdwanCiscoSecureInternetGatewayFeatureTemplateConfig, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "vpn_id", "1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.name", "ipsec1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.auto_tunnel_mode", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.shutdown", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.description", "My Description"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ip_unnumbered", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipv4_address", "1.2.3.4/24"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_source", "3.3.3.3"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_source_interface", "ge0/1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_route_via", "ge0/2"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_destination", "3.4.5.6"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.application", "sig"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.sig_provider", "secure-internet-gateway-umbrella"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_dc_preference", "primary-dc"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tcp_mss", "1400"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.mtu", "1500"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.dead_peer_detection_interval", "30"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.dead_peer_detection_retries", "5"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_version", "1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key", "A1234567"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_rekey_interval", "600"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_ciphersuite", "aes256-cbc-sha2"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_group", "14"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_dynamic", "false"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_local_id", "1.2.3.4"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_remote_id", "2.3.4.5"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_rekey_interval", "7200"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_replay_window", "1024"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_ciphersuite", "aes256-cbc-sha1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_perfect_forward_secrecy", "group-14"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.track_enable", "false"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_public_ip", "5.5.5.5"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.service_type", "sig"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.active_interface", "e1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.active_interface_weight", "10"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.backup_interface", "e2"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.backup_interface_weight", "20"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_authentication_required", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_xff_forward", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_firewall_enabled", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_ips_control_enabled", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_caution_enabled", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_primary_data_center", "Auto"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_secondary_data_center", "Auto"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_ip", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_idle_time", "100"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_display_time_unit", "MINUTE"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_ip_enforce_for_known_browsers", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_refresh_time_unit", "MINUTE"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_enabled", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_block_internet_until_accepted", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_force_ssl_inspection", "true"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_timeout", "60"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_location_name", "LOC1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.umbrella_primary_data_center", "Auto"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.umbrella_secondary_data_center", "Auto"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "tracker_source_ip", "2.3.4.5"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.name", "TRACKER1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.endpoint_api_url", "https://1.1.1.1"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.threshold", "500"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.multiplier", "4"), + resource.TestCheckResourceAttr("data.sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.tracker_type", "SIG"), + ), + }, + }, + }) +} + +const testAccDataSourceSdwanCiscoSecureInternetGatewayFeatureTemplateConfig = ` + +resource "sdwan_cisco_secure_internet_gateway_feature_template" "test" { + name = "TF_TEST_MIN" + description = "Terraform integration test" + device_types = ["vedge-C8000V"] + vpn_id = 1 + interfaces = [{ + name = "ipsec1" + auto_tunnel_mode = true + shutdown = true + description = "My Description" + ip_unnumbered = true + ipv4_address = "1.2.3.4/24" + tunnel_source = "3.3.3.3" + tunnel_source_interface = "ge0/1" + tunnel_route_via = "ge0/2" + tunnel_destination = "3.4.5.6" + application = "sig" + sig_provider = "secure-internet-gateway-umbrella" + tunnel_dc_preference = "primary-dc" + tcp_mss = 1400 + mtu = 1500 + dead_peer_detection_interval = 30 + dead_peer_detection_retries = 5 + ike_version = 1 + ike_pre_shared_key = "A1234567" + ike_rekey_interval = 600 + ike_ciphersuite = "aes256-cbc-sha2" + ike_group = "14" + ike_pre_shared_key_dynamic = false + ike_pre_shared_key_local_id = "1.2.3.4" + ike_pre_shared_key_remote_id = "2.3.4.5" + ipsec_rekey_interval = 7200 + ipsec_replay_window = 1024 + ipsec_ciphersuite = "aes256-cbc-sha1" + ipsec_perfect_forward_secrecy = "group-14" + track_enable = false + tunnel_public_ip = "5.5.5.5" + }] + services = [{ + service_type = "sig" + interface_pairs = [{ + active_interface = "e1" + active_interface_weight = 10 + backup_interface = "e2" + backup_interface_weight = 20 + }] + zscaler_authentication_required = true + zscaler_xff_forward = true + zscaler_firewall_enabled = true + zscaler_ips_control_enabled = true + zscaler_caution_enabled = true + zscaler_primary_data_center = "Auto" + zscaler_secondary_data_center = "Auto" + zscaler_surrogate_ip = true + zscaler_surrogate_idle_time = 100 + zscaler_surrogate_display_time_unit = "MINUTE" + zscaler_surrogate_ip_enforce_for_known_browsers = true + zscaler_surrogate_refresh_time_unit = "MINUTE" + aup_enabled = true + aup_block_internet_until_accepted = true + aup_force_ssl_inspection = true + aup_timeout = 60 + zscaler_location_name = "LOC1" + umbrella_primary_data_center = "Auto" + umbrella_secondary_data_center = "Auto" + }] + tracker_source_ip = "2.3.4.5" + trackers = [{ + name = "TRACKER1" + endpoint_api_url = "https://1.1.1.1" + threshold = 500 + multiplier = 4 + tracker_type = "SIG" + }] +} + +data "sdwan_cisco_secure_internet_gateway_feature_template" "test" { + id = sdwan_cisco_secure_internet_gateway_feature_template.test.id +} +` diff --git a/internal/provider/model_sdwan_cisco_secure_internet_gateway_feature_template.go b/internal/provider/model_sdwan_cisco_secure_internet_gateway_feature_template.go new file mode 100644 index 00000000..52a04fc5 --- /dev/null +++ b/internal/provider/model_sdwan_cisco_secure_internet_gateway_feature_template.go @@ -0,0 +1,2313 @@ +// Copyright © 2023 Cisco Systems, Inc. and its affiliates. +// All rights reserved. +// +// Licensed under the Mozilla Public License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://mozilla.org/MPL/2.0/ +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// SPDX-License-Identifier: MPL-2.0 + +// Code generated by "gen/generator.go"; DO NOT EDIT. + +package provider + +import ( + "context" + "strconv" + + "github.com/CiscoDevNet/terraform-provider-sdwan/internal/provider/helpers" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/tidwall/gjson" + "github.com/tidwall/sjson" +) + +type CiscoSecureInternetGateway struct { + Id types.String `tfsdk:"id"` + Version types.Int64 `tfsdk:"version"` + TemplateType types.String `tfsdk:"template_type"` + Name types.String `tfsdk:"name"` + Description types.String `tfsdk:"description"` + DeviceTypes types.List `tfsdk:"device_types"` + VpnId types.Int64 `tfsdk:"vpn_id"` + Interfaces []CiscoSecureInternetGatewayInterfaces `tfsdk:"interfaces"` + Services []CiscoSecureInternetGatewayServices `tfsdk:"services"` + TrackerSourceIp types.String `tfsdk:"tracker_source_ip"` + TrackerSourceIpVariable types.String `tfsdk:"tracker_source_ip_variable"` + Trackers []CiscoSecureInternetGatewayTrackers `tfsdk:"trackers"` +} + +type CiscoSecureInternetGatewayInterfaces struct { + Optional types.Bool `tfsdk:"optional"` + Name types.String `tfsdk:"name"` + NameVariable types.String `tfsdk:"name_variable"` + AutoTunnelMode types.Bool `tfsdk:"auto_tunnel_mode"` + Shutdown types.Bool `tfsdk:"shutdown"` + Description types.String `tfsdk:"description"` + DescriptionVariable types.String `tfsdk:"description_variable"` + IpUnnumbered types.Bool `tfsdk:"ip_unnumbered"` + Ipv4Address types.String `tfsdk:"ipv4_address"` + Ipv4AddressVariable types.String `tfsdk:"ipv4_address_variable"` + TunnelSource types.String `tfsdk:"tunnel_source"` + TunnelSourceVariable types.String `tfsdk:"tunnel_source_variable"` + TunnelSourceInterface types.String `tfsdk:"tunnel_source_interface"` + TunnelSourceInterfaceVariable types.String `tfsdk:"tunnel_source_interface_variable"` + TunnelRouteVia types.String `tfsdk:"tunnel_route_via"` + TunnelRouteViaVariable types.String `tfsdk:"tunnel_route_via_variable"` + TunnelDestination types.String `tfsdk:"tunnel_destination"` + TunnelDestinationVariable types.String `tfsdk:"tunnel_destination_variable"` + Application types.String `tfsdk:"application"` + SigProvider types.String `tfsdk:"sig_provider"` + TunnelDcPreference types.String `tfsdk:"tunnel_dc_preference"` + TcpMss types.Int64 `tfsdk:"tcp_mss"` + TcpMssVariable types.String `tfsdk:"tcp_mss_variable"` + Mtu types.Int64 `tfsdk:"mtu"` + MtuVariable types.String `tfsdk:"mtu_variable"` + DeadPeerDetectionInterval types.Int64 `tfsdk:"dead_peer_detection_interval"` + DeadPeerDetectionIntervalVariable types.String `tfsdk:"dead_peer_detection_interval_variable"` + DeadPeerDetectionRetries types.Int64 `tfsdk:"dead_peer_detection_retries"` + DeadPeerDetectionRetriesVariable types.String `tfsdk:"dead_peer_detection_retries_variable"` + IkeVersion types.Int64 `tfsdk:"ike_version"` + IkeVersionVariable types.String `tfsdk:"ike_version_variable"` + IkePreSharedKey types.String `tfsdk:"ike_pre_shared_key"` + IkePreSharedKeyVariable types.String `tfsdk:"ike_pre_shared_key_variable"` + IkeRekeyInterval types.Int64 `tfsdk:"ike_rekey_interval"` + IkeRekeyIntervalVariable types.String `tfsdk:"ike_rekey_interval_variable"` + IkeCiphersuite types.String `tfsdk:"ike_ciphersuite"` + IkeCiphersuiteVariable types.String `tfsdk:"ike_ciphersuite_variable"` + IkeGroup types.String `tfsdk:"ike_group"` + IkeGroupVariable types.String `tfsdk:"ike_group_variable"` + IkePreSharedKeyDynamic types.Bool `tfsdk:"ike_pre_shared_key_dynamic"` + IkePreSharedKeyLocalId types.String `tfsdk:"ike_pre_shared_key_local_id"` + IkePreSharedKeyLocalIdVariable types.String `tfsdk:"ike_pre_shared_key_local_id_variable"` + IkePreSharedKeyRemoteId types.String `tfsdk:"ike_pre_shared_key_remote_id"` + IkePreSharedKeyRemoteIdVariable types.String `tfsdk:"ike_pre_shared_key_remote_id_variable"` + IpsecRekeyInterval types.Int64 `tfsdk:"ipsec_rekey_interval"` + IpsecRekeyIntervalVariable types.String `tfsdk:"ipsec_rekey_interval_variable"` + IpsecReplayWindow types.Int64 `tfsdk:"ipsec_replay_window"` + IpsecReplayWindowVariable types.String `tfsdk:"ipsec_replay_window_variable"` + IpsecCiphersuite types.String `tfsdk:"ipsec_ciphersuite"` + IpsecCiphersuiteVariable types.String `tfsdk:"ipsec_ciphersuite_variable"` + IpsecPerfectForwardSecrecy types.String `tfsdk:"ipsec_perfect_forward_secrecy"` + IpsecPerfectForwardSecrecyVariable types.String `tfsdk:"ipsec_perfect_forward_secrecy_variable"` + TrackEnable types.Bool `tfsdk:"track_enable"` + TunnelPublicIp types.String `tfsdk:"tunnel_public_ip"` + TunnelPublicIpVariable types.String `tfsdk:"tunnel_public_ip_variable"` +} + +type CiscoSecureInternetGatewayServices struct { + Optional types.Bool `tfsdk:"optional"` + ServiceType types.String `tfsdk:"service_type"` + InterfacePairs []CiscoSecureInternetGatewayServicesInterfacePairs `tfsdk:"interface_pairs"` + ZscalerAuthenticationRequired types.Bool `tfsdk:"zscaler_authentication_required"` + ZscalerXffForward types.Bool `tfsdk:"zscaler_xff_forward"` + ZscalerFirewallEnabled types.Bool `tfsdk:"zscaler_firewall_enabled"` + ZscalerIpsControlEnabled types.Bool `tfsdk:"zscaler_ips_control_enabled"` + ZscalerCautionEnabled types.Bool `tfsdk:"zscaler_caution_enabled"` + ZscalerPrimaryDataCenter types.String `tfsdk:"zscaler_primary_data_center"` + ZscalerPrimaryDataCenterVariable types.String `tfsdk:"zscaler_primary_data_center_variable"` + ZscalerSecondaryDataCenter types.String `tfsdk:"zscaler_secondary_data_center"` + ZscalerSecondaryDataCenterVariable types.String `tfsdk:"zscaler_secondary_data_center_variable"` + ZscalerSurrogateIp types.Bool `tfsdk:"zscaler_surrogate_ip"` + ZscalerSurrogateIdleTime types.Int64 `tfsdk:"zscaler_surrogate_idle_time"` + ZscalerSurrogateDisplayTimeUnit types.String `tfsdk:"zscaler_surrogate_display_time_unit"` + ZscalerSurrogateIpEnforceForKnownBrowsers types.Bool `tfsdk:"zscaler_surrogate_ip_enforce_for_known_browsers"` + ZscalerSurrogateRefreshTimeUnit types.String `tfsdk:"zscaler_surrogate_refresh_time_unit"` + AupEnabled types.Bool `tfsdk:"aup_enabled"` + AupBlockInternetUntilAccepted types.Bool `tfsdk:"aup_block_internet_until_accepted"` + AupForceSslInspection types.Bool `tfsdk:"aup_force_ssl_inspection"` + AupTimeout types.Int64 `tfsdk:"aup_timeout"` + ZscalerLocationName types.String `tfsdk:"zscaler_location_name"` + ZscalerLocationNameVariable types.String `tfsdk:"zscaler_location_name_variable"` + UmbrellaPrimaryDataCenter types.String `tfsdk:"umbrella_primary_data_center"` + UmbrellaPrimaryDataCenterVariable types.String `tfsdk:"umbrella_primary_data_center_variable"` + UmbrellaSecondaryDataCenter types.String `tfsdk:"umbrella_secondary_data_center"` + UmbrellaSecondaryDataCenterVariable types.String `tfsdk:"umbrella_secondary_data_center_variable"` +} + +type CiscoSecureInternetGatewayTrackers struct { + Optional types.Bool `tfsdk:"optional"` + Name types.String `tfsdk:"name"` + NameVariable types.String `tfsdk:"name_variable"` + EndpointApiUrl types.String `tfsdk:"endpoint_api_url"` + EndpointApiUrlVariable types.String `tfsdk:"endpoint_api_url_variable"` + Threshold types.Int64 `tfsdk:"threshold"` + ThresholdVariable types.String `tfsdk:"threshold_variable"` + Multiplier types.Int64 `tfsdk:"multiplier"` + MultiplierVariable types.String `tfsdk:"multiplier_variable"` + TrackerType types.String `tfsdk:"tracker_type"` +} + +type CiscoSecureInternetGatewayServicesInterfacePairs struct { + Optional types.Bool `tfsdk:"optional"` + ActiveInterface types.String `tfsdk:"active_interface"` + ActiveInterfaceWeight types.Int64 `tfsdk:"active_interface_weight"` + BackupInterface types.String `tfsdk:"backup_interface"` + BackupInterfaceWeight types.Int64 `tfsdk:"backup_interface_weight"` +} + +func (data CiscoSecureInternetGateway) getModel() string { + return "cisco_secure_internet_gateway" +} + +func (data CiscoSecureInternetGateway) toBody(ctx context.Context) string { + body := "" + + var device_types []string + data.DeviceTypes.ElementsAs(ctx, &device_types, false) + body, _ = sjson.Set(body, "deviceType", device_types) + body, _ = sjson.Set(body, "factoryDefault", false) + body, _ = sjson.Set(body, "templateDescription", data.Description.ValueString()) + body, _ = sjson.Set(body, "templateMinVersion", "15.0.0") + body, _ = sjson.Set(body, "templateName", data.Name.ValueString()) + body, _ = sjson.Set(body, "templateType", "cisco_secure_internet_gateway") + body, _ = sjson.Set(body, "templateDefinition", map[string]interface{}{}) + + path := "templateDefinition." + if data.VpnId.IsNull() { + } else { + body, _ = sjson.Set(body, path+"vpn-id."