Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
review feedback changes
Browse files Browse the repository at this point in the history
jackofallops committed Jul 28, 2023

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
1 parent 3957923 commit 110a665
Showing 19 changed files with 102 additions and 210 deletions.
11 changes: 5 additions & 6 deletions internal/services/paloalto/local_rule_stack_rule_resource.go
Original file line number Diff line number Diff line change
@@ -3,6 +3,7 @@ package paloalto
import (
"context"
"fmt"
"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
"strconv"
"strings"
"time"
@@ -16,7 +17,6 @@ import (
"github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
"github.com/hashicorp/terraform-provider-azurerm/internal/services/paloalto/schema"
"github.com/hashicorp/terraform-provider-azurerm/internal/services/paloalto/validate"
"github.com/hashicorp/terraform-provider-azurerm/internal/tags"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
)
@@ -80,15 +80,14 @@ func (r LocalRuleStackRule) Arguments() map[string]*pluginsdk.Schema {
ValidateFunc: validation.IntBetween(1, 10000),
},

// Optional

"action": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(localrules.ActionEnumAllow),
Required: true,
ValidateFunc: validation.StringInSlice(localrules.PossibleValuesForActionEnum(), false),
},

// Optional

"applications": {
Type: pluginsdk.TypeList,
Required: true,
@@ -171,7 +170,7 @@ func (r LocalRuleStackRule) Arguments() map[string]*pluginsdk.Schema {

"source": schema.SourceSchema(),

"tags": tags.Schema(),
"tags": commonschema.Tags(),
}
}

Original file line number Diff line number Diff line change
@@ -139,6 +139,7 @@ resource "azurerm_palo_alto_local_rulestack_rule" "test" {
name = "testacc-palr-%[2]d"
rulestack_id = azurerm_palo_alto_local_rulestack.test.id
priority = 100
action = "Allow"
applications = ["any"]
@@ -162,10 +163,10 @@ func (r LocalRuleResource) requiresImport(data acceptance.TestData) string {
resource "azurerm_palo_alto_local_rulestack_rule" "import" {
name = azurerm_palo_alto_local_rulestack_rule.test.name
rulestack_id = azurerm_palo_alto_local_rulestack_rule.test.rulestack_id
rulestack_id = azurerm_palo_alto_local_rulestack_rule.test.rulestack_id
priority = azurerm_palo_alto_local_rulestack_rule.test.priority
applications = azurerm_palo_alto_local_rulestack_rule.test.applications
action = "Allow"
applications = azurerm_palo_alto_local_rulestack_rule.test.applications
destination {
cidrs = azurerm_palo_alto_local_rulestack_rule.test.destination.0.cidrs
@@ -190,6 +191,7 @@ resource "azurerm_palo_alto_local_rulestack_rule" "test" {
name = "testacc-palr-%[2]d"
rulestack_id = azurerm_palo_alto_local_rulestack.test.id
priority = 100
action = "Allow"
applications = ["any"]
Original file line number Diff line number Diff line change
@@ -94,7 +94,7 @@ func (l LocalRulestackOutboundTrustCertificateAssociationResource) Create() sdk.
}

if err = client.CommitThenPoll(ctx, rulestackId); err != nil {
return fmt.Errorf("committing Local Rulestack configurtion for UnTrust Certificate for %s: %+v", rulestackId, err)
return fmt.Errorf("committing Local Rulestack configurtion for Outbound Trust Certificate for %s: %+v", rulestackId, err)
}

metadata.SetID(certificateId)
Original file line number Diff line number Diff line change
@@ -94,7 +94,7 @@ func (l LocalRulestackOutboundUnTrustCertificateAssociationResource) Create() sd
}

if err = client.CommitThenPoll(ctx, rulestackId); err != nil {
return fmt.Errorf("committing rulestack config for UnTrust Certificate for %s: %+v", rulestackId, err)
return fmt.Errorf("committing rulestack config for Outbound UnTrust Certificate for %s: %+v", rulestackId, err)
}

metadata.SetID(certificateId)
@@ -173,7 +173,7 @@ func (l LocalRulestackOutboundUnTrustCertificateAssociationResource) Delete() sd
}

