diff --git a/api/api_list.yaml b/api/api_list.yaml index 1f21d5ad1..80cc82ba8 100644 --- a/api/api_list.yaml +++ b/api/api_list.yaml @@ -452,6 +452,9 @@ - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra/domains model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model type: Multitenancy + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/vpcs + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: VPC model_name: SecurityPolicy obj_name: SecurityPolicy client_name: SecurityPoliciesClient @@ -986,7 +989,6 @@ - New - Get - Delete - - List - Patch - Update - List diff --git a/api/infra/domains/security_policy.go b/api/infra/domains/security_policy.go index 32cbaf7cd..b2d5c45cd 100644 --- a/api/infra/domains/security_policy.go +++ b/api/infra/domains/security_policy.go @@ -11,6 +11,7 @@ import ( client0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/domains" model0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" client2 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra/domains" + client3 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/vpcs" utl "github.com/vmware/terraform-provider-nsxt/api/utl" ) @@ -31,6 +32,9 @@ func NewSecurityPoliciesClient(sessionContext utl.SessionContext, connector vapi case utl.Multitenancy: client = client2.NewSecurityPoliciesClient(connector) + case utl.VPC: + client = client3.NewSecurityPoliciesClient(connector) + default: return nil } @@ -67,6 +71,13 @@ func (c SecurityPolicyClientContext) Get(domainIdParam string, securityPolicyIdP return obj, err } + case utl.VPC: + client := c.Client.(client3.SecurityPoliciesClient) + obj, err = client.Get(utl.DefaultOrgID, c.ProjectID, c.VPCID, securityPolicyIdParam) + if err != nil { + return obj, err + } + default: return obj, errors.New("invalid infrastructure for model") } @@ -94,6 +105,10 @@ func (c SecurityPolicyClientContext) Patch(domainIdParam string, securityPolicyI client := c.Client.(client2.SecurityPoliciesClient) err = client.Patch(utl.DefaultOrgID, c.ProjectID, domainIdParam, securityPolicyIdParam, securityPolicyParam) + case utl.VPC: + client := c.Client.(client3.SecurityPoliciesClient) + err = client.Patch(utl.DefaultOrgID, c.ProjectID, c.VPCID, securityPolicyIdParam, securityPolicyParam) + default: err = errors.New("invalid infrastructure for model") } @@ -130,6 +145,10 @@ func (c SecurityPolicyClientContext) Update(domainIdParam string, securityPolicy client := c.Client.(client2.SecurityPoliciesClient) obj, err = client.Update(utl.DefaultOrgID, c.ProjectID, domainIdParam, securityPolicyIdParam, securityPolicyParam) + case utl.VPC: + client := c.Client.(client3.SecurityPoliciesClient) + obj, err = client.Update(utl.DefaultOrgID, c.ProjectID, c.VPCID, securityPolicyIdParam, securityPolicyParam) + default: err = errors.New("invalid infrastructure for model") } @@ -153,6 +172,10 @@ func (c SecurityPolicyClientContext) Delete(domainIdParam string, securityPolicy client := c.Client.(client2.SecurityPoliciesClient) err = client.Delete(utl.DefaultOrgID, c.ProjectID, domainIdParam, securityPolicyIdParam) + case utl.VPC: + client := c.Client.(client3.SecurityPoliciesClient) + err = client.Delete(utl.DefaultOrgID, c.ProjectID, c.VPCID, securityPolicyIdParam) + default: err = errors.New("invalid infrastructure for model") } @@ -185,6 +208,10 @@ func (c SecurityPolicyClientContext) List(domainIdParam string, cursorParam *str client := c.Client.(client2.SecurityPoliciesClient) obj, err = client.List(utl.DefaultOrgID, c.ProjectID, domainIdParam, cursorParam, includeMarkForDeleteObjectsParam, includeRuleCountParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + case utl.VPC: + client := c.Client.(client3.SecurityPoliciesClient) + obj, err = client.List(utl.DefaultOrgID, c.ProjectID, c.VPCID, cursorParam, includeMarkForDeleteObjectsParam, includeRuleCountParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + default: err = errors.New("invalid infrastructure for model") } diff --git a/api/utl/api_util.go b/api/utl/api_util.go index 1dbd217a2..94fc0a368 100644 --- a/api/utl/api_util.go +++ b/api/utl/api_util.go @@ -11,16 +11,19 @@ const ( Global = 0 Local = 1 Multitenancy = 2 + VPC = 3 ) type SessionContext struct { ClientType ClientType ProjectID string + VPCID string } type ClientContext struct { Client interface{} ClientType ClientType ProjectID string + VPCID string } func ConvertModelBindingType(obj interface{}, sourceType bindings.BindingType, destType bindings.BindingType) (interface{}, error) { diff --git a/api/utl_file_template.yaml b/api/utl_file_template.yaml index f60be64a7..5fecfdf6b 100644 --- a/api/utl_file_template.yaml +++ b/api/utl_file_template.yaml @@ -15,11 +15,13 @@ type SessionContext struct { ClientType ClientType ProjectID string + VPCID string } type ClientContext struct { Client interface{} ClientType ClientType ProjectID string + VPCID string } func ConvertModelBindingType(obj interface{}, sourceType bindings.BindingType, destType bindings.BindingType) (interface{}, error) { diff --git a/nsxt/data_source_nsxt_policy_context_profile_test.go b/nsxt/data_source_nsxt_policy_context_profile_test.go index b67bbb816..069039dba 100644 --- a/nsxt/data_source_nsxt_policy_context_profile_test.go +++ b/nsxt/data_source_nsxt_policy_context_profile_test.go @@ -84,7 +84,7 @@ data "nsxt_policy_context_profile" "test" { } func testAccNsxtPolicyContextProfileMultitenancyTemplate(name string) string { - context := testAccNsxtPolicyMultitenancyContext() + context := testAccNsxtPolicyContext() return fmt.Sprintf(` resource "nsxt_policy_context_profile" "test" { %s diff --git a/nsxt/data_source_nsxt_policy_dhcp_server_test.go b/nsxt/data_source_nsxt_policy_dhcp_server_test.go index 6a6a4dc57..e6fda6903 100644 --- a/nsxt/data_source_nsxt_policy_dhcp_server_test.go +++ b/nsxt/data_source_nsxt_policy_dhcp_server_test.go @@ -44,7 +44,7 @@ func testAccDataSourceNsxtPolicyDhcpServerBasic(t *testing.T, withContext bool, func testAccNsxtPolicyDhcpServerReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_dhcp_server" "test" { diff --git a/nsxt/data_source_nsxt_policy_gateway_locale_service_test.go b/nsxt/data_source_nsxt_policy_gateway_locale_service_test.go index e2c2ac8ff..e3f2a1308 100644 --- a/nsxt/data_source_nsxt_policy_gateway_locale_service_test.go +++ b/nsxt/data_source_nsxt_policy_gateway_locale_service_test.go @@ -91,7 +91,7 @@ func TestAccDataSourceNsxtPolicyGatewayLocaleService_multitenancy(t *testing.T) func testAccNsxtPolicyGatewayLocaleServiceTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_edge_cluster" "test" { diff --git a/nsxt/data_source_nsxt_policy_gateway_policy_test.go b/nsxt/data_source_nsxt_policy_gateway_policy_test.go index 0bd4ff7c8..cbfff9447 100644 --- a/nsxt/data_source_nsxt_policy_gateway_policy_test.go +++ b/nsxt/data_source_nsxt_policy_gateway_policy_test.go @@ -67,7 +67,7 @@ func testAccDataSourceNsxtPolicyGatewayPolicyBasic(t *testing.T, withContext boo func testAccNsxtPolicyGatewayPolicyTemplate(name string, category string, extra string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` diff --git a/nsxt/data_source_nsxt_policy_gateway_qos_profile_test.go b/nsxt/data_source_nsxt_policy_gateway_qos_profile_test.go index e00872f3e..911d44ed3 100644 --- a/nsxt/data_source_nsxt_policy_gateway_qos_profile_test.go +++ b/nsxt/data_source_nsxt_policy_gateway_qos_profile_test.go @@ -132,7 +132,7 @@ func testAccDataSourceNsxtPolicyGatewayQosProfileDeleteByName(name string) error func testAccNsxtPolicyGatewayQosProfileReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_gateway_qos_profile" "test" { diff --git a/nsxt/data_source_nsxt_policy_group_test.go b/nsxt/data_source_nsxt_policy_group_test.go index 20d13b278..83d7181b6 100644 --- a/nsxt/data_source_nsxt_policy_group_test.go +++ b/nsxt/data_source_nsxt_policy_group_test.go @@ -143,7 +143,7 @@ func testAccDataSourceNsxtPolicyGroupDeleteByName(domain string, name string) er func testAccNsxtPolicyGroupReadTemplate(domain string, name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_group" "test" { diff --git a/nsxt/data_source_nsxt_policy_intrusion_service_profile_test.go b/nsxt/data_source_nsxt_policy_intrusion_service_profile_test.go index 286f80b9d..34dc3ee10 100644 --- a/nsxt/data_source_nsxt_policy_intrusion_service_profile_test.go +++ b/nsxt/data_source_nsxt_policy_intrusion_service_profile_test.go @@ -72,7 +72,7 @@ func testAccDataSourceNsxtPolicyIntrusionServiceProfileBasic(t *testing.T, withC func testAccNsxtPolicyIntrusionServiceProfileReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_intrusion_service_profile" "test" { diff --git a/nsxt/data_source_nsxt_policy_ip_block_test.go b/nsxt/data_source_nsxt_policy_ip_block_test.go index 46c4e8a6b..cd50ae062 100644 --- a/nsxt/data_source_nsxt_policy_ip_block_test.go +++ b/nsxt/data_source_nsxt_policy_ip_block_test.go @@ -110,7 +110,7 @@ func testAccDataSourceNsxtPolicyIPBlockDeleteByName(name string) error { func testAccNsxtPolicyIPBlockReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_ip_block" "test" { diff --git a/nsxt/data_source_nsxt_policy_ip_discovery_profile_test.go b/nsxt/data_source_nsxt_policy_ip_discovery_profile_test.go index a5c9c8dde..c03e95b1e 100644 --- a/nsxt/data_source_nsxt_policy_ip_discovery_profile_test.go +++ b/nsxt/data_source_nsxt_policy_ip_discovery_profile_test.go @@ -60,7 +60,7 @@ data "nsxt_policy_ip_discovery_profile" "test" { } func testAccNsxtPolicyIPDiscoveryProfileMultitenancyTemplate(name string) string { - context := testAccNsxtPolicyMultitenancyContext() + context := testAccNsxtPolicyContext() return fmt.Sprintf(` resource "nsxt_policy_ip_discovery_profile" "test" { %s diff --git a/nsxt/data_source_nsxt_policy_ip_pool_test.go b/nsxt/data_source_nsxt_policy_ip_pool_test.go index f749cdd06..46c6687ed 100644 --- a/nsxt/data_source_nsxt_policy_ip_pool_test.go +++ b/nsxt/data_source_nsxt_policy_ip_pool_test.go @@ -108,7 +108,7 @@ func testAccDataSourceNsxtPolicyIPPoolDeleteByName(name string) error { func testAccNsxtPolicyIPPoolReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_ip_pool" "test" { diff --git a/nsxt/data_source_nsxt_policy_ipv6_dad_profile_test.go b/nsxt/data_source_nsxt_policy_ipv6_dad_profile_test.go index 91634b5c3..4ea91d740 100644 --- a/nsxt/data_source_nsxt_policy_ipv6_dad_profile_test.go +++ b/nsxt/data_source_nsxt_policy_ipv6_dad_profile_test.go @@ -107,7 +107,7 @@ func testAccDataSourceNsxtPolicyIpv6DadProfileDeleteByName(name string) error { func testAccNsxtPolicyIpv6DadProfileReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_ipv6_dad_profile" "test" { diff --git a/nsxt/data_source_nsxt_policy_ipv6_ndra_profile_test.go b/nsxt/data_source_nsxt_policy_ipv6_ndra_profile_test.go index d2e00b3bd..6441f936c 100644 --- a/nsxt/data_source_nsxt_policy_ipv6_ndra_profile_test.go +++ b/nsxt/data_source_nsxt_policy_ipv6_ndra_profile_test.go @@ -111,7 +111,7 @@ func testAccDataSourceNsxtPolicyIpv6NdraProfileDeleteByName(name string) error { func testAccNsxtPolicyIpv6NdraProfileReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_ipv6_ndra_profile" "test" { diff --git a/nsxt/data_source_nsxt_policy_mac_discovery_profile_test.go b/nsxt/data_source_nsxt_policy_mac_discovery_profile_test.go index f09c7aaa2..af2d97026 100644 --- a/nsxt/data_source_nsxt_policy_mac_discovery_profile_test.go +++ b/nsxt/data_source_nsxt_policy_mac_discovery_profile_test.go @@ -82,7 +82,7 @@ data "nsxt_policy_mac_discovery_profile" "test" { } func testAccNsxtPolicyMacDiscoveryProfileMultitenancyTemplate(name string) string { - context := testAccNsxtPolicyMultitenancyContext() + context := testAccNsxtPolicyContext() return fmt.Sprintf(` resource "nsxt_policy_mac_discovery_profile" "test" { %s diff --git a/nsxt/data_source_nsxt_policy_qos_profile_test.go b/nsxt/data_source_nsxt_policy_qos_profile_test.go index c5474c17b..43f087e9f 100644 --- a/nsxt/data_source_nsxt_policy_qos_profile_test.go +++ b/nsxt/data_source_nsxt_policy_qos_profile_test.go @@ -107,7 +107,7 @@ func testAccDataSourceNsxtPolicyQosProfileDeleteByName(name string) error { func testAccNsxtPolicyQosProfileReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_qos_profile" "test" { diff --git a/nsxt/data_source_nsxt_policy_realization_info_test.go b/nsxt/data_source_nsxt_policy_realization_info_test.go index 12b57dfba..315829194 100644 --- a/nsxt/data_source_nsxt_policy_realization_info_test.go +++ b/nsxt/data_source_nsxt_policy_realization_info_test.go @@ -223,7 +223,7 @@ data "nsxt_policy_realization_info" "realization_info" { func testAccNsxtPolicyRealizationInfoReadDataSourceErrorTemplate(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_pool" "test" { @@ -260,7 +260,7 @@ data "nsxt_policy_realization_info" "realization_info" { func testAccNsxtPolicyRealizationInfoReadDataSourceTemplate(resourceDataType string, resourceName string, entityType string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "%s" "policy_resource" { @@ -278,7 +278,7 @@ data "nsxt_policy_realization_info" "realization_info" { func testAccNsxtPolicyRealizationInfoReadResourceTemplate(resourceType string, resourceName string, entityType string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "%s" "policy_resource" { diff --git a/nsxt/data_source_nsxt_policy_security_policy_test.go b/nsxt/data_source_nsxt_policy_security_policy_test.go index 9df88b0af..0a281c5e5 100644 --- a/nsxt/data_source_nsxt_policy_security_policy_test.go +++ b/nsxt/data_source_nsxt_policy_security_policy_test.go @@ -98,7 +98,7 @@ func TestAccDataSourceNsxtPolicySecurityPolicy_default(t *testing.T) { func testAccNsxtPolicySecurityPolicyTemplate(name string, category string, extra string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_security_policy" "test" { diff --git a/nsxt/data_source_nsxt_policy_segment_realization_test.go b/nsxt/data_source_nsxt_policy_segment_realization_test.go index a368eac96..6db2d7e87 100644 --- a/nsxt/data_source_nsxt_policy_segment_realization_test.go +++ b/nsxt/data_source_nsxt_policy_segment_realization_test.go @@ -58,7 +58,7 @@ func testAccNsxtPolicySegmentRealizationTemplate(vlan, withContext bool) string extra := "" context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } if vlan { resource = "nsxt_policy_vlan_segment" diff --git a/nsxt/data_source_nsxt_policy_segment_security_profile_test.go b/nsxt/data_source_nsxt_policy_segment_security_profile_test.go index 4526939f2..6b3d9de41 100644 --- a/nsxt/data_source_nsxt_policy_segment_security_profile_test.go +++ b/nsxt/data_source_nsxt_policy_segment_security_profile_test.go @@ -60,7 +60,7 @@ data "nsxt_policy_segment_security_profile" "test" { } func testAccNsxtPolicySegmentSecurityProfileMultitenancyTemplate(name string) string { - context := testAccNsxtPolicyMultitenancyContext() + context := testAccNsxtPolicyContext() return fmt.Sprintf(` resource "nsxt_policy_segment_security_profile" "test" { %s diff --git a/nsxt/data_source_nsxt_policy_segment_test.go b/nsxt/data_source_nsxt_policy_segment_test.go index 69305f547..476632b20 100644 --- a/nsxt/data_source_nsxt_policy_segment_test.go +++ b/nsxt/data_source_nsxt_policy_segment_test.go @@ -104,7 +104,7 @@ func testAccDataSourceNsxtPolicySegmentDeleteByName(name string) error { func testAccNsxtPolicySegmentReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_segment" "test" { diff --git a/nsxt/data_source_nsxt_policy_service_test.go b/nsxt/data_source_nsxt_policy_service_test.go index 227fe8587..3c9050ea5 100644 --- a/nsxt/data_source_nsxt_policy_service_test.go +++ b/nsxt/data_source_nsxt_policy_service_test.go @@ -158,7 +158,7 @@ data "nsxt_policy_service" "test" { } func testAccNsxtPolicyServiceMultitenancyTemplate(name string) string { - context := testAccNsxtPolicyMultitenancyContext() + context := testAccNsxtPolicyContext() return fmt.Sprintf(` resource "nsxt_policy_service" "test" { %s diff --git a/nsxt/data_source_nsxt_policy_spoofguard_profile_test.go b/nsxt/data_source_nsxt_policy_spoofguard_profile_test.go index 6928bf63b..d34b37853 100644 --- a/nsxt/data_source_nsxt_policy_spoofguard_profile_test.go +++ b/nsxt/data_source_nsxt_policy_spoofguard_profile_test.go @@ -60,7 +60,7 @@ data "nsxt_policy_spoofguard_profile" "test" { } func testAccNsxtPolicySpoofGuardProfileMultitenancyTemplate(name string) string { - context := testAccNsxtPolicyMultitenancyContext() + context := testAccNsxtPolicyContext() return fmt.Sprintf(` resource "nsxt_policy_spoof_guard_profile" "test" { %s diff --git a/nsxt/data_source_nsxt_policy_tier1_gateway_test.go b/nsxt/data_source_nsxt_policy_tier1_gateway_test.go index 1d93c9055..299cdf1c9 100644 --- a/nsxt/data_source_nsxt_policy_tier1_gateway_test.go +++ b/nsxt/data_source_nsxt_policy_tier1_gateway_test.go @@ -108,7 +108,7 @@ func testAccDataSourceNsxtPolicyTier1GatewayDeleteByName(routerName string) erro func testAccNsxtPolicyTier1ReadTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_tier1_gateway" "test" { diff --git a/nsxt/data_source_nsxt_policy_vm_test.go b/nsxt/data_source_nsxt_policy_vm_test.go index 3038010fe..9237fab17 100644 --- a/nsxt/data_source_nsxt_policy_vm_test.go +++ b/nsxt/data_source_nsxt_policy_vm_test.go @@ -61,7 +61,7 @@ func testAccDataSourceNsxtPolicyVMBasic(t *testing.T, withContext bool, preCheck func testAccNsxtPolicyVMReadByNameTemplate(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_vm" "test" { @@ -73,7 +73,7 @@ data "nsxt_policy_vm" "test" { func testAccNsxtPolicyVMReadByIDTemplate(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_vm" "test" { diff --git a/nsxt/data_source_nsxt_policy_vms_test.go b/nsxt/data_source_nsxt_policy_vms_test.go index 824ec386b..2164fa01a 100644 --- a/nsxt/data_source_nsxt_policy_vms_test.go +++ b/nsxt/data_source_nsxt_policy_vms_test.go @@ -85,7 +85,7 @@ func TestAccDataSourceNsxtPolicyVMs_filter(t *testing.T) { func testAccNsxtPolicyVMsTemplate(valueType string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` data "nsxt_policy_vms" "test" { diff --git a/nsxt/data_source_policy_vpc_test.go b/nsxt/data_source_policy_vpc_test.go index 23d7caa0b..32227d59c 100644 --- a/nsxt/data_source_policy_vpc_test.go +++ b/nsxt/data_source_policy_vpc_test.go @@ -114,7 +114,7 @@ func testAccDataSourceNsxtPolicyVPCDeleteByName(name string) error { } func testAccNsxtPolicyVPCReadTemplate(name string) string { - context := testAccNsxtPolicyMultitenancyContext() + context := testAccNsxtPolicyContext() return fmt.Sprintf(` data "nsxt_policy_ip_block" "test" { %s diff --git a/nsxt/policy_common.go b/nsxt/policy_common.go index 4cba5eac2..2ef72c8f6 100644 --- a/nsxt/policy_common.go +++ b/nsxt/policy_common.go @@ -311,7 +311,7 @@ func getSecurityPolicyAndGatewayRuleSchema(scopeRequired bool, isIds bool, nsxID } func getPolicyGatewayPolicySchema() map[string]*schema.Schema { - secPolicy := getPolicySecurityPolicySchema(false, true, true) + secPolicy := getPolicySecurityPolicySchema(false, true, true, true) // GW Policies don't support scope delete(secPolicy, "scope") secPolicy["category"].ValidateFunc = validation.StringInSlice(gatewayPolicyCategoryWritableValues, false) @@ -320,7 +320,7 @@ func getPolicyGatewayPolicySchema() map[string]*schema.Schema { return secPolicy } -func getPolicySecurityPolicySchema(isIds, withContext, withRule bool) map[string]*schema.Schema { +func getPolicySecurityPolicySchema(isIds, withContext, withRule, withDomain bool) map[string]*schema.Schema { result := map[string]*schema.Schema{ "nsx_id": getNsxIDSchema(), "path": getPathSchema(), @@ -392,6 +392,9 @@ func getPolicySecurityPolicySchema(isIds, withContext, withRule bool) map[string if !withRule { delete(result, "rule") } + if !withDomain { + delete(result, "domain") + } return result } diff --git a/nsxt/policy_utils.go b/nsxt/policy_utils.go index dc0848be1..13bb4c731 100644 --- a/nsxt/policy_utils.go +++ b/nsxt/policy_utils.go @@ -246,11 +246,12 @@ func nsxtPolicyPathResourceImporterHelper(d *schema.ResourceData, m interface{}) } // pathSegs[2] should contain the organization. Once we support multiple organization, it should be // assigned into the context as well - contexts := make([]interface{}, 1) ctxMap := make(map[string]interface{}) ctxMap["project_id"] = pathSegs[4] - contexts[0] = ctxMap - d.Set("context", contexts) + if pathSegs[5] == "vpcs" { + ctxMap["vpc_id"] = pathSegs[6] + } + d.Set("context", []interface{}{ctxMap}) d.SetId(pathSegs[len(pathSegs)-1]) } return []*schema.ResourceData{d}, nil diff --git a/nsxt/provider.go b/nsxt/provider.go index 0eef507a4..66ed92758 100644 --- a/nsxt/provider.go +++ b/nsxt/provider.go @@ -494,6 +494,7 @@ func Provider() *schema.Provider { "nsxt_policy_gateway_flood_protection_profile_binding": resourceNsxtPolicyGatewayFloodProtectionProfileBinding(), "nsxt_policy_compute_sub_cluster": resourceNsxtPolicyComputeSubCluster(), "nsxt_policy_tier0_inter_vrf_routing": resourceNsxtPolicyTier0InterVRFRouting(), + "nsxt_policy_vpc_security_policy": resourceNsxtPolicyVPCSecurityPolicy(), }, ConfigureFunc: providerConfigure, @@ -1201,28 +1202,35 @@ func getGlobalPolicyEnforcementPointPath(m interface{}, sitePath *string) string return fmt.Sprintf("%s/enforcement-points/%s", *sitePath, getPolicyEnforcementPoint(m)) } -func getProjectIDFromSchema(d *schema.ResourceData) string { +func getContextDataFromSchema(d *schema.ResourceData) (string, string) { ctxPtr := d.Get("context") if ctxPtr != nil { contexts := ctxPtr.([]interface{}) for _, context := range contexts { data := context.(map[string]interface{}) + vpcID := "" + if data["vpc_id"] != nil { + vpcID = data["vpc_id"].(string) + } - return data["project_id"].(string) + return data["project_id"].(string), vpcID } } - return "" + return "", "" } func getSessionContext(d *schema.ResourceData, m interface{}) tf_api.SessionContext { var clientType tf_api.ClientType - projectID := getProjectIDFromSchema(d) + projectID, vpcID := getContextDataFromSchema(d) if projectID != "" { clientType = tf_api.Multitenancy + if vpcID != "" { + clientType = tf_api.VPC + } } else if isPolicyGlobalManager(m) { clientType = tf_api.Global } else { clientType = tf_api.Local } - return tf_api.SessionContext{ProjectID: projectID, ClientType: clientType} + return tf_api.SessionContext{ProjectID: projectID, VPCID: vpcID, ClientType: clientType} } diff --git a/nsxt/resource_nsxt_policy_context_profile_custom_attribute_test.go b/nsxt/resource_nsxt_policy_context_profile_custom_attribute_test.go index b4423d39b..ff4c3df21 100644 --- a/nsxt/resource_nsxt_policy_context_profile_custom_attribute_test.go +++ b/nsxt/resource_nsxt_policy_context_profile_custom_attribute_test.go @@ -133,7 +133,7 @@ func testAccNsxtPolicyContextProfileCustomAttributeTemplate(withContext bool) st func testAccNsxtPolicyContextProfileCustomAttributeArgTemplate(key string, attribute string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` diff --git a/nsxt/resource_nsxt_policy_context_profile_test.go b/nsxt/resource_nsxt_policy_context_profile_test.go index eed1a5b42..6ebb17d54 100644 --- a/nsxt/resource_nsxt_policy_context_profile_test.go +++ b/nsxt/resource_nsxt_policy_context_profile_test.go @@ -412,7 +412,7 @@ func testAccNsxtPolicyContextProfileCheckDestroy(state *terraform.State, display func testAccNsxtPolicyContextProfileTemplate(name string, attributes string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_context_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_dhcp_relay_test.go b/nsxt/resource_nsxt_policy_dhcp_relay_test.go index dd97b2f43..0a4a2d972 100644 --- a/nsxt/resource_nsxt_policy_dhcp_relay_test.go +++ b/nsxt/resource_nsxt_policy_dhcp_relay_test.go @@ -194,7 +194,7 @@ func testAccNsxtPolicyDhcpRelayConfigTemplate(createFlow bool, withContext bool) } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_dhcp_relay" "test" { @@ -214,7 +214,7 @@ resource "nsxt_policy_dhcp_relay" "test" { func testAccNsxtPolicyDhcpRelayConfigMinimalistic(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_dhcp_relay" "test" { diff --git a/nsxt/resource_nsxt_policy_dhcp_server_test.go b/nsxt/resource_nsxt_policy_dhcp_server_test.go index 734a5b89e..fdbf3e147 100644 --- a/nsxt/resource_nsxt_policy_dhcp_server_test.go +++ b/nsxt/resource_nsxt_policy_dhcp_server_test.go @@ -200,7 +200,7 @@ func testAccNsxtPolicyDhcpServerCreateTemplate(withContext bool) string { defsSpec := testAccNsxtPolicyGatewayFabricDeps(false) edgeClusterSpec := "data.nsxt_policy_edge_cluster.EC.path" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() defsSpec, edgeClusterSpec = testAccNsxtPolicyProjectSpec() } @@ -236,7 +236,7 @@ func testAccNsxtPolicyDhcpServerUpdateTemplate(withContext bool) string { edgeClusterSpec := "data.nsxt_policy_edge_cluster.EC.path" context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() defsSpec, edgeClusterSpec = testAccNsxtPolicyProjectSpec() } @@ -260,7 +260,7 @@ resource "nsxt_policy_dhcp_server" "test" { func testAccNsxtPolicyDhcpServerMinimalistic(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_dhcp_server" "test" { diff --git a/nsxt/resource_nsxt_policy_dhcp_v4_static_binding_test.go b/nsxt/resource_nsxt_policy_dhcp_v4_static_binding_test.go index 4dc4527d6..4d04c3683 100644 --- a/nsxt/resource_nsxt_policy_dhcp_v4_static_binding_test.go +++ b/nsxt/resource_nsxt_policy_dhcp_v4_static_binding_test.go @@ -268,7 +268,7 @@ func testAccNsxtPolicyDhcpStaticBindingPrerequisites(isFixed, isIpv6, withContex defsSpec := testAccNsxtPolicyGatewayFabricDeps(false) edgeClusterSpec := "data.nsxt_policy_edge_cluster.EC.path" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() tzSpec = "" defsSpec, edgeClusterSpec = testAccNsxtPolicyProjectSpec() } @@ -316,7 +316,7 @@ func testAccNsxtPolicyDhcpV4StaticBindingTemplate(isFixed bool, createFlow, with } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyDhcpStaticBindingPrerequisites(isFixed, false, withContext) + fmt.Sprintf(` @@ -343,7 +343,7 @@ func testAccNsxtPolicyDhcpV4StaticBindingMinimalistic(isFixed, withContext bool) attrMap := accTestPolicyDhcpV4StaticBindingUpdateAttributes context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyDhcpStaticBindingPrerequisites(isFixed, false, withContext) + fmt.Sprintf(` resource "nsxt_policy_dhcp_v4_static_binding" "test" { diff --git a/nsxt/resource_nsxt_policy_dhcp_v6_static_binding_test.go b/nsxt/resource_nsxt_policy_dhcp_v6_static_binding_test.go index 3141586a9..1420eb216 100644 --- a/nsxt/resource_nsxt_policy_dhcp_v6_static_binding_test.go +++ b/nsxt/resource_nsxt_policy_dhcp_v6_static_binding_test.go @@ -265,7 +265,7 @@ func testAccNsxtPolicyDhcpV6StaticBindingTemplate(isFixed, createFlow, withConte } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyDhcpStaticBindingPrerequisites(isFixed, true, withContext) + fmt.Sprintf(` @@ -294,7 +294,7 @@ func testAccNsxtPolicyDhcpV6StaticBindingMinimalistic(isFixed, withContext bool) attrMap := accTestPolicyDhcpV6StaticBindingUpdateAttributes context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyDhcpStaticBindingPrerequisites(isFixed, true, withContext) + fmt.Sprintf(` resource "nsxt_policy_dhcp_v6_static_binding" "test" { diff --git a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding_test.go b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding_test.go index 9ec987acf..476757998 100644 --- a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding_test.go +++ b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding_test.go @@ -189,7 +189,7 @@ func testAccNsxtPolicyDistributedFloodProtectionProfileBindingTemplate(createFlo context := "" resourceName := "test" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() resourceName = "mttest" } return testAccNsxtPolicyDistributedFloodProtectionProfileBindingDeps(withContext) + fmt.Sprintf(` @@ -212,7 +212,7 @@ resource "nsxt_policy_distributed_flood_protection_profile_binding" "%s" { func testAccNsxtPolicyDistributedFloodProtectionProfileBindingDeps(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_group" "test" { diff --git a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go index 41530a004..2bbefdb71 100644 --- a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go +++ b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go @@ -222,7 +222,7 @@ func testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(createFlow, with context := "" resourceName := "test" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() resourceName = "mttest" } return fmt.Sprintf(` @@ -253,7 +253,7 @@ data "nsxt_policy_distributed_flood_protection_profile" "%s" { func testAccNsxtPolicyDistributedFloodProtectionProfileMinimalistic(withContext bool, name string) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_distributed_flood_protection_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_dns_forwarder_zone_test.go b/nsxt/resource_nsxt_policy_dns_forwarder_zone_test.go index ef139d524..e9325371b 100644 --- a/nsxt/resource_nsxt_policy_dns_forwarder_zone_test.go +++ b/nsxt/resource_nsxt_policy_dns_forwarder_zone_test.go @@ -207,7 +207,7 @@ func testAccNsxtPolicyDNSForwarderZoneTemplate(createFlow, withContext bool) str } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_dns_forwarder_zone" "test" { @@ -229,7 +229,7 @@ func testAccNsxtPolicyDNSForwarderZoneMinimalistic(withContext bool) string { attrMap := accTestPolicyDNSForwarderZoneUpdateAttributes context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_dns_forwarder_zone" "test" { diff --git a/nsxt/resource_nsxt_policy_fixed_segment_test.go b/nsxt/resource_nsxt_policy_fixed_segment_test.go index dd0568997..a75639cf1 100644 --- a/nsxt/resource_nsxt_policy_fixed_segment_test.go +++ b/nsxt/resource_nsxt_policy_fixed_segment_test.go @@ -360,7 +360,7 @@ func testAccNSXPolicyFixedSegmentImporterGetID(s *terraform.State) (string, erro func testAccNsxtPolicyFixedSegmentImportTemplate(tzName string, name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicySegmentDeps(tzName, withContext) + fmt.Sprintf(` resource "nsxt_policy_fixed_segment" "test" { @@ -379,7 +379,7 @@ resource "nsxt_policy_fixed_segment" "test" { func testAccNsxtPolicyFixedSegmentBasicTemplate(tzName string, name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicySegmentDeps(tzName, withContext) + fmt.Sprintf(` @@ -406,7 +406,7 @@ resource "nsxt_policy_fixed_segment" "test" { func testAccNsxtPolicyFixedSegmentBasicUpdateTemplate(tzName string, name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicySegmentDeps(tzName, withContext) + fmt.Sprintf(` resource "nsxt_policy_fixed_segment" "test" { diff --git a/nsxt/resource_nsxt_policy_gateway_dns_forwarder_test.go b/nsxt/resource_nsxt_policy_gateway_dns_forwarder_test.go index e2a1259c1..4c2d7ba52 100644 --- a/nsxt/resource_nsxt_policy_gateway_dns_forwarder_test.go +++ b/nsxt/resource_nsxt_policy_gateway_dns_forwarder_test.go @@ -211,7 +211,7 @@ func testAccNsxtPolicyGatewayDNSForwarderCheckDestroy(state *terraform.State, di func testAccNsxtPolicyGatewayDNSForwarderPrerequisites(names [2]string, isT0 bool, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyEdgeClusterReadTemplate(getEdgeClusterName()) + testAccNsxtPolicyGatewayWithEdgeClusterTemplate("test", isT0, true, withContext) + @@ -240,7 +240,7 @@ func testAccNsxtPolicyGatewayDNSForwarderTemplate(isT0 bool, createFlow bool, wi } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyGatewayDNSForwarderPrerequisites(testAccPolicyDNSForwarderHelperNames, isT0, withContext) + fmt.Sprintf(` resource "nsxt_policy_gateway_dns_forwarder" "test" { @@ -276,7 +276,7 @@ func testAccNsxtPolicyGatewayDNSForwarderMinimalistic(isT0, withContext bool) st whyDoesGoNeedToBeSoComplicated := map[bool]int8{false: 1, true: 0} context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyGatewayDNSForwarderPrerequisites(testAccPolicyDNSForwarderHelperNames, isT0, withContext) + fmt.Sprintf(` resource "nsxt_policy_gateway_dns_forwarder" "test" { diff --git a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding_test.go b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding_test.go index 35d41a1f6..c650e4137 100644 --- a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding_test.go +++ b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding_test.go @@ -234,7 +234,7 @@ func testAccNsxtPolicyGatewayFloodProtectionProfileBindingTemplate(createFlow, w context := "" resourceName := "test" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() resourceName = "mttest" } return testAccNsxtPolicyGatewayFloodProtectionProfileBindingDeps(withContext) + fmt.Sprintf(` @@ -257,7 +257,7 @@ func testAccNsxtPolicyGatewayFloodProtectionProfileBindingDeps(withContext bool) context := "" parentDeps := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() parentDeps = fmt.Sprintf(` resource "nsxt_policy_tier1_gateway" "test" { %s diff --git a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go index c395d894c..e9bf1c4ed 100644 --- a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go +++ b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go @@ -218,7 +218,7 @@ func testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(createFlow, withCont context := "" resourceName := "test" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() resourceName = "mttest" } return fmt.Sprintf(` @@ -248,7 +248,7 @@ data "nsxt_policy_gateway_flood_protection_profile" "%s" { func testAccNsxtPolicyGatewayFloodProtectionProfileMinimalistic(withContext bool, name string) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_gateway_flood_protection_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_gateway_policy_test.go b/nsxt/resource_nsxt_policy_gateway_policy_test.go index 122b1832a..67326fe52 100644 --- a/nsxt/resource_nsxt_policy_gateway_policy_test.go +++ b/nsxt/resource_nsxt_policy_gateway_policy_test.go @@ -626,7 +626,7 @@ resource "nsxt_policy_gateway_policy" "test" { func testAccNsxtPolicyGatewayPolicyBasic(name string, comments string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_gateway_policy" "test" { @@ -651,7 +651,7 @@ resource "nsxt_policy_gateway_policy" "test" { func testAccNsxtPolicyGatewayPolicyWithRule(name string, direction string, protocol string, ruleTag string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_tier1_gateway" "gwt1test" { diff --git a/nsxt/resource_nsxt_policy_group_test.go b/nsxt/resource_nsxt_policy_group_test.go index 469881b6a..2620c0b52 100644 --- a/nsxt/resource_nsxt_policy_group_test.go +++ b/nsxt/resource_nsxt_policy_group_test.go @@ -718,7 +718,7 @@ func testAccNsxtPolicyGroupCheckDestroy(state *terraform.State, displayName stri func testAccNsxtPolicyGroupIPAddressImportTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_group" "test" { @@ -732,7 +732,7 @@ resource "nsxt_policy_group" "test" { func testAccNsxtPolicyGroupAddressCreateTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_group" "test" { @@ -772,7 +772,7 @@ resource "nsxt_policy_group" "test" { func testAccNsxtPolicyGroupAddressUpdateTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_group" "test" { diff --git a/nsxt/resource_nsxt_policy_intrusion_service_policy.go b/nsxt/resource_nsxt_policy_intrusion_service_policy.go index 2525449fe..aa014fb88 100644 --- a/nsxt/resource_nsxt_policy_intrusion_service_policy.go +++ b/nsxt/resource_nsxt_policy_intrusion_service_policy.go @@ -29,7 +29,7 @@ func resourceNsxtPolicyIntrusionServicePolicy() *schema.Resource { Importer: &schema.ResourceImporter{ State: nsxtDomainResourceImporter, }, - Schema: getPolicySecurityPolicySchema(true, true, true), + Schema: getPolicySecurityPolicySchema(true, true, true, true), } } diff --git a/nsxt/resource_nsxt_policy_intrusion_service_policy_test.go b/nsxt/resource_nsxt_policy_intrusion_service_policy_test.go index c9b6b2669..7c1a765d6 100644 --- a/nsxt/resource_nsxt_policy_intrusion_service_policy_test.go +++ b/nsxt/resource_nsxt_policy_intrusion_service_policy_test.go @@ -293,7 +293,7 @@ func testAccNsxtPolicyIntrusionServicePolicyCheckDestroy(state *terraform.State, func testAccNsxtPolicyIntrusionServicePolicyBasic(name string, comments string, domainName string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } if domainName == defaultDomain { return fmt.Sprintf(` @@ -337,7 +337,7 @@ func testAccNsxtPolicyIntrusionServicePolicyWithRule(name string, direction stri profile := "" profilePath := fmt.Sprintf("\"%s\"", policyDefaultIdsProfilePath) if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() profile = testAccNsxtPolicyIntrusionServiceProfileMinimalistic(name, withContext) profilePath = "nsxt_policy_intrusion_service_profile.test.path" } diff --git a/nsxt/resource_nsxt_policy_intrusion_service_profile_test.go b/nsxt/resource_nsxt_policy_intrusion_service_profile_test.go index 68a69debe..0e0f4dc67 100644 --- a/nsxt/resource_nsxt_policy_intrusion_service_profile_test.go +++ b/nsxt/resource_nsxt_policy_intrusion_service_profile_test.go @@ -180,7 +180,7 @@ func testAccNsxtPolicyIntrusionServiceProfileCheckDestroy(state *terraform.State func testAccNsxtPolicyIntrusionServiceProfileCreate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_intrusion_service_profile" "test" { @@ -210,7 +210,7 @@ resource "nsxt_policy_intrusion_service_profile" "test" { func testAccNsxtPolicyIntrusionServiceProfileUpdate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_intrusion_service_profile" "test" { @@ -247,7 +247,7 @@ resource "nsxt_policy_intrusion_service_profile" "test" { func testAccNsxtPolicyIntrusionServiceProfileMinimalistic(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_intrusion_service_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_ip_address_allocation_test.go b/nsxt/resource_nsxt_policy_ip_address_allocation_test.go index 5ee1611bb..becdc8c7a 100644 --- a/nsxt/resource_nsxt_policy_ip_address_allocation_test.go +++ b/nsxt/resource_nsxt_policy_ip_address_allocation_test.go @@ -272,7 +272,7 @@ func testAccNsxtPolicyIPAddressAllocationTemplate(createFlow, withContext bool) } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyIPAddressAllocationDependenciesTemplate(withContext) + fmt.Sprintf(` resource "nsxt_policy_ip_address_allocation" "test" { @@ -323,7 +323,7 @@ data "nsxt_policy_realization_info" "realization_info" { func testAccNsxtPolicyIPAddressAllocationDependenciesTemplate(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_pool" "test" { diff --git a/nsxt/resource_nsxt_policy_ip_block_test.go b/nsxt/resource_nsxt_policy_ip_block_test.go index 5de9285ba..7abd344b1 100644 --- a/nsxt/resource_nsxt_policy_ip_block_test.go +++ b/nsxt/resource_nsxt_policy_ip_block_test.go @@ -230,7 +230,7 @@ func testAccNSXPolicyIPBlockCheckDestroy(state *terraform.State) error { func testAccNSXPolicyIPBlockCreateMinimalTemplate(displayName string, cidr string, withContext, withVisibility bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } visibility := "" @@ -250,7 +250,7 @@ resource "nsxt_policy_ip_block" "test" { func testAccNSXPolicyIPBlockUpdateTemplate(displayName string, cidr string, withContext, withVisibility bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } visibility := "" diff --git a/nsxt/resource_nsxt_policy_ip_discovery_profile_test.go b/nsxt/resource_nsxt_policy_ip_discovery_profile_test.go index deb428013..0c7e604d6 100644 --- a/nsxt/resource_nsxt_policy_ip_discovery_profile_test.go +++ b/nsxt/resource_nsxt_policy_ip_discovery_profile_test.go @@ -244,7 +244,7 @@ func testAccNsxtPolicyIPDiscoveryProfileTemplate(createFlow, withContext bool) s } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_discovery_profile" "test" { @@ -272,7 +272,7 @@ resource "nsxt_policy_ip_discovery_profile" "test" { func testAccNsxtPolicyIPDiscoveryProfileMinimalistic(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_discovery_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_ip_pool_block_subnet_test.go b/nsxt/resource_nsxt_policy_ip_pool_block_subnet_test.go index 4a22ce152..833549ee4 100644 --- a/nsxt/resource_nsxt_policy_ip_pool_block_subnet_test.go +++ b/nsxt/resource_nsxt_policy_ip_pool_block_subnet_test.go @@ -236,7 +236,7 @@ func testAccNSXPolicyIPPoolBlockSubnetCheckDestroy(state *terraform.State) error func testAccNSXPolicyIPPoolBlockSubnetIPBlockTemplate(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` @@ -264,7 +264,7 @@ resource "nsxt_policy_ip_pool_block_subnet" "test" { func testAccNSXPolicyIPPoolBlockSubnetCreateTemplate(poolName string, name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNSXPolicyIPPoolBlockSubnetIPBlockTemplate(withContext) + fmt.Sprintf(` @@ -291,7 +291,7 @@ resource "nsxt_policy_ip_pool_block_subnet" "test" { func testAccNSXPolicyIPPoolBlockSubnetUpdateTemplate(poolName string, name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNSXPolicyIPPoolBlockSubnetIPBlockTemplate(withContext) + fmt.Sprintf(` resource "nsxt_policy_ip_pool" "pool1" { diff --git a/nsxt/resource_nsxt_policy_ip_pool_static_subnet_test.go b/nsxt/resource_nsxt_policy_ip_pool_static_subnet_test.go index e2cf2082f..f65582a85 100644 --- a/nsxt/resource_nsxt_policy_ip_pool_static_subnet_test.go +++ b/nsxt/resource_nsxt_policy_ip_pool_static_subnet_test.go @@ -256,7 +256,7 @@ resource "nsxt_policy_ip_pool_static_subnet" "test" { func testAccNSXPolicyIPPoolStaticSubnetCreateTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_pool" "pool1" { @@ -284,7 +284,7 @@ resource "nsxt_policy_ip_pool_static_subnet" "test" { func testAccNSXPolicyIPPoolStaticSubnet3AllocationsTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_pool" "pool1" { @@ -327,7 +327,7 @@ resource "nsxt_policy_ip_pool_static_subnet" "test" { func testAccNSXPolicyIPPoolStaticSubnet2AllocationsTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_pool" "pool1" { diff --git a/nsxt/resource_nsxt_policy_ip_pool_test.go b/nsxt/resource_nsxt_policy_ip_pool_test.go index fa027834b..6b678bed4 100644 --- a/nsxt/resource_nsxt_policy_ip_pool_test.go +++ b/nsxt/resource_nsxt_policy_ip_pool_test.go @@ -187,7 +187,7 @@ resource "nsxt_policy_ip_pool" "test" { func testAccNSXPolicyIPPoolCreateTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_pool" "test" { @@ -205,7 +205,7 @@ resource "nsxt_policy_ip_pool" "test" { func testAccNSXPolicyIPPoolUpdateTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_ip_pool" "test" { diff --git a/nsxt/resource_nsxt_policy_mac_discovery_profile_test.go b/nsxt/resource_nsxt_policy_mac_discovery_profile_test.go index 8250748e0..aa84969eb 100644 --- a/nsxt/resource_nsxt_policy_mac_discovery_profile_test.go +++ b/nsxt/resource_nsxt_policy_mac_discovery_profile_test.go @@ -213,7 +213,7 @@ func testAccNsxtPolicyMacDiscoveryProfileTemplate(createFlow, withContext bool) } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_mac_discovery_profile" "test" { @@ -236,7 +236,7 @@ resource "nsxt_policy_mac_discovery_profile" "test" { func testAccNsxtPolicyMacDiscoveryProfileMinimalistic(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_mac_discovery_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_nat_rule_test.go b/nsxt/resource_nsxt_policy_nat_rule_test.go index a2ef6e5e7..87002036e 100644 --- a/nsxt/resource_nsxt_policy_nat_rule_test.go +++ b/nsxt/resource_nsxt_policy_nat_rule_test.go @@ -506,7 +506,7 @@ resource "nsxt_policy_nat_rule" "test" { func testAccNsxtPolicyNATRuleTier1CreateTemplate(name string, action string, sourceNet string, destNet string, translatedNet string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyEdgeClusterReadTemplate(getEdgeClusterName()) + testAccNsxtPolicyTier1WithEdgeClusterTemplate("test", false, withContext) + fmt.Sprintf(` @@ -543,7 +543,7 @@ resource "nsxt_policy_nat_rule" "test" { func testAccNsxtPolicyNATRuleTier1CreateTemplateWithPolicyBasedVpnMode(name string, action string, sourceNet string, destNet string, translatedNet string, policyBasedVpnMode string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyEdgeClusterReadTemplate(getEdgeClusterName()) + testAccNsxtPolicyTier1WithEdgeClusterTemplate("test", false, withContext) + fmt.Sprintf(` @@ -581,7 +581,7 @@ resource "nsxt_policy_nat_rule" "test" { func testAccNsxtPolicyNATRuleTier1UpdateMultipleSourceNetworksTemplate(name string, action string, sourceNet1 string, sourceNet2 string, destNet string, translatedNet string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyEdgeClusterReadTemplate(getEdgeClusterName()) + testAccNsxtPolicyTier1WithEdgeClusterTemplate("test", false, withContext) + fmt.Sprintf(` diff --git a/nsxt/resource_nsxt_policy_parent_security_policy.go b/nsxt/resource_nsxt_policy_parent_security_policy.go index 24a610656..58bbcc2e0 100644 --- a/nsxt/resource_nsxt_policy_parent_security_policy.go +++ b/nsxt/resource_nsxt_policy_parent_security_policy.go @@ -21,7 +21,7 @@ func resourceNsxtPolicyParentSecurityPolicy() *schema.Resource { Importer: &schema.ResourceImporter{ State: nsxtDomainResourceImporter, }, - Schema: getPolicySecurityPolicySchema(false, true, false), + Schema: getPolicySecurityPolicySchema(false, true, false, true), } } @@ -55,10 +55,13 @@ func parentSecurityPolicySchemaToModel(d *schema.ResourceData, id string) model. } } -func parentSecurityPolicyModelToSchema(d *schema.ResourceData, m interface{}) (*model.SecurityPolicy, error) { +func parentSecurityPolicyModelToSchema(d *schema.ResourceData, m interface{}, withDomain bool) (*model.SecurityPolicy, error) { connector := getPolicyConnector(m) id := d.Id() - domainName := d.Get("domain").(string) + domainName := "" + if withDomain { + domainName = d.Get("domain").(string) + } if id == "" { return nil, fmt.Errorf("Error obtaining Security Policy id") } @@ -89,15 +92,15 @@ func parentSecurityPolicyModelToSchema(d *schema.ResourceData, m interface{}) (* } func resourceNsxtPolicyParentSecurityPolicyCreate(d *schema.ResourceData, m interface{}) error { - return resourceNsxtPolicySecurityPolicyGeneralCreate(d, m, false) + return resourceNsxtPolicySecurityPolicyGeneralCreate(d, m, false, true) } func resourceNsxtPolicyParentSecurityPolicyRead(d *schema.ResourceData, m interface{}) error { - return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, false) + return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, false, true) } func resourceNsxtPolicyParentSecurityPolicyUpdate(d *schema.ResourceData, m interface{}) error { - return resourceNsxtPolicySecurityPolicyGeneralUpdate(d, m, false) + return resourceNsxtPolicySecurityPolicyGeneralUpdate(d, