From dea5117d8ef599e431a052169f50209796d9fa48 Mon Sep 17 00:00:00 2001 From: Enhao Cui Date: Tue, 21 Jul 2020 14:32:49 -0700 Subject: [PATCH 1/8] Policy Context Profile Resource --- nsxt/provider.go | 1 + nsxt/resource_nsxt_policy_context_profile.go | 481 ++++++++++++++++++ nsxt/utils.go | 20 + .../r/policy_context_profile.html.markdown | 80 +++ 4 files changed, 582 insertions(+) create mode 100644 nsxt/resource_nsxt_policy_context_profile.go create mode 100644 website/docs/r/policy_context_profile.html.markdown diff --git a/nsxt/provider.go b/nsxt/provider.go index caf250255..7f172e295 100644 --- a/nsxt/provider.go +++ b/nsxt/provider.go @@ -280,6 +280,7 @@ func Provider() terraform.ResourceProvider { "nsxt_policy_bgp_neighbor": resourceNsxtPolicyBgpNeighbor(), "nsxt_policy_dhcp_relay": resourceNsxtPolicyDhcpRelayConfig(), "nsxt_policy_dhcp_server": resourceNsxtPolicyDhcpServer(), + "nsxt_policy_context_profile": resourceNsxtPolicyContextProfile(), }, ConfigureFunc: providerConfigure, diff --git a/nsxt/resource_nsxt_policy_context_profile.go b/nsxt/resource_nsxt_policy_context_profile.go new file mode 100644 index 000000000..87896b43f --- /dev/null +++ b/nsxt/resource_nsxt_policy_context_profile.go @@ -0,0 +1,481 @@ +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + gm_infra "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra" + gm_cont_prof "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles" + gm_model "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra" + cont_prof "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + "log" +) + +var attributeDataTypes = []string{ + model.PolicyAttributes_DATATYPE_STRING, +} + +var attributeKeys = []string{ + model.PolicyAttributes_KEY_APP_ID, + model.PolicyAttributes_KEY_DOMAIN_NAME, + model.PolicyAttributes_KEY_URL_CATEGORY, +} + +var subAttributeDataTypes = []string{ + model.PolicySubAttributes_DATATYPE_STRING, +} + +var subAttributeKeys = []string{ + model.PolicySubAttributes_KEY_CIFS_SMB_VERSION, + model.PolicySubAttributes_KEY_TLS_CIPHER_SUITE, + model.PolicySubAttributes_KEY_TLS_VERSION, +} + +func resourceNsxtPolicyContextProfile() *schema.Resource { + return &schema.Resource{ + Create: resourceNsxtPolicyContextProfileCreate, + Read: resourceNsxtPolicyContextProfileRead, + Update: resourceNsxtPolicyContextProfileUpdate, + Delete: resourceNsxtPolicyContextProfileDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "nsx_id": getNsxIDSchema(), + "path": getPathSchema(), + "display_name": getDisplayNameSchema(), + "description": getDescriptionSchema(), + "revision": getRevisionSchema(), + "tag": getTagsSchema(), + "attribute": getContextProfilePolicyAttributesSchema(), + }, + } +} + +func resourceNsxtPolicyContextProfileExists(id string, connector *client.RestConnector, isGlobalManager bool) bool { + var err error + if isGlobalManager { + client := gm_infra.NewDefaultContextProfilesClient(connector) + _, err = client.Get(id) + } else { + client := infra.NewDefaultContextProfilesClient(connector) + _, err = client.Get(id) + } + + if err == nil { + return true + } + + if isNotFoundError(err) { + return false + } + + logAPIError("Error retrieving ContextProfile", err) + + return false +} + +func resourceNsxtPolicyContextProfileCreate(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + + // Initialize resource Id and verify this ID is not yet used + id, err := getOrGenerateID(d, m, resourceNsxtPolicyContextProfileExists) + if err != nil { + return err + } + + displayName := d.Get("display_name").(string) + description := d.Get("description").(string) + attributes := d.Get("attribute").(*schema.Set).List() + err = checkAttributesValid(attributes, m) + if err != nil { + return err + } + attributesStructList, err := constructAttributesModelList(attributes) + if err != nil { + return err + } + tags := getPolicyTagsFromSchema(d) + + obj := model.PolicyContextProfile{ + DisplayName: &displayName, + Description: &description, + Tags: tags, + Attributes: attributesStructList, + } + + // Create the resource using PATCH + log.Printf("[INFO] Creating ContextProfile with ID %s", id) + if isPolicyGlobalManager(m) { + client := gm_infra.NewDefaultContextProfilesClient(connector) + gmObj, err1 := convertModelBindingType(obj, model.PolicyContextProfileBindingType(), gm_model.PolicyContextProfileBindingType()) + if err1 != nil { + return err1 + } + err = client.Patch(id, gmObj.(gm_model.PolicyContextProfile)) + } else { + client := infra.NewDefaultContextProfilesClient(connector) + err = client.Patch(id, obj) + } + if err != nil { + return handleCreateError("ContextProfile", id, err) + } + + d.SetId(id) + d.Set("nsx_id", id) + + return resourceNsxtPolicyContextProfileRead(d, m) +} + +func resourceNsxtPolicyContextProfileRead(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining ContextProfile ID") + } + + var obj model.PolicyContextProfile + if isPolicyGlobalManager(m) { + client := gm_infra.NewDefaultContextProfilesClient(connector) + gmObj, err := client.Get(id) + if err != nil { + return handleReadError(d, "ContextProfile", id, err) + } + rawObj, err := convertModelBindingType(gmObj, gm_model.PolicyContextProfileBindingType(), model.PolicyContextProfileBindingType()) + if err != nil { + return err + } + obj = rawObj.(model.PolicyContextProfile) + } else { + var err error + client := infra.NewDefaultContextProfilesClient(connector) + obj, err = client.Get(id) + if err != nil { + return handleReadError(d, "ContextProfile", id, err) + } + } + + d.Set("display_name", obj.DisplayName) + d.Set("description", obj.Description) + setPolicyTagsInSchema(d, obj.Tags) + d.Set("nsx_id", id) + d.Set("path", obj.Path) + d.Set("revision", obj.Revision) + d.Set("attribute", fillAttributesInSchema(obj.Attributes)) + return nil +} + +func resourceNsxtPolicyContextProfileUpdate(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining ContextProfile ID") + } + + // Read the rest of the configured parameters + description := d.Get("description").(string) + displayName := d.Get("display_name").(string) + tags := getPolicyTagsFromSchema(d) + attributes := d.Get("attribute").(*schema.Set).List() + err := checkAttributesValid(attributes, m) + if err != nil { + return err + } + var attributesStructList []model.PolicyAttributes + attributesStructList, err = constructAttributesModelList(attributes) + if err != nil { + return err + } + + obj := model.PolicyContextProfile{ + DisplayName: &displayName, + Description: &description, + Tags: tags, + Attributes: attributesStructList, + } + + // Update the resource using PATCH + if isPolicyGlobalManager(m) { + rawObj, err1 := convertModelBindingType(obj, model.PolicyContextProfileBindingType(), gm_model.PolicyContextProfileBindingType()) + if err1 != nil { + return err1 + } + gmObj := rawObj.(gm_model.PolicyContextProfile) + client := gm_infra.NewDefaultContextProfilesClient(connector) + err = client.Patch(id, gmObj) + } else { + client := infra.NewDefaultContextProfilesClient(connector) + err = client.Patch(id, obj) + } + + if err != nil { + return handleUpdateError("ContextProfile", id, err) + } + + return resourceNsxtPolicyContextProfileRead(d, m) +} + +func resourceNsxtPolicyContextProfileDelete(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining ContextProfile ID") + } + + connector := getPolicyConnector(m) + var err error + force := true + if isPolicyGlobalManager(m) { + client := gm_infra.NewDefaultContextProfilesClient(connector) + err = client.Delete(id, &force) + } else { + client := infra.NewDefaultContextProfilesClient(connector) + err = client.Delete(id, &force) + } + if err != nil { + return handleDeleteError("ContextProfile", id, err) + } + + return nil +} + +func getContextProfilePolicyAttributesSchema() *schema.Schema { + return &schema.Schema{ + Type: schema.TypeSet, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "description": { + Type: schema.TypeString, + Description: "Description for attribute value", + Computed: true, + }, + "data_type": { + Type: schema.TypeString, + Description: "Data type of attribute", + Required: true, + ValidateFunc: validation.StringInSlice(attributeDataTypes, false), + }, + "is_alg_type": { + Type: schema.TypeBool, + Description: "Whether the APP_ID value is ALG type or not", + Computed: true, + }, + "key": { + Type: schema.TypeString, + Description: "Key for attribute", + Required: true, + ValidateFunc: validation.StringInSlice(attributeKeys, false), + }, + "value": { + Type: schema.TypeSet, + Description: "Values for attribute key", + Required: true, + MinItems: 1, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "sub_attribute": getPolicyAttributeSubAttributesSchema(), + }, + }, + } +} + +func checkAttributesValid(attributes []interface{}, m interface{}) error { + + var attrClient interface{} + connector := getPolicyConnector(m) + isPolicyGlobalManager := isPolicyGlobalManager(m) + if isPolicyGlobalManager { + attrClient = gm_cont_prof.NewDefaultAttributesClient(connector) + } else { + attrClient = cont_prof.NewDefaultAttributesClient(connector) + } + attributeMap, err := validateAndConstructAttributesMap(attributes) + if err != nil { + return err + } + + for key, values := range attributeMap { + attributeValues, err := listAttributesWithKey(&key, attrClient, isPolicyGlobalManager) + if err != nil { + return err + } + if len(attributeValues) == 0 { + // Theoretically impossible as the attributes are pre-set on NSX + err := fmt.Errorf("No attribute values are available for attribute type %s", key) + return err + } + if !containsElements(values, attributeValues) { + err := fmt.Errorf("Attribute values %s are not valid for attribute type %s", values, key) + return err + } + } + return nil +} + +func validateAndConstructAttributesMap(attributes []interface{}) (map[string][]string, error) { + // Validate that attribute keys are unique + res := make(map[string][]string) + for _, attribute := range attributes { + attributeMap := attribute.(map[string]interface{}) + key := attributeMap["key"].(string) + values := interface2StringList(attributeMap["value"].(*schema.Set).List()) + subAttributes := attributeMap["sub_attribute"].(*schema.Set).List() + // There should be only one value if sub attributes are specified + if len(subAttributes) > 0 && len(values) > 1 { + err := fmt.Errorf("Multiple values found for attribute key %s. Sub-attribtes are only applicable to an attribute with a single value", key) + return nil, err + } + if res[key] != nil { + err := fmt.Errorf("Duplicate attribute key found: %s", key) + return nil, err + } + res[key] = values + } + return res, nil +} + +func listAttributesWithKey(attributeKey *string, attributeClient interface{}, isPolicyGlobalManager bool) ([]string, error) { + // returns a list of attribute values + policyAttributes := make([]string, 0) + policyContextProfileListResult, err := listContextProfileWithKey(attributeKey, attributeClient, isPolicyGlobalManager) + if err != nil { + return policyAttributes, err + } + for _, policyContextProfile := range policyContextProfileListResult.Results { + for _, attribute := range policyContextProfile.Attributes { + policyAttributes = append(policyAttributes, attribute.Value...) + } + } + return policyAttributes, nil +} + +func listContextProfileWithKey(attributeKey *string, attributeClient interface{}, isPolicyGlobalManager bool) (model.PolicyContextProfileListResult, error) { + var policyContextProfileListResult model.PolicyContextProfileListResult + includeMarkForDeleteObjectsParam := false + if isPolicyGlobalManager { + client := attributeClient.(*gm_cont_prof.DefaultAttributesClient) + gmPolicyContextProfileListResult, err := client.List(attributeKey, nil, &includeMarkForDeleteObjectsParam, nil, nil, nil, nil) + if err != nil { + logAPIError("Error listing Policy Attributes", err) + return policyContextProfileListResult, err + } + lmPolicyContextProfileListResult, err := convertModelBindingType(gmPolicyContextProfileListResult, gm_model.PolicyContextProfileListResultBindingType(), model.PolicyContextProfileListResultBindingType()) + if err != nil { + return policyContextProfileListResult, err + } + policyContextProfileListResult = lmPolicyContextProfileListResult.(model.PolicyContextProfileListResult) + return policyContextProfileListResult, err + } + var err error + client := attributeClient.(*cont_prof.DefaultAttributesClient) + policyContextProfileListResult, err = client.List(attributeKey, nil, &includeMarkForDeleteObjectsParam, nil, nil, nil, nil) + return policyContextProfileListResult, err +} + +func constructAttributesModelList(rawAttributes []interface{}) ([]model.PolicyAttributes, error) { + res := make([]model.PolicyAttributes, 0, len(rawAttributes)) + for _, rawAttribute := range rawAttributes { + attributeMap := rawAttribute.(map[string]interface{}) + dataType := attributeMap["data_type"].(string) + key := attributeMap["key"].(string) + values := interface2StringList(attributeMap["value"].(*schema.Set).List()) + subAttributes := attributeMap["sub_attribute"].(*schema.Set).List() + subAttributesList, err := constructSubAttributeModelList(subAttributes) + if err != nil { + return nil, err + } + attributeStruct := model.PolicyAttributes{ + Datatype: &dataType, + Key: &key, + Value: values, + SubAttributes: subAttributesList, + } + res = append(res, attributeStruct) + } + return res, nil +} + +func constructSubAttributeModelList(rawSubAttributes []interface{}) ([]model.PolicySubAttributes, error) { + res := make([]model.PolicySubAttributes, 0, len(rawSubAttributes)) + for _, rawSubAttribute := range rawSubAttributes { + rawSubAttributeMap := rawSubAttribute.(map[string]interface{}) + dataType := rawSubAttributeMap["data_type"].(string) + key := rawSubAttributeMap["key"].(string) + values := interface2StringList(rawSubAttributeMap["value"].(*schema.Set).List()) + subAttributeStruct := model.PolicySubAttributes{ + Datatype: &dataType, + Key: &key, + Value: values, + } + res = append(res, subAttributeStruct) + } + return res, nil +} + +func fillAttributesInSchema(policyAttributes []model.PolicyAttributes) []map[string]interface{} { + attributes := make([]map[string]interface{}, 0, len(policyAttributes)) + for _, policyAttribute := range policyAttributes { + elem := make(map[string]interface{}) + elem["description"] = policyAttribute.Description + elem["data_type"] = policyAttribute.Datatype + elem["key"] = policyAttribute.Key + elem["value"] = policyAttribute.Value + elem["is_alg_type"] = policyAttribute.IsALGType + elem["sub_attribute"] = fillSubAttributesInSchema(policyAttribute.SubAttributes) + attributes = append(attributes, elem) + } + return attributes +} + +func fillSubAttributesInSchema(policySubAttributes []model.PolicySubAttributes) []map[string]interface{} { + subAttributes := make([]map[string]interface{}, 0, len(policySubAttributes)) + for _, policySubAttribute := range policySubAttributes { + elem := make(map[string]interface{}) + elem["data_type"] = policySubAttribute.Datatype + elem["key"] = policySubAttribute.Key + elem["value"] = policySubAttribute.Value + subAttributes = append(subAttributes, elem) + } + return subAttributes +} + +func getPolicyAttributeSubAttributesSchema() *schema.Schema { + return &schema.Schema{ + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "data_type": { + Type: schema.TypeString, + Description: "Data type of sub attribute", + Required: true, + ValidateFunc: validation.StringInSlice(subAttributeDataTypes, false), + }, + "key": { + Type: schema.TypeString, + Description: "Key for attribute", + Required: true, + ValidateFunc: validation.StringInSlice(subAttributeKeys, false), + }, + "value": { + Type: schema.TypeSet, + Description: "Values for attribute key", + Required: true, + MinItems: 1, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + } +} diff --git a/nsxt/utils.go b/nsxt/utils.go index a5e7c96d1..4fe63053b 100644 --- a/nsxt/utils.go +++ b/nsxt/utils.go @@ -553,3 +553,23 @@ func resourceNotSupportedError() error { func dataSourceNotSupportedError() error { return fmt.Errorf("This data source is not supported with given provider settings") } + +func stringInList(target string, list []string) bool { + // util to check if target string is in list + for _, value := range list { + if target == value { + return true + } + } + return false +} + +func containsElements(target []string, list []string) bool { + // util to check if all strings in target []string is in list. NOT ordered + for _, value := range target { + if !stringInList(value, list) { + return false + } + } + return true +} diff --git a/website/docs/r/policy_context_profile.html.markdown b/website/docs/r/policy_context_profile.html.markdown new file mode 100644 index 000000000..caa775496 --- /dev/null +++ b/website/docs/r/policy_context_profile.html.markdown @@ -0,0 +1,80 @@ +--- +layout: "nsxt" +page_title: "NSXT: nsxt_policy_context_profile" +sidebar_current: "docs-nsxt-resource-policy-context-profile" +description: A resource to configure a Context Profile. +--- + +# nsxt_policy_context_profile + +This resource provides a method for the management of a Context Profile. + +## Example Usage + +```hcl +resource "nsxt_policy_context_profile" "test" { + display_name = "test" + description = "Terraform provisioned ContextProfile" + attributes { + data_type = "STRING" + key = "DOMAIN_NAME" + value = ["*-myfiles.sharepoint.com"] + } + attributes { + data_type = "STRING" + key = "URL_CATEGORY" + value = ["Abortion"] + } + attributes { + data_type = "STRING" + key = "APP_ID" + value = ["SSL"] + sub_attributes { + data_type = "STRING" + key = "TLS_VERSION" + value = ["SSL_V3"] + } + } +} + +``` + +## Argument Reference + +The following arguments are supported: + +* `display_name` - (Required) Display name of the resource. +* `description` - (Optional) Description of the resource. +* `tag` - (Optional) A list of scope + tag pairs to associate with this resource. +* `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the resource. +* `attribute` - (Required) A repeatable block to specify attributes for the context profile. At least one block is required. + * `datatype` - (Required) Datatype for `attribute`, must be `STRING`. + * `key` - (Required) A string value indicating key for the `attribute`. Must be one of `APP_ID`, `DOMAIN_NAME`, or `URL_CATEGORY`. + * `value` - (Required) A list of string indicating values for the `attribute`. Must be a subset of the preset list of valid values for the `key` on NSX. + * `sub_attribute` - (Optional) A repeatable block to specify sub attributes for the attribute. This configuration is only valid when `value` has only one element, and `sub_attribute` is supported for that value on NSX. + * `datatype` - (Required for `sub_attribute`) Datatype for `sub_attribute`, must be `STRING`. + * `key` - (Required for `sub_attribute`) A string value indicating key for the `sub_attribute`. Must be one of `TLS_CIPHER_SUITE`, `TLS_VERSION`, or `CIFS_SMB_VERSION`. + * `value` - (Required for `sub_attribute`) A list of string indicating values for the `sub_attribute`. Must be a subset of the preset list of valid values for the `key` on NSX. + +## Attributes Reference + +In addition to arguments listed above, the following attributes are exported: + +* `id` - ID of the resource. +* `revision` - Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging. +* `path` - The NSX path of the policy resource. +* `attribute`: + * `description` - Description of the attribute value. + * `is_alg_type` - Describes whether the APP_ID value is ALG type or not. + +## Importing + +An existing Context Profile can be [imported][docs-import] into this resource, via the following command: + +[docs-import]: /docs/import/index.html + +``` +terraform import nsxt_policy_context_profile.test UUID +``` + +The above command imports Context Profile named `test` with the NSX Context Profile ID `UUID`. From 6b9f0667c37890976179d9bf640bc1f28ee32bba Mon Sep 17 00:00:00 2001 From: Enhao Cui Date: Tue, 21 Jul 2020 18:24:42 -0700 Subject: [PATCH 2/8] Add Test for Policy Context Profile --- nsxt/resource_nsxt_policy_context_profile.go | 17 +- ...source_nsxt_policy_context_profile_test.go | 346 ++++++++++++++++++ 2 files changed, 357 insertions(+), 6 deletions(-) create mode 100644 nsxt/resource_nsxt_policy_context_profile_test.go diff --git a/nsxt/resource_nsxt_policy_context_profile.go b/nsxt/resource_nsxt_policy_context_profile.go index 87896b43f..cd9142144 100644 --- a/nsxt/resource_nsxt_policy_context_profile.go +++ b/nsxt/resource_nsxt_policy_context_profile.go @@ -169,6 +169,17 @@ func resourceNsxtPolicyContextProfileRead(d *schema.ResourceData, m interface{}) d.Set("path", obj.Path) d.Set("revision", obj.Revision) d.Set("attribute", fillAttributesInSchema(obj.Attributes)) + myset := d.Get("attribute").(*schema.Set) + print("attributestrings!!!!\n") + print(myset.GoString()) + print("\n") + for _, attr := range myset.List() { + attributeMap := attr.(map[string]interface{}) + subAttributes := attributeMap["sub_attribute"].(*schema.Set) + print("subattributestrings!!!!\n") + print(subAttributes.GoString()) + print("\n") + } return nil } @@ -251,11 +262,6 @@ func getContextProfilePolicyAttributesSchema() *schema.Schema { Required: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ - "description": { - Type: schema.TypeString, - Description: "Description for attribute value", - Computed: true, - }, "data_type": { Type: schema.TypeString, Description: "Data type of attribute", @@ -425,7 +431,6 @@ func fillAttributesInSchema(policyAttributes []model.PolicyAttributes) []map[str attributes := make([]map[string]interface{}, 0, len(policyAttributes)) for _, policyAttribute := range policyAttributes { elem := make(map[string]interface{}) - elem["description"] = policyAttribute.Description elem["data_type"] = policyAttribute.Datatype elem["key"] = policyAttribute.Key elem["value"] = policyAttribute.Value diff --git a/nsxt/resource_nsxt_policy_context_profile_test.go b/nsxt/resource_nsxt_policy_context_profile_test.go new file mode 100644 index 000000000..02cb95198 --- /dev/null +++ b/nsxt/resource_nsxt_policy_context_profile_test.go @@ -0,0 +1,346 @@ +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" + gm_infra "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra" + "testing" +) + +func TestAccResourceNsxtPolicyContextProfile_basic(t *testing.T) { + name := "terraform-test" + updatedName := fmt.Sprintf("%s-update", name) + testResourceName := "nsxt_policy_context_profile.test" + attributes := testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() + updatedAttributes := testAccNsxtPolicyContextProfileAttributeURLCategoryTemplate() + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyContextProfileCheckDestroy(state, testResourceName) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyContextProfileTemplate(name, attributes), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", name), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), + + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.key", "DOMAIN_NAME"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.885794191.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.608540107", "*-myfiles.sharepoint.com"), + ), + }, + { + Config: testAccNsxtPolicyContextProfileTemplate(updatedName, updatedAttributes), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.key", "URL_CATEGORY"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.951130521.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.3317229948", "Abortion"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyContextProfile_importBasic(t *testing.T) { + name := "terra-test-import" + testResourceName := "nsxt_policy_context_profile.test" + attributes := testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyContextProfileCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyContextProfileTemplate(name, attributes), + }, + { + ResourceName: testResourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { + name := "terraform-test" + updatedName := fmt.Sprintf("%s-update", name) + testResourceName := "nsxt_policy_context_profile.test" + attributes := testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() + updatedAttributes := testAccNsxtPolicyContextProfileAttributeURLCategoryTemplate() + testAccNsxtPolicyContextProfileAttributeAppIDTemplate() + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyContextProfileCheckDestroy(state, testResourceName) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyContextProfileTemplate(name, attributes), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", name), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.key", "DOMAIN_NAME"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.885794191.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.608540107", "*-myfiles.sharepoint.com"), + ), + }, + { + Config: testAccNsxtPolicyContextProfileTemplate(updatedName, updatedAttributes), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.#", "2"), + resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.key", "APP_ID"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.3133243585.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.#", "3"), + resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.2076247700", "SSL"), + resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.2328579708", "HTTP"), + resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.531481488", "SSH"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.key", "URL_CATEGORY"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.951130521.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.3317229948", "Abortion"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { + name := "terraform-test" + updatedName := fmt.Sprintf("%s-update", name) + testResourceName := "nsxt_policy_context_profile.test" + attributes := testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesTemplate() + updatedAttributes := testAccNsxtPolicyContextProfileAttributeURLCategoryTemplate() + testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesUpdatedTemplate() + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyContextProfileCheckDestroy(state, testResourceName) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyContextProfileTemplate(name, attributes), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", name), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), + + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.key", "APP_ID"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.2307024415.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.key", "TLS_VERSION"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.value.#", "3"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.value.2416475543", "TLS_V12"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.value.2721980181", "TLS_V10"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.value.645341863", "SSL_V3"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.value.2076247700", "SSL"), + ), + }, + { + Config: testAccNsxtPolicyContextProfileTemplate(updatedName, updatedAttributes), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.#", "2"), + + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.key", "APP_ID"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.2585605962.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.key", "CIFS_SMB_VERSION"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.value.#", "2"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.value.3398512106", "CIFS_SMB_V1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.value.3787226665", "CIFS_SMB_V2"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.value.1810355442", "CIFS"), + + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.key", "URL_CATEGORY"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.951130521.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.3317229948", "Abortion"), + ), + }, + }, + }) +} + +func testAccNsxtPolicyContextProfileExists(resourceName string) resource.TestCheckFunc { + return func(state *terraform.State) error { + rs, ok := state.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("Policy ContextProfile resource %s not found in resources", resourceName) + } + resourceID := rs.Primary.ID + if resourceID == "" { + return fmt.Errorf("Policy ContextProfile resource ID not set in resources") + } + + err := nsxtPolicyContextProfileExists(resourceID) + + if err != nil { + return fmt.Errorf("Error while retrieving policy ContextProfile ID %s. Error: %v", resourceID, err) + } + + return nil + } +} + +func nsxtPolicyContextProfileExists(resourceID string) error { + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + var err error + if testAccIsGlobalManager() { + nsxClient := gm_infra.NewDefaultContextProfilesClient(connector) + _, err = nsxClient.Get(resourceID) + } else { + nsxClient := infra.NewDefaultContextProfilesClient(connector) + _, err = nsxClient.Get(resourceID) + } + return err +} + +func testAccNsxtPolicyContextProfileCheckDestroy(state *terraform.State, displayName string) error { + for _, rs := range state.RootModule().Resources { + + if rs.Type != "nsxt_policy_context_profile" { + continue + } + + resourceID := rs.Primary.Attributes["id"] + err := nsxtPolicyContextProfileExists(resourceID) + if err == nil { + return fmt.Errorf("Policy ContextProfile %s still exists", displayName) + } + } + return nil +} + +func testAccNsxtPolicyContextProfileTemplate(name string, attributes string) string { + return fmt.Sprintf(` +resource "nsxt_policy_context_profile" "test" { + display_name = "%s" + description = "Acceptance Test" + tag { + scope = "color" + tag = "orange" + } +%s +}`, name, attributes) +} + +func testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() string { + return fmt.Sprintf(` +attribute { + data_type = "STRING" + key = "DOMAIN_NAME" + value = ["*-myfiles.sharepoint.com"] +}`) +} + +func testAccNsxtPolicyContextProfileAttributeAppIDTemplate() string { + return fmt.Sprintf(` +attribute { + data_type = "STRING" + key = "APP_ID" + value = ["SSL", "SSH", "HTTP"] +}`) +} + +func testAccNsxtPolicyContextProfileAttributeURLCategoryTemplate() string { + return fmt.Sprintf(` +attribute { + data_type = "STRING" + key = "URL_CATEGORY" + value = ["Abortion"] +}`) +} + +func testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesTemplate() string { + return fmt.Sprintf(` +attribute { + data_type = "STRING" + key = "APP_ID" + value = ["SSL"] + sub_attribute { + data_type = "STRING" + key = "TLS_VERSION" + value = ["SSL_V3", "TLS_V10", "TLS_V12"] + } +}`) +} + +func testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesUpdatedTemplate() string { + return fmt.Sprintf(` +attribute { + data_type = "STRING" + key = "APP_ID" + value = ["CIFS"] + sub_attribute { + data_type = "STRING" + key = "CIFS_SMB_VERSION" + value = ["CIFS_SMB_V1", "CIFS_SMB_V2"] + } +}`) +} From 531090a4b3134000e90a7021f2d81d1550dab1f8 Mon Sep 17 00:00:00 2001 From: Enhao Cui Date: Tue, 21 Jul 2020 23:09:20 -0700 Subject: [PATCH 3/8] Fix CI test --- nsxt/resource_nsxt_policy_context_profile.go | 11 --------- ...source_nsxt_policy_context_profile_test.go | 24 ++++++++----------- 2 files changed, 10 insertions(+), 25 deletions(-) diff --git a/nsxt/resource_nsxt_policy_context_profile.go b/nsxt/resource_nsxt_policy_context_profile.go index cd9142144..2a3bd9007 100644 --- a/nsxt/resource_nsxt_policy_context_profile.go +++ b/nsxt/resource_nsxt_policy_context_profile.go @@ -169,17 +169,6 @@ func resourceNsxtPolicyContextProfileRead(d *schema.ResourceData, m interface{}) d.Set("path", obj.Path) d.Set("revision", obj.Revision) d.Set("attribute", fillAttributesInSchema(obj.Attributes)) - myset := d.Get("attribute").(*schema.Set) - print("attributestrings!!!!\n") - print(myset.GoString()) - print("\n") - for _, attr := range myset.List() { - attributeMap := attr.(map[string]interface{}) - subAttributes := attributeMap["sub_attribute"].(*schema.Set) - print("subattributestrings!!!!\n") - print(subAttributes.GoString()) - print("\n") - } return nil } diff --git a/nsxt/resource_nsxt_policy_context_profile_test.go b/nsxt/resource_nsxt_policy_context_profile_test.go index 02cb95198..2b3ed8f96 100644 --- a/nsxt/resource_nsxt_policy_context_profile_test.go +++ b/nsxt/resource_nsxt_policy_context_profile_test.go @@ -96,7 +96,7 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { updatedName := fmt.Sprintf("%s-update", name) testResourceName := "nsxt_policy_context_profile.test" attributes := testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() - updatedAttributes := testAccNsxtPolicyContextProfileAttributeURLCategoryTemplate() + testAccNsxtPolicyContextProfileAttributeAppIDTemplate() + updatedAttributes := testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() + testAccNsxtPolicyContextProfileAttributeAppIDTemplate() resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -134,6 +134,7 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.#", "2"), + resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.data_type", "STRING"), resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.key", "APP_ID"), resource.TestCheckResourceAttrSet(testResourceName, "attribute.3133243585.is_alg_type"), @@ -141,11 +142,12 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.2076247700", "SSL"), resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.2328579708", "HTTP"), resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.531481488", "SSH"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.key", "URL_CATEGORY"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.951130521.