+"vipObjectType", "object") + body, _ = sjson.Set(body, path+"vpn-id."+"vipType", "constant") + body, _ = sjson.Set(body, path+"vpn-id."+"vipValue", data.VpnId.ValueInt64()) + } + if len(data.Interfaces) > 0 { + body, _ = sjson.Set(body, path+"interface."+"vipObjectType", "tree") + body, _ = sjson.Set(body, path+"interface."+"vipType", "constant") + body, _ = sjson.Set(body, path+"interface."+"vipPrimaryKey", []string{"if-name"}) + body, _ = sjson.Set(body, path+"interface."+"vipValue", []interface{}{}) + } else { + body, _ = sjson.Set(body, path+"interface."+"vipObjectType", "tree") + body, _ = sjson.Set(body, path+"interface."+"vipType", "ignore") + body, _ = sjson.Set(body, path+"interface."+"vipPrimaryKey", []string{"if-name"}) + body, _ = sjson.Set(body, path+"interface."+"vipValue", []interface{}{}) + } + for _, item := range data.Interfaces { + itemBody := "" + itemAttributes := make([]string, 0) + itemAttributes = append(itemAttributes, "if-name") + + if !item.NameVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "if-name."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "if-name."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "if-name."+"vipVariableName", item.NameVariable.ValueString()) + } else if item.Name.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "if-name."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "if-name."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "if-name."+"vipValue", item.Name.ValueString()) + } + itemAttributes = append(itemAttributes, "auto") + if item.AutoTunnelMode.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "auto."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "auto."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "auto."+"vipValue", strconv.FormatBool(item.AutoTunnelMode.ValueBool())) + } + itemAttributes = append(itemAttributes, "shutdown") + if item.Shutdown.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "shutdown."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "shutdown."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "shutdown."+"vipValue", strconv.FormatBool(item.Shutdown.ValueBool())) + } + itemAttributes = append(itemAttributes, "description") + + if !item.DescriptionVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "description."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "description."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "description."+"vipVariableName", item.DescriptionVariable.ValueString()) + } else if item.Description.IsNull() { + itemBody, _ = sjson.Set(itemBody, "description."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "description."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "description."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "description."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "description."+"vipValue", item.Description.ValueString()) + } + itemAttributes = append(itemAttributes, "unnumbered") + if item.IpUnnumbered.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ip", map[string]interface{}{}) + } else { + itemBody, _ = sjson.Set(itemBody, "ip.unnumbered."+"vipObjectType", "node-only") + itemBody, _ = sjson.Set(itemBody, "ip.unnumbered."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ip.unnumbered."+"vipValue", strconv.FormatBool(item.IpUnnumbered.ValueBool())) + } + itemAttributes = append(itemAttributes, "address") + + if !item.Ipv4AddressVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipVariableName", item.Ipv4AddressVariable.ValueString()) + } else if item.Ipv4Address.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ip.address."+"vipValue", item.Ipv4Address.ValueString()) + } + itemAttributes = append(itemAttributes, "tunnel-source") + + if !item.TunnelSourceVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipVariableName", item.TunnelSourceVariable.ValueString()) + } else if item.TunnelSource.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tunnel-source."+"vipValue", item.TunnelSource.ValueString()) + } + itemAttributes = append(itemAttributes, "tunnel-source-interface") + + if !item.TunnelSourceInterfaceVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipVariableName", item.TunnelSourceInterfaceVariable.ValueString()) + } else if item.TunnelSourceInterface.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tunnel-source-interface."+"vipValue", item.TunnelSourceInterface.ValueString()) + } + itemAttributes = append(itemAttributes, "tunnel-route-via") + + if !item.TunnelRouteViaVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipVariableName", item.TunnelRouteViaVariable.ValueString()) + } else if item.TunnelRouteVia.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tunnel-route-via."+"vipValue", item.TunnelRouteVia.ValueString()) + } + itemAttributes = append(itemAttributes, "tunnel-destination") + + if !item.TunnelDestinationVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipVariableName", item.TunnelDestinationVariable.ValueString()) + } else if item.TunnelDestination.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tunnel-destination."+"vipValue", item.TunnelDestination.ValueString()) + } + itemAttributes = append(itemAttributes, "application") + if item.Application.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "application."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "application."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "application."+"vipValue", item.Application.ValueString()) + } + itemAttributes = append(itemAttributes, "tunnel-set") + if item.SigProvider.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "tunnel-set."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-set."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tunnel-set."+"vipValue", item.SigProvider.ValueString()) + } + itemAttributes = append(itemAttributes, "tunnel-dc-preference") + if item.TunnelDcPreference.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "tunnel-dc-preference."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-dc-preference."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tunnel-dc-preference."+"vipValue", item.TunnelDcPreference.ValueString()) + } + itemAttributes = append(itemAttributes, "tcp-mss-adjust") + + if !item.TcpMssVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipVariableName", item.TcpMssVariable.ValueString()) + } else if item.TcpMss.IsNull() { + itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tcp-mss-adjust."+"vipValue", item.TcpMss.ValueInt64()) + } + itemAttributes = append(itemAttributes, "mtu") + + if !item.MtuVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "mtu."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "mtu."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "mtu."+"vipVariableName", item.MtuVariable.ValueString()) + } else if item.Mtu.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "mtu."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "mtu."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "mtu."+"vipValue", item.Mtu.ValueInt64()) + } + itemAttributes = append(itemAttributes, "dpd-interval") + + if !item.DeadPeerDetectionIntervalVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipVariableName", item.DeadPeerDetectionIntervalVariable.ValueString()) + } else if item.DeadPeerDetectionInterval.IsNull() { + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-interval."+"vipValue", item.DeadPeerDetectionInterval.ValueInt64()) + } + itemAttributes = append(itemAttributes, "dpd-retries") + + if !item.DeadPeerDetectionRetriesVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipVariableName", item.DeadPeerDetectionRetriesVariable.ValueString()) + } else if item.DeadPeerDetectionRetries.IsNull() { + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "dead-peer-detection.dpd-retries."+"vipValue", item.DeadPeerDetectionRetries.ValueInt64()) + } + itemAttributes = append(itemAttributes, "ike-version") + + if !item.IkeVersionVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipVariableName", item.IkeVersionVariable.ValueString()) + } else if item.IkeVersion.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ike.ike-version."+"vipValue", item.IkeVersion.ValueInt64()) + } + itemAttributes = append(itemAttributes, "pre-shared-secret") + + if !item.IkePreSharedKeyVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipVariableName", item.IkePreSharedKeyVariable.ValueString()) + } else if item.IkePreSharedKey.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.pre-shared-secret."+"vipValue", item.IkePreSharedKey.ValueString()) + } + itemAttributes = append(itemAttributes, "ike-rekey-interval") + + if !item.IkeRekeyIntervalVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipVariableName", item.IkeRekeyIntervalVariable.ValueString()) + } else if item.IkeRekeyInterval.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ike.ike-rekey-interval."+"vipValue", item.IkeRekeyInterval.ValueInt64()) + } + itemAttributes = append(itemAttributes, "ike-ciphersuite") + + if !item.IkeCiphersuiteVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipVariableName", item.IkeCiphersuiteVariable.ValueString()) + } else if item.IkeCiphersuite.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ike.ike-ciphersuite."+"vipValue", item.IkeCiphersuite.ValueString()) + } + itemAttributes = append(itemAttributes, "ike-group") + + if !item.IkeGroupVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipVariableName", item.IkeGroupVariable.ValueString()) + } else if item.IkeGroup.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike", map[string]interface{}{}) + } else { + itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ike.ike-group."+"vipValue", item.IkeGroup.ValueString()) + } + itemAttributes = append(itemAttributes, "pre-shared-key-dynamic") + if item.IkePreSharedKeyDynamic.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type", map[string]interface{}{}) + } else { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key-dynamic."+"vipObjectType", "node-only") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key-dynamic."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key-dynamic."+"vipValue", strconv.FormatBool(item.IkePreSharedKeyDynamic.ValueBool())) + } + itemAttributes = append(itemAttributes, "ike-local-id") + + if !item.IkePreSharedKeyLocalIdVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipVariableName", item.IkePreSharedKeyLocalIdVariable.ValueString()) + } else if item.IkePreSharedKeyLocalId.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-local-id."+"vipValue", item.IkePreSharedKeyLocalId.ValueString()) + } + itemAttributes = append(itemAttributes, "ike-remote-id") + + if !item.IkePreSharedKeyRemoteIdVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipVariableName", item.IkePreSharedKeyRemoteIdVariable.ValueString()) + } else if item.IkePreSharedKeyRemoteId.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ike.authentication-type.pre-shared-key.ike-remote-id."+"vipValue", item.IkePreSharedKeyRemoteId.ValueString()) + } + itemAttributes = append(itemAttributes, "ipsec-rekey-interval") + + if !item.IpsecRekeyIntervalVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipVariableName", item.IpsecRekeyIntervalVariable.ValueString()) + } else if item.IpsecRekeyInterval.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-rekey-interval."+"vipValue", item.IpsecRekeyInterval.ValueInt64()) + } + itemAttributes = append(itemAttributes, "ipsec-replay-window") + + if !item.IpsecReplayWindowVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipVariableName", item.IpsecReplayWindowVariable.ValueString()) + } else if item.IpsecReplayWindow.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-replay-window."+"vipValue", item.IpsecReplayWindow.ValueInt64()) + } + itemAttributes = append(itemAttributes, "ipsec-ciphersuite") + + if !item.IpsecCiphersuiteVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipVariableName", item.IpsecCiphersuiteVariable.ValueString()) + } else if item.IpsecCiphersuite.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ipsec", map[string]interface{}{}) + } else { + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ipsec.ipsec-ciphersuite."+"vipValue", item.IpsecCiphersuite.ValueString()) + } + itemAttributes = append(itemAttributes, "perfect-forward-secrecy") + + if !item.IpsecPerfectForwardSecrecyVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipVariableName", item.IpsecPerfectForwardSecrecyVariable.ValueString()) + } else if item.IpsecPerfectForwardSecrecy.IsNull() { + itemBody, _ = sjson.Set(itemBody, "ipsec", map[string]interface{}{}) + } else { + itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ipsec.perfect-forward-secrecy."+"vipValue", item.IpsecPerfectForwardSecrecy.ValueString()) + } + itemAttributes = append(itemAttributes, "track-enable") + if item.TrackEnable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "track-enable."+"vipValue", strconv.FormatBool(item.TrackEnable.ValueBool())) + } + itemAttributes = append(itemAttributes, "tunnel-public-ip") + + if !item.TunnelPublicIpVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipVariableName", item.TunnelPublicIpVariable.ValueString()) + } else if item.TunnelPublicIp.IsNull() { + itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tunnel-public-ip."+"vipValue", item.TunnelPublicIp.ValueString()) + } + if !item.Optional.IsNull() { + itemBody, _ = sjson.Set(itemBody, "vipOptional", item.Optional.ValueBool()) + itemBody, _ = sjson.Set(itemBody, "priority-order", itemAttributes) + } + body, _ = sjson.SetRaw(body, path+"interface."+"vipValue.-1", itemBody) + } + if len(data.Services) > 0 { + body, _ = sjson.Set(body, path+"service."+"vipObjectType", "tree") + body, _ = sjson.Set(body, path+"service."+"vipType", "constant") + body, _ = sjson.Set(body, path+"service."+"vipPrimaryKey", []string{"svc-type"}) + body, _ = sjson.Set(body, path+"service."+"vipValue", []interface{}{}) + } else { + body, _ = sjson.Set(body, path+"service."+"vipObjectType", "tree") + body, _ = sjson.Set(body, path+"service."+"vipType", "ignore") + body, _ = sjson.Set(body, path+"service."+"vipPrimaryKey", []string{"svc-type"}) + body, _ = sjson.Set(body, path+"service."+"vipValue", []interface{}{}) + } + for _, item := range data.Services { + itemBody := "" + itemAttributes := make([]string, 0) + itemAttributes = append(itemAttributes, "svc-type") + if item.ServiceType.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "svc-type."