if err = client.CommitThenPoll(ctx, rulestackId); err != nil {
return fmt.Errorf("committing rulestack config for removing UnTrust Certificate for %s: %+v", rulestackId, err)
return fmt.Errorf("committing rulestack config for removing Outbound UnTrust Certificate for %s: %+v", rulestackId, err)
}

return nil
Original file line number Diff line number Diff line change
@@ -42,7 +42,7 @@ func (r NextGenerationFirewallVHubLocalRuleStackResource) IDValidationFunc() plu
}

func (r NextGenerationFirewallVHubLocalRuleStackResource) ResourceType() string {
return "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack"
return "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack"
}

func (r NextGenerationFirewallVHubLocalRuleStackResource) Arguments() map[string]*pluginsdk.Schema {
@@ -251,9 +251,8 @@ func (r NextGenerationFirewallVHubLocalRuleStackResource) Update() sdk.ResourceF
}

ruleStack := &firewalls.RulestackDetails{
Location: props.AssociatedRulestack.Location,
ResourceId: nil,
RulestackId: pointer.To(ruleStackID.ID()),
Location: props.AssociatedRulestack.Location,
ResourceId: pointer.To(ruleStackID.ID()),
}

props.AssociatedRulestack = ruleStack
@@ -278,7 +277,7 @@ func (r NextGenerationFirewallVHubLocalRuleStackResource) Update() sdk.ResourceF
}

if err = client.CreateOrUpdateThenPoll(ctx, *id, firewall); err != nil {
return err
return fmt.Errorf("updating %s: %+v", *id, err)
}

return nil
Original file line number Diff line number Diff line change
@@ -17,7 +17,7 @@ import (
type NextGenerationFirewallVWanResource struct{}

func TestAccPaloAltoNextGenerationFirewallVHubLocalRulestack_basic(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack", "test")

r := NextGenerationFirewallVWanResource{}

@@ -33,7 +33,7 @@ func TestAccPaloAltoNextGenerationFirewallVHubLocalRulestack_basic(t *testing.T)
}

func TestAccPaloAltoNextGenerationFirewallVHubLocalRulestack_requiresImport(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack", "test")

r := NextGenerationFirewallVWanResource{}

@@ -49,7 +49,7 @@ func TestAccPaloAltoNextGenerationFirewallVHubLocalRulestack_requiresImport(t *t
}

func TestAccPaloAltoNextGenerationFirewallVHubLocalRulestack_complete(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack", "test")

r := NextGenerationFirewallVWanResource{}

@@ -65,7 +65,7 @@ func TestAccPaloAltoNextGenerationFirewallVHubLocalRulestack_complete(t *testing
}

func TestAccPaloAltoNextGenerationFirewallVHubLocalRulestack_update(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack", "test")