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.3317229948", "Abortion"), + + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.key", "DOMAIN_NAME"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.885794191.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.608540107", "*-myfiles.sharepoint.com"), ), }, }, @@ -157,7 +159,7 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { updatedName := fmt.Sprintf("%s-update", name) testResourceName := "nsxt_policy_context_profile.test" attributes := testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesTemplate() - updatedAttributes := testAccNsxtPolicyContextProfileAttributeURLCategoryTemplate() + testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesUpdatedTemplate() + updatedAttributes := testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesUpdatedTemplate() resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -202,7 +204,7 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "path"), resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.#", "2"), + resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.data_type", "STRING"), resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.key", "APP_ID"), @@ -215,12 +217,6 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.value.3787226665", "CIFS_SMB_V2"), resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.value.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.value.1810355442", "CIFS"), - - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.key", "URL_CATEGORY"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.951130521.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.3317229948", "Abortion"), ), }, }, From b085ae9490bd73ef94bb785ab88c5e96e18d00eb Mon Sep 17 00:00:00 2001 From: Enhao Cui Date: Thu, 23 Jul 2020 12:19:12 -0700 Subject: [PATCH 4/8] Add missing vendor files, fix spacing --- nsxt/resource_nsxt_policy_context_profile.go | 144 +++++++------- ...source_nsxt_policy_context_profile_test.go | 128 ++++++------ .../context_profiles/AttributesClient.go | 35 ++++ .../context_profiles/AttributesTypes.go | 112 +++++++++++ .../ContextProfilesPackageTypes.go | 19 ++ .../DefaultAttributesClient.go | 183 ++++++++++++++++++ .../context_profiles/AttributesClient.go | 35 ++++ .../infra/context_profiles/AttributesTypes.go | 112 +++++++++++ .../ContextProfilesPackageTypes.go | 19 ++ .../DefaultAttributesClient.go | 183 ++++++++++++++++++ .../r/policy_context_profile.html.markdown | 31 ++- 11 files changed, 850 insertions(+), 151 deletions(-) create mode 100644 vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/AttributesClient.go create mode 100644 vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/AttributesTypes.go create mode 100644 vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/ContextProfilesPackageTypes.go create mode 100644 vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/DefaultAttributesClient.go create mode 100644 vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/AttributesClient.go create mode 100644 vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/AttributesTypes.go create mode 100644 vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/ContextProfilesPackageTypes.go create mode 100644 vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/DefaultAttributesClient.go diff --git a/nsxt/resource_nsxt_policy_context_profile.go b/nsxt/resource_nsxt_policy_context_profile.go index 2a3bd9007..57794b75d 100644 --- a/nsxt/resource_nsxt_policy_context_profile.go +++ b/nsxt/resource_nsxt_policy_context_profile.go @@ -59,6 +59,77 @@ func resourceNsxtPolicyContextProfile() *schema.Resource { } } +func getContextProfilePolicyAttributesSchema() *schema.Schema { + return &schema.Schema{ + Type: schema.TypeSet, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "data_type": { + Type: schema.TypeString, + Description: "Data type of attribute", + Required: true, + ValidateFunc: validation.StringInSlice(attributeDataTypes, false), + }, + "description": getDescriptionSchema(), + "is_alg_type": { + Type: schema.TypeBool, + Description: "Whether the APP_ID value is ALG type or not", + Computed: true, + }, + "key": { + Type: schema.TypeString, + Description: "Key for attribute", + Required: true, + ValidateFunc: validation.StringInSlice(attributeKeys, false), + }, + "value": { + Type: schema.TypeSet, + Description: "Values for attribute key", + Required: true, + MinItems: 1, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "sub_attribute": getPolicyAttributeSubAttributesSchema(), + }, + }, + } +} + +func getPolicyAttributeSubAttributesSchema() *schema.Schema { + return &schema.Schema{ + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "data_type": { + Type: schema.TypeString, + Description: "Data type of sub attribute", + Required: true, + ValidateFunc: validation.StringInSlice(subAttributeDataTypes, false), + }, + "key": { + Type: schema.TypeString, + Description: "Key for attribute", + Required: true, + ValidateFunc: validation.StringInSlice(subAttributeKeys, false), + }, + "value": { + Type: schema.TypeSet, + Description: "Values for attribute key", + Required: true, + MinItems: 1, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + } +} + func resourceNsxtPolicyContextProfileExists(id string, connector *client.RestConnector, isGlobalManager bool) bool { var err error if isGlobalManager { @@ -245,44 +316,6 @@ func resourceNsxtPolicyContextProfileDelete(d *schema.ResourceData, m interface{ return nil } -func getContextProfilePolicyAttributesSchema() *schema.Schema { - return &schema.Schema{ - Type: schema.TypeSet, - Required: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "data_type": { - Type: schema.TypeString, - Description: "Data type of attribute", - Required: true, - ValidateFunc: validation.StringInSlice(attributeDataTypes, false), - }, - "is_alg_type": { - Type: schema.TypeBool, - Description: "Whether the APP_ID value is ALG type or not", - Computed: true, - }, - "key": { - Type: schema.TypeString, - Description: "Key for attribute", - Required: true, - ValidateFunc: validation.StringInSlice(attributeKeys, false), - }, - "value": { - Type: schema.TypeSet, - Description: "Values for attribute key", - Required: true, - MinItems: 1, - Elem: &schema.Schema{ - Type: schema.TypeString, - }, - }, - "sub_attribute": getPolicyAttributeSubAttributesSchema(), - }, - }, - } -} - func checkAttributesValid(attributes []interface{}, m interface{}) error { var attrClient interface{} @@ -381,6 +414,7 @@ func constructAttributesModelList(rawAttributes []interface{}) ([]model.PolicyAt for _, rawAttribute := range rawAttributes { attributeMap := rawAttribute.(map[string]interface{}) dataType := attributeMap["data_type"].(string) + description := attributeMap["description"].(string) key := attributeMap["key"].(string) values := interface2StringList(attributeMap["value"].(*schema.Set).List()) subAttributes := attributeMap["sub_attribute"].(*schema.Set).List() @@ -390,6 +424,7 @@ func constructAttributesModelList(rawAttributes []interface{}) ([]model.PolicyAt } attributeStruct := model.PolicyAttributes{ Datatype: &dataType, + Description: &description, Key: &key, Value: values, SubAttributes: subAttributesList, @@ -421,6 +456,7 @@ func fillAttributesInSchema(policyAttributes []model.PolicyAttributes) []map[str for _, policyAttribute := range policyAttributes { elem := make(map[string]interface{}) elem["data_type"] = policyAttribute.Datatype + elem["description"] = policyAttribute.Description elem["key"] = policyAttribute.Key elem["value"] = policyAttribute.Value elem["is_alg_type"] = policyAttribute.IsALGType @@ -441,35 +477,3 @@ func fillSubAttributesInSchema(policySubAttributes []model.PolicySubAttributes) } return subAttributes } - -func getPolicyAttributeSubAttributesSchema() *schema.Schema { - return &schema.Schema{ - Type: schema.TypeSet, - Optional: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "data_type": { - Type: schema.TypeString, - Description: "Data type of sub attribute", - Required: true, - ValidateFunc: validation.StringInSlice(subAttributeDataTypes, false), - }, - "key": { - Type: schema.TypeString, - Description: "Key for attribute", - Required: true, - ValidateFunc: validation.StringInSlice(subAttributeKeys, false), - }, - "value": { - Type: schema.TypeSet, - Description: "Values for attribute key", - Required: true, - MinItems: 1, - Elem: &schema.Schema{ - Type: schema.TypeString, - }, - }, - }, - }, - } -} diff --git a/nsxt/resource_nsxt_policy_context_profile_test.go b/nsxt/resource_nsxt_policy_context_profile_test.go index 2b3ed8f96..e9a71696b 100644 --- a/nsxt/resource_nsxt_policy_context_profile_test.go +++ b/nsxt/resource_nsxt_policy_context_profile_test.go @@ -38,11 +38,11 @@ func TestAccResourceNsxtPolicyContextProfile_basic(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.key", "DOMAIN_NAME"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.885794191.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.key", "DOMAIN_NAME"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.452581422.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.608540107", "*-myfiles.sharepoint.com"), ), }, { @@ -56,11 +56,11 @@ func TestAccResourceNsxtPolicyContextProfile_basic(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.key", "URL_CATEGORY"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.951130521.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.951130521.value.3317229948", "Abortion"), + resource.TestCheckResourceAttr(testResourceName, "attribute.1095586649.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.1095586649.key", "URL_CATEGORY"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.1095586649.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.1095586649.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.1095586649.value.3317229948", "Abortion"), ), }, }, @@ -116,11 +116,11 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.key", "DOMAIN_NAME"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.885794191.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.key", "DOMAIN_NAME"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.452581422.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.608540107", "*-myfiles.sharepoint.com"), ), }, { @@ -135,19 +135,19 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.#", "2"), - resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.key", "APP_ID"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.3133243585.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.#", "3"), - resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.2076247700", "SSL"), - resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.2328579708", "HTTP"), - resource.TestCheckResourceAttr(testResourceName, "attribute.3133243585.value.531481488", "SSH"), + resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.key", "APP_ID"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.656423604.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.value.#", "3"), + resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.value.2076247700", "SSL"), + resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.value.2328579708", "HTTP"), + resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.value.531481488", "SSH"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.key", "DOMAIN_NAME"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.885794191.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.885794191.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.key", "DOMAIN_NAME"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.452581422.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.608540107", "*-myfiles.sharepoint.com"), ), }, }, @@ -180,18 +180,18 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.key", "APP_ID"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.2307024415.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.key", "TLS_VERSION"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.value.#", "3"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.value.2416475543", "TLS_V12"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.value.2721980181", "TLS_V10"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.sub_attribute.1680957162.value.645341863", "SSL_V3"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2307024415.value.2076247700", "SSL"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.key", "APP_ID"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.443004983.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.key", "TLS_VERSION"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.value.#", "3"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.value.2416475543", "TLS_V12"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.value.2721980181", "TLS_V10"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.value.645341863", "SSL_V3"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.value.2076247700", "SSL"), ), }, { @@ -206,17 +206,17 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.key", "APP_ID"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.2585605962.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.key", "CIFS_SMB_VERSION"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.value.#", "2"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.value.3398512106", "CIFS_SMB_V1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.sub_attribute.2040405228.value.3787226665", "CIFS_SMB_V2"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.2585605962.value.1810355442", "CIFS"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.key", "APP_ID"), + resource.TestCheckResourceAttrSet(testResourceName, "attribute.28982027.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.data_type", "STRING"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.key", "CIFS_SMB_VERSION"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.value.#", "2"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.value.3398512106", "CIFS_SMB_V1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.value.3787226665", "CIFS_SMB_V2"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.value.1810355442", "CIFS"), ), }, }, @@ -290,8 +290,8 @@ func testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() string { return fmt.Sprintf(` attribute { data_type = "STRING" - key = "DOMAIN_NAME" - value = ["*-myfiles.sharepoint.com"] + key = "DOMAIN_NAME" + value = ["*-myfiles.sharepoint.com"] }`) } @@ -299,8 +299,8 @@ func testAccNsxtPolicyContextProfileAttributeAppIDTemplate() string { return fmt.Sprintf(` attribute { data_type = "STRING" - key = "APP_ID" - value = ["SSL", "SSH", "HTTP"] + key = "APP_ID" + value = ["SSL", "SSH", "HTTP"] }`) } @@ -308,8 +308,8 @@ func testAccNsxtPolicyContextProfileAttributeURLCategoryTemplate() string { return fmt.Sprintf(` attribute { data_type = "STRING" - key = "URL_CATEGORY" - value = ["Abortion"] + key = "URL_CATEGORY" + value = ["Abortion"] }`) } @@ -317,12 +317,12 @@ func testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesTemplate() string return fmt.Sprintf(` attribute { data_type = "STRING" - key = "APP_ID" - value = ["SSL"] + key = "APP_ID" + value = ["SSL"] sub_attribute { data_type = "STRING" - key = "TLS_VERSION" - value = ["SSL_V3", "TLS_V10", "TLS_V12"] + key = "TLS_VERSION" + value = ["SSL_V3", "TLS_V10", "TLS_V12"] } }`) } @@ -331,12 +331,12 @@ func testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesUpdatedTemplate() return fmt.Sprintf(` attribute { data_type = "STRING" - key = "APP_ID" - value = ["CIFS"] + key = "APP_ID" + value = ["CIFS"] sub_attribute { data_type = "STRING" - key = "CIFS_SMB_VERSION" - value = ["CIFS_SMB_V1", "CIFS_SMB_V2"] + key = "CIFS_SMB_VERSION" + value = ["CIFS_SMB_V1", "CIFS_SMB_V2"] } }`) } diff --git a/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/AttributesClient.go b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/AttributesClient.go new file mode 100644 index 000000000..62f87db8d --- /dev/null +++ b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/AttributesClient.go @@ -0,0 +1,35 @@ +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: BSD-2-Clause */ + +// Code generated. DO NOT EDIT. + +/* + * Interface file for service: Attributes + * Used by client-side stubs. + */ + +package context_profiles + +import ( + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" +) + +type AttributesClient interface { + + // Returns supported attribute and sub-attributes for specified attribute key with their supported values, if provided in query/request parameter, else will fetch all supported attributes and sub-attributes for all supported attribute keys. Alternatively, to get a list of supported attributes and sub-attributes fire the following REST API GET https:///policy/api/v1/infra/context-profiles/attributes + // + // @param attributeKeyParam Fetch attributes and sub-attributes for the given attribute key (optional) + // @param cursorParam Opaque cursor to be used for getting next page of records (supplied by current result page) (optional) + // @param includeMarkForDeleteObjectsParam Include objects that are marked for deletion in results (optional, default to false) + // @param includedFieldsParam Comma separated list of fields that should be included in query result (optional) + // @param pageSizeParam Maximum number of results to return in this page (server may return fewer) (optional, default to 1000) + // @param sortAscendingParam (optional) + // @param sortByParam Field by which records are sorted (optional) + // @return com.vmware.nsx_global_policy.model.PolicyContextProfileListResult + // @throws InvalidRequest Bad Request, Precondition Failed + // @throws Unauthorized Forbidden + // @throws ServiceUnavailable Service Unavailable + // @throws InternalServerError Internal Server Error + // @throws NotFound Not Found + List(attributeKeyParam *string, cursorParam *string, includeMarkForDeleteObjectsParam *bool, includedFieldsParam *string, pageSizeParam *int64, sortAscendingParam *bool, sortByParam *string) (model.PolicyContextProfileListResult, error) +} diff --git a/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/AttributesTypes.go b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/AttributesTypes.go new file mode 100644 index 000000000..17a3bdeae --- /dev/null +++ b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/AttributesTypes.go @@ -0,0 +1,112 @@ +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: BSD-2-Clause */ + +// Code generated. DO NOT EDIT. + +/* + * Data type definitions file for service: Attributes. + * Includes binding types of a structures and enumerations defined in the service. + * Shared by client-side stubs and server-side skeletons to ensure type + * compatibility. + */ + +package context_profiles + +import ( + "reflect" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + "github.com/vmware/vsphere-automation-sdk-go/runtime/bindings" + "github.com/vmware/vsphere-automation-sdk-go/runtime/data" + "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol" +) + + + + + +func attributesListInputType() bindings.StructType { + fields := make(map[string]bindings.BindingType) + fieldNameMap := make(map[string]string) + fields["attribute_key"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["cursor"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["include_mark_for_delete_objects"] = bindings.NewOptionalType(bindings.NewBooleanType()) + fields["included_fields"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["page_size"] = bindings.NewOptionalType(bindings.NewIntegerType()) + fields["sort_ascending"] = bindings.NewOptionalType(bindings.NewBooleanType()) + fields["sort_by"] = bindings.NewOptionalType(bindings.NewStringType()) + fieldNameMap["attribute_key"] = "AttributeKey" + fieldNameMap["cursor"] = "Cursor" + fieldNameMap["include_mark_for_delete_objects"] = "IncludeMarkForDeleteObjects" + fieldNameMap["included_fields"] = "IncludedFields" + fieldNameMap["page_size"] = "PageSize" + fieldNameMap["sort_ascending"] = "SortAscending" + fieldNameMap["sort_by"] = "SortBy" + var validators = []bindings.Validator{} + return bindings.NewStructType("operation-input", fields, reflect.TypeOf(data.StructValue{}), fieldNameMap, validators) +} + +func attributesListOutputType() bindings.BindingType { + return bindings.NewReferenceType(model.PolicyContextProfileListResultBindingType) +} + +func attributesListRestMetadata() protocol.OperationRestMetadata { + fields := map[string]bindings.BindingType{} + fieldNameMap := map[string]string{} + paramsTypeMap := map[string]bindings.BindingType{} + pathParams := map[string]string{} + queryParams := map[string]string{} + headerParams := map[string]string{} + dispatchHeaderParams := map[string]string{} + bodyFieldsMap := map[string]string{} + fields["attribute_key"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["cursor"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["include_mark_for_delete_objects"] = bindings.NewOptionalType(bindings.NewBooleanType()) + fields["included_fields"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["page_size"] = bindings.NewOptionalType(bindings.NewIntegerType()) + fields["sort_ascending"] = bindings.NewOptionalType(bindings.NewBooleanType()) + fields["sort_by"] = bindings.NewOptionalType(bindings.NewStringType()) + fieldNameMap["attribute_key"] = "AttributeKey" + fieldNameMap["cursor"] = "Cursor" + fieldNameMap["include_mark_for_delete_objects"] = "IncludeMarkForDeleteObjects" + fieldNameMap["included_fields"] = "IncludedFields" + fieldNameMap["page_size"] = "PageSize" + fieldNameMap["sort_ascending"] = "SortAscending" + fieldNameMap["sort_by"] = "SortBy" + paramsTypeMap["attribute_key"] = bindings.NewOptionalType(bindings.NewStringType()) + paramsTypeMap["included_fields"] = bindings.NewOptionalType(bindings.NewStringType()) + paramsTypeMap["page_size"] = bindings.NewOptionalType(bindings.NewIntegerType()) + paramsTypeMap["include_mark_for_delete_objects"] = bindings.NewOptionalType(bindings.NewBooleanType()) + paramsTypeMap["cursor"] = bindings.NewOptionalType(bindings.NewStringType()) + paramsTypeMap["sort_by"] = bindings.NewOptionalType(bindings.NewStringType()) + paramsTypeMap["sort_ascending"] = bindings.NewOptionalType(bindings.NewBooleanType()) + queryParams["cursor"] = "cursor" + queryParams["sort_ascending"] = "sort_ascending" + queryParams["included_fields"] = "included_fields" + queryParams["attribute_key"] = "attribute_key" + queryParams["sort_by"] = "sort_by" + queryParams["include_mark_for_delete_objects"] = "include_mark_for_delete_objects" + queryParams["page_size"] = "page_size" + resultHeaders := map[string]string{} + errorHeaders := map[string]map[string]string{} + return protocol.NewOperationRestMetadata( + fields, + fieldNameMap, + paramsTypeMap, + pathParams, + queryParams, + headerParams, + dispatchHeaderParams, + bodyFieldsMap, + "", + "", + "GET", + "/global-manager/api/v1/global-infra/context-profiles/attributes", + "", + resultHeaders, + 200, + "", + errorHeaders, + map[string]int{"com.vmware.vapi.std.errors.invalid_request": 400,"com.vmware.vapi.std.errors.unauthorized": 403,"com.vmware.vapi.std.errors.service_unavailable": 503,"com.vmware.vapi.std.errors.internal_server_error": 500,"com.vmware.vapi.std.errors.not_found": 404}) +} + + diff --git a/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/ContextProfilesPackageTypes.go b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/ContextProfilesPackageTypes.go new file mode 100644 index 000000000..140c724cc --- /dev/null +++ b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/ContextProfilesPackageTypes.go @@ -0,0 +1,19 @@ +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: BSD-2-Clause */ + +// Code generated. DO NOT EDIT. + +/* + * Data type definitions file for package: com.vmware.nsx_global_policy.global_infra.context_profiles. + * Includes binding types of a top level structures and enumerations. + * Shared by client-side stubs and server-side skeletons to ensure type + * compatibility. + */ + +package context_profiles + + + + + + diff --git a/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/DefaultAttributesClient.go b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/DefaultAttributesClient.go new file mode 100644 index 000000000..bcaab51d7 --- /dev/null +++ b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles/DefaultAttributesClient.go @@ -0,0 +1,183 @@ + +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: BSD-2-Clause */ + +// Code generated. DO NOT EDIT. + +/* + * Client stubs for service: Attributes + * Functions that implement the generated AttributesClient interface + */ + + +package context_profiles + +import ( + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + "github.com/vmware/vsphere-automation-sdk-go/lib/vapi/std/errors" + "github.com/vmware/vsphere-automation-sdk-go/runtime/bindings" + "github.com/vmware/vsphere-automation-sdk-go/runtime/core" + "github.com/vmware/vsphere-automation-sdk-go/runtime/data" + "github.com/vmware/vsphere-automation-sdk-go/runtime/lib" + "github.com/vmware/vsphere-automation-sdk-go/runtime/log" + "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" +) + +type DefaultAttributesClient struct { + interfaceName string + interfaceDefinition core.InterfaceDefinition + methodIdentifiers []core.MethodIdentifier + methodNameToDefMap map[string]*core.MethodDefinition + errorBindingMap map[string]bindings.BindingType + interfaceIdentifier core.InterfaceIdentifier + connector client.Connector +} + +func NewDefaultAttributesClient(connector client.Connector) *DefaultAttributesClient { + interfaceName := "com.vmware.nsx_global_policy.global_infra.context_profiles.attributes" + interfaceIdentifier := core.NewInterfaceIdentifier(interfaceName) + methodIdentifiers := []core.MethodIdentifier{ + core.NewMethodIdentifier(interfaceIdentifier, "list"), + } + interfaceDefinition := core.NewInterfaceDefinition(interfaceIdentifier, methodIdentifiers) + errorBindingMap := make(map[string]bindings.BindingType) + errorBindingMap[errors.AlreadyExists{}.Error()] = errors.AlreadyExistsBindingType() + errorBindingMap[errors.AlreadyInDesiredState{}.Error()] = errors.AlreadyInDesiredStateBindingType() + errorBindingMap[errors.Canceled{}.Error()] = errors.CanceledBindingType() + errorBindingMap[errors.ConcurrentChange{}.Error()] = errors.ConcurrentChangeBindingType() + errorBindingMap[errors.Error{}.Error()] = errors.ErrorBindingType() + errorBindingMap[errors.FeatureInUse{}.Error()] = errors.FeatureInUseBindingType() + errorBindingMap[errors.InternalServerError{}.Error()] = errors.InternalServerErrorBindingType() + errorBindingMap[errors.InvalidArgument{}.Error()] = errors.InvalidArgumentBindingType() + errorBindingMap[errors.InvalidElementConfiguration{}.Error()] = errors.InvalidElementConfigurationBindingType() + errorBindingMap[errors.InvalidElementType{}.Error()] = errors.InvalidElementTypeBindingType() + errorBindingMap[errors.InvalidRequest{}.Error()] = errors.InvalidRequestBindingType() + errorBindingMap[errors.NotFound{}.Error()] = errors.NotFoundBindingType() + errorBindingMap[errors.NotAllowedInCurrentState{}.Error()] = errors.NotAllowedInCurrentStateBindingType() + errorBindingMap[errors.OperationNotFound{}.Error()] = errors.OperationNotFoundBindingType() + errorBindingMap[errors.ResourceBusy{}.Error()] = errors.ResourceBusyBindingType() + errorBindingMap[errors.ResourceInUse{}.Error()] = errors.ResourceInUseBindingType() + errorBindingMap[errors.ResourceInaccessible{}.Error()] = errors.ResourceInaccessibleBindingType() + errorBindingMap[errors.ServiceUnavailable{}.Error()] = errors.ServiceUnavailableBindingType() + errorBindingMap[errors.TimedOut{}.Error()] = errors.TimedOutBindingType() + errorBindingMap[errors.UnableToAllocateResource{}.Error()] = errors.UnableToAllocateResourceBindingType() + errorBindingMap[errors.Unauthenticated{}.Error()] = errors.UnauthenticatedBindingType() + errorBindingMap[errors.Unauthorized{}.Error()] = errors.UnauthorizedBindingType() + errorBindingMap[errors.UnexpectedInput{}.Error()] = errors.UnexpectedInputBindingType() + errorBindingMap[errors.Unsupported{}.Error()] = errors.UnsupportedBindingType() + errorBindingMap[errors.UnverifiedPeer{}.Error()] = errors.UnverifiedPeerBindingType() + + + aIface := DefaultAttributesClient{interfaceName: interfaceName, methodIdentifiers: methodIdentifiers, interfaceDefinition: interfaceDefinition, errorBindingMap: errorBindingMap, interfaceIdentifier: interfaceIdentifier, connector: connector} + aIface.methodNameToDefMap = make(map[string]*core.MethodDefinition) + aIface.methodNameToDefMap["list"] = aIface.listMethodDefinition() + return &aIface +} + +func (aIface *DefaultAttributesClient) List(attributeKeyParam *string, cursorParam *string, includeMarkForDeleteObjectsParam *bool, includedFieldsParam *string, pageSizeParam *int64, sortAscendingParam *bool, sortByParam *string) (model.PolicyContextProfileListResult, error) { + typeConverter := aIface.connector.TypeConverter() + methodIdentifier := core.NewMethodIdentifier(aIface.interfaceIdentifier, "list") + sv := bindings.NewStructValueBuilder(attributesListInputType(), typeConverter) + sv.AddStructField("AttributeKey", attributeKeyParam) + sv.AddStructField("Cursor", cursorParam) + sv.AddStructField("IncludeMarkForDeleteObjects", includeMarkForDeleteObjectsParam) + sv.AddStructField("IncludedFields", includedFieldsParam) + sv.AddStructField("PageSize", pageSizeParam) + sv.AddStructField("SortAscending", sortAscendingParam) + sv.AddStructField("SortBy", sortByParam) + inputDataValue, inputError := sv.GetStructValue() + if inputError != nil { + var emptyOutput model.PolicyContextProfileListResult + return emptyOutput, bindings.VAPIerrorsToError(inputError) + } + operationRestMetaData := attributesListRestMetadata() + connectionMetadata := map[string]interface{}{lib.REST_METADATA: operationRestMetaData} + connectionMetadata["isStreamingResponse"] = false + aIface.connector.SetConnectionMetadata(connectionMetadata) + executionContext := aIface.connector.NewExecutionContext() + methodResult := aIface.Invoke(executionContext, methodIdentifier, inputDataValue) + var emptyOutput model.PolicyContextProfileListResult + if methodResult.IsSuccess() { + output, errorInOutput := typeConverter.ConvertToGolang(methodResult.Output(), attributesListOutputType()) + if errorInOutput != nil { + return emptyOutput, bindings.VAPIerrorsToError(errorInOutput) + } + return output.(model.PolicyContextProfileListResult), nil + } else { + methodError, errorInError := typeConverter.ConvertToGolang(methodResult.Error(), aIface.errorBindingMap[methodResult.Error().Name()]) + if errorInError != nil { + return emptyOutput, bindings.VAPIerrorsToError(errorInError) + } + return emptyOutput, methodError.(error) + } +} + + +func (aIface *DefaultAttributesClient) Invoke(ctx *core.ExecutionContext, methodId core.MethodIdentifier, inputDataValue data.DataValue) core.MethodResult { + methodResult := aIface.connector.GetApiProvider().Invoke(aIface.interfaceName, methodId.Name(), inputDataValue, ctx) + return methodResult +} + + +func (aIface *DefaultAttributesClient) listMethodDefinition() *core.MethodDefinition { + interfaceIdentifier := core.NewInterfaceIdentifier(aIface.interfaceName) + typeConverter := aIface.connector.TypeConverter() + + input, inputError := typeConverter.ConvertToDataDefinition(attributesListInputType()) + output, outputError := typeConverter.ConvertToDataDefinition(attributesListOutputType()) + if inputError != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's input - %s", + bindings.VAPIerrorsToError(inputError).Error()) + return nil + } + if outputError != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's output - %s", + bindings.VAPIerrorsToError(outputError).Error()) + return nil + } + methodIdentifier := core.NewMethodIdentifier(interfaceIdentifier, "list") + errorDefinitions := make([]data.ErrorDefinition, 0) + aIface.errorBindingMap[errors.InvalidRequest{}.Error()] = errors.InvalidRequestBindingType() + errDef1, errError1 := typeConverter.ConvertToDataDefinition(errors.InvalidRequestBindingType()) + if errError1 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.InvalidRequest error - %s", + bindings.VAPIerrorsToError(errError1).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef1.(data.ErrorDefinition)) + aIface.errorBindingMap[errors.Unauthorized{}.Error()] = errors.UnauthorizedBindingType() + errDef2, errError2 := typeConverter.ConvertToDataDefinition(errors.UnauthorizedBindingType()) + if errError2 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.Unauthorized error - %s", + bindings.VAPIerrorsToError(errError2).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef2.(data.ErrorDefinition)) + aIface.errorBindingMap[errors.ServiceUnavailable{}.Error()] = errors.ServiceUnavailableBindingType() + errDef3, errError3 := typeConverter.ConvertToDataDefinition(errors.ServiceUnavailableBindingType()) + if errError3 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.ServiceUnavailable error - %s", + bindings.VAPIerrorsToError(errError3).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef3.(data.ErrorDefinition)) + aIface.errorBindingMap[errors.InternalServerError{}.Error()] = errors.InternalServerErrorBindingType() + errDef4, errError4 := typeConverter.ConvertToDataDefinition(errors.InternalServerErrorBindingType()) + if errError4 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.InternalServerError error - %s", + bindings.VAPIerrorsToError(errError4).