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "svc-type."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "svc-type."+"vipValue", item.ServiceType.ValueString()) + } + itemAttributes = append(itemAttributes, "interface-pair") + if len(item.InterfacePairs) > 0 { + itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipObjectType", "tree") + itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipPrimaryKey", []string{"active-interface", "backup-interface"}) + itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipValue", []interface{}{}) + } else { + itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipObjectType", "tree") + itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipType", "ignore") + itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipPrimaryKey", []string{"active-interface", "backup-interface"}) + itemBody, _ = sjson.Set(itemBody, "ha-pairs.interface-pair."+"vipValue", []interface{}{}) + } + for _, childItem := range item.InterfacePairs { + itemChildBody := "" + itemChildAttributes := make([]string, 0) + itemChildAttributes = append(itemChildAttributes, "active-interface") + if childItem.ActiveInterface.IsNull() { + } else { + itemChildBody, _ = sjson.Set(itemChildBody, "active-interface."+"vipObjectType", "object") + itemChildBody, _ = sjson.Set(itemChildBody, "active-interface."+"vipType", "constant") + itemChildBody, _ = sjson.Set(itemChildBody, "active-interface."+"vipValue", childItem.ActiveInterface.ValueString()) + } + itemChildAttributes = append(itemChildAttributes, "active-interface-weight") + if childItem.ActiveInterfaceWeight.IsNull() { + } else { + itemChildBody, _ = sjson.Set(itemChildBody, "active-interface-weight."+"vipObjectType", "object") + itemChildBody, _ = sjson.Set(itemChildBody, "active-interface-weight."+"vipType", "constant") + itemChildBody, _ = sjson.Set(itemChildBody, "active-interface-weight."+"vipValue", childItem.ActiveInterfaceWeight.ValueInt64()) + } + itemChildAttributes = append(itemChildAttributes, "backup-interface") + if childItem.BackupInterface.IsNull() { + } else { + itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface."+"vipObjectType", "object") + itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface."+"vipType", "constant") + itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface."+"vipValue", childItem.BackupInterface.ValueString()) + } + itemChildAttributes = append(itemChildAttributes, "backup-interface-weight") + if childItem.BackupInterfaceWeight.IsNull() { + } else { + itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface-weight."+"vipObjectType", "object") + itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface-weight."+"vipType", "constant") + itemChildBody, _ = sjson.Set(itemChildBody, "backup-interface-weight."+"vipValue", childItem.BackupInterfaceWeight.ValueInt64()) + } + if !childItem.Optional.IsNull() { + itemChildBody, _ = sjson.Set(itemChildBody, "vipOptional", childItem.Optional.ValueBool()) + itemChildBody, _ = sjson.Set(itemChildBody, "priority-order", itemChildAttributes) + } + itemBody, _ = sjson.SetRaw(itemBody, "ha-pairs.interface-pair."+"vipValue.-1", itemChildBody) + } + itemAttributes = append(itemAttributes, "auth-required") + if item.ZscalerAuthenticationRequired.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.auth-required."+"vipValue", strconv.FormatBool(item.ZscalerAuthenticationRequired.ValueBool())) + } + itemAttributes = append(itemAttributes, "xff-forward-enabled") + if item.ZscalerXffForward.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.xff-forward-enabled."+"vipValue", strconv.FormatBool(item.ZscalerXffForward.ValueBool())) + } + itemAttributes = append(itemAttributes, "ofw-enabled") + if item.ZscalerFirewallEnabled.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ofw-enabled."+"vipValue", strconv.FormatBool(item.ZscalerFirewallEnabled.ValueBool())) + } + itemAttributes = append(itemAttributes, "ips-control") + if item.ZscalerIpsControlEnabled.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.ips-control."+"vipValue", strconv.FormatBool(item.ZscalerIpsControlEnabled.ValueBool())) + } + itemAttributes = append(itemAttributes, "caution-enabled") + if item.ZscalerCautionEnabled.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.caution-enabled."+"vipValue", strconv.FormatBool(item.ZscalerCautionEnabled.ValueBool())) + } + itemAttributes = append(itemAttributes, "primary-data-center") + + if !item.ZscalerPrimaryDataCenterVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipVariableName", item.ZscalerPrimaryDataCenterVariable.ValueString()) + } else if item.ZscalerPrimaryDataCenter.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.primary-data-center."+"vipValue", item.ZscalerPrimaryDataCenter.ValueString()) + } + itemAttributes = append(itemAttributes, "secondary-data-center") + + if !item.ZscalerSecondaryDataCenterVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipVariableName", item.ZscalerSecondaryDataCenterVariable.ValueString()) + } else if item.ZscalerSecondaryDataCenter.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.datacenters.secondary-data-center."+"vipValue", item.ZscalerSecondaryDataCenter.ValueString()) + } + itemAttributes = append(itemAttributes, "ip") + if item.ZscalerSurrogateIp.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip."+"vipValue", strconv.FormatBool(item.ZscalerSurrogateIp.ValueBool())) + } + itemAttributes = append(itemAttributes, "idle-time") + if item.ZscalerSurrogateIdleTime.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.idle-time."+"vipValue", item.ZscalerSurrogateIdleTime.ValueInt64()) + } + itemAttributes = append(itemAttributes, "display-time-unit") + if item.ZscalerSurrogateDisplayTimeUnit.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.display-time-unit."+"vipValue", item.ZscalerSurrogateDisplayTimeUnit.ValueString()) + } + itemAttributes = append(itemAttributes, "ip-enforced-for-known-browsers") + if item.ZscalerSurrogateIpEnforceForKnownBrowsers.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.ip-enforced-for-known-browsers."+"vipValue", strconv.FormatBool(item.ZscalerSurrogateIpEnforceForKnownBrowsers.ValueBool())) + } + itemAttributes = append(itemAttributes, "refresh-time-unit") + if item.ZscalerSurrogateRefreshTimeUnit.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.surrogate.refresh-time-unit."+"vipValue", item.ZscalerSurrogateRefreshTimeUnit.ValueString()) + } + itemAttributes = append(itemAttributes, "enabled") + if item.AupEnabled.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.enabled."+"vipValue", strconv.FormatBool(item.AupEnabled.ValueBool())) + } + itemAttributes = append(itemAttributes, "block-internet-until-accepted") + if item.AupBlockInternetUntilAccepted.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.block-internet-until-accepted."+"vipValue", strconv.FormatBool(item.AupBlockInternetUntilAccepted.ValueBool())) + } + itemAttributes = append(itemAttributes, "force-ssl-inspection") + if item.AupForceSslInspection.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.force-ssl-inspection."+"vipValue", strconv.FormatBool(item.AupForceSslInspection.ValueBool())) + } + itemAttributes = append(itemAttributes, "timeout") + if item.AupTimeout.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.aup.timeout."+"vipValue", item.AupTimeout.ValueInt64()) + } + itemAttributes = append(itemAttributes, "location-name") + + if !item.ZscalerLocationNameVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipVariableName", item.ZscalerLocationNameVariable.ValueString()) + } else if item.ZscalerLocationName.IsNull() { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "zscaler-location-settings.location-name."+"vipValue", item.ZscalerLocationName.ValueString()) + } + itemAttributes = append(itemAttributes, "data-center-primary") + + if !item.UmbrellaPrimaryDataCenterVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipVariableName", item.UmbrellaPrimaryDataCenterVariable.ValueString()) + } else if item.UmbrellaPrimaryDataCenter.IsNull() { + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-primary."+"vipValue", item.UmbrellaPrimaryDataCenter.ValueString()) + } + itemAttributes = append(itemAttributes, "data-center-secondary") + + if !item.UmbrellaSecondaryDataCenterVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipVariableName", item.UmbrellaSecondaryDataCenterVariable.ValueString()) + } else if item.UmbrellaSecondaryDataCenter.IsNull() { + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "umbrella-data-center.data-center-secondary."+"vipValue", item.UmbrellaSecondaryDataCenter.ValueString()) + } + if !item.Optional.IsNull() { + itemBody, _ = sjson.Set(itemBody, "vipOptional", item.Optional.ValueBool()) + itemBody, _ = sjson.Set(itemBody, "priority-order", itemAttributes) + } + body, _ = sjson.SetRaw(body, path+"service."+"vipValue.-1", itemBody) + } + + if !data.TrackerSourceIpVariable.IsNull() { + body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipObjectType", "object") + body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipType", "variableName") + body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipVariableName", data.TrackerSourceIpVariable.ValueString()) + } else if data.TrackerSourceIp.IsNull() { + } else { + body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipObjectType", "object") + body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipType", "constant") + body, _ = sjson.Set(body, path+"tracker-src-ip."+"vipValue", data.TrackerSourceIp.ValueString()) + } + if len(data.Trackers) > 0 { + body, _ = sjson.Set(body, path+"tracker."+"vipObjectType", "tree") + body, _ = sjson.Set(body, path+"tracker."+"vipType", "constant") + body, _ = sjson.Set(body, path+"tracker."+"vipPrimaryKey", []string{"tracker-type", "name"}) + body, _ = sjson.Set(body, path+"tracker."+"vipValue", []interface{}{}) + } else { + body, _ = sjson.Set(body, path+"tracker."+"vipObjectType", "tree") + body, _ = sjson.Set(body, path+"tracker."+"vipType", "ignore") + body, _ = sjson.Set(body, path+"tracker."+"vipPrimaryKey", []string{"tracker-type", "name"}) + body, _ = sjson.Set(body, path+"tracker."+"vipValue", []interface{}{}) + } + for _, item := range data.Trackers { + itemBody := "" + itemAttributes := make([]string, 0) + itemAttributes = append(itemAttributes, "name") + + if !item.NameVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "name."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "name."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "name."+"vipVariableName", item.NameVariable.ValueString()) + } else if item.Name.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "name."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "name."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "name."+"vipValue", item.Name.ValueString()) + } + itemAttributes = append(itemAttributes, "endpoint-api-url") + + if !item.EndpointApiUrlVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipVariableName", item.EndpointApiUrlVariable.ValueString()) + } else if item.EndpointApiUrl.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "endpoint-api-url."+"vipValue", item.EndpointApiUrl.ValueString()) + } + itemAttributes = append(itemAttributes, "threshold") + + if !item.ThresholdVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "threshold."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "threshold."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "threshold."+"vipVariableName", item.ThresholdVariable.ValueString()) + } else if item.Threshold.IsNull() { + itemBody, _ = sjson.Set(itemBody, "threshold."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "threshold."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "threshold."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "threshold."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "threshold."+"vipValue", item.Threshold.ValueInt64()) + } + itemAttributes = append(itemAttributes, "multiplier") + + if !item.MultiplierVariable.IsNull() { + itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipType", "variableName") + itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipVariableName", item.MultiplierVariable.ValueString()) + } else if item.Multiplier.IsNull() { + itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipType", "ignore") + } else { + itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "multiplier."+"vipValue", item.Multiplier.ValueInt64()) + } + itemAttributes = append(itemAttributes, "tracker-type") + if item.TrackerType.IsNull() { + } else { + itemBody, _ = sjson.Set(itemBody, "tracker-type."+"vipObjectType", "object") + itemBody, _ = sjson.Set(itemBody, "tracker-type."+"vipType", "constant") + itemBody, _ = sjson.Set(itemBody, "tracker-type."+"vipValue", item.TrackerType.ValueString()) + } + if !item.Optional.IsNull() { + itemBody, _ = sjson.Set(itemBody, "vipOptional", item.Optional.ValueBool()) + itemBody, _ = sjson.Set(itemBody, "priority-order", itemAttributes) + } + body, _ = sjson.SetRaw(body, path+"tracker."+"vipValue.-1", itemBody) + } + return body +} + +func (data *CiscoSecureInternetGateway) fromBody(ctx context.Context, res gjson.Result) { + if value := res.Get("deviceType"); value.Exists() { + data.DeviceTypes = helpers.GetStringList(value.Array()) + } else { + data.DeviceTypes = types.ListNull(types.StringType) + } + if value := res.Get("templateDescription"); value.Exists() && value.String() != "" { + data.Description = types.StringValue(value.String()) + } else { + data.Description = types.StringNull() + } + if value := res.Get("templateName"); value.Exists() { + data.Name = types.StringValue(value.String()) + } else { + data.Name = types.StringNull() + } + if value := res.Get("templateType"); value.Exists() { + data.TemplateType = types.StringValue(value.String()) + } else { + data.TemplateType = types.StringNull() + } + + path := "templateDefinition." + if value := res.Get(path + "vpn-id.vipType"); value.Exists() { + if value.String() == "variableName" { + data.VpnId = types.Int64Null() + + } else if value.String() == "ignore" { + data.VpnId = types.Int64Null() + + } else if value.String() == "constant" { + v := res.Get(path + "vpn-id.vipValue") + data.VpnId = types.Int64Value(v.Int()) + + } + } else { + data.VpnId = types.Int64Null() + + } + if value := res.Get(path + "interface.vipValue"); len(value.Array()) > 0 { + data.Interfaces = make([]CiscoSecureInternetGatewayInterfaces, 0) + value.ForEach(func(k, v gjson.Result) bool { + item := CiscoSecureInternetGatewayInterfaces{} + if cValue := v.Get("vipOptional"); cValue.Exists() { + item.Optional = types.BoolValue(cValue.Bool()) + } else { + item.Optional = types.BoolNull() + } + if cValue := v.Get("if-name.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Name = types.StringNull() + + cv := v.Get("if-name.vipVariableName") + item.NameVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.Name = types.StringNull() + item.NameVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("if-name.vipValue") + item.Name = types.StringValue(cv.String()) + item.NameVariable = types.StringNull() + } + } else { + item.Name = types.StringNull() + item.NameVariable = types.StringNull() + } + if cValue := v.Get("auto.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.AutoTunnelMode = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.AutoTunnelMode = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("auto.vipValue") + item.AutoTunnelMode = types.BoolValue(cv.Bool()) + + } + } else { + item.AutoTunnelMode = types.BoolNull() + + } + if cValue := v.Get("shutdown.