r := NextGenerationFirewallVWanResource{}

@@ -133,15 +133,15 @@ provider "azurerm" {
%[1]s
resource "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack" "test" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack" "test" {
name = "acctest-ngfwvh-%[2]d"
resource_group_name = azurerm_resource_group.test.name
rulestack_id = azurerm_palo_alto_local_rulestack.test.id
network_profile {
virtual_hub_id = azurerm_virtual_hub.test.id
network_virtual_appliance_id = azurerm_palo_alto_virtual_network_appliance.test.id
public_ip_ids = [azurerm_public_ip.test.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
}
}
`, r.template(data), data.RandomInteger)
@@ -152,15 +152,15 @@ func (r NextGenerationFirewallVWanResource) requiresImport(data acceptance.TestD
%[1]s
resource "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack" "import" {
name = azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack.test.name
resource_group_name = azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack.test.resource_group_name
rulestack_id = azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack.test.rulestack_id
resource "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack" "import" {
name = azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack.test.name
resource_group_name = azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack.test.resource_group_name
rulestack_id = azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack.test.rulestack_id
network_profile {
virtual_hub_id = azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack.test.network_profile.0.virtual_hub_id
network_virtual_appliance_id = azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack.test.network_profile.0.network_virtual_appliance_id
public_ip_ids = azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack.test.network_profile.0.public_ip_ids
virtual_hub_id = azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack.test.network_profile.0.virtual_hub_id
network_virtual_appliance_id = azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack.test.network_profile.0.network_virtual_appliance_id
public_ip_address_ids = azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack.test.network_profile.0.public_ip_address_ids
}
}
`, r.basic(data))
@@ -174,15 +174,15 @@ provider "azurerm" {
%[1]s
resource "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack" "test" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack" "test" {
name = "acctest-ngfwvh-%[2]d"
resource_group_name = azurerm_resource_group.test.name
rulestack_id = azurerm_palo_alto_local_rulestack.test.id
network_profile {
virtual_hub_id = azurerm_virtual_hub.test.id
network_virtual_appliance_id = azurerm_palo_alto_virtual_network_appliance.test.id
public_ip_ids = [azurerm_public_ip.test.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
}
dns_settings {
@@ -226,15 +226,15 @@ provider "azurerm" {
%[1]s
resource "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack" "test" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack" "test" {
name = "acctest-ngfwvh-%[2]d"
resource_group_name = azurerm_resource_group.test.name
rulestack_id = azurerm_palo_alto_local_rulestack.test.id
network_profile {
virtual_hub_id = azurerm_virtual_hub.test.id
network_virtual_appliance_id = azurerm_palo_alto_virtual_network_appliance.test.id
public_ip_ids = [azurerm_public_ip.test.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
}
dns_settings {
Original file line number Diff line number Diff line change
@@ -32,7 +32,6 @@ type NextGenerationFirewallVHubPanoramaModel struct {

// Computed
PanoramaConfig []schema.Panorama `tfschema:"panorama_config"`
PanEtag string `tfschema:"pan_etag"`
}

var _ sdk.ResourceWithUpdate = NextGenerationFirewallVHubPanoramaResource{}
@@ -82,11 +81,6 @@ func (r NextGenerationFirewallVHubPanoramaResource) Arguments() map[string]*plug
func (r NextGenerationFirewallVHubPanoramaResource) Attributes() map[string]*pluginsdk.Schema {
return map[string]*pluginsdk.Schema{
"panorama_config": schema.PanoramaSchema(),

"pan_etag": {
Type: pluginsdk.TypeString,
Computed: true,
},
}
}

@@ -137,7 +131,7 @@ func (r NextGenerationFirewallVHubPanoramaResource) Create() sdk.ResourceFunc {
}

if err = client.CreateOrUpdateThenPoll(ctx, id, firewall); err != nil {
return err
return fmt.Errorf("creating %s: %+v", id, err)
}

metadata.SetID(id)
@@ -176,7 +170,7 @@ func (r NextGenerationFirewallVHubPanoramaResource) Read() sdk.ResourceFunc {

netProfile, err := schema.FlattenNetworkProfileVHub(props.NetworkProfile)
if err != nil {
return fmt.Errorf("parsing Network Profile for %s: %+v", *id, err)
return fmt.Errorf("flattening Network Profile for %s: %+v", *id, err)
}

state.NetworkProfile = []schema.NetworkProfileVHub{*netProfile}
Original file line number Diff line number Diff line change
@@ -70,7 +70,7 @@ resource "azurerm_palo_alto_next_generation_firewall_vhub_panorama" "test" {
network_profile {
virtual_hub_id = azurerm_virtual_hub.test.id
network_virtual_appliance_id = azurerm_palo_alto_virtual_network_appliance.test.id
public_ip_ids = [azurerm_public_ip.test.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
}
}
Original file line number Diff line number Diff line change
@@ -27,12 +27,7 @@ type NextGenerationFirewallVnetLocalRulestackModel struct {
RuleStackId string `tfschema:"rulestack_id"`
DNSSettings []schema.DNSSettings `tfschema:"dns_settings"`
FrontEnd []schema.DestinationNAT `tfschema:"destination_nat"`

// Computed
PlanData []schema.Plan `tfschema:"plan"`
PanEtag string `tfschema:"pan_etag"`