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef4.(data.ErrorDefinition)) + aIface.errorBindingMap[errors.NotFound{}.Error()] = errors.NotFoundBindingType() + errDef5, errError5 := typeConverter.ConvertToDataDefinition(errors.NotFoundBindingType()) + if errError5 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.NotFound error - %s", + bindings.VAPIerrorsToError(errError5).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef5.(data.ErrorDefinition)) + + methodDefinition := core.NewMethodDefinition(methodIdentifier, input, output, errorDefinitions) + return &methodDefinition +} diff --git a/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/AttributesClient.go b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/AttributesClient.go new file mode 100644 index 000000000..f03e4d32f --- /dev/null +++ b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/AttributesClient.go @@ -0,0 +1,35 @@ +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: BSD-2-Clause */ + +// Code generated. DO NOT EDIT. + +/* + * Interface file for service: Attributes + * Used by client-side stubs. + */ + +package context_profiles + +import ( + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" +) + +type AttributesClient interface { + + // Returns supported attribute and sub-attributes for specified attribute key with their supported values, if provided in query/request parameter, else will fetch all supported attributes and sub-attributes for all supported attribute keys. Alternatively, to get a list of supported attributes and sub-attributes fire the following REST API GET https:///policy/api/v1/infra/context-profiles/attributes + // + // @param attributeKeyParam Fetch attributes and sub-attributes for the given attribute key (optional) + // @param cursorParam Opaque cursor to be used for getting next page of records (supplied by current result page) (optional) + // @param includeMarkForDeleteObjectsParam Include objects that are marked for deletion in results (optional, default to false) + // @param includedFieldsParam Comma separated list of fields that should be included in query result (optional) + // @param pageSizeParam Maximum number of results to return in this page (server may return fewer) (optional, default to 1000) + // @param sortAscendingParam (optional) + // @param sortByParam Field by which records are sorted (optional) + // @return com.vmware.nsx_policy.model.PolicyContextProfileListResult + // @throws InvalidRequest Bad Request, Precondition Failed + // @throws Unauthorized Forbidden + // @throws ServiceUnavailable Service Unavailable + // @throws InternalServerError Internal Server Error + // @throws NotFound Not Found + List(attributeKeyParam *string, cursorParam *string, includeMarkForDeleteObjectsParam *bool, includedFieldsParam *string, pageSizeParam *int64, sortAscendingParam *bool, sortByParam *string) (model.PolicyContextProfileListResult, error) +} diff --git a/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/AttributesTypes.go b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/AttributesTypes.go new file mode 100644 index 000000000..a6aaaa9c1 --- /dev/null +++ b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/AttributesTypes.go @@ -0,0 +1,112 @@ +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: BSD-2-Clause */ + +// Code generated. DO NOT EDIT. + +/* + * Data type definitions file for service: Attributes. + * Includes binding types of a structures and enumerations defined in the service. + * Shared by client-side stubs and server-side skeletons to ensure type + * compatibility. + */ + +package context_profiles + +import ( + "reflect" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + "github.com/vmware/vsphere-automation-sdk-go/runtime/bindings" + "github.com/vmware/vsphere-automation-sdk-go/runtime/data" + "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol" +) + + + + + +func attributesListInputType() bindings.StructType { + fields := make(map[string]bindings.BindingType) + fieldNameMap := make(map[string]string) + fields["attribute_key"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["cursor"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["include_mark_for_delete_objects"] = bindings.NewOptionalType(bindings.NewBooleanType()) + fields["included_fields"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["page_size"] = bindings.NewOptionalType(bindings.NewIntegerType()) + fields["sort_ascending"] = bindings.NewOptionalType(bindings.NewBooleanType()) + fields["sort_by"] = bindings.NewOptionalType(bindings.NewStringType()) + fieldNameMap["attribute_key"] = "AttributeKey" + fieldNameMap["cursor"] = "Cursor" + fieldNameMap["include_mark_for_delete_objects"] = "IncludeMarkForDeleteObjects" + fieldNameMap["included_fields"] = "IncludedFields" + fieldNameMap["page_size"] = "PageSize" + fieldNameMap["sort_ascending"] = "SortAscending" + fieldNameMap["sort_by"] = "SortBy" + var validators = []bindings.Validator{} + return bindings.NewStructType("operation-input", fields, reflect.TypeOf(data.StructValue{}), fieldNameMap, validators) +} + +func attributesListOutputType() bindings.BindingType { + return bindings.NewReferenceType(model.PolicyContextProfileListResultBindingType) +} + +func attributesListRestMetadata() protocol.OperationRestMetadata { + fields := map[string]bindings.BindingType{} + fieldNameMap := map[string]string{} + paramsTypeMap := map[string]bindings.BindingType{} + pathParams := map[string]string{} + queryParams := map[string]string{} + headerParams := map[string]string{} + dispatchHeaderParams := map[string]string{} + bodyFieldsMap := map[string]string{} + fields["attribute_key"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["cursor"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["include_mark_for_delete_objects"] = bindings.NewOptionalType(bindings.NewBooleanType()) + fields["included_fields"] = bindings.NewOptionalType(bindings.NewStringType()) + fields["page_size"] = bindings.NewOptionalType(bindings.NewIntegerType()) + fields["sort_ascending"] = bindings.NewOptionalType(bindings.NewBooleanType()) + fields["sort_by"] = bindings.NewOptionalType(bindings.NewStringType()) + fieldNameMap["attribute_key"] = "AttributeKey" + fieldNameMap["cursor"] = "Cursor" + fieldNameMap["include_mark_for_delete_objects"] = "IncludeMarkForDeleteObjects" + fieldNameMap["included_fields"] = "IncludedFields" + fieldNameMap["page_size"] = "PageSize" + fieldNameMap["sort_ascending"] = "SortAscending" + fieldNameMap["sort_by"] = "SortBy" + paramsTypeMap["attribute_key"] = bindings.NewOptionalType(bindings.NewStringType()) + paramsTypeMap["included_fields"] = bindings.NewOptionalType(bindings.NewStringType()) + paramsTypeMap["page_size"] = bindings.NewOptionalType(bindings.NewIntegerType()) + paramsTypeMap["include_mark_for_delete_objects"] = bindings.NewOptionalType(bindings.NewBooleanType()) + paramsTypeMap["cursor"] = bindings.NewOptionalType(bindings.NewStringType()) + paramsTypeMap["sort_by"] = bindings.NewOptionalType(bindings.NewStringType()) + paramsTypeMap["sort_ascending"] = bindings.NewOptionalType(bindings.NewBooleanType()) + queryParams["cursor"] = "cursor" + queryParams["sort_ascending"] = "sort_ascending" + queryParams["included_fields"] = "included_fields" + queryParams["attribute_key"] = "attribute_key" + queryParams["sort_by"] = "sort_by" + queryParams["include_mark_for_delete_objects"] = "include_mark_for_delete_objects" + queryParams["page_size"] = "page_size" + resultHeaders := map[string]string{} + errorHeaders := map[string]map[string]string{} + return protocol.NewOperationRestMetadata( + fields, + fieldNameMap, + paramsTypeMap, + pathParams, + queryParams, + headerParams, + dispatchHeaderParams, + bodyFieldsMap, + "", + "", + "GET", + "/policy/api/v1/infra/context-profiles/attributes", + "", + resultHeaders, + 200, + "", + errorHeaders, + map[string]int{"com.vmware.vapi.std.errors.invalid_request": 400,"com.vmware.vapi.std.errors.unauthorized": 403,"com.vmware.vapi.std.errors.service_unavailable": 503,"com.vmware.vapi.std.errors.internal_server_error": 500,"com.vmware.vapi.std.errors.not_found": 404}) +} + + diff --git a/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/ContextProfilesPackageTypes.go b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/ContextProfilesPackageTypes.go new file mode 100644 index 000000000..649b71660 --- /dev/null +++ b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/ContextProfilesPackageTypes.go @@ -0,0 +1,19 @@ +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: BSD-2-Clause */ + +// Code generated. DO NOT EDIT. + +/* + * Data type definitions file for package: com.vmware.nsx_policy.infra.context_profiles. + * Includes binding types of a top level structures and enumerations. + * Shared by client-side stubs and server-side skeletons to ensure type + * compatibility. + */ + +package context_profiles + + + + + + diff --git a/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/DefaultAttributesClient.go b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/DefaultAttributesClient.go new file mode 100644 index 000000000..d34877d40 --- /dev/null +++ b/vendor/github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/context_profiles/DefaultAttributesClient.go @@ -0,0 +1,183 @@ + +/* Copyright © 2019 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: BSD-2-Clause */ + +// Code generated. DO NOT EDIT. + +/* + * Client stubs for service: Attributes + * Functions that implement the generated AttributesClient interface + */ + + +package context_profiles + +import ( + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + "github.com/vmware/vsphere-automation-sdk-go/lib/vapi/std/errors" + "github.com/vmware/vsphere-automation-sdk-go/runtime/bindings" + "github.com/vmware/vsphere-automation-sdk-go/runtime/core" + "github.com/vmware/vsphere-automation-sdk-go/runtime/data" + "github.com/vmware/vsphere-automation-sdk-go/runtime/lib" + "github.com/vmware/vsphere-automation-sdk-go/runtime/log" + "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" +) + +type DefaultAttributesClient struct { + interfaceName string + interfaceDefinition core.InterfaceDefinition + methodIdentifiers []core.MethodIdentifier + methodNameToDefMap map[string]*core.MethodDefinition + errorBindingMap map[string]bindings.BindingType + interfaceIdentifier core.InterfaceIdentifier + connector client.Connector +} + +func NewDefaultAttributesClient(connector client.Connector) *DefaultAttributesClient { + interfaceName := "com.vmware.nsx_policy.infra.context_profiles.attributes" + interfaceIdentifier := core.NewInterfaceIdentifier(interfaceName) + methodIdentifiers := []core.MethodIdentifier{ + core.NewMethodIdentifier(interfaceIdentifier, "list"), + } + interfaceDefinition := core.NewInterfaceDefinition(interfaceIdentifier, methodIdentifiers) + errorBindingMap := make(map[string]bindings.BindingType) + errorBindingMap[errors.AlreadyExists{}.Error()] = errors.AlreadyExistsBindingType() + errorBindingMap[errors.AlreadyInDesiredState{}.Error()] = errors.AlreadyInDesiredStateBindingType() + errorBindingMap[errors.Canceled{}.Error()] = errors.CanceledBindingType() + errorBindingMap[errors.ConcurrentChange{}.Error()] = errors.ConcurrentChangeBindingType() + errorBindingMap[errors.Error{}.Error()] = errors.ErrorBindingType() + errorBindingMap[errors.FeatureInUse{}.Error()] = errors.FeatureInUseBindingType() + errorBindingMap[errors.InternalServerError{}.Error()] = errors.InternalServerErrorBindingType() + errorBindingMap[errors.InvalidArgument{}.Error()] = errors.InvalidArgumentBindingType() + errorBindingMap[errors.InvalidElementConfiguration{}.Error()] = errors.InvalidElementConfigurationBindingType() + errorBindingMap[errors.InvalidElementType{}.Error()] = errors.InvalidElementTypeBindingType() + errorBindingMap[errors.InvalidRequest{}.Error()] = errors.InvalidRequestBindingType() + errorBindingMap[errors.NotFound{}.Error()] = errors.NotFoundBindingType() + errorBindingMap[errors.NotAllowedInCurrentState{}.Error()] = errors.NotAllowedInCurrentStateBindingType() + errorBindingMap[errors.OperationNotFound{}.Error()] = errors.OperationNotFoundBindingType() + errorBindingMap[errors.ResourceBusy{}.Error()] = errors.ResourceBusyBindingType() + errorBindingMap[errors.ResourceInUse{}.Error()] = errors.ResourceInUseBindingType() + errorBindingMap[errors.ResourceInaccessible{}.Error()] = errors.ResourceInaccessibleBindingType() + errorBindingMap[errors.ServiceUnavailable{}.Error()] = errors.ServiceUnavailableBindingType() + errorBindingMap[errors.TimedOut{}.Error()] = errors.TimedOutBindingType() + errorBindingMap[errors.UnableToAllocateResource{}.Error()] = errors.UnableToAllocateResourceBindingType() + errorBindingMap[errors.Unauthenticated{}.Error()] = errors.UnauthenticatedBindingType() + errorBindingMap[errors.Unauthorized{}.Error()] = errors.UnauthorizedBindingType() + errorBindingMap[errors.UnexpectedInput{}.Error()] = errors.UnexpectedInputBindingType() + errorBindingMap[errors.Unsupported{}.Error()] = errors.UnsupportedBindingType() + errorBindingMap[errors.UnverifiedPeer{}.Error()] = errors.UnverifiedPeerBindingType() + + + aIface := DefaultAttributesClient{interfaceName: interfaceName, methodIdentifiers: methodIdentifiers, interfaceDefinition: interfaceDefinition, errorBindingMap: errorBindingMap, interfaceIdentifier: interfaceIdentifier, connector: connector} + aIface.methodNameToDefMap = make(map[string]*core.MethodDefinition) + aIface.methodNameToDefMap["list"] = aIface.listMethodDefinition() + return &aIface +} + +func (aIface *DefaultAttributesClient) List(attributeKeyParam *string, cursorParam *string, includeMarkForDeleteObjectsParam *bool, includedFieldsParam *string, pageSizeParam *int64, sortAscendingParam *bool, sortByParam *string) (model.PolicyContextProfileListResult, error) { + typeConverter := aIface.connector.TypeConverter() + methodIdentifier := core.NewMethodIdentifier(aIface.interfaceIdentifier, "list") + sv := bindings.NewStructValueBuilder(attributesListInputType(), typeConverter) + sv.AddStructField("AttributeKey", attributeKeyParam) + sv.AddStructField("Cursor", cursorParam) + sv.AddStructField("IncludeMarkForDeleteObjects", includeMarkForDeleteObjectsParam) + sv.AddStructField("IncludedFields", includedFieldsParam) + sv.AddStructField("PageSize", pageSizeParam) + sv.AddStructField("SortAscending", sortAscendingParam) + sv.AddStructField("SortBy", sortByParam) + inputDataValue, inputError := sv.GetStructValue() + if inputError != nil { + var emptyOutput model.PolicyContextProfileListResult + return emptyOutput, bindings.VAPIerrorsToError(inputError) + } + operationRestMetaData := attributesListRestMetadata() + connectionMetadata := map[string]interface{}{lib.REST_METADATA: operationRestMetaData} + connectionMetadata["isStreamingResponse"] = false + aIface.connector.SetConnectionMetadata(connectionMetadata) + executionContext := aIface.connector.NewExecutionContext() + methodResult := aIface.Invoke(executionContext, methodIdentifier, inputDataValue) + var emptyOutput model.PolicyContextProfileListResult + if methodResult.IsSuccess() { + output, errorInOutput := typeConverter.ConvertToGolang(methodResult.Output(), attributesListOutputType()) + if errorInOutput != nil { + return emptyOutput, bindings.VAPIerrorsToError(errorInOutput) + } + return output.(model.PolicyContextProfileListResult), nil + } else { + methodError, errorInError := typeConverter.ConvertToGolang(methodResult.Error(), aIface.errorBindingMap[methodResult.Error().Name()]) + if errorInError != nil { + return emptyOutput, bindings.VAPIerrorsToError(errorInError) + } + return emptyOutput, methodError.(error) + } +} + + +func (aIface *DefaultAttributesClient) Invoke(ctx *core.ExecutionContext, methodId core.MethodIdentifier, inputDataValue data.DataValue) core.MethodResult { + methodResult := aIface.connector.GetApiProvider().Invoke(aIface.interfaceName, methodId.Name(), inputDataValue, ctx) + return methodResult +} + + +func (aIface *DefaultAttributesClient) listMethodDefinition() *core.MethodDefinition { + interfaceIdentifier := core.NewInterfaceIdentifier(aIface.interfaceName) + typeConverter := aIface.connector.TypeConverter() + + input, inputError := typeConverter.ConvertToDataDefinition(attributesListInputType()) + output, outputError := typeConverter.ConvertToDataDefinition(attributesListOutputType()) + if inputError != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's input - %s", + bindings.VAPIerrorsToError(inputError).Error()) + return nil + } + if outputError != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's output - %s", + bindings.VAPIerrorsToError(outputError).Error()) + return nil + } + methodIdentifier := core.NewMethodIdentifier(interfaceIdentifier, "list") + errorDefinitions := make([]data.ErrorDefinition, 0) + aIface.errorBindingMap[errors.InvalidRequest{}.Error()] = errors.InvalidRequestBindingType() + errDef1, errError1 := typeConverter.ConvertToDataDefinition(errors.InvalidRequestBindingType()) + if errError1 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.InvalidRequest error - %s", + bindings.VAPIerrorsToError(errError1).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef1.(data.ErrorDefinition)) + aIface.errorBindingMap[errors.Unauthorized{}.Error()] = errors.UnauthorizedBindingType() + errDef2, errError2 := typeConverter.ConvertToDataDefinition(errors.UnauthorizedBindingType()) + if errError2 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.Unauthorized error - %s", + bindings.VAPIerrorsToError(errError2).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef2.(data.ErrorDefinition)) + aIface.errorBindingMap[errors.ServiceUnavailable{}.Error()] = errors.ServiceUnavailableBindingType() + errDef3, errError3 := typeConverter.ConvertToDataDefinition(errors.ServiceUnavailableBindingType()) + if errError3 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.ServiceUnavailable error - %s", + bindings.VAPIerrorsToError(errError3).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef3.(data.ErrorDefinition)) + aIface.errorBindingMap[errors.InternalServerError{}.Error()] = errors.InternalServerErrorBindingType() + errDef4, errError4 := typeConverter.ConvertToDataDefinition(errors.InternalServerErrorBindingType()) + if errError4 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.InternalServerError error - %s", + bindings.VAPIerrorsToError(errError4).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef4.(data.ErrorDefinition)) + aIface.errorBindingMap[errors.NotFound{}.Error()] = errors.NotFoundBindingType() + errDef5, errError5 := typeConverter.ConvertToDataDefinition(errors.NotFoundBindingType()) + if errError5 != nil { + log.Errorf("Error in ConvertToDataDefinition for DefaultAttributesClient.list method's errors.NotFound error - %s", + bindings.VAPIerrorsToError(errError5).Error()) + return nil + } + errorDefinitions = append(errorDefinitions, errDef5.(data.ErrorDefinition)) + + methodDefinition := core.NewMethodDefinition(methodIdentifier, input, output, errorDefinitions) + return &methodDefinition +} diff --git a/website/docs/r/policy_context_profile.html.markdown b/website/docs/r/policy_context_profile.html.markdown index caa775496..ade26caf2 100644 --- a/website/docs/r/policy_context_profile.html.markdown +++ b/website/docs/r/policy_context_profile.html.markdown @@ -15,24 +15,21 @@ This resource provides a method for the management of a Context Profile. resource "nsxt_policy_context_profile" "test" { display_name = "test" description = "Terraform provisioned ContextProfile" - attributes { - data_type = "STRING" - key = "DOMAIN_NAME" - value = ["*-myfiles.sharepoint.com"] + attribute { + data_type = "STRING" + description = "test-domain-name-attribute" + key = "DOMAIN_NAME" + value = ["*-myfiles.sharepoint.com"] } - attributes { - data_type = "STRING" - key = "URL_CATEGORY" - value = ["Abortion"] - } - attributes { - data_type = "STRING" - key = "APP_ID" - value = ["SSL"] - sub_attributes { + attribute { + data_type = "STRING" + description = "test-app-id-attribute" + key = "APP_ID" + value = ["SSL"] + sub_attribute { data_type = "STRING" - key = "TLS_VERSION" - value = ["SSL_V3"] + key = "TLS_VERSION" + value = ["SSL_V3"] } } } @@ -49,6 +46,7 @@ The following arguments are supported: * `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the resource. * `attribute` - (Required) A repeatable block to specify attributes for the context profile. At least one block is required. * `datatype` - (Required) Datatype for `attribute`, must be `STRING`. + * `description` - (Optional) Description of the attribute. * `key` - (Required) A string value indicating key for the `attribute`. Must be one of `APP_ID`, `DOMAIN_NAME`, or `URL_CATEGORY`. * `value` - (Required) A list of string indicating values for the `attribute`. Must be a subset of the preset list of valid values for the `key` on NSX. * `sub_attribute` - (Optional) A repeatable block to specify sub attributes for the attribute. This configuration is only valid when `value` has only one element, and `sub_attribute` is supported for that value on NSX. @@ -64,7 +62,6 @@ In addition to arguments listed above, the following attributes are exported: * `revision` - Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging. * `path` - The NSX path of the policy resource. * `attribute`: - * `description` - Description of the attribute value. * `is_alg_type` - Describes whether the APP_ID value is ALG type or not. ## Importing From df4537fecde6383fb427ea4967ea4ae466657ba1 Mon Sep 17 00:00:00 2001 From: Enhao Cui Date: Fri, 31 Jul 2020 15:55:34 -0700 Subject: [PATCH 5/8] Change Schema, update test and doc --- nsxt/resource_nsxt_policy_context_profile.go | 273 ++++++++++-------- ...source_nsxt_policy_context_profile_test.go | 159 +++++----- .../r/policy_context_profile.html.markdown | 43 +-- 3 files changed, 242 insertions(+), 233 deletions(-) diff --git a/nsxt/resource_nsxt_policy_context_profile.go b/nsxt/resource_nsxt_policy_context_profile.go index 57794b75d..090f74f6a 100644 --- a/nsxt/resource_nsxt_policy_context_profile.go +++ b/nsxt/resource_nsxt_policy_context_profile.go @@ -6,7 +6,6 @@ package nsxt import ( "fmt" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" - "github.com/hashicorp/terraform-plugin-sdk/helper/validation" "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" gm_infra "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra" gm_cont_prof "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/context_profiles" @@ -17,24 +16,28 @@ import ( "log" ) -var attributeDataTypes = []string{ - model.PolicyAttributes_DATATYPE_STRING, +var attributeKeyMap = map[string]string{ + "app_id": model.PolicyAttributes_KEY_APP_ID, + "domain_name": model.PolicyAttributes_KEY_DOMAIN_NAME, + "url_category": model.PolicyAttributes_KEY_URL_CATEGORY, } -var attributeKeys = []string{ - model.PolicyAttributes_KEY_APP_ID, - model.PolicyAttributes_KEY_DOMAIN_NAME, - model.PolicyAttributes_KEY_URL_CATEGORY, +var attributeReverseKeyMap = map[string]string{ + model.PolicyAttributes_KEY_APP_ID: "app_id", + model.PolicyAttributes_KEY_DOMAIN_NAME: "domain_name", + model.PolicyAttributes_KEY_URL_CATEGORY: "url_category", } -var subAttributeDataTypes = []string{ - model.PolicySubAttributes_DATATYPE_STRING, +var subAttributeKeyMap = map[string]string{ + "tls_cipher_suite": model.PolicySubAttributes_KEY_TLS_CIPHER_SUITE, + "tls_version": model.PolicySubAttributes_KEY_TLS_VERSION, + "cifs_smb_version": model.PolicySubAttributes_KEY_CIFS_SMB_VERSION, } -var subAttributeKeys = []string{ - model.PolicySubAttributes_KEY_CIFS_SMB_VERSION, - model.PolicySubAttributes_KEY_TLS_CIPHER_SUITE, - model.PolicySubAttributes_KEY_TLS_VERSION, +var subAttributeReverseKeyMap = map[string]string{ + model.PolicySubAttributes_KEY_TLS_CIPHER_SUITE: "tls_cipher_suite", + model.PolicySubAttributes_KEY_TLS_VERSION: "tls_version", + model.PolicySubAttributes_KEY_CIFS_SMB_VERSION: "cifs_smb_version", } func resourceNsxtPolicyContextProfile() *schema.Resource { @@ -54,68 +57,48 @@ func resourceNsxtPolicyContextProfile() *schema.Resource { "description": getDescriptionSchema(), "revision": getRevisionSchema(), "tag": getTagsSchema(), - "attribute": getContextProfilePolicyAttributesSchema(), + "app_id": getContextProfilePolicyAppIDAttributesSchema(), + "domain_name": getContextProfilePolicyOtherAttributesSchema(), + "url_category": getContextProfilePolicyOtherAttributesSchema(), }, } } -func getContextProfilePolicyAttributesSchema() *schema.Schema { +func getContextProfilePolicyAppIDAttributesSchema() *schema.Schema { return &schema.Schema{ Type: schema.TypeSet, - Required: true, + Optional: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ - "data_type": { - Type: schema.TypeString, - Description: "Data type of attribute", - Required: true, - ValidateFunc: validation.StringInSlice(attributeDataTypes, false), - }, "description": getDescriptionSchema(), "is_alg_type": { Type: schema.TypeBool, - Description: "Whether the APP_ID value is ALG type or not", + Description: "Whether the app_id value is ALG type or not", Computed: true, }, - "key": { - Type: schema.TypeString, - Description: "Key for attribute", - Required: true, - ValidateFunc: validation.StringInSlice(attributeKeys, false), - }, "value": { Type: schema.TypeSet, Description: "Values for attribute key", - Required: true, MinItems: 1, + Required: true, Elem: &schema.Schema{ Type: schema.TypeString, }, }, - "sub_attribute": getPolicyAttributeSubAttributesSchema(), + "sub_attribute": getPolicyAttributeSubAttributeSchema(), }, }, } } -func getPolicyAttributeSubAttributesSchema() *schema.Schema { +func getContextProfilePolicyOtherAttributesSchema() *schema.Schema { return &schema.Schema{ Type: schema.TypeSet, Optional: true, + MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ - "data_type": { - Type: schema.TypeString, - Description: "Data type of sub attribute", - Required: true, - ValidateFunc: validation.StringInSlice(subAttributeDataTypes, false), - }, - "key": { - Type: schema.TypeString, - Description: "Key for attribute", - Required: true, - ValidateFunc: validation.StringInSlice(subAttributeKeys, false), - }, + "description": getDescriptionSchema(), "value": { Type: schema.TypeSet, Description: "Values for attribute key", @@ -125,10 +108,38 @@ func getPolicyAttributeSubAttributesSchema() *schema.Schema { Type: schema.TypeString, }, }, + "sub_attribute": getPolicyAttributeSubAttributeSchema(), + }, + }, + } +} + +func getPolicyAttributeSubAttributeSchema() *schema.Schema { + return &schema.Schema{ + Type: schema.TypeSet, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "tls_cipher_suite": getPolicyAttributeSubAttributeValueSchema("tls_cipher_suite"), + "tls_version": getPolicyAttributeSubAttributeValueSchema("tls_version"), + "cifs_smb_version": getPolicyAttributeSubAttributeValueSchema("cifs_smb_version"), }, }, } } +func getPolicyAttributeSubAttributeValueSchema(subAttributeKey string) *schema.Schema { + description := fmt.Sprintf("Values for sub attribute key %s", subAttributeKey) + return &schema.Schema{ + Type: schema.TypeSet, + Description: description, + Optional: true, + MinItems: 1, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + } +} func resourceNsxtPolicyContextProfileExists(id string, connector *client.RestConnector, isGlobalManager bool) bool { var err error @@ -164,15 +175,25 @@ func resourceNsxtPolicyContextProfileCreate(d *schema.ResourceData, m interface{ displayName := d.Get("display_name").(string) description := d.Get("description").(string) - attributes := d.Get("attribute").(*schema.Set).List() - err = checkAttributesValid(attributes, m) - if err != nil { - return err + attributesStructList := make([]model.PolicyAttributes, 0, 0) + for key := range attributeKeyMap { + attributes := d.Get(key).(*schema.Set).List() + if len(attributes) > 0 { + err = checkAttributesValid(attributes, m, key) + if err != nil { + return err + } + attributeStructList, err := constructAttributesModelList(attributes, key) + if err != nil { + return err + } + attributesStructList = append(attributesStructList, attributeStructList...) + } } - attributesStructList, err := constructAttributesModelList(attributes) - if err != nil { - return err + if len(attributesStructList) == 0 { + return fmt.Errorf("At least one attribute should be set") } + tags := getPolicyTagsFromSchema(d) obj := model.PolicyContextProfile{ @@ -239,7 +260,8 @@ func resourceNsxtPolicyContextProfileRead(d *schema.ResourceData, m interface{}) d.Set("nsx_id", id) d.Set("path", obj.Path) d.Set("revision", obj.Revision) - d.Set("attribute", fillAttributesInSchema(obj.Attributes)) + fillAttributesInSchema(d, obj.Attributes) + return nil } @@ -251,19 +273,23 @@ func resourceNsxtPolicyContextProfileUpdate(d *schema.ResourceData, m interface{ } // Read the rest of the configured parameters - description := d.Get("description").(string) displayName := d.Get("display_name").(string) - tags := getPolicyTagsFromSchema(d) - attributes := d.Get("attribute").(*schema.Set).List() - err := checkAttributesValid(attributes, m) - if err != nil { - return err - } - var attributesStructList []model.PolicyAttributes - attributesStructList, err = constructAttributesModelList(attributes) - if err != nil { - return err + description := d.Get("description").(string) + attributesStructList := make([]model.PolicyAttributes, 0, 0) + var err error + for _, key := range []string{"app_id", "domain_name", "url_category"} { + attributes := d.Get(key).(*schema.Set).List() + err := checkAttributesValid(attributes, m, key) + if err != nil { + return err + } + attributeStructList, err := constructAttributesModelList(attributes, key) + if err != nil { + return err + } + attributesStructList = append(attributesStructList, attributeStructList...) } + tags := getPolicyTagsFromSchema(d) obj := model.PolicyContextProfile{ DisplayName: &displayName, @@ -316,7 +342,12 @@ func resourceNsxtPolicyContextProfileDelete(d *schema.ResourceData, m interface{ return nil } -func checkAttributesValid(attributes []interface{}, m interface{}) error { +func checkAttributesValid(attributes []interface{}, m interface{}, key string) error { + + err := validateSubAttributes(attributes) + if err != nil { + return err + } var attrClient interface{} connector := getPolicyConnector(m) @@ -326,21 +357,13 @@ func checkAttributesValid(attributes []interface{}, m interface{}) error { } else { attrClient = cont_prof.NewDefaultAttributesClient(connector) } - attributeMap, err := validateAndConstructAttributesMap(attributes) + attributeValues, err := listAttributesWithKey(attributeKeyMap[key], attrClient, isPolicyGlobalManager) if err != nil { return err } - - for key, values := range attributeMap { - attributeValues, err := listAttributesWithKey(&key, attrClient, isPolicyGlobalManager) - if err != nil { - return err - } - if len(attributeValues) == 0 { - // Theoretically impossible as the attributes are pre-set on NSX - err := fmt.Errorf("No attribute values are available for attribute type %s", key) - return err - } + for _, attribute := range attributes { + attributeMap := attribute.(map[string]interface{}) + values := interface2StringList(attributeMap["value"].(*schema.Set).List()) if !containsElements(values, attributeValues) { err := fmt.Errorf("Attribute values %s are not valid for attribute type %s", values, key) return err @@ -349,32 +372,23 @@ func checkAttributesValid(attributes []interface{}, m interface{}) error { return nil } -func validateAndConstructAttributesMap(attributes []interface{}) (map[string][]string, error) { - // Validate that attribute keys are unique - res := make(map[string][]string) +func validateSubAttributes(attributes []interface{}) error { + // Validates that sub-attribute keys only present in an attribute with one value for _, attribute := range attributes { attributeMap := attribute.(map[string]interface{}) - key := attributeMap["key"].(string) - values := interface2StringList(attributeMap["value"].(*schema.Set).List()) - subAttributes := attributeMap["sub_attribute"].(*schema.Set).List() - // There should be only one value if sub attributes are specified - if len(subAttributes) > 0 && len(values) > 1 { - err := fmt.Errorf("Multiple values found for attribute key %s. Sub-attribtes are only applicable to an attribute with a single value", key) - return nil, err - } - if res[key] != nil { - err := fmt.Errorf("Duplicate attribute key found: %s", key) - return nil, err + values := attributeMap["value"].(*schema.Set).List() + if len(attributeMap["sub_attribute"].(*schema.Set).List()) > 0 && len(values) > 1 { + err := fmt.Errorf("Multiple values found for attribute. Sub-attribtes are only applicable to an attribute with a single value") + return err } - res[key] = values } - return res, nil + return nil } -func listAttributesWithKey(attributeKey *string, attributeClient interface{}, isPolicyGlobalManager bool) ([]string, error) { +func listAttributesWithKey(attributeKey string, attributeClient interface{}, isPolicyGlobalManager bool) ([]string, error) { // returns a list of attribute values policyAttributes := make([]string, 0) - policyContextProfileListResult, err := listContextProfileWithKey(attributeKey, attributeClient, isPolicyGlobalManager) + policyContextProfileListResult, err := listContextProfileWithKey(&attributeKey, attributeClient, isPolicyGlobalManager) if err != nil { return policyAttributes, err } @@ -409,23 +423,24 @@ func listContextProfileWithKey(attributeKey *string, attributeClient interface{} return policyContextProfileListResult, err } -func constructAttributesModelList(rawAttributes []interface{}) ([]model.PolicyAttributes, error) { +func constructAttributesModelList(rawAttributes []interface{}, key string) ([]model.PolicyAttributes, error) { res := make([]model.PolicyAttributes, 0, len(rawAttributes)) for _, rawAttribute := range rawAttributes { attributeMap := rawAttribute.