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Shutdown = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.Shutdown = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("shutdown.vipValue") + item.Shutdown = types.BoolValue(cv.Bool()) + + } + } else { + item.Shutdown = types.BoolNull() + + } + if cValue := v.Get("description.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Description = types.StringNull() + + cv := v.Get("description.vipVariableName") + item.DescriptionVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.Description = types.StringNull() + item.DescriptionVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("description.vipValue") + item.Description = types.StringValue(cv.String()) + item.DescriptionVariable = types.StringNull() + } + } else { + item.Description = types.StringNull() + item.DescriptionVariable = types.StringNull() + } + if cValue := v.Get("ip.unnumbered.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IpUnnumbered = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.IpUnnumbered = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("ip.unnumbered.vipValue") + item.IpUnnumbered = types.BoolValue(cv.Bool()) + + } + } else { + item.IpUnnumbered = types.BoolNull() + + } + if cValue := v.Get("ip.address.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Ipv4Address = types.StringNull() + + cv := v.Get("ip.address.vipVariableName") + item.Ipv4AddressVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.Ipv4Address = types.StringNull() + item.Ipv4AddressVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ip.address.vipValue") + item.Ipv4Address = types.StringValue(cv.String()) + item.Ipv4AddressVariable = types.StringNull() + } + } else { + item.Ipv4Address = types.StringNull() + item.Ipv4AddressVariable = types.StringNull() + } + if cValue := v.Get("tunnel-source.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TunnelSource = types.StringNull() + + cv := v.Get("tunnel-source.vipVariableName") + item.TunnelSourceVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.TunnelSource = types.StringNull() + item.TunnelSourceVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("tunnel-source.vipValue") + item.TunnelSource = types.StringValue(cv.String()) + item.TunnelSourceVariable = types.StringNull() + } + } else { + item.TunnelSource = types.StringNull() + item.TunnelSourceVariable = types.StringNull() + } + if cValue := v.Get("tunnel-source-interface.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TunnelSourceInterface = types.StringNull() + + cv := v.Get("tunnel-source-interface.vipVariableName") + item.TunnelSourceInterfaceVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.TunnelSourceInterface = types.StringNull() + item.TunnelSourceInterfaceVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("tunnel-source-interface.vipValue") + item.TunnelSourceInterface = types.StringValue(cv.String()) + item.TunnelSourceInterfaceVariable = types.StringNull() + } + } else { + item.TunnelSourceInterface = types.StringNull() + item.TunnelSourceInterfaceVariable = types.StringNull() + } + if cValue := v.Get("tunnel-route-via.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TunnelRouteVia = types.StringNull() + + cv := v.Get("tunnel-route-via.vipVariableName") + item.TunnelRouteViaVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.TunnelRouteVia = types.StringNull() + item.TunnelRouteViaVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("tunnel-route-via.vipValue") + item.TunnelRouteVia = types.StringValue(cv.String()) + item.TunnelRouteViaVariable = types.StringNull() + } + } else { + item.TunnelRouteVia = types.StringNull() + item.TunnelRouteViaVariable = types.StringNull() + } + if cValue := v.Get("tunnel-destination.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TunnelDestination = types.StringNull() + + cv := v.Get("tunnel-destination.vipVariableName") + item.TunnelDestinationVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.TunnelDestination = types.StringNull() + item.TunnelDestinationVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("tunnel-destination.vipValue") + item.TunnelDestination = types.StringValue(cv.String()) + item.TunnelDestinationVariable = types.StringNull() + } + } else { + item.TunnelDestination = types.StringNull() + item.TunnelDestinationVariable = types.StringNull() + } + if cValue := v.Get("application.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Application = types.StringNull() + + } else if cValue.String() == "ignore" { + item.Application = types.StringNull() + + } else if cValue.String() == "constant" { + cv := v.Get("application.vipValue") + item.Application = types.StringValue(cv.String()) + + } + } else { + item.Application = types.StringNull() + + } + if cValue := v.Get("tunnel-set.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.SigProvider = types.StringNull() + + } else if cValue.String() == "ignore" { + item.SigProvider = types.StringNull() + + } else if cValue.String() == "constant" { + cv := v.Get("tunnel-set.vipValue") + item.SigProvider = types.StringValue(cv.String()) + + } + } else { + item.SigProvider = types.StringNull() + + } + if cValue := v.Get("tunnel-dc-preference.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TunnelDcPreference = types.StringNull() + + } else if cValue.String() == "ignore" { + item.TunnelDcPreference = types.StringNull() + + } else if cValue.String() == "constant" { + cv := v.Get("tunnel-dc-preference.vipValue") + item.TunnelDcPreference = types.StringValue(cv.String()) + + } + } else { + item.TunnelDcPreference = types.StringNull() + + } + if cValue := v.Get("tcp-mss-adjust.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TcpMss = types.Int64Null() + + cv := v.Get("tcp-mss-adjust.vipVariableName") + item.TcpMssVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.TcpMss = types.Int64Null() + item.TcpMssVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("tcp-mss-adjust.vipValue") + item.TcpMss = types.Int64Value(cv.Int()) + item.TcpMssVariable = types.StringNull() + } + } else { + item.TcpMss = types.Int64Null() + item.TcpMssVariable = types.StringNull() + } + if cValue := v.Get("mtu.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Mtu = types.Int64Null() + + cv := v.Get("mtu.vipVariableName") + item.MtuVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.Mtu = types.Int64Null() + item.MtuVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("mtu.vipValue") + item.Mtu = types.Int64Value(cv.Int()) + item.MtuVariable = types.StringNull() + } + } else { + item.Mtu = types.Int64Null() + item.MtuVariable = types.StringNull() + } + if cValue := v.Get("dead-peer-detection.dpd-interval.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.DeadPeerDetectionInterval = types.Int64Null() + + cv := v.Get("dead-peer-detection.dpd-interval.vipVariableName") + item.DeadPeerDetectionIntervalVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.DeadPeerDetectionInterval = types.Int64Null() + item.DeadPeerDetectionIntervalVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("dead-peer-detection.dpd-interval.vipValue") + item.DeadPeerDetectionInterval = types.Int64Value(cv.Int()) + item.DeadPeerDetectionIntervalVariable = types.StringNull() + } + } else { + item.DeadPeerDetectionInterval = types.Int64Null() + item.DeadPeerDetectionIntervalVariable = types.StringNull() + } + if cValue := v.Get("dead-peer-detection.dpd-retries.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.DeadPeerDetectionRetries = types.Int64Null() + + cv := v.Get("dead-peer-detection.dpd-retries.vipVariableName") + item.DeadPeerDetectionRetriesVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.DeadPeerDetectionRetries = types.Int64Null() + item.DeadPeerDetectionRetriesVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("dead-peer-detection.dpd-retries.vipValue") + item.DeadPeerDetectionRetries = types.Int64Value(cv.Int()) + item.DeadPeerDetectionRetriesVariable = types.StringNull() + } + } else { + item.DeadPeerDetectionRetries = types.Int64Null() + item.DeadPeerDetectionRetriesVariable = types.StringNull() + } + if cValue := v.Get("ike.ike-version.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IkeVersion = types.Int64Null() + + cv := v.Get("ike.ike-version.vipVariableName") + item.IkeVersionVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IkeVersion = types.Int64Null() + item.IkeVersionVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ike.ike-version.vipValue") + item.IkeVersion = types.Int64Value(cv.Int()) + item.IkeVersionVariable = types.StringNull() + } + } else { + item.IkeVersion = types.Int64Null() + item.IkeVersionVariable = types.StringNull() + } + if cValue := v.Get("ike.authentication-type.pre-shared-key.pre-shared-secret.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IkePreSharedKey = types.StringNull() + + cv := v.Get("ike.authentication-type.pre-shared-key.pre-shared-secret.vipVariableName") + item.IkePreSharedKeyVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IkePreSharedKey = types.StringNull() + item.IkePreSharedKeyVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ike.authentication-type.pre-shared-key.pre-shared-secret.vipValue") + item.IkePreSharedKey = types.StringValue(cv.String()) + item.IkePreSharedKeyVariable = types.StringNull() + } + } else { + item.IkePreSharedKey = types.StringNull() + item.IkePreSharedKeyVariable = types.StringNull() + } + if cValue := v.Get("ike.ike-rekey-interval.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IkeRekeyInterval = types.Int64Null() + + cv := v.Get("ike.ike-rekey-interval.vipVariableName") + item.IkeRekeyIntervalVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IkeRekeyInterval = types.Int64Null() + item.IkeRekeyIntervalVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ike.ike-rekey-interval.vipValue") + item.IkeRekeyInterval = types.Int64Value(cv.Int()) + item.IkeRekeyIntervalVariable = types.StringNull() + } + } else { + item.IkeRekeyInterval = types.Int64Null() + item.IkeRekeyIntervalVariable = types.StringNull() + } + if cValue := v.Get("ike.ike-ciphersuite.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IkeCiphersuite = types.StringNull() + + cv := v.Get("ike.ike-ciphersuite.vipVariableName") + item.IkeCiphersuiteVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IkeCiphersuite = types.StringNull() + item.IkeCiphersuiteVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ike.ike-ciphersuite.vipValue") + item.IkeCiphersuite = types.StringValue(cv.String()) + item.IkeCiphersuiteVariable = types.StringNull() + } + } else { + item.IkeCiphersuite = types.StringNull() + item.IkeCiphersuiteVariable = types.StringNull() + } + if cValue := v.Get("ike.ike-group.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IkeGroup = types.StringNull() + + cv := v.Get("ike.ike-group.vipVariableName") + item.IkeGroupVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IkeGroup = types.StringNull() + item.IkeGroupVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ike.ike-group.vipValue") + item.IkeGroup = types.StringValue(cv.String()) + item.IkeGroupVariable = types.StringNull() + } + } else { + item.IkeGroup = types.StringNull() + item.IkeGroupVariable = types.StringNull() + } + if cValue := v.Get("ike.authentication-type.pre-shared-key-dynamic.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IkePreSharedKeyDynamic = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.IkePreSharedKeyDynamic = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("ike.authentication-type.pre-shared-key-dynamic.vipValue") + item.IkePreSharedKeyDynamic = types.BoolValue(cv.Bool()) + + } + } else { + item.IkePreSharedKeyDynamic = types.BoolNull() + + } + if cValue := v.Get("ike.authentication-type.pre-shared-key.ike-local-id.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IkePreSharedKeyLocalId = types.StringNull() + + cv := v.Get("ike.authentication-type.pre-shared-key.ike-local-id.vipVariableName") + item.IkePreSharedKeyLocalIdVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IkePreSharedKeyLocalId = types.StringNull() + item.IkePreSharedKeyLocalIdVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ike.authentication-type.pre-shared-key.ike-local-id.vipValue") + item.IkePreSharedKeyLocalId = types.StringValue(cv.String()) + item.IkePreSharedKeyLocalIdVariable = types.StringNull() + } + } else { + item.IkePreSharedKeyLocalId = types.StringNull() + item.IkePreSharedKeyLocalIdVariable = types.StringNull() + } + if cValue := v.Get("ike.authentication-type.pre-shared-key.ike-remote-id.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IkePreSharedKeyRemoteId = types.StringNull() + + cv := v.Get("ike.authentication-type.pre-shared-key.ike-remote-id.vipVariableName") + item.IkePreSharedKeyRemoteIdVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IkePreSharedKeyRemoteId = types.StringNull() + item.IkePreSharedKeyRemoteIdVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ike.authentication-type.pre-shared-key.ike-remote-id.vipValue") + item.IkePreSharedKeyRemoteId = types.StringValue(cv.String()) + item.IkePreSharedKeyRemoteIdVariable = types.StringNull() + } + } else { + item.IkePreSharedKeyRemoteId = types.StringNull() + item.IkePreSharedKeyRemoteIdVariable = types.StringNull() + } + if cValue := v.Get("ipsec.ipsec-rekey-interval.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IpsecRekeyInterval = types.Int64Null() + + cv := v.Get("ipsec.ipsec-rekey-interval.vipVariableName") + item.IpsecRekeyIntervalVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IpsecRekeyInterval = types.Int64Null() + item.IpsecRekeyIntervalVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ipsec.ipsec-rekey-interval.vipValue") + item.IpsecRekeyInterval = types.Int64Value(cv.Int()) + item.IpsecRekeyIntervalVariable = types.StringNull() + } + } else { + item.IpsecRekeyInterval = types.Int64Null() + item.IpsecRekeyIntervalVariable = types.StringNull() + } + if cValue := v.Get("ipsec.ipsec-replay-window.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IpsecReplayWindow = types.Int64Null() + + cv := v.Get("ipsec.ipsec-replay-window.vipVariableName") + item.IpsecReplayWindowVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IpsecReplayWindow = types.Int64Null() + item.IpsecReplayWindowVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ipsec.ipsec-replay-window.vipValue") + item.IpsecReplayWindow = types.Int64Value(cv.Int()) + item.IpsecReplayWindowVariable = types.StringNull() + } + } else { + item.IpsecReplayWindow = types.Int64Null() + item.IpsecReplayWindowVariable = types.StringNull() + } + if cValue := v.Get("ipsec.ipsec-ciphersuite.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IpsecCiphersuite = types.StringNull() + + cv := v.Get("ipsec.ipsec-ciphersuite.vipVariableName") + item.IpsecCiphersuiteVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IpsecCiphersuite = types.StringNull() + item.IpsecCiphersuiteVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ipsec.ipsec-ciphersuite.vipValue") + item.IpsecCiphersuite = types.StringValue(cv.String()) + item.IpsecCiphersuiteVariable = types.StringNull() + } + } else { + item.IpsecCiphersuite = types.StringNull() + item.IpsecCiphersuiteVariable = types.StringNull() + } + if cValue := v.Get("ipsec.perfect-forward-secrecy.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.IpsecPerfectForwardSecrecy = types.StringNull() + + cv := v.Get("ipsec.perfect-forward-secrecy.vipVariableName") + item.IpsecPerfectForwardSecrecyVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.IpsecPerfectForwardSecrecy = types.StringNull() + item.IpsecPerfectForwardSecrecyVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("ipsec.perfect-forward-secrecy.vipValue") + item.IpsecPerfectForwardSecrecy = types.StringValue(cv.String()) + item.IpsecPerfectForwardSecrecyVariable = types.StringNull() + } + } else { + item.IpsecPerfectForwardSecrecy = types.StringNull() + item.IpsecPerfectForwardSecrecyVariable = types.StringNull() + } + if cValue := v.Get("track-enable.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TrackEnable = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.TrackEnable = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("track-enable.vipValue") + item.TrackEnable = types.BoolValue(cv.Bool()) + + } + } else { + item.TrackEnable = types.BoolNull() + + } + if cValue := v.Get("tunnel-public-ip.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TunnelPublicIp = types.StringNull() + + cv := v.Get("tunnel-public-ip.vipVariableName") + item.TunnelPublicIpVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.TunnelPublicIp = types.StringNull() + item.TunnelPublicIpVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("tunnel-public-ip.vipValue") + item.TunnelPublicIp = types.StringValue(cv.String()) + item.TunnelPublicIpVariable = types.StringNull() + } + } else { + item.TunnelPublicIp = types.StringNull() + item.TunnelPublicIpVariable = types.StringNull() + } + data.Interfaces = append(data.Interfaces, item) + return true + }) + } + if value := res.Get(path + "service.vipValue"); len(value.Array()) > 0 { + data.Services = make([]CiscoSecureInternetGatewayServices, 0) + value.ForEach(func(k, v gjson.Result) bool { + item := CiscoSecureInternetGatewayServices{} + if cValue := v.Get("vipOptional"); cValue.Exists() { + item.Optional = types.BoolValue(cValue.Bool()) + } else { + item.Optional = types.BoolNull() + } + if cValue := v.Get("svc-type.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ServiceType = types.StringNull() + + } else if cValue.String() == "ignore" { + item.ServiceType = types.StringNull() + + } else if cValue.String() == "constant" { + cv := v.Get("svc-type.vipValue") + item.ServiceType = types.StringValue(cv.String()) + + } + } else { + item.ServiceType = types.StringNull() + + } + if cValue := v.Get("ha-pairs.interface-pair.vipValue"); len(cValue.Array()) > 0 { + item.InterfacePairs = make([]CiscoSecureInternetGatewayServicesInterfacePairs, 0) + cValue.ForEach(func(ck, cv gjson.Result) bool { + cItem := CiscoSecureInternetGatewayServicesInterfacePairs{} + if ccValue := cv.Get("vipOptional"); ccValue.Exists() { + cItem.Optional = types.BoolValue(ccValue.Bool()) + } else { + cItem.Optional = types.BoolNull() + } + if ccValue := cv.Get("active-interface.vipType"); ccValue.Exists() { + if ccValue.String() == "variableName" { + cItem.ActiveInterface = types.StringNull() + + } else if ccValue.String() == "ignore" { + cItem.ActiveInterface = types.StringNull() + + } else if ccValue.String() == "constant" { + ccv := cv.Get("active-interface.vipValue") + cItem.ActiveInterface = types.StringValue(ccv.String()) + + } + } else { + cItem.ActiveInterface = types.StringNull() + + } + if ccValue := cv.Get("active-interface-weight.vipType"); ccValue.Exists() { + if ccValue.String() == "variableName" { + cItem.ActiveInterfaceWeight = types.Int64Null() + + } else if ccValue.String() == "ignore" { + cItem.ActiveInterfaceWeight = types.Int64Null() + + } else if ccValue.String() == "constant" { + ccv := cv.Get("active-interface-weight.vipValue") + cItem.ActiveInterfaceWeight = types.Int64Value(ccv.Int()) + + } + } else { + cItem.ActiveInterfaceWeight = types.Int64Null() + + } + if ccValue := cv.Get("backup-interface.vipType"); ccValue.Exists() { + if ccValue.String() == "variableName" { + cItem.BackupInterface = types.StringNull() + + } else if ccValue.String() == "ignore" { + cItem.BackupInterface = types.StringNull() + + } else if ccValue.String() == "constant" { + ccv := cv.Get("backup-interface.vipValue") + cItem.BackupInterface = types.StringValue(ccv.String()) + + } + } else { + cItem.BackupInterface = types.StringNull() + + } + if ccValue := cv.Get("backup-interface-weight.vipType"); ccValue.Exists() { + if ccValue.String() == "variableName" { + cItem.BackupInterfaceWeight = types.Int64Null() + + } else if ccValue.String() == "ignore" { + cItem.BackupInterfaceWeight = types.Int64Null() + + } else if ccValue.String() == "constant" { + ccv := cv.Get("backup-interface-weight.vipValue") + cItem.BackupInterfaceWeight = types.Int64Value(ccv.Int()) + + } + } else { + cItem.BackupInterfaceWeight = types.Int64Null() + + } + item.InterfacePairs = append(item.InterfacePairs, cItem) + return true + }) + } + if cValue := v.Get("zscaler-location-settings.auth-required.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerAuthenticationRequired = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.ZscalerAuthenticationRequired = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.auth-required.vipValue") + item.ZscalerAuthenticationRequired = types.BoolValue(cv.Bool()) + + } + } else { + item.ZscalerAuthenticationRequired = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.xff-forward-enabled.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerXffForward = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.ZscalerXffForward = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.xff-forward-enabled.vipValue") + item.ZscalerXffForward = types.BoolValue(cv.Bool()) + + } + } else { + item.ZscalerXffForward = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.ofw-enabled.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerFirewallEnabled = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.ZscalerFirewallEnabled = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.ofw-enabled.vipValue") + item.ZscalerFirewallEnabled = types.BoolValue(cv.Bool()) + + } + } else { + item.ZscalerFirewallEnabled = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.ips-control.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerIpsControlEnabled = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.ZscalerIpsControlEnabled = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.ips-control.vipValue") + item.ZscalerIpsControlEnabled = types.BoolValue(cv.Bool()) + + } + } else { + item.ZscalerIpsControlEnabled = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.caution-enabled.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerCautionEnabled = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.ZscalerCautionEnabled = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.caution-enabled.vipValue") + item.ZscalerCautionEnabled = types.BoolValue(cv.Bool()) + + } + } else { + item.ZscalerCautionEnabled = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.datacenters.primary-data-center.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerPrimaryDataCenter = types.StringNull() + + cv := v.Get("zscaler-location-settings.datacenters.primary-data-center.vipVariableName") + item.ZscalerPrimaryDataCenterVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.ZscalerPrimaryDataCenter = types.StringNull() + item.ZscalerPrimaryDataCenterVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.datacenters.primary-data-center.vipValue") + item.ZscalerPrimaryDataCenter = types.StringValue(cv.String()) + item.ZscalerPrimaryDataCenterVariable = types.StringNull() + } + } else { + item.ZscalerPrimaryDataCenter = types.StringNull() + item.ZscalerPrimaryDataCenterVariable = types.StringNull() + } + if cValue := v.Get("zscaler-location-settings.datacenters.secondary-data-center.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerSecondaryDataCenter = types.StringNull() + + cv := v.Get("zscaler-location-settings.datacenters.secondary-data-center.vipVariableName") + item.ZscalerSecondaryDataCenterVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.ZscalerSecondaryDataCenter = types.StringNull() + item.ZscalerSecondaryDataCenterVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.datacenters.secondary-data-center.vipValue") + item.ZscalerSecondaryDataCenter = types.StringValue(cv.String()) + item.ZscalerSecondaryDataCenterVariable = types.StringNull() + } + } else { + item.ZscalerSecondaryDataCenter = types.StringNull() + item.ZscalerSecondaryDataCenterVariable = types.StringNull() + } + if cValue := v.Get("zscaler-location-settings.surrogate.ip.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerSurrogateIp = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.ZscalerSurrogateIp = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.surrogate.ip.vipValue") + item.ZscalerSurrogateIp = types.BoolValue(cv.Bool()) + + } + } else { + item.ZscalerSurrogateIp = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.surrogate.idle-time.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerSurrogateIdleTime = types.Int64Null() + + } else if cValue.String() == "ignore" { + item.ZscalerSurrogateIdleTime = types.Int64Null() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.surrogate.idle-time.vipValue") + item.ZscalerSurrogateIdleTime = types.Int64Value(cv.Int()) + + } + } else { + item.ZscalerSurrogateIdleTime = types.Int64Null() + + } + if cValue := v.Get("zscaler-location-settings.surrogate.display-time-unit.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerSurrogateDisplayTimeUnit = types.StringNull() + + } else if cValue.String() == "ignore" { + item.ZscalerSurrogateDisplayTimeUnit = types.StringNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.surrogate.display-time-unit.vipValue") + item.ZscalerSurrogateDisplayTimeUnit = types.StringValue(cv.String()) + + } + } else { + item.ZscalerSurrogateDisplayTimeUnit = types.StringNull() + + } + if cValue := v.Get("zscaler-location-settings.surrogate.ip-enforced-for-known-browsers.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerSurrogateIpEnforceForKnownBrowsers = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.ZscalerSurrogateIpEnforceForKnownBrowsers = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.surrogate.ip-enforced-for-known-browsers.vipValue") + item.ZscalerSurrogateIpEnforceForKnownBrowsers = types.BoolValue(cv.Bool()) + + } + } else { + item.ZscalerSurrogateIpEnforceForKnownBrowsers = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.surrogate.refresh-time-unit.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerSurrogateRefreshTimeUnit = types.StringNull() + + } else if cValue.String() == "ignore" { + item.ZscalerSurrogateRefreshTimeUnit = types.StringNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.surrogate.refresh-time-unit.vipValue") + item.ZscalerSurrogateRefreshTimeUnit = types.StringValue(cv.String()) + + } + } else { + item.ZscalerSurrogateRefreshTimeUnit = types.StringNull() + + } + if cValue := v.Get("zscaler-location-settings.aup.enabled.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.AupEnabled = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.AupEnabled = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.aup.enabled.vipValue") + item.AupEnabled = types.BoolValue(cv.Bool()) + + } + } else { + item.AupEnabled = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.aup.block-internet-until-accepted.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.AupBlockInternetUntilAccepted = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.AupBlockInternetUntilAccepted = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.aup.block-internet-until-accepted.vipValue") + item.AupBlockInternetUntilAccepted = types.BoolValue(cv.Bool()) + + } + } else { + item.AupBlockInternetUntilAccepted = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.aup.force-ssl-inspection.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.AupForceSslInspection = types.BoolNull() + + } else if cValue.String() == "ignore" { + item.AupForceSslInspection = types.BoolNull() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.aup.force-ssl-inspection.vipValue") + item.AupForceSslInspection = types.BoolValue(cv.Bool()) + + } + } else { + item.AupForceSslInspection = types.BoolNull() + + } + if cValue := v.Get("zscaler-location-settings.aup.timeout.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.AupTimeout = types.Int64Null() + + } else if cValue.String() == "ignore" { + item.AupTimeout = types.Int64Null() + + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.aup.timeout.vipValue") + item.AupTimeout = types.Int64Value(cv.Int()) + + } + } else { + item.AupTimeout = types.Int64Null() + + } + if cValue := v.Get("zscaler-location-settings.location-name.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.ZscalerLocationName = types.StringNull() + + cv := v.Get("zscaler-location-settings.location-name.vipVariableName") + item.ZscalerLocationNameVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.ZscalerLocationName = types.StringNull() + item.ZscalerLocationNameVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("zscaler-location-settings.location-name.vipValue") + item.ZscalerLocationName = types.StringValue(cv.String()) + item.ZscalerLocationNameVariable = types.StringNull() + } + } else { + item.ZscalerLocationName = types.StringNull() + item.ZscalerLocationNameVariable = types.StringNull() + } + if cValue := v.Get("umbrella-data-center.data-center-primary.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.UmbrellaPrimaryDataCenter = types.StringNull() + + cv := v.Get("umbrella-data-center.data-center-primary.vipVariableName") + item.UmbrellaPrimaryDataCenterVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.UmbrellaPrimaryDataCenter = types.StringNull() + item.UmbrellaPrimaryDataCenterVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("umbrella-data-center.data-center-primary.vipValue") + item.UmbrellaPrimaryDataCenter = types.StringValue(cv.String()) + item.UmbrellaPrimaryDataCenterVariable = types.StringNull() + } + } else { + item.UmbrellaPrimaryDataCenter = types.StringNull() + item.UmbrellaPrimaryDataCenterVariable = types.StringNull() + } + if cValue := v.Get("umbrella-data-center.data-center-secondary.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.UmbrellaSecondaryDataCenter = types.StringNull() + + cv := v.Get("umbrella-data-center.data-center-secondary.vipVariableName") + item.UmbrellaSecondaryDataCenterVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.UmbrellaSecondaryDataCenter = types.StringNull() + item.UmbrellaSecondaryDataCenterVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("umbrella-data-center.data-center-secondary.vipValue") + item.UmbrellaSecondaryDataCenter = types.StringValue(cv.String()) + item.UmbrellaSecondaryDataCenterVariable = types.StringNull() + } + } else { + item.UmbrellaSecondaryDataCenter = types.StringNull() + item.UmbrellaSecondaryDataCenterVariable = types.StringNull() + } + data.Services = append(data.Services, item) + return true + }) + } + if value := res.Get(path + "tracker-src-ip.vipType"); value.Exists() { + if value.String() == "variableName" { + data.TrackerSourceIp = types.StringNull() + + v := res.Get(path + "tracker-src-ip.vipVariableName") + data.TrackerSourceIpVariable = types.StringValue(v.String()) + + } else if value.String() == "ignore" { + data.TrackerSourceIp = types.StringNull() + data.TrackerSourceIpVariable = types.StringNull() + } else if value.String() == "constant" { + v := res.Get(path + "tracker-src-ip.vipValue") + data.TrackerSourceIp = types.StringValue(v.String()) + data.TrackerSourceIpVariable = types.StringNull() + } + } else { + data.TrackerSourceIp = types.StringNull() + data.TrackerSourceIpVariable = types.StringNull() + } + if value := res.Get(path + "tracker.vipValue"); len(value.Array()) > 0 { + data.Trackers = make([]CiscoSecureInternetGatewayTrackers, 0) + value.ForEach(func(k, v gjson.Result) bool { + item := CiscoSecureInternetGatewayTrackers{} + if cValue := v.Get("vipOptional"); cValue.Exists() { + item.Optional = types.BoolValue(cValue.Bool()) + } else { + item.Optional = types.BoolNull() + } + if cValue := v.Get("name.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Name = types.StringNull() + + cv := v.Get("name.vipVariableName") + item.NameVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.Name = types.StringNull() + item.NameVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("name.vipValue") + item.Name = types.StringValue(cv.String()) + item.NameVariable = types.StringNull() + } + } else { + item.Name = types.StringNull() + item.NameVariable = types.StringNull() + } + if cValue := v.Get("endpoint-api-url.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.EndpointApiUrl = types.StringNull() + + cv := v.Get("endpoint-api-url.vipVariableName") + item.EndpointApiUrlVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.EndpointApiUrl = types.StringNull() + item.EndpointApiUrlVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("endpoint-api-url.vipValue") + item.EndpointApiUrl = types.StringValue(cv.String()) + item.EndpointApiUrlVariable = types.StringNull() + } + } else { + item.EndpointApiUrl = types.StringNull() + item.EndpointApiUrlVariable = types.StringNull() + } + if cValue := v.Get("threshold.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Threshold = types.Int64Null() + + cv := v.Get("threshold.vipVariableName") + item.ThresholdVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.Threshold = types.Int64Null() + item.ThresholdVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("threshold.vipValue") + item.Threshold = types.Int64Value(cv.Int()) + item.ThresholdVariable = types.StringNull() + } + } else { + item.Threshold = types.Int64Null() + item.ThresholdVariable = types.StringNull() + } + if cValue := v.Get("multiplier.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.Multiplier = types.Int64Null() + + cv := v.Get("multiplier.vipVariableName") + item.MultiplierVariable = types.StringValue(cv.String()) + + } else if cValue.String() == "ignore" { + item.Multiplier = types.Int64Null() + item.MultiplierVariable = types.StringNull() + } else if cValue.String() == "constant" { + cv := v.Get("multiplier.vipValue") + item.Multiplier = types.Int64Value(cv.Int()) + item.MultiplierVariable = types.StringNull() + } + } else { + item.Multiplier = types.Int64Null() + item.MultiplierVariable = types.StringNull() + } + if cValue := v.Get("tracker-type.vipType"); cValue.Exists() { + if cValue.String() == "variableName" { + item.TrackerType = types.StringNull() + + } else if cValue.String() == "ignore" { + item.TrackerType = types.StringNull() + + } else if cValue.String() == "constant" { + cv := v.Get("tracker-type.vipValue") + item.TrackerType = types.StringValue(cv.String()) + + } + } else { + item.TrackerType = types.StringNull() + + } + data.Trackers = append(data.Trackers, item) + return true + }) + } +} + +func (data *CiscoSecureInternetGateway) hasChanges(ctx context.Context, state *CiscoSecureInternetGateway) bool { + hasChanges := false + if !data.VpnId.Equal(state.VpnId) { + hasChanges = true + } + if len(data.Interfaces) != len(state.Interfaces) { + hasChanges = true + } else { + for i := range data.Interfaces { + if !data.Interfaces[i].Name.Equal(state.Interfaces[i].Name) { + hasChanges = true + } + if !data.Interfaces[i].AutoTunnelMode.Equal(state.Interfaces[i].AutoTunnelMode) { + hasChanges = true + } + if !data.Interfaces[i].Shutdown.Equal(state.Interfaces[i].Shutdown) { + hasChanges = true + } + if !data.Interfaces[i].Description.Equal(state.Interfaces[i].Description) { + hasChanges = true + } + if !data.Interfaces[i].IpUnnumbered.Equal(state.Interfaces[i].IpUnnumbered) { + hasChanges = true + } + if !data.Interfaces[i].Ipv4Address.Equal(state.Interfaces[i].Ipv4Address) { + hasChanges = true + } + if !data.Interfaces[i].TunnelSource.Equal(state.Interfaces[i].TunnelSource) { + hasChanges = true + } + if !data.Interfaces[i].TunnelSourceInterface.Equal(state.Interfaces[i].TunnelSourceInterface) { + hasChanges = true + } + if !data.Interfaces[i].TunnelRouteVia.Equal(state.Interfaces[i].TunnelRouteVia) { + hasChanges = true + } + if !data.Interfaces[i].TunnelDestination.Equal(state.Interfaces[i].TunnelDestination) { + hasChanges = true + } + if !data.Interfaces[i].Application.Equal(state.Interfaces[i].Application) { + hasChanges = true + } + if !data.Interfaces[i].SigProvider.Equal(state.Interfaces[i].SigProvider) { + hasChanges = true + } + if !data.Interfaces[i].TunnelDcPreference.Equal(state.Interfaces[i].TunnelDcPreference) { + hasChanges = true + } + if !data.Interfaces[i].TcpMss.Equal(state.Interfaces[i].TcpMss) { + hasChanges = true + } + if !data.Interfaces[i].Mtu.Equal(state.Interfaces[i].Mtu) { + hasChanges = true + } + if !data.Interfaces[i].DeadPeerDetectionInterval.Equal(state.Interfaces[i].DeadPeerDetectionInterval) { + hasChanges = true + } + if !data.Interfaces[i].DeadPeerDetectionRetries.Equal(state.Interfaces[i].DeadPeerDetectionRetries) { + hasChanges = true + } + if !data.Interfaces[i].IkeVersion.Equal(state.Interfaces[i].IkeVersion) { + hasChanges = true + } + if !data.Interfaces[i].IkePreSharedKey.Equal(state.Interfaces[i].IkePreSharedKey) { + hasChanges = true + } + if !data.Interfaces[i].IkeRekeyInterval.Equal(state.Interfaces[i].IkeRekeyInterval) { + hasChanges = true + } + if !data.Interfaces[i].IkeCiphersuite.Equal(state.Interfaces[i].IkeCiphersuite) { + hasChanges = true + } + if !data.Interfaces[i].IkeGroup.Equal(state.Interfaces[i].IkeGroup) { + hasChanges = true + } + if !data.Interfaces[i].IkePreSharedKeyDynamic.Equal(state.Interfaces[i].IkePreSharedKeyDynamic) { + hasChanges = true + } + if !data.Interfaces[i].IkePreSharedKeyLocalId.Equal(state.Interfaces[i].IkePreSharedKeyLocalId) { + hasChanges = true + } + if !data.Interfaces[i].IkePreSharedKeyRemoteId.Equal(state.Interfaces[i].IkePreSharedKeyRemoteId) { + hasChanges = true + } + if !data.Interfaces[i].IpsecRekeyInterval.Equal(state.Interfaces[i].IpsecRekeyInterval) { + hasChanges = true + } + if !data.Interfaces[i].IpsecReplayWindow.Equal(state.Interfaces[i].IpsecReplayWindow) { + hasChanges = true + } + if !data.Interfaces[i].IpsecCiphersuite.Equal(state.Interfaces[i].IpsecCiphersuite) { + hasChanges = true + } + if !data.Interfaces[i].IpsecPerfectForwardSecrecy.Equal(state.Interfaces[i].IpsecPerfectForwardSecrecy) { + hasChanges = true + } + if !data.Interfaces[i].TrackEnable.Equal(state.Interfaces[i].TrackEnable) { + hasChanges = true + } + if !data.Interfaces[i].TunnelPublicIp.Equal(state.Interfaces[i].TunnelPublicIp) { + hasChanges = true + } + } + } + if len(data.Services) != len(state.Services) { + hasChanges = true + } else { + for i := range data.Services { + if !data.Services[i].ServiceType.Equal(state.Services[i].ServiceType) { + hasChanges = true + } + if len(data.Services[i].InterfacePairs) != len(state.Services[i].InterfacePairs) { + hasChanges = true + } else { + for ii := range data.Services[i].InterfacePairs { + if !data.Services[i].InterfacePairs[ii].ActiveInterface.Equal(state.Services[i].InterfacePairs[ii].ActiveInterface) { + hasChanges = true + } + if !data.Services[i].InterfacePairs[ii].ActiveInterfaceWeight.Equal(state.Services[i].InterfacePairs[ii].ActiveInterfaceWeight) { + hasChanges = true + } + if !data.Services[i].InterfacePairs[ii].BackupInterface.Equal(state.Services[i].InterfacePairs[ii].BackupInterface) { + hasChanges = true + } + if !data.Services[i].InterfacePairs[ii].BackupInterfaceWeight.Equal(state.Services[i].InterfacePairs[ii].BackupInterfaceWeight) { + hasChanges = true + } + } + } + if !data.Services[i].ZscalerAuthenticationRequired.Equal(state.Services[i].ZscalerAuthenticationRequired) { + hasChanges = true + } + if !data.Services[i].ZscalerXffForward.Equal(state.Services[i].ZscalerXffForward) { + hasChanges = true + } + if !data.Services[i].ZscalerFirewallEnabled.Equal(state.Services[i].ZscalerFirewallEnabled) { + hasChanges = true + } + if !data.Services[i].ZscalerIpsControlEnabled.Equal(state.Services[i].ZscalerIpsControlEnabled) { + hasChanges = true + } + if !data.Services[i].ZscalerCautionEnabled.Equal(state.Services[i].ZscalerCautionEnabled) { + hasChanges = true + } + if !data.Services[i].ZscalerPrimaryDataCenter.Equal(state.Services[i].ZscalerPrimaryDataCenter) { + hasChanges = true + } + if !data.Services[i].ZscalerSecondaryDataCenter.Equal(state.Services[i].ZscalerSecondaryDataCenter) { + hasChanges = true + } + if !data.Services[i].ZscalerSurrogateIp.Equal(state.Services[i].ZscalerSurrogateIp) { + hasChanges = true + } + if !data.Services[i].ZscalerSurrogateIdleTime.Equal(state.Services[i].ZscalerSurrogateIdleTime) { + hasChanges = true + } + if !data.Services[i].ZscalerSurrogateDisplayTimeUnit.Equal(state.Services[i].ZscalerSurrogateDisplayTimeUnit) { + hasChanges = true + } + if !data.Services[i].ZscalerSurrogateIpEnforceForKnownBrowsers.Equal(state.Services[i].ZscalerSurrogateIpEnforceForKnownBrowsers) { + hasChanges = true + } + if !data.Services[i].ZscalerSurrogateRefreshTimeUnit.Equal(state.Services[i].ZscalerSurrogateRefreshTimeUnit) { + hasChanges = true + } + if !data.Services[i].AupEnabled.Equal(state.Services[i].AupEnabled) { + hasChanges = true + } + if !data.Services[i].AupBlockInternetUntilAccepted.Equal(state.Services[i].AupBlockInternetUntilAccepted) { + hasChanges = true + } + if !data.Services[i].AupForceSslInspection.Equal(state.Services[i].AupForceSslInspection) { + hasChanges = true + } + if !data.Services[i].AupTimeout.Equal(state.Services[i].AupTimeout) { + hasChanges = true + } + if !data.Services[i].ZscalerLocationName.Equal(state.Services[i].ZscalerLocationName) { + hasChanges = true + } + if !data.Services[i].UmbrellaPrimaryDataCenter.Equal(state.Services[i].UmbrellaPrimaryDataCenter) { + hasChanges = true + } + if !data.Services[i].UmbrellaSecondaryDataCenter.Equal(state.Services[i].UmbrellaSecondaryDataCenter) { + hasChanges = true + } + } + } + if !data.TrackerSourceIp.Equal(state.TrackerSourceIp) { + hasChanges = true + } + if len(data.Trackers) != len(state.Trackers) { + hasChanges = true + } else { + for i := range data.Trackers { + if !data.Trackers[i].Name.Equal(state.Trackers[i].Name) { + hasChanges = true + } + if !data.Trackers[i].EndpointApiUrl.Equal(state.Trackers[i].EndpointApiUrl) { + hasChanges = true + } + if !data.Trackers[i].Threshold.Equal(state.Trackers[i].Threshold) { + hasChanges = true + } + if !data.Trackers[i].Multiplier.Equal(state.Trackers[i].Multiplier) { + hasChanges = true + } + if !data.Trackers[i].TrackerType.Equal(state.Trackers[i].TrackerType) { + hasChanges = true + } + } + } + return hasChanges +} diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 7d5fbbd5..0ef4d973 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -251,6 +251,7 @@ func (p *SdwanProvider) Resources(ctx context.Context) []func() resource.Resourc NewCiscoNTPFeatureTemplateResource, NewCiscoOMPFeatureTemplateResource, NewCiscoOSPFFeatureTemplateResource, + NewCiscoSecureInternetGatewayFeatureTemplateResource, NewCiscoSecurityFeatureTemplateResource, NewCiscoSIGCredentialsFeatureTemplateResource, NewCiscoSNMPFeatureTemplateResource, @@ -304,6 +305,7 @@ func (p *SdwanProvider) DataSources(ctx context.Context) []func() datasource.Dat NewCiscoNTPFeatureTemplateDataSource, NewCiscoOMPFeatureTemplateDataSource, NewCiscoOSPFFeatureTemplateDataSource, + NewCiscoSecureInternetGatewayFeatureTemplateDataSource, NewCiscoSecurityFeatureTemplateDataSource, NewCiscoSIGCredentialsFeatureTemplateDataSource, NewCiscoSNMPFeatureTemplateDataSource, diff --git a/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template.go b/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template.go new file mode 100644 index 00000000..871154c8 --- /dev/null +++ b/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template.go @@ -0,0 +1,760 @@ +// Copyright © 2023 Cisco Systems, Inc. and its affiliates. +// All rights reserved. +// +// Licensed under the Mozilla Public License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://mozilla.org/MPL/2.0/ +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// SPDX-License-Identifier: MPL-2.0 + +// Code generated by "gen/generator.go"; DO NOT EDIT. + +package provider + +import ( + "context" + "fmt" + "sync" + + "github.com/CiscoDevNet/terraform-provider-sdwan/internal/provider/helpers" + "github.com/hashicorp/terraform-plugin-framework-validators/int64validator" + "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/resource" + "github.com/hashicorp/terraform-plugin-framework/resource/schema" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" + "github.com/hashicorp/terraform-plugin-framework/schema/validator" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-plugin-log/tflog" + "github.com/netascode/go-sdwan" +) + +// Ensure provider defined types fully satisfy framework interfaces +var _ resource.Resource = &CiscoSecureInternetGatewayFeatureTemplateResource{} +var _ resource.ResourceWithImportState = &CiscoSecureInternetGatewayFeatureTemplateResource{} + +func NewCiscoSecureInternetGatewayFeatureTemplateResource() resource.Resource { + return &CiscoSecureInternetGatewayFeatureTemplateResource{} +} + +type CiscoSecureInternetGatewayFeatureTemplateResource struct { + client *sdwan.Client + updateMutex *sync.Mutex +} + +func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { + resp.TypeName = req.ProviderTypeName + "_cisco_secure_internet_gateway_feature_template" +} + +func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) { + resp.Schema = schema.Schema{ + // This description is used by the documentation generator and the language server. + MarkdownDescription: helpers.NewAttributeDescription("This resource can manage a Cisco Secure Internet Gateway feature template.").AddMinimumVersionDescription("15.0.0").String, + + Attributes: map[string]schema.Attribute{ + "id": schema.StringAttribute{ + MarkdownDescription: "The id of the feature template", + Computed: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.UseStateForUnknown(), + }, + }, + "version": schema.Int64Attribute{ + MarkdownDescription: "The version of the feature template", + Computed: true, + }, + "template_type": schema.StringAttribute{ + MarkdownDescription: "The template type", + Computed: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.UseStateForUnknown(), + }, + }, + "name": schema.StringAttribute{ + MarkdownDescription: "The name of the feature template", + Required: true, + }, + "description": schema.StringAttribute{ + MarkdownDescription: "The description of the feature template", + Required: true, + }, + "device_types": schema.ListAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("List of supported device types").AddStringEnumDescription("vedge-C8000V", "vedge-C8300-1N1S-4T2X", "vedge-C8300-1N1S-6T", "vedge-C8300-2N2S-6T", "vedge-C8300-2N2S-4T2X", "vedge-C8500-12X4QC", "vedge-C8500-12X", "vedge-C8500-20X6C", "vedge-C8500L-8S4X", "vedge-C8200-1N-4T", "vedge-C8200L-1N-4T").String, + ElementType: types.StringType, + Required: true, + }, + "vpn_id": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("List of VPN instances").AddIntegerRangeDescription(0, 65527).AddDefaultValueDescription("0").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(0, 65527), + }, + }, + "interfaces": schema.ListNestedAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Interface name: IPsec when present").String, + Optional: true, + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "name": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Interface name: IPsec when present").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.LengthBetween(4, 8), + }, + }, + "name_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "auto_tunnel_mode": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Auto Tunnel Mode").AddDefaultValueDescription("false").String, + Optional: true, + }, + "shutdown": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Administrative state").AddDefaultValueDescription("false").String, + Optional: true, + }, + "description": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Interface description").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.LengthBetween(1, 128), + }, + }, + "description_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ip_unnumbered": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Unnumbered interface").AddDefaultValueDescription("true").String, + Optional: true, + }, + "ipv4_address": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Assign IPv4 address").String, + Optional: true, + }, + "ipv4_address_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "tunnel_source": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Tunnel source IP Address").String, + Optional: true, + }, + "tunnel_source_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "tunnel_source_interface": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("<1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.LengthBetween(1, 32), + }, + }, + "tunnel_source_interface_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "tunnel_route_via": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("<1..32 characters> Interface name: ge0/<0-..> or ge0/<0-..>.vlanid").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.LengthBetween(1, 32), + }, + }, + "tunnel_route_via_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "tunnel_destination": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Tunnel destination IP address").String, + Optional: true, + }, + "tunnel_destination_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "application": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Enable Application Tunnel Type").AddStringEnumDescription("sig").AddDefaultValueDescription("sig").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("sig"), + }, + }, + "sig_provider": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("SIG Tunnel Provider").AddStringEnumDescription("secure-internet-gateway-umbrella", "secure-internet-gateway-zscaler", "secure-internet-gateway-other").AddDefaultValueDescription("secure-internet-gateway-umbrella").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("secure-internet-gateway-umbrella", "secure-internet-gateway-zscaler", "secure-internet-gateway-other"), + }, + }, + "tunnel_dc_preference": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("SIG Tunnel Data Center").AddStringEnumDescription("primary-dc", "secondary-dc").AddDefaultValueDescription("primary-dc").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("primary-dc", "secondary-dc"), + }, + }, + "tcp_mss": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("TCP MSS on SYN packets, in bytes").AddIntegerRangeDescription(500, 1460).String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(500, 1460), + }, + }, + "tcp_mss_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "mtu": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("Interface MTU <576..2000>, in bytes").AddIntegerRangeDescription(576, 2000).AddDefaultValueDescription("1400").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(576, 2000), + }, + }, + "mtu_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "dead_peer_detection_interval": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("IKE keepalive interval (seconds)").AddIntegerRangeDescription(0, 65535).AddDefaultValueDescription("10").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(0, 65535), + }, + }, + "dead_peer_detection_interval_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "dead_peer_detection_retries": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("IKE keepalive retries").AddIntegerRangeDescription(0, 255).AddDefaultValueDescription("3").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(0, 255), + }, + }, + "dead_peer_detection_retries_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ike_version": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("IKE Version <1..2>").AddIntegerRangeDescription(1, 2).AddDefaultValueDescription("2").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(1, 2), + }, + }, + "ike_version_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ike_pre_shared_key": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use preshared key to authenticate IKE peer").String, + Optional: true, + }, + "ike_pre_shared_key_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ike_rekey_interval": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("IKE rekey interval <300..1209600> seconds").AddIntegerRangeDescription(300, 1209600).AddDefaultValueDescription("14400").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(300, 1209600), + }, + }, + "ike_rekey_interval_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ike_ciphersuite": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("IKE identity the IKE preshared secret belongs to").AddStringEnumDescription("aes256-cbc-sha1", "aes256-cbc-sha2", "aes128-cbc-sha1", "aes128-cbc-sha2").AddDefaultValueDescription("aes256-cbc-sha1").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("aes256-cbc-sha1", "aes256-cbc-sha2", "aes128-cbc-sha1", "aes128-cbc-sha2"), + }, + }, + "ike_ciphersuite_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ike_group": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("IKE Diffie Hellman Groups").AddStringEnumDescription("2", "14", "15", "16").AddDefaultValueDescription("14").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("2", "14", "15", "16"), + }, + }, + "ike_group_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ike_pre_shared_key_dynamic": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use preshared key to authenticate IKE peer").AddDefaultValueDescription("true").String, + Optional: true, + }, + "ike_pre_shared_key_local_id": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("IKE ID for the local endpoint. Input IPv4 address, domain name, or email address").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.LengthBetween(1, 63), + }, + }, + "ike_pre_shared_key_local_id_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ike_pre_shared_key_remote_id": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("IKE ID for the remote endpoint. Input IPv4 address, domain name, or email address").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.LengthBetween(1, 63), + }, + }, + "ike_pre_shared_key_remote_id_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ipsec_rekey_interval": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("IPsec rekey interval <300..1209600> seconds").AddIntegerRangeDescription(300, 1209600).AddDefaultValueDescription("3600").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(300, 1209600), + }, + }, + "ipsec_rekey_interval_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ipsec_replay_window": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("Replay window size 32..8192 (must be a power of 2)").AddIntegerRangeDescription(64, 4096).AddDefaultValueDescription("512").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(64, 4096), + }, + }, + "ipsec_replay_window_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ipsec_ciphersuite": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("IPsec(ESP) encryption and integrity protocol").AddStringEnumDescription("aes256-cbc-sha1", "aes256-cbc-sha384", "aes256-cbc-sha256", "aes256-cbc-sha512", "aes256-gcm", "null-sha1", "null-sha384", "null-sha256", "null-sha512").AddDefaultValueDescription("aes256-gcm").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("aes256-cbc-sha1", "aes256-cbc-sha384", "aes256-cbc-sha256", "aes256-cbc-sha512", "aes256-gcm", "null-sha1", "null-sha384", "null-sha256", "null-sha512"), + }, + }, + "ipsec_ciphersuite_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "ipsec_perfect_forward_secrecy": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("IPsec perfect forward secrecy settings").AddStringEnumDescription("group-2", "group-14", "group-15", "group-16", "none").AddDefaultValueDescription("none").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("group-2", "group-14", "group-15", "group-16", "none"), + }, + }, + "ipsec_perfect_forward_secrecy_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "track_enable": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Enable/disable SIG tracking").AddDefaultValueDescription("true").String, + Optional: true, + }, + "tunnel_public_ip": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Public IP required to setup GRE tunnel to Zscaler").AddDefaultValueDescription("Auto").String, + Optional: true, + }, + "tunnel_public_ip_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "optional": schema.BoolAttribute{ + MarkdownDescription: "Indicates if list item is considered optional.", + Optional: true, + }, + }, + }, + }, + "services": schema.ListNestedAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Configure services").String, + Optional: true, + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "service_type": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Service Type").AddStringEnumDescription("sig").AddDefaultValueDescription("sig").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("sig"), + }, + }, + "interface_pairs": schema.ListNestedAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Interface Pair for active and backup").String, + Optional: true, + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "active_interface": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Active Tunnel Interface for SIG").String, + Optional: true, + }, + "active_interface_weight": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("Active Tunnel Interface Weight").AddIntegerRangeDescription(1, 255).AddDefaultValueDescription("1").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(1, 255), + }, + }, + "backup_interface": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Backup Tunnel Interface for SIG").String, + Optional: true, + }, + "backup_interface_weight": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("Backup Tunnel Interface Weight").AddIntegerRangeDescription(1, 255).AddDefaultValueDescription("1").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(1, 255), + }, + }, + "optional": schema.BoolAttribute{ + MarkdownDescription: "Indicates if list item is considered optional.", + Optional: true, + }, + }, + }, + }, + "zscaler_authentication_required": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Enforce Authentication").AddDefaultValueDescription("false").String, + Optional: true, + }, + "zscaler_xff_forward": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("XFF forwarding enabled").AddDefaultValueDescription("false").String, + Optional: true, + }, + "zscaler_firewall_enabled": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Firewall enabled").AddDefaultValueDescription("false").String, + Optional: true, + }, + "zscaler_ips_control_enabled": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Enable IPS Control").AddDefaultValueDescription("false").String, + Optional: true, + }, + "zscaler_caution_enabled": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Enable Caution").AddDefaultValueDescription("false").String, + Optional: true, + }, + "zscaler_primary_data_center": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Custom Primary Datacenter").AddDefaultValueDescription("Auto").String, + Optional: true, + }, + "zscaler_primary_data_center_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "zscaler_secondary_data_center": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Custom Secondary Datacenter").AddDefaultValueDescription("Auto").String, + Optional: true, + }, + "zscaler_secondary_data_center_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "zscaler_surrogate_ip": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Enable Surrogate IP").AddDefaultValueDescription("false").String, + Optional: true, + }, + "zscaler_surrogate_idle_time": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("Idle time to disassociation").AddDefaultValueDescription("0").String, + Optional: true, + }, + "zscaler_surrogate_display_time_unit": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Display time unit").AddStringEnumDescription("MINUTE", "HOUR", "DAY").AddDefaultValueDescription("MINUTE").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("MINUTE", "HOUR", "DAY"), + }, + }, + "zscaler_surrogate_ip_enforce_for_known_browsers": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Enforce Surrogate IP for known browsers").AddDefaultValueDescription("false").String, + Optional: true, + }, + "zscaler_surrogate_refresh_time_unit": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Refresh Time unit").AddStringEnumDescription("MINUTE", "HOUR", "DAY").AddDefaultValueDescription("MINUTE").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("MINUTE", "HOUR", "DAY"), + }, + }, + "aup_enabled": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Enable Acceptable User Policy").AddDefaultValueDescription("false").String, + Optional: true, + }, + "aup_block_internet_until_accepted": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("For first-time Acceptable User Policy behavior, block Internet access").AddDefaultValueDescription("false").String, + Optional: true, + }, + "aup_force_ssl_inspection": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("For first-time Acceptable User Policy behavior, force SSL inspection").AddDefaultValueDescription("false").String, + Optional: true, + }, + "aup_timeout": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("Custom Acceptable User Policy frequency in days").AddDefaultValueDescription("0").String, + Optional: true, + }, + "zscaler_location_name": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Zscaler location name (optional)").AddDefaultValueDescription("Auto").String, + Optional: true, + }, + "zscaler_location_name_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "umbrella_primary_data_center": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Umbrella Primary Datacenter").AddDefaultValueDescription("Auto").String, + Optional: true, + }, + "umbrella_primary_data_center_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "umbrella_secondary_data_center": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Umbrella Secondary Datacenter").AddDefaultValueDescription("Auto").String, + Optional: true, + }, + "umbrella_secondary_data_center_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "optional": schema.BoolAttribute{ + MarkdownDescription: "Indicates if list item is considered optional.", + Optional: true, + }, + }, + }, + }, + "tracker_source_ip": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Source IP address for Tracker").String, + Optional: true, + }, + "tracker_source_ip_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "trackers": schema.ListNestedAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Tracker configuration").String, + Optional: true, + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "name": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Tracker name").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.LengthBetween(1, 128), + }, + }, + "name_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "endpoint_api_url": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("API url of endpoint").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.LengthBetween(0, 512), + }, + }, + "endpoint_api_url_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "threshold": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("Probe Timeout threshold <100..1000> milliseconds").AddIntegerRangeDescription(100, 1000).AddDefaultValueDescription("300").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(100, 1000), + }, + }, + "threshold_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "multiplier": schema.Int64Attribute{ + MarkdownDescription: helpers.NewAttributeDescription("Probe failure multiplier <1..10> failed attempts").AddIntegerRangeDescription(1, 10).AddDefaultValueDescription("3").String, + Optional: true, + Validators: []validator.Int64{ + int64validator.Between(1, 10), + }, + }, + "multiplier_variable": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Variable name").String, + Optional: true, + }, + "tracker_type": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("").AddStringEnumDescription("SIG").AddDefaultValueDescription(" SIG").String, + Optional: true, + Validators: []validator.String{ + stringvalidator.OneOf("SIG"), + }, + }, + "optional": schema.BoolAttribute{ + MarkdownDescription: "Indicates if list item is considered optional.", + Optional: true, + }, + }, + }, + }, + }, + } +} + +func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Configure(_ context.Context, req resource.ConfigureRequest, _ *resource.ConfigureResponse) { + if req.ProviderData == nil { + return + } + + r.client = req.ProviderData.(*SdwanProviderData).Client + r.updateMutex = req.ProviderData.(*SdwanProviderData).UpdateMutex +} + +func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { + var plan CiscoSecureInternetGateway + + // Read plan + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Create", plan.Name.ValueString())) + + // Create object + body := plan.toBody(ctx) + + res, err := r.client.Post("/template/feature", body) + if err != nil { + resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to configure object (POST), got error: %s, %s", err, res.String())) + return + } + + plan.Id = types.StringValue(res.Get("templateId").String()) + plan.Version = types.Int64Value(0) + plan.TemplateType = types.StringValue(plan.getModel()) + + tflog.Debug(ctx, fmt.Sprintf("%s: Create finished successfully", plan.Name.ValueString())) + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) +} + +func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { + var state CiscoSecureInternetGateway + + // Read state + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Read", state.Name.String())) + + res, err := r.client.Get("/template/feature/object/" + state.Id.ValueString()) + if res.Get("error.message").String() == "Invalid Template Id" { + resp.State.RemoveResource(ctx) + return + } else if err != nil { + resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to retrieve object (GET), got error: %s, %s", err, res.String())) + return + } + + state.fromBody(ctx, res) + + tflog.Debug(ctx, fmt.Sprintf("%s: Read finished successfully", state.Name.ValueString())) + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) +} + +func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { + var plan, state CiscoSecureInternetGateway + + // Read plan + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + // Read state + diags = req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Update", plan.Name.ValueString())) + + body := plan.toBody(ctx) + r.updateMutex.Lock() + res, err := r.client.Put("/template/feature/"+plan.Id.ValueString(), body) + r.updateMutex.Unlock() + if err != nil { + if res.Get("error.message").String() == "Template locked in edit mode." { + resp.Diagnostics.AddWarning("Client Warning", fmt.Sprintf("Failed to modify template due to template being locked by another change. Template changes will not be applied. Re-run 'terraform apply' to try again.")) + } else { + resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to configure object (PUT), got error: %s, %s", err, res.String())) + return + } + } + + if plan.hasChanges(ctx, &state) { + plan.Version = types.Int64Value(state.Version.ValueInt64() + 1) + } else { + plan.Version = state.Version + } + + tflog.Debug(ctx, fmt.Sprintf("%s: Update finished successfully", plan.Name.ValueString())) + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) +} + +func (r *CiscoSecureInternetGatewayFeatureTemplateResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { + var state CiscoSecureInternetGateway + + // Read state + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Delete", state.Name.ValueString())) + + res, err := r.client.Delete("/template/feature/" + state.Id.ValueString()) + if err != nil && res.Get("error.message").String() != "Invalid Template Id" { + resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to delete object (DELETE), got error: %s, %s", err, res.String())) + return + } + + tflog.Debug(ctx, fmt.Sprintf("%s: Delete finished successfully", state.Name.ValueString())) + + resp.State.RemoveResource(ctx) +} + +func (r *CiscoSecureInternetGatewayFeatureTemplateResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) { + resource.ImportStatePassthroughID(ctx, path.Root("id"), req, resp) +} diff --git a/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template_test.go b/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template_test.go new file mode 100644 index 00000000..5da6b453 --- /dev/null +++ b/internal/provider/resource_sdwan_cisco_secure_internet_gateway_feature_template_test.go @@ -0,0 +1,201 @@ +// Copyright © 2023 Cisco Systems, Inc. and its affiliates. +// All rights reserved. +// +// Licensed under the Mozilla Public License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://mozilla.org/MPL/2.0/ +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// SPDX-License-Identifier: MPL-2.0 + +// Code generated by "gen/generator.go"; DO NOT EDIT. + +package provider + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-testing/helper/resource" +) + +func TestAccSdwanCiscoSecureInternetGatewayFeatureTemplate(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProtoV6ProviderFactories, + Steps: []resource.TestStep{ + { + Config: testAccSdwanCiscoSecureInternetGatewayFeatureTemplateConfig_minimum(), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "vpn_id", "1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "tracker_source_ip", "2.3.4.5"), + ), + }, + { + Config: testAccSdwanCiscoSecureInternetGatewayFeatureTemplateConfig_all(), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "vpn_id", "1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.name", "ipsec1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.auto_tunnel_mode", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.shutdown", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.description", "My Description"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ip_unnumbered", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipv4_address", "1.2.3.4/24"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_source", "3.3.3.3"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_source_interface", "ge0/1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_route_via", "ge0/2"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_destination", "3.4.5.6"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.application", "sig"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.sig_provider", "secure-internet-gateway-umbrella"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_dc_preference", "primary-dc"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tcp_mss", "1400"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.mtu", "1500"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.dead_peer_detection_interval", "30"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.dead_peer_detection_retries", "5"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_version", "1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key", "A1234567"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_rekey_interval", "600"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_ciphersuite", "aes256-cbc-sha2"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_group", "14"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_dynamic", "false"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_local_id", "1.2.3.4"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ike_pre_shared_key_remote_id", "2.3.4.5"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_rekey_interval", "7200"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_replay_window", "1024"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_ciphersuite", "aes256-cbc-sha1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.ipsec_perfect_forward_secrecy", "group-14"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.track_enable", "false"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "interfaces.0.tunnel_public_ip", "5.5.5.5"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.service_type", "sig"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.active_interface", "e1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.active_interface_weight", "10"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.backup_interface", "e2"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.interface_pairs.0.backup_interface_weight", "20"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_authentication_required", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_xff_forward", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_firewall_enabled", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_ips_control_enabled", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_caution_enabled", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_primary_data_center", "Auto"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_secondary_data_center", "Auto"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_ip", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_idle_time", "100"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_display_time_unit", "MINUTE"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_ip_enforce_for_known_browsers", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_surrogate_refresh_time_unit", "MINUTE"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_enabled", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_block_internet_until_accepted", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_force_ssl_inspection", "true"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.aup_timeout", "60"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.zscaler_location_name", "LOC1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.umbrella_primary_data_center", "Auto"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "services.0.umbrella_secondary_data_center", "Auto"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "tracker_source_ip", "2.3.4.5"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.name", "TRACKER1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.endpoint_api_url", "https://1.1.1.1"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.threshold", "500"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.multiplier", "4"), + resource.TestCheckResourceAttr("sdwan_cisco_secure_internet_gateway_feature_template.test", "trackers.0.tracker_type", "SIG"), + ), + }, + }, + }) +} + +func testAccSdwanCiscoSecureInternetGatewayFeatureTemplateConfig_minimum() string { + return ` + resource "sdwan_cisco_secure_internet_gateway_feature_template" "test" { + name = "TF_TEST_MIN" + description = "Terraform integration test" + device_types = ["vedge-C8000V"] + vpn_id = 1 + tracker_source_ip = "2.3.4.5" + } + ` +} + +func testAccSdwanCiscoSecureInternetGatewayFeatureTemplateConfig_all() string { + return ` + resource "sdwan_cisco_secure_internet_gateway_feature_template" "test" { + name = "TF_TEST_ALL" + description = "Terraform integration test" + device_types = ["vedge-C8000V"] + vpn_id = 1 + interfaces = [{ + name = "ipsec1" + auto_tunnel_mode = true + shutdown = true + description = "My Description" + ip_unnumbered = true + ipv4_address = "1.2.3.4/24" + tunnel_source = "3.3.3.3" + tunnel_source_interface = "ge0/1" + tunnel_route_via = "ge0/2" + tunnel_destination = "3.4.5.6" + application = "sig" + sig_provider = "secure-internet-gateway-umbrella" + tunnel_dc_preference = "primary-dc" + tcp_mss = 1400 + mtu = 1500 + dead_peer_detection_interval = 30 + dead_peer_detection_retries = 5 + ike_version = 1 + ike_pre_shared_key = "A1234567" + ike_rekey_interval = 600 + ike_ciphersuite = "aes256-cbc-sha2" + ike_group = "14" + ike_pre_shared_key_dynamic = false + ike_pre_shared_key_local_id = "1.2.3.4" + ike_pre_shared_key_remote_id = "2.3.4.5" + ipsec_rekey_interval = 7200 + ipsec_replay_window = 1024 + ipsec_ciphersuite = "aes256-cbc-sha1" + ipsec_perfect_forward_secrecy = "group-14" + track_enable = false + tunnel_public_ip = "5.5.5.5" + }] + services = [{ + service_type = "sig" + interface_pairs = [{ + active_interface = "e1" + active_interface_weight = 10 + backup_interface = "e2" + backup_interface_weight = 20 + }] + zscaler_authentication_required = true + zscaler_xff_forward = true + zscaler_firewall_enabled = true + zscaler_ips_control_enabled = true + zscaler_caution_enabled = true + zscaler_primary_data_center = "Auto" + zscaler_secondary_data_center = "Auto" + zscaler_surrogate_ip = true + zscaler_surrogate_idle_time = 100 + zscaler_surrogate_display_time_unit = "MINUTE" + zscaler_surrogate_ip_enforce_for_known_browsers = true + zscaler_surrogate_refresh_time_unit = "MINUTE" + aup_enabled = true + aup_block_internet_until_accepted = true + aup_force_ssl_inspection = true + aup_timeout = 60 + zscaler_location_name = "LOC1" + umbrella_primary_data_center = "Auto" + umbrella_secondary_data_center = "Auto" + }] + tracker_source_ip = "2.3.4.5" + trackers = [{ + name = "TRACKER1" + endpoint_api_url = "https://1.1.1.1" + threshold = 500 + multiplier = 4 + tracker_type = "SIG" + }] + } + ` +} diff --git a/templates/guides/changelog.md.tmpl b/templates/guides/changelog.md.tmpl index b3fb9792..d16a076b 100644 --- a/templates/guides/changelog.md.tmpl +++ b/templates/guides/changelog.md.tmpl @@ -11,6 +11,7 @@ description: |- - Add `sdwan_cisco_ospf_feature_template` resource and data source - Add `sdwan_cisco_vpn_interface_ipsec_feature_template` resource and data source +- Add `sdwan_cisco_secure_internet_gateway_feature_template` resource and data source ## 0.2.0