Tags map[string]interface{} `tfschema:"tags"`
Tags map[string]interface{} `tfschema:"tags"`
}

var _ sdk.ResourceWithUpdate = NextGenerationFirewallVNetLocalRulestackResource{}
@@ -70,18 +65,11 @@ func (r NextGenerationFirewallVNetLocalRulestackResource) Arguments() map[string
}

func (r NextGenerationFirewallVNetLocalRulestackResource) Attributes() map[string]*pluginsdk.Schema {
return map[string]*pluginsdk.Schema{
"plan": schema.PlanSchema(),

"pan_etag": {
Type: pluginsdk.TypeString,
Computed: true,
},
}
return map[string]*pluginsdk.Schema{}
}

func (r NextGenerationFirewallVNetLocalRulestackResource) ResourceType() string {
return "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack"
return "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack"
}

func (r NextGenerationFirewallVNetLocalRulestackResource) Create() sdk.ResourceFunc {
@@ -144,7 +132,7 @@ func (r NextGenerationFirewallVNetLocalRulestackResource) Create() sdk.ResourceF
}

if err = client.CreateOrUpdateThenPoll(ctx, id, firewall); err != nil {
return err
return fmt.Errorf("creating %s: %+v", id, err)
}

metadata.SetID(id)
@@ -190,10 +178,6 @@ func (r NextGenerationFirewallVNetLocalRulestackResource) Read() sdk.ResourceFun

state.RuleStackId = pointer.From(props.AssociatedRulestack.ResourceId)

state.PanEtag = pointer.From(props.PanEtag)

state.PlanData = schema.FlattenPlanData(props.PlanData)

state.Tags = tags.Flatten(existing.Model.Tags)
}

Original file line number Diff line number Diff line change
@@ -17,7 +17,7 @@ import (
type NextGenerationFirewallVnetResource struct{}

func TestAccPaloAltoNextGenerationFirewallLocalRulestackVNet_basic(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack", "test")

r := NextGenerationFirewallVnetResource{}

@@ -33,7 +33,7 @@ func TestAccPaloAltoNextGenerationFirewallLocalRulestackVNet_basic(t *testing.T)
}

func TestAccPaloAltoNextGenerationFirewallLocalRulestackVNet_requiresImport(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack", "test")

r := NextGenerationFirewallVnetResource{}

@@ -49,7 +49,7 @@ func TestAccPaloAltoNextGenerationFirewallLocalRulestackVNet_requiresImport(t *t
}

func TestAccPaloAltoNextGenerationFirewallLocalRulestackVNet_complete(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack", "test")

r := NextGenerationFirewallVnetResource{}

@@ -65,7 +65,7 @@ func TestAccPaloAltoNextGenerationFirewallLocalRulestackVNet_complete(t *testing
}

func TestAccPaloAltoNextGenerationFirewallLocalRulestackVNet_update(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack", "test")