(map[string]interface{}) - dataType := attributeMap["data_type"].(string) + dataType := model.PolicyAttributes_DATATYPE_STRING description := attributeMap["description"].(string) - key := attributeMap["key"].(string) + attrKey := attributeKeyMap[key] values := interface2StringList(attributeMap["value"].(*schema.Set).List()) subAttributes := attributeMap["sub_attribute"].(*schema.Set).List() subAttributesList, err := constructSubAttributeModelList(subAttributes) + if err != nil { return nil, err } attributeStruct := model.PolicyAttributes{ Datatype: &dataType, Description: &description, - Key: &key, + Key: &attrKey, Value: values, SubAttributes: subAttributesList, } @@ -435,45 +450,57 @@ func constructAttributesModelList(rawAttributes []interface{}) ([]model.PolicyAt } func constructSubAttributeModelList(rawSubAttributes []interface{}) ([]model.PolicySubAttributes, error) { - res := make([]model.PolicySubAttributes, 0, len(rawSubAttributes)) + res := make([]model.PolicySubAttributes, 0, 0) + dataType := model.PolicySubAttributes_DATATYPE_STRING for _, rawSubAttribute := range rawSubAttributes { rawSubAttributeMap := rawSubAttribute.(map[string]interface{}) - dataType := rawSubAttributeMap["data_type"].(string) - key := rawSubAttributeMap["key"].(string) - values := interface2StringList(rawSubAttributeMap["value"].(*schema.Set).List()) - subAttributeStruct := model.PolicySubAttributes{ - Datatype: &dataType, - Key: &key, - Value: values, + for key, subAttrKey := range subAttributeKeyMap { + vals := rawSubAttributeMap[key] + if vals != nil { + values := interface2StringList(vals.(*schema.Set).List()) + if len(values) > 0 { + tmp := subAttrKey + subAttributeStruct := model.PolicySubAttributes{ + Datatype: &dataType, + Key: &tmp, + Value: values, + } + res = append(res, subAttributeStruct) + } + } } - res = append(res, subAttributeStruct) } return res, nil } -func fillAttributesInSchema(policyAttributes []model.PolicyAttributes) []map[string]interface{} { - attributes := make([]map[string]interface{}, 0, len(policyAttributes)) +func fillAttributesInSchema(d *schema.ResourceData, policyAttributes []model.PolicyAttributes) { + attributes := make(map[string][]interface{}) for _, policyAttribute := range policyAttributes { elem := make(map[string]interface{}) - elem["data_type"] = policyAttribute.Datatype + key := attributeReverseKeyMap[*policyAttribute.Key] elem["description"] = policyAttribute.Description - elem["key"] = policyAttribute.Key elem["value"] = policyAttribute.Value - elem["is_alg_type"] = policyAttribute.IsALGType - elem["sub_attribute"] = fillSubAttributesInSchema(policyAttribute.SubAttributes) - attributes = append(attributes, elem) + if len(policyAttribute.SubAttributes) > 0 { + elem["sub_attribute"] = fillSubAttributesInSchema(policyAttribute.SubAttributes) + } + if *policyAttribute.Key == model.PolicyAttributes_KEY_APP_ID { + elem["is_alg_type"] = policyAttribute.IsALGType + } + attributes[key] = append(attributes[key], elem) + } + + for key, attributeList := range attributes { + d.Set(key, attributeList) } - return attributes } -func fillSubAttributesInSchema(policySubAttributes []model.PolicySubAttributes) []map[string]interface{} { - subAttributes := make([]map[string]interface{}, 0, len(policySubAttributes)) +func fillSubAttributesInSchema(policySubAttributes []model.PolicySubAttributes) []interface{} { + subAttributes := make(map[string]interface{}) for _, policySubAttribute := range policySubAttributes { - elem := make(map[string]interface{}) - elem["data_type"] = policySubAttribute.Datatype - elem["key"] = policySubAttribute.Key - elem["value"] = policySubAttribute.Value - subAttributes = append(subAttributes, elem) + key := subAttributeReverseKeyMap[*policySubAttribute.Key] + subAttributes[key] = policySubAttribute.Value } - return subAttributes + res := make([]interface{}, 0, 1) + res = append(res, subAttributes) + return res } diff --git a/nsxt/resource_nsxt_policy_context_profile_test.go b/nsxt/resource_nsxt_policy_context_profile_test.go index e9a71696b..29f83b618 100644 --- a/nsxt/resource_nsxt_policy_context_profile_test.go +++ b/nsxt/resource_nsxt_policy_context_profile_test.go @@ -36,13 +36,11 @@ func TestAccResourceNsxtPolicyContextProfile_basic(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "path"), resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.key", "DOMAIN_NAME"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.452581422.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.608540107", "*-myfiles.sharepoint.com"), ), }, { @@ -55,12 +53,11 @@ func TestAccResourceNsxtPolicyContextProfile_basic(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "path"), resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.1095586649.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.1095586649.key", "URL_CATEGORY"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.1095586649.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.1095586649.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.1095586649.value.3317229948", "Abortion"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "url_category.840357425.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "url_category.840357425.value.3317229948", "Abortion"), ), }, }, @@ -115,12 +112,11 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "path"), resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.key", "DOMAIN_NAME"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.452581422.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.608540107", "*-myfiles.sharepoint.com"), ), }, { @@ -133,21 +129,16 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "path"), resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.#", "2"), - - resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.key", "APP_ID"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.656423604.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.value.#", "3"), - resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.value.2076247700", "SSL"), - resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.value.2328579708", "HTTP"), - resource.TestCheckResourceAttr(testResourceName, "attribute.656423604.value.531481488", "SSH"), - - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.key", "DOMAIN_NAME"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.452581422.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.452581422.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), + resource.TestCheckResourceAttrSet(testResourceName, "app_id.124112814.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "app_id.124112814.value.#", "3"), + resource.TestCheckResourceAttr(testResourceName, "app_id.124112814.value.2076247700", "SSL"), + resource.TestCheckResourceAttr(testResourceName, "app_id.124112814.value.2328579708", "HTTP"), + resource.TestCheckResourceAttr(testResourceName, "app_id.124112814.value.531481488", "SSH"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.608540107", "*-myfiles.sharepoint.com"), ), }, }, @@ -178,20 +169,19 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "path"), resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.key", "APP_ID"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.443004983.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.key", "TLS_VERSION"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.value.#", "3"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.value.2416475543", "TLS_V12"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.value.2721980181", "TLS_V10"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.sub_attribute.1680957162.value.645341863", "SSL_V3"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.443004983.value.2076247700", "SSL"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), + resource.TestCheckResourceAttrSet(testResourceName, "app_id.2652970086.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.value.2076247700", "SSL"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.sub_attribute.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.sub_attribute.250747496.cifs_smb_version.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.sub_attribute.250747496.tls_cipher_suite.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.sub_attribute.250747496.tls_version.#", "3"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.sub_attribute.250747496.tls_version.2416475543", "TLS_V12"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.sub_attribute.250747496.tls_version.2721980181", "TLS_V10"), + resource.TestCheckResourceAttr(testResourceName, "app_id.2652970086.sub_attribute.250747496.tls_version.645341863", "SSL_V3"), ), }, { @@ -204,19 +194,18 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { resource.TestCheckResourceAttrSet(testResourceName, "path"), resource.TestCheckResourceAttrSet(testResourceName, "revision"), resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.#", "1"), - - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.key", "APP_ID"), - resource.TestCheckResourceAttrSet(testResourceName, "attribute.28982027.is_alg_type"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.data_type", "STRING"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.key", "CIFS_SMB_VERSION"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.value.#", "2"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.value.3398512106", "CIFS_SMB_V1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.sub_attribute.2040405228.value.3787226665", "CIFS_SMB_V2"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "attribute.28982027.value.1810355442", "CIFS"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), + resource.TestCheckResourceAttrSet(testResourceName, "app_id.832058275.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.value.1810355442", "CIFS"), + resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.sub_attribute.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.sub_attribute.2393957168.cifs_smb_version.#", "2"), + resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.sub_attribute.2393957168.tls_cipher_suite.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.sub_attribute.2393957168.tls_version.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.sub_attribute.2393957168.cifs_smb_version.3398512106", "CIFS_SMB_V1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.sub_attribute.2393957168.cifs_smb_version.3787226665", "CIFS_SMB_V2"), ), }, }, @@ -287,56 +276,42 @@ resource "nsxt_policy_context_profile" "test" { } func testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() string { - return fmt.Sprintf(` -attribute { - data_type = "STRING" - key = "DOMAIN_NAME" + return ` +domain_name { value = ["*-myfiles.sharepoint.com"] -}`) +}` } func testAccNsxtPolicyContextProfileAttributeAppIDTemplate() string { - return fmt.Sprintf(` -attribute { - data_type = "STRING" - key = "APP_ID" + return ` +app_id { value = ["SSL", "SSH", "HTTP"] -}`) +}` } func testAccNsxtPolicyContextProfileAttributeURLCategoryTemplate() string { - return fmt.Sprintf(` -attribute { - data_type = "STRING" - key = "URL_CATEGORY" + return ` +url_category { value = ["Abortion"] -}`) +}` } func testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesTemplate() string { - return fmt.Sprintf(` -attribute { - data_type = "STRING" - key = "APP_ID" + return ` +app_id { value = ["SSL"] sub_attribute { - data_type = "STRING" - key = "TLS_VERSION" - value = ["SSL_V3", "TLS_V10", "TLS_V12"] + tls_version = ["SSL_V3", "TLS_V10", "TLS_V12"] } -}`) +}` } func testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesUpdatedTemplate() string { - return fmt.Sprintf(` -attribute { - data_type = "STRING" - key = "APP_ID" + return ` +app_id { value = ["CIFS"] sub_attribute { - data_type = "STRING" - key = "CIFS_SMB_VERSION" - value = ["CIFS_SMB_V1", "CIFS_SMB_V2"] + cifs_smb_version = ["CIFS_SMB_V1", "CIFS_SMB_V2"] } -}`) +}` } diff --git a/website/docs/r/policy_context_profile.html.markdown b/website/docs/r/policy_context_profile.html.markdown index ade26caf2..e73b646c3 100644 --- a/website/docs/r/policy_context_profile.html.markdown +++ b/website/docs/r/policy_context_profile.html.markdown @@ -15,21 +15,15 @@ This resource provides a method for the management of a Context Profile. resource "nsxt_policy_context_profile" "test" { display_name = "test" description = "Terraform provisioned ContextProfile" - attribute { - data_type = "STRING" + domain_name { description = "test-domain-name-attribute" - key = "DOMAIN_NAME" value = ["*-myfiles.sharepoint.com"] } - attribute { - data_type = "STRING" + app_id { description = "test-app-id-attribute" - key = "APP_ID" value = ["SSL"] sub_attribute { - data_type = "STRING" - key = "TLS_VERSION" - value = ["SSL_V3"] + tls_version = ["SSL_V3"] } } } @@ -39,20 +33,33 @@ resource "nsxt_policy_context_profile" "test" { ## Argument Reference The following arguments are supported: +Note: At least one of `app_id`, `domain_name`, or `url_category` must present. * `display_name` - (Required) Display name of the resource. * `description` - (Optional) Description of the resource. * `tag` - (Optional) A list of scope + tag pairs to associate with this resource. * `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the resource. -* `attribute` - (Required) A repeatable block to specify attributes for the context profile. At least one block is required. - * `datatype` - (Required) Datatype for `attribute`, must be `STRING`. +* `app_id` - (Optional) A block to specify app id attributes for the context profile. * `description` - (Optional) Description of the attribute. - * `key` - (Required) A string value indicating key for the `attribute`. Must be one of `APP_ID`, `DOMAIN_NAME`, or `URL_CATEGORY`. - * `value` - (Required) A list of string indicating values for the `attribute`. Must be a subset of the preset list of valid values for the `key` on NSX. - * `sub_attribute` - (Optional) A repeatable block to specify sub attributes for the attribute. This configuration is only valid when `value` has only one element, and `sub_attribute` is supported for that value on NSX. - * `datatype` - (Required for `sub_attribute`) Datatype for `sub_attribute`, must be `STRING`. - * `key` - (Required for `sub_attribute`) A string value indicating key for the `sub_attribute`. Must be one of `TLS_CIPHER_SUITE`, `TLS_VERSION`, or `CIFS_SMB_VERSION`. - * `value` - (Required for `sub_attribute`) A list of string indicating values for the `sub_attribute`. Must be a subset of the preset list of valid values for the `key` on NSX. + * `value` - (Required) A list of string indicating values for the `app_id`. Must be a subset of the preset list of valid values for attribute `app_id` on NSX. + * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. + * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. + * `tls_version` - (Optional) A list of string indicating values for `tls_version`. + * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. +* `domain_name` - (Optional) A block to specify domain name (FQDN) attributes for the context profile. Only one block is allowed. + * `description` - (Optional) Description of the attribute. + * `value` - (Required) A list of string indicating values for the `domain_name`. Must be a subset of the preset list of valid values for attribute `domain_name` on NSX. + * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. + * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. + * `tls_version` - (Optional) A list of string indicating values for `tls_version`. + * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. +* `url_category` - (Optional) A block to specify url category attributes for the context profile. Only one block is allowed. + * `description` - (Optional) Description of the attribute. + * `value` - (Required) A list of string indicating values for the `url_category`. Must be a subset of the preset list of valid values for attribute `url_category` on NSX. + * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. + * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. + * `tls_version` - (Optional) A list of string indicating values for `tls_version`. + * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. ## Attributes Reference @@ -61,7 +68,7 @@ In addition to arguments listed above, the following attributes are exported: * `id` - ID of the resource. * `revision` - Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging. * `path` - The NSX