diff --git a/nsxt/resource_nsxt_policy_context_profile.go b/nsxt/resource_nsxt_policy_context_profile.go index 9e2aed6c0..c3360f1c3 100644 --- a/nsxt/resource_nsxt_policy_context_profile.go +++ b/nsxt/resource_nsxt_policy_context_profile.go @@ -63,7 +63,7 @@ func resourceNsxtPolicyContextProfile() *schema.Resource { "revision": getRevisionSchema(), "tag": getTagsSchema(), "app_id": getContextProfilePolicyAppIDAttributesSchema(), - "custom_url": getContextProfilePolicyOtherAttributesSchema(), + "custom_url": getContextProfilePolicyCustomURLAttributesSchema(), "domain_name": getContextProfilePolicyOtherAttributesSchema(), "url_category": getContextProfilePolicyOtherAttributesSchema(), }, @@ -96,6 +96,32 @@ func getContextProfilePolicyAppIDAttributesSchema() *schema.Schema { } } +func getContextProfilePolicyCustomURLAttributesSchema() *schema.Schema { + return &schema.Schema{ + Type: schema.TypeSet, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "description": getDescriptionSchema(), + "value": { + Type: schema.TypeSet, + Description: "Values for attribute key", + Required: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "custom_url_partial_match": { + Type: schema.TypeBool, + Description: "True value for this flag will be treated as a partial match for custom url", + Optional: true, + }, + }, + }, + } +} + func getContextProfilePolicyOtherAttributesSchema() *schema.Schema { return &schema.Schema{ Type: schema.TypeSet, @@ -473,6 +499,11 @@ func constructAttributesModelList(rawAttributes []interface{}, key string) ([]mo Value: values, SubAttributes: subAttributesList, } + + if key == "custom_url" { + partialMatch := attributeMap["custom_url_partial_match"].(bool) + attributeStruct.CustomUrlPartialMatch = &partialMatch + } res = append(res, attributeStruct) } return res, nil @@ -514,6 +545,8 @@ func fillAttributesInSchema(d *schema.ResourceData, policyAttributes []model.Pol elem["sub_attribute"] = fillSubAttributesInSchema(policyAttribute.SubAttributes) } elem["is_alg_type"] = policyAttribute.IsALGType + } else if *policyAttribute.Key == model.PolicyAttributes_KEY_CUSTOM_URL && nsxVersionHigherOrEqual("4.0.0") { + elem["custom_url_partial_match"] = policyAttribute.CustomUrlPartialMatch } attributes[key] = append(attributes[key], elem) } diff --git a/nsxt/resource_nsxt_policy_context_profile_test.go b/nsxt/resource_nsxt_policy_context_profile_test.go index 183c51b02..e79d9baa7 100644 --- a/nsxt/resource_nsxt_policy_context_profile_test.go +++ b/nsxt/resource_nsxt_policy_context_profile_test.go @@ -289,6 +289,42 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { }) } +func TestAccResourceNsxtPolicyContextProfile_customUrl(t *testing.T) { + name := getAccTestResourceName() + testResourceName := "nsxt_policy_context_profile.test" + fqdn := getAccTestFQDN() + attributes := testAccNsxtPolicyContextProfileAttributeCustomURLTemplate("false", fqdn) + dependsOn := testAccNsxtPolicyContextProfileDependsOnTemplate("nsxt_policy_context_profile_custom_attribute.test") + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccNSXVersion(t, "3.0.0") }, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyContextProfileCheckDestroy(state, testResourceName) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyContextProfileCustomAttributeArgTemplate("CUSTOM_URL", fqdn) + testAccNsxtPolicyContextProfileTemplate(name, attributes+dependsOn), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", name), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "custom_url.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "custom_url.0.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "custom_url.0.value.0", fqdn), + resource.TestCheckResourceAttr(testResourceName, "custom_url.0.custom_url_partial_match", "false"), + ), + }, + }, + }) +} + func testAccNsxtPolicyContextProfileExists(resourceName string) resource.TestCheckFunc { return func(state *terraform.State) error { rs, ok := state.RootModule().Resources[resourceName] @@ -359,6 +395,14 @@ domain_name { }`, domain) } +func testAccNsxtPolicyContextProfileAttributeCustomURLTemplate(partialMatch, url string) string { + return fmt.Sprintf(` +custom_url { + custom_url_partial_match = %s + value = ["%s"] +}`, partialMatch, url) +} + func testAccNsxtPolicyContextProfileAttributeAppIDTemplate() string { return ` app_id { diff --git a/website/docs/r/policy_context_profile.html.markdown b/website/docs/r/policy_context_profile.html.markdown index 5168305de..a253474f9 100644 --- a/website/docs/r/policy_context_profile.html.markdown +++ b/website/docs/r/policy_context_profile.html.markdown @@ -67,6 +67,7 @@ Note: At least one of `app_id`, `custom_url`, domain_name`, or `url_category` mu * `tls_version` - (Optional) A list of string indicating values for `tls_version`, only applicable to `SSL`. * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`, only applicable to `CIFS`. * `custom_url` - (Optional) A block to specify custom URL attributes for the context profile. Only one block is allowed. + * `custom_url_partial_match` - True value for this flag will be treated as a partial match for custom url. Attribute is supported with NSX version 4.0.0 and above. * `description` - (Optional) Description of the attribute. * `value` - (Required) A list of string indicating values for the `custom_url`. Must be a subset of valid values for `custom_url` on NSX. * `domain_name` - (Optional) A block to specify domain name (FQDN) attributes for the context profile. Only one block is allowed.