r := NextGenerationFirewallVnetResource{}

@@ -126,13 +126,13 @@ provider "azurerm" {
%[1]s
resource "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack" "test" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack" "test" {
name = "acctest-ngfwvn-%[2]d"
resource_group_name = azurerm_resource_group.test.name
rulestack_id = azurerm_palo_alto_local_rulestack.test.id
network_profile {
public_ip_ids = [azurerm_public_ip.test.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
vnet_configuration {
virtual_network_id = azurerm_virtual_network.test.id
@@ -149,18 +149,18 @@ func (r NextGenerationFirewallVnetResource) requiresImport(data acceptance.TestD
%[1]s
resource "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack" "import" {
name = azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack.test.name
resource_group_name = azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack.test.resource_group_name
rulestack_id = azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack.test.rulestack_id
resource "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack" "import" {
name = azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.test.name
resource_group_name = azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.test.resource_group_name
rulestack_id = azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.test.rulestack_id
network_profile {
public_ip_ids = azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack.test.network_profile.0.public_ip_ids
public_ip_address_ids = azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.test.network_profile.0.public_ip_address_ids
vnet_configuration {
virtual_network_id = azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack.test.network_profile.0.vnet_configuration.0.virtual_network_id
trusted_subnet_id = azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack.test.network_profile.0.vnet_configuration.0.trusted_subnet_id
untrusted_subnet_id = azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack.test.network_profile.0.vnet_configuration.0.untrusted_subnet_id
virtual_network_id = azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.test.network_profile.0.vnet_configuration.0.virtual_network_id
trusted_subnet_id = azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.test.network_profile.0.vnet_configuration.0.trusted_subnet_id
untrusted_subnet_id = azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.test.network_profile.0.vnet_configuration.0.untrusted_subnet_id
}
}
}
@@ -184,14 +184,14 @@ resource "azurerm_public_ip" "egress" {
}
resource "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack" "test" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack" "test" {
name = "acctest-ngfwvn-%[2]d"
resource_group_name = azurerm_resource_group.test.name
rulestack_id = azurerm_palo_alto_local_rulestack.test.id
network_profile {
public_ip_ids = [azurerm_public_ip.test.id]
egress_nat_ip_ids = [azurerm_public_ip.egress.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
egress_nat_ip_address_ids = [azurerm_public_ip.egress.id]
vnet_configuration {
virtual_network_id = azurerm_virtual_network.test.id
@@ -250,14 +250,14 @@ resource "azurerm_public_ip" "egress" {
}
resource "azurerm_palo_alto_next_generation_firewall_vnet_local_rulestack" "test" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack" "test" {
name = "acctest-ngfwvn-%[2]d"
resource_group_name = azurerm_resource_group.test.name
rulestack_id = azurerm_palo_alto_local_rulestack.test.id
network_profile {
public_ip_ids = [azurerm_public_ip.test.id]
egress_nat_ip_ids = [azurerm_public_ip.egress.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
egress_nat_ip_address_ids = [azurerm_public_ip.egress.id]
vnet_configuration {
virtual_network_id = azurerm_virtual_network.test.id
Original file line number Diff line number Diff line change
@@ -29,12 +29,7 @@ type NextGenerationFirewallVnetPanoramaModel struct {
DNSSettings []schema.DNSSettings `tfschema:"dns_settings"`
FrontEnd []schema.DestinationNAT `tfschema:"destination_nat"`
PanoramaConfig []schema.Panorama `tfschema:"panorama"`

// Computed
PlanData []schema.Plan `tfschema:"plan"`
PanEtag string `tfschema:"pan_etag"`

Tags map[string]interface{} `tfschema:"tags"`
Tags map[string]interface{} `tfschema:"tags"`
}

var _ sdk.ResourceWithUpdate = NextGenerationFirewallVNetPanoramaResource{}
@@ -76,18 +71,11 @@ func (r NextGenerationFirewallVNetPanoramaResource) Arguments() map[string]*plug
func (r NextGenerationFirewallVNetPanoramaResource) Attributes() map[string]*pluginsdk.Schema {
return map[string]*pluginsdk.Schema{
"panorama": schema.PanoramaSchema(),

"plan": schema.PlanSchema(),

"pan_etag": {
Type: pluginsdk.TypeString,
Computed: true,
},
}
}

func (r NextGenerationFirewallVNetPanoramaResource) ResourceType() string {
return "azurerm_palo_alto_next_generation_firewall_vnet_panorama"
return "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama"
}

func (r NextGenerationFirewallVNetPanoramaResource) Create() sdk.ResourceFunc {
@@ -191,10 +179,6 @@ func (r NextGenerationFirewallVNetPanoramaResource) Read() sdk.ResourceFunc {
}}
}

state.PanEtag = pointer.From(props.PanEtag)

state.PlanData = schema.FlattenPlanData(props.PlanData)

state.Tags = tags.Flatten(model.Tags)
}

Original file line number Diff line number Diff line change
@@ -22,7 +22,7 @@ func TestAccNextGenerationFirewallVNetPanoramaResource_basic(t *testing.T) {
t.Skipf("skipping as Palo Alto Panorama config not set in `ARM_PALO_ALTO_PANORAMA_CONFIG`")
}

data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vnet_panorama", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama", "test")
r := NextGenerationFirewallVNetPanoramaResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
@@ -42,7 +42,7 @@ func TestAccNextGenerationFirewallVNetPanoramaResource_complete(t *testing.T) {
t.Skipf("skipping as Palo Alto Panorama config not set in `ARM_PALO_ALTO_PANORAMA_CONFIG`")
}

data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vnet_panorama", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama", "test")
r := NextGenerationFirewallVNetPanoramaResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
@@ -62,7 +62,7 @@ func TestAccNextGenerationFirewallVNetPanoramaResource_update(t *testing.T) {
t.Skipf("skipping as Palo Alto Panorama config not set in `ARM_PALO_ALTO_PANORAMA_CONFIG`")
}

data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_vnet_panorama", "test")
data := acceptance.BuildTestData(t, "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama", "test")
r := NextGenerationFirewallVNetPanoramaResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
@@ -116,14 +116,14 @@ provider "azurerm" {
%[1]s
resource "azurerm_palo_alto_next_generation_firewall_vnet_panorama" "test" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama" "test" {
name = "acctest-ngfwvnp-%[2]d"
resource_group_name = azurerm_resource_group.test.name
location = azurerm_resource_group.test.location
panorama_base64_config = "%[3]s"
network_profile {
public_ip_ids = [azurerm_public_ip.test.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
vnet_configuration {
virtual_network_id = azurerm_virtual_network.test.id
@@ -152,15 +152,15 @@ resource "azurerm_public_ip" "egress" {
}
resource "azurerm_palo_alto_next_generation_firewall_vnet_panorama" "test" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama" "test" {
name = "acctest-ngfwvn-%[2]d"
resource_group_name = azurerm_resource_group.test.name
location = "%[3]s"
panorama_base64_config = "%[4]s"
network_profile {
public_ip_ids = [azurerm_public_ip.test.id]
egress_nat_ip_ids = [azurerm_public_ip.egress.id]
public_ip_address_ids = [azurerm_public_ip.test.id]
egress_nat_ip_address_ids = [azurerm_public_ip.egress.id]
vnet_configuration {
virtual_network_id = azurerm_virtual_network.test.id
2 changes: 1 addition & 1 deletion internal/services/paloalto/schema/destination_nat.go
Original file line number Diff line number Diff line change
@@ -139,7 +139,7 @@ func ExpandDestinationNAT(input []DestinationNAT) *[]firewalls.FrontendSetting {

func FlattenDestinationNAT(input *[]firewalls.FrontendSetting) []DestinationNAT {
result := make([]DestinationNAT, 0)
if feSettings := pointer.From(input); len(feSettings) != 0 {
if feSettings := pointer.From(input); len(feSettings) > 0 {
for _, v := range feSettings {
bePort, _ := strconv.Atoi(v.BackendConfiguration.Port)
fePort, _ := strconv.Atoi(v.FrontendConfiguration.Port)
35 changes: 0 additions & 35 deletions internal/services/paloalto/schema/ip_address.go

This file was deleted.

35 changes: 0 additions & 35 deletions internal/services/paloalto/schema/ip_address_space.go

This file was deleted.

36 changes: 18 additions & 18 deletions internal/services/paloalto/schema/network_profile.go
Original file line number Diff line number Diff line change
@@ -10,28 +10,28 @@ import (

type NetworkProfileVnet struct {
// Required
PublicIPIDs []string `tfschema:"public_ip_ids"`
PublicIPIDs []string `tfschema:"public_ip_address_ids"`

// Optional
EgressNatIPIDs []string `tfschema:"egress_nat_ip_ids"`
EgressNatIPIDs []string `tfschema:"egress_nat_ip_address_ids"`
VnetConfiguration []VnetConfiguration `tfschema:"vnet_configuration"`

// Computed
PublicIPs []string `tfschema:"public_ips"`
EgressNatIP []string `tfschema:"egress_nat_ips"`
PublicIPs []string `tfschema:"public_ip_addresses"`
EgressNatIP []string `tfschema:"egress_nat_ip_addresses"`
}

type NetworkProfileVHub struct {
VHubID string `tfschema:"virtual_hub_id"`
PublicIPIDs []string `tfschema:"public_ip_ids"`
PublicIPIDs []string `tfschema:"public_ip_address_ids"`

// Optional
EgressNatIPIDs []string `tfschema:"egress_nat_ip_ids"`
EgressNatIPIDs []string `tfschema:"egress_nat_ip_address_ids"`

// Computed
PublicIPs []string `tfschema:"public_ips"`
EgressNatIP []string `tfschema:"egress_nat_ips"`
IpOfTrust string `tfschema:"ip_of_trust_for_udr"`
PublicIPs []string `tfschema:"public_ip_addresses"`
EgressNatIP []string `tfschema:"egress_nat_ip_addresses"`
IpOfTrust string `tfschema:"ip_of_trust_for_user_defined_routes"`
TrustedSubnet string `tfschema:"trusted_subnet_id"`
UnTrustedSubnet string `tfschema:"untrusted_subnet_id"`
ApplianceID string `tfschema:"network_virtual_appliance_id"`
@@ -44,7 +44,7 @@ func VnetNetworkProfileSchema() *pluginsdk.Schema {
MaxItems: 1,
Elem: &pluginsdk.Resource{
Schema: map[string]*pluginsdk.Schema{
"public_ip_ids": {
"public_ip_address_ids": {
Type: pluginsdk.TypeList,
Required: true,
MinItems: 1,
@@ -54,7 +54,7 @@ func VnetNetworkProfileSchema() *pluginsdk.Schema {
},
},

"egress_nat_ip_ids": {
"egress_nat_ip_address_ids": {
Type: pluginsdk.TypeList,
Optional: true,
Elem: &pluginsdk.Schema{
@@ -67,15 +67,15 @@ func VnetNetworkProfileSchema() *pluginsdk.Schema {

// Computed

"public_ips": {
"public_ip_addresses": {
Type: pluginsdk.TypeList,
Computed: true,
Elem: &pluginsdk.Schema{
Type: pluginsdk.TypeString,
},
},

"egress_nat_ips": {
"egress_nat_ip_addresses": {
Type: pluginsdk.TypeList,
Computed: true,
Elem: &pluginsdk.Schema{
@@ -108,7 +108,7 @@ func VHubNetworkProfileSchema() *pluginsdk.Schema {
ValidateFunc: networkvirtualappliances.ValidateNetworkVirtualApplianceID,
},

"public_ip_ids": {
"public_ip_address_ids": {
Type: pluginsdk.TypeList,
Required: true,
MinItems: 1,
@@ -118,7 +118,7 @@ func VHubNetworkProfileSchema() *pluginsdk.Schema {
},
},

"egress_nat_ip_ids": {
"egress_nat_ip_address_ids": {
Type: pluginsdk.TypeList,
Optional: true,
Elem: &pluginsdk.Schema{
@@ -137,20 +137,20 @@ func VHubNetworkProfileSchema() *pluginsdk.Schema {
Computed: true,
},

"ip_of_trust_for_udr": {
"ip_of_trust_for_user_defined_routes": {
Type: pluginsdk.TypeString,
Computed: true,
},

"public_ips": {
"public_ip_addresses": {
Type: pluginsdk.TypeList,
Computed: true,
Elem: &pluginsdk.Schema{
Type: pluginsdk.TypeString,
},
},

"egress_nat_ips": {
"egress_nat_ip_addresses": {
Type: pluginsdk.TypeList,
Computed: true,
Elem: &pluginsdk.Schema{
4 changes: 2 additions & 2 deletions internal/services/paloalto/schema/vnet_configuration.go
Original file line number Diff line number Diff line change
@@ -9,7 +9,7 @@ type VnetConfiguration struct {
VNetID string `tfschema:"virtual_network_id"`
TrustedSubnetID string `tfschema:"trusted_subnet_id"`
UntrustedSubnetID string `tfschema:"untrusted_subnet_id"`
IpOfTrust string `tfschema:"ip_of_trust_for_udr"` // TODO - What is this?
IpOfTrust string `tfschema:"ip_of_trust_for_user_defined_routes"` // TODO - What is this?
}

func VnetConfigurationSchema() *pluginsdk.Schema {
@@ -37,7 +37,7 @@ func VnetConfigurationSchema() *pluginsdk.Schema {
ValidateFunc: commonids.ValidateSubnetID,
},

"ip_of_trust_for_udr": {
"ip_of_trust_for_user_defined_routes": {
Type: pluginsdk.TypeString,
Computed: true,
},
Original file line number Diff line number Diff line change
@@ -1,27 +1,27 @@
---
subcategory: "Palo Alto"
layout: "azurerm"
page_title: "Azure Resource Manager: azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack"
page_title: "Azure Resource Manager: azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack"
description: |-
Manages a Palo Alto Next Generation Firewall VHub Local Rulestack.
---

# azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack
# azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack

Manages a Palo Alto Next Generation Firewall VHub Local Rulestack.

## Example Usage

```hcl
resource "azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack" "example" {
resource "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack" "example" {
name = "example"
resource_group_name = "example"
rulestack_id = "TODO"
network_profile {
virtual_hub_id = "TODO"
network_virtual_appliance_id = "TODO"
public_ip_ids = [ "example" ]
public_ip_address_ids = [ "example" ]
}
}
```
@@ -88,11 +88,11 @@ A `network_profile` block supports the following:

* `network_virtual_appliance_id` - (Required) The ID of the Palo Alto Network Virtual Appliance in the VHub. Changing this forces a new Palo Alto Next Generation Firewall VHub Local Rulestack to be created.

* `public_ip_ids` - (Required) Specifies a list of Public IP IDs to use for this Next Generation Firewall.
* `public_ip_address_ids` - (Required) Specifies a list of Public IP IDs to use for this Next Generation Firewall.

* `virtual_hub_id` - (Required) The ID of the Virtual Hub this Next generation Fireall will be deployed in. Changing this forces a new Palo Alto Next Generation Firewall VHub Local Rulestack to be created.

* `egress_nat_ip_ids` - (Optional) Specifies a list of Public IP IDs to use for Egress NAT.
* `egress_nat_ip_address_ids` - (Optional) Specifies a list of Public IP IDs to use for Egress NAT.

## Attributes Reference

@@ -120,5 +120,5 @@ The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/l
Palo Alto Next Generation Firewall VHub Local Rulestacks can be imported using the `resource id`, e.g.

```shell
terraform import azurerm_palo_alto_next_generation_firewall_vhub_local_rulestack.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/PaloAltoNetworks.Cloudngfw/firewalls/myVhubRulestackFW
terraform import azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/PaloAltoNetworks.Cloudngfw/firewalls/myVhubRulestackFW
```
Original file line number Diff line number Diff line change
@@ -58,7 +58,7 @@ resource "azurerm_palo_alto_next_generation_firewall_vhub_panorama" "example" {
location = azurerm_resource_group.example.location
network_profile {
public_ip_ids = [ azurerm_public_ip.example.id ]
public_ip_address_ids = [ azurerm_public_ip.example.id ]
virtual_hub_id = azurerm_virtual_hub.example.id
network_virtual_appliance_id = azurerm_palo_alto_virtual_network_appliance.example.id
}
@@ -131,11 +131,11 @@ A `network_profile` block supports the following:

* `network_virtual_appliance_id` - (Required) The ID of the Palo Alto Network Virtual Appliance in the VHub. Changing this forces a new Palo Alto Next Generation Firewall VHub Panorama to be created.

* `public_ip_ids` - (Required) Specifies a list of Public IP IDs to use for this Next Generation Firewall.
* `public_ip_address_ids` - (Required) Specifies a list of Public IP IDs to use for this Next Generation Firewall.

* `virtual_hub_id` - (Required) The ID of the Virtual Hub this Next generation Fireall will be deployed in. Changing this forces a new Palo Alto Next Generation Firewall VHub Local Rulestack to be created.

* `egress_nat_ip_ids` - (Optional) Specifies a list of Public IP IDs to use for Egress NAT.
* `egress_nat_ip_address_ids` - (Optional) Specifies a list of Public IP IDs to use for Egress NAT.

## Attributes Reference

0 comments on commit 110a665

Please sign in to comment.