path of the policy resource. -* `attribute`: +* `app_id`: * `is_alg_type` - Describes whether the APP_ID value is ALG type or not. ## Importing From e36808336c8261bc16bed9daa5a76d9c73e35c6b Mon Sep 17 00:00:00 2001 From: Enhao Cui Date: Fri, 31 Jul 2020 16:21:04 -0700 Subject: [PATCH 6/8] fix doc --- website/docs/r/policy_context_profile.html.markdown | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/website/docs/r/policy_context_profile.html.markdown b/website/docs/r/policy_context_profile.html.markdown index e73b646c3..18cc6cd0d 100644 --- a/website/docs/r/policy_context_profile.html.markdown +++ b/website/docs/r/policy_context_profile.html.markdown @@ -41,21 +41,21 @@ Note: At least one of `app_id`, `domain_name`, or `url_category` must present. * `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the resource. * `app_id` - (Optional) A block to specify app id attributes for the context profile. * `description` - (Optional) Description of the attribute. - * `value` - (Required) A list of string indicating values for the `app_id`. Must be a subset of the preset list of valid values for attribute `app_id` on NSX. + * `value` - (Required) A list of string indicating values for the `app_id`. Must be a subset of valid values for `app_id` on NSX. * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. * `tls_version` - (Optional) A list of string indicating values for `tls_version`. * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. * `domain_name` - (Optional) A block to specify domain name (FQDN) attributes for the context profile. Only one block is allowed. * `description` - (Optional) Description of the attribute. - * `value` - (Required) A list of string indicating values for the `domain_name`. Must be a subset of the preset list of valid values for attribute `domain_name` on NSX. + * `value` - (Required) A list of string indicating values for the `domain_name`. Must be a subset of valid values for `domain_name` on NSX. * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. * `tls_version` - (Optional) A list of string indicating values for `tls_version`. * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. * `url_category` - (Optional) A block to specify url category attributes for the context profile. Only one block is allowed. * `description` - (Optional) Description of the attribute. - * `value` - (Required) A list of string indicating values for the `url_category`. Must be a subset of the preset list of valid values for attribute `url_category` on NSX. + * `value` - (Required) A list of string indicating values for the `url_category`. Must be a subset of valid values for `url_category` on NSX. * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. * `tls_version` - (Optional) A list of string indicating values for `tls_version`. From 9c94850001d487bca8783cf63d008dec6c2feae6 Mon Sep 17 00:00:00 2001 From: Enhao Cui Date: Tue, 4 Aug 2020 16:56:38 -0700 Subject: [PATCH 7/8] Limit sub_attribute to app_id only --- nsxt/resource_nsxt_policy_context_profile.go | 36 ++++++++++--------- ...source_nsxt_policy_context_profile_test.go | 16 ++++----- .../r/policy_context_profile.html.markdown | 12 ++----- 3 files changed, 29 insertions(+), 35 deletions(-) diff --git a/nsxt/resource_nsxt_policy_context_profile.go b/nsxt/resource_nsxt_policy_context_profile.go index 090f74f6a..ddea5fd1b 100644 --- a/nsxt/resource_nsxt_policy_context_profile.go +++ b/nsxt/resource_nsxt_policy_context_profile.go @@ -108,7 +108,6 @@ func getContextProfilePolicyOtherAttributesSchema() *schema.Schema { Type: schema.TypeString, }, }, - "sub_attribute": getPolicyAttributeSubAttributeSchema(), }, }, } @@ -277,7 +276,7 @@ func resourceNsxtPolicyContextProfileUpdate(d *schema.ResourceData, m interface{ description := d.Get("description").(string) attributesStructList := make([]model.PolicyAttributes, 0, 0) var err error - for _, key := range []string{"app_id", "domain_name", "url_category"} { + for key := range attributeKeyMap { attributes := d.Get(key).(*schema.Set).List() err := checkAttributesValid(attributes, m, key) if err != nil { @@ -344,11 +343,12 @@ func resourceNsxtPolicyContextProfileDelete(d *schema.ResourceData, m interface{ func checkAttributesValid(attributes []interface{}, m interface{}, key string) error { - err := validateSubAttributes(attributes) - if err != nil { - return err + if key == "app_id" { + err := validateSubAttributes(attributes) + if err != nil { + return err + } } - var attrClient interface{} connector := getPolicyConnector(m) isPolicyGlobalManager := isPolicyGlobalManager(m) @@ -373,12 +373,12 @@ func checkAttributesValid(attributes []interface{}, m interface{}, key string) e } func validateSubAttributes(attributes []interface{}) error { - // Validates that sub-attribute keys only present in an attribute with one value + // Validates that sub_attribute keys only present in an attribute with one value for _, attribute := range attributes { attributeMap := attribute.(map[string]interface{}) values := attributeMap["value"].(*schema.Set).List() if len(attributeMap["sub_attribute"].(*schema.Set).List()) > 0 && len(values) > 1 { - err := fmt.Errorf("Multiple values found for attribute. Sub-attribtes are only applicable to an attribute with a single value") + err := fmt.Errorf("Multiple values found for attribute. Sub-attributes are only applicable to an attribute with a single value") return err } } @@ -431,11 +431,14 @@ func constructAttributesModelList(rawAttributes []interface{}, key string) ([]mo description := attributeMap["description"].(string) attrKey := attributeKeyMap[key] values := interface2StringList(attributeMap["value"].(*schema.Set).List()) - subAttributes := attributeMap["sub_attribute"].(*schema.Set).List() - subAttributesList, err := constructSubAttributeModelList(subAttributes) - - if err != nil { - return nil, err + subAttributesList := make([]model.PolicySubAttributes, 0, 0) + if key == "app_id" { + var err error + subAttributes := attributeMap["sub_attribute"].(*schema.Set).List() + subAttributesList, err = constructSubAttributeModelList(subAttributes) + if err != nil { + return nil, err + } } attributeStruct := model.PolicyAttributes{ Datatype: &dataType, @@ -480,15 +483,14 @@ func fillAttributesInSchema(d *schema.ResourceData, policyAttributes []model.Pol key := attributeReverseKeyMap[*policyAttribute.Key] elem["description"] = policyAttribute.Description elem["value"] = policyAttribute.Value - if len(policyAttribute.SubAttributes) > 0 { - elem["sub_attribute"] = fillSubAttributesInSchema(policyAttribute.SubAttributes) - } if *policyAttribute.Key == model.PolicyAttributes_KEY_APP_ID { + if len(policyAttribute.SubAttributes) > 0 { + elem["sub_attribute"] = fillSubAttributesInSchema(policyAttribute.SubAttributes) + } elem["is_alg_type"] = policyAttribute.IsALGType } attributes[key] = append(attributes[key], elem) } - for key, attributeList := range attributes { d.Set(key, attributeList) } diff --git a/nsxt/resource_nsxt_policy_context_profile_test.go b/nsxt/resource_nsxt_policy_context_profile_test.go index 29f83b618..8d67985dd 100644 --- a/nsxt/resource_nsxt_policy_context_profile_test.go +++ b/nsxt/resource_nsxt_policy_context_profile_test.go @@ -39,8 +39,8 @@ func TestAccResourceNsxtPolicyContextProfile_basic(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "app_id.#", "0"), resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "1"), resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), - resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.238902231.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.238902231.value.608540107", "*-myfiles.sharepoint.com"), ), }, { @@ -56,8 +56,8 @@ func TestAccResourceNsxtPolicyContextProfile_basic(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "app_id.#", "0"), resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "0"), resource.TestCheckResourceAttr(testResourceName, "url_category.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "url_category.840357425.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "url_category.840357425.value.3317229948", "Abortion"), + resource.TestCheckResourceAttr(testResourceName, "url_category.1857560543.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "url_category.1857560543.value.3317229948", "Abortion"), ), }, }, @@ -115,8 +115,8 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "app_id.#", "0"), resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "1"), resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), - resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.238902231.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.238902231.value.608540107", "*-myfiles.sharepoint.com"), ), }, { @@ -137,8 +137,8 @@ func TestAccResourceNsxtPolicyContextProfile_multipleAttributes(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "app_id.124112814.value.2076247700", "SSL"), resource.TestCheckResourceAttr(testResourceName, "app_id.124112814.value.2328579708", "HTTP"), resource.TestCheckResourceAttr(testResourceName, "app_id.124112814.value.531481488", "SSH"), - resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.#", "1"), - resource.TestCheckResourceAttr(testResourceName, "domain_name.2947620246.value.608540107", "*-myfiles.sharepoint.com"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.238902231.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.238902231.value.608540107", "*-myfiles.sharepoint.com"), ), }, }, diff --git a/website/docs/r/policy_context_profile.html.markdown b/website/docs/r/policy_context_profile.html.markdown index 18cc6cd0d..a7ce6ac12 100644 --- a/website/docs/r/policy_context_profile.html.markdown +++ b/website/docs/r/policy_context_profile.html.markdown @@ -39,27 +39,19 @@ Note: At least one of `app_id`, `domain_name`, or `url_category` must present. * `description` - (Optional) Description of the resource. * `tag` - (Optional) A list of scope + tag pairs to associate with this resource. * `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the resource. -* `app_id` - (Optional) A block to specify app id attributes for the context profile. +* `app_id` - (Optional) A block to specify app id attributes for the context profile. Only one block is allowed. * `description` - (Optional) Description of the attribute. * `value` - (Required) A list of string indicating values for the `app_id`. Must be a subset of valid values for `app_id` on NSX. - * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. + * `sub_attribute` - (Optional) A block to specify sub attribute for the `app_id`. Only one block is allowed. * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. * `tls_version` - (Optional) A list of string indicating values for `tls_version`. * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. * `domain_name` - (Optional) A block to specify domain name (FQDN) attributes for the context profile. Only one block is allowed. * `description` - (Optional) Description of the attribute. * `value` - (Required) A list of string indicating values for the `domain_name`. Must be a subset of valid values for `domain_name` on NSX. - * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. - * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. - * `tls_version` - (Optional) A list of string indicating values for `tls_version`. - * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. * `url_category` - (Optional) A block to specify url category attributes for the context profile. Only one block is allowed. * `description` - (Optional) Description of the attribute. * `value` - (Required) A list of string indicating values for the `url_category`. Must be a subset of valid values for `url_category` on NSX. - * `sub_attribute` - (Optional) A block to specify sub attribute for the attribute. Only one block is allowed. - * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. - * `tls_version` - (Optional) A list of string indicating values for `tls_version`. - * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. ## Attributes Reference From 1393f69aeea724654b7dfb89b63efd1fc9708754 Mon Sep 17 00:00:00 2001 From: Enhao Cui Date: Wed, 5 Aug 2020 12:02:04 -0700 Subject: [PATCH 8/8] Address comments --- nsxt/resource_nsxt_policy_context_profile.go | 2 - ...source_nsxt_policy_context_profile_test.go | 45 +++++++++++++++++++ .../r/policy_context_profile.html.markdown | 6 +-- 3 files changed, 48 insertions(+), 5 deletions(-) diff --git a/nsxt/resource_nsxt_policy_context_profile.go b/nsxt/resource_nsxt_policy_context_profile.go index ddea5fd1b..abc24dff7 100644 --- a/nsxt/resource_nsxt_policy_context_profile.go +++ b/nsxt/resource_nsxt_policy_context_profile.go @@ -79,7 +79,6 @@ func getContextProfilePolicyAppIDAttributesSchema() *schema.Schema { "value": { Type: schema.TypeSet, Description: "Values for attribute key", - MinItems: 1, Required: true, Elem: &schema.Schema{ Type: schema.TypeString, @@ -103,7 +102,6 @@ func getContextProfilePolicyOtherAttributesSchema() *schema.Schema { Type: schema.TypeSet, Description: "Values for attribute key", Required: true, - MinItems: 1, Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/nsxt/resource_nsxt_policy_context_profile_test.go b/nsxt/resource_nsxt_policy_context_profile_test.go index 8d67985dd..8d9a12406 100644 --- a/nsxt/resource_nsxt_policy_context_profile_test.go +++ b/nsxt/resource_nsxt_policy_context_profile_test.go @@ -151,6 +151,8 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { testResourceName := "nsxt_policy_context_profile.test" attributes := testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesTemplate() updatedAttributes := testAccNsxtPolicyContextProfileAttributeAppIDSubAttributesUpdatedTemplate() + attributesNoSub := testAccNsxtPolicyContextProfileAttributeAppIDSslTemplate() + attributesDomainName := testAccNsxtPolicyContextProfileAttributeDomainNameTemplate() resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -208,6 +210,42 @@ func TestAccResourceNsxtPolicyContextProfile_subAttributes(t *testing.T) { resource.TestCheckResourceAttr(testResourceName, "app_id.832058275.sub_attribute.2393957168.cifs_smb_version.3787226665", "CIFS_SMB_V2"), ), }, + { + Config: testAccNsxtPolicyContextProfileTemplate(updatedName, attributesNoSub), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "app_id.4162008338.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.4162008338.value.2076247700", "SSL"), + resource.TestCheckResourceAttrSet(testResourceName, "app_id.4162008338.is_alg_type"), + resource.TestCheckResourceAttr(testResourceName, "app_id.4162008338.sub_attribute.#", "0"), + ), + }, + { + Config: testAccNsxtPolicyContextProfileTemplate(updatedName, attributesDomainName), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyContextProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "app_id.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "url_category.#", "0"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.238902231.value.#", "1"), + resource.TestCheckResourceAttr(testResourceName, "domain_name.238902231.value.608540107", "*-myfiles.sharepoint.com"), + ), + }, }, }) } @@ -315,3 +353,10 @@ app_id { } }` } + +func testAccNsxtPolicyContextProfileAttributeAppIDSslTemplate() string { + return ` +app_id { + value = ["SSL"] +}` +} diff --git a/website/docs/r/policy_context_profile.html.markdown b/website/docs/r/policy_context_profile.html.markdown index a7ce6ac12..ce2e88013 100644 --- a/website/docs/r/policy_context_profile.html.markdown +++ b/website/docs/r/policy_context_profile.html.markdown @@ -43,9 +43,9 @@ Note: At least one of `app_id`, `domain_name`, or `url_category` must present. * `description` - (Optional) Description of the attribute. * `value` - (Required) A list of string indicating values for the `app_id`. Must be a subset of valid values for `app_id` on NSX. * `sub_attribute` - (Optional) A block to specify sub attribute for the `app_id`. Only one block is allowed. - * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`. - * `tls_version` - (Optional) A list of string indicating values for `tls_version`. - * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`. + * `tls_cipher_suite` - (Optional) A list of string indicating values for `tls_cipher_suite`, only applicable to `SSL`. + * `tls_version` - (Optional) A list of string indicating values for `tls_version`, only applicable to `SSL`. + * `cifs_smb_version` - (Optional) A list of string indicating values for `cifs_smb_version`, only applicable to `CIFS`. * `domain_name` - (Optional) A block to specify domain name (FQDN) attributes for the context profile. Only one block is allowed. * `description` - (Optional) Description of the attribute. * `value` - (Required) A list of string indicating values for the `domain_name`. Must be a subset of valid values for `domain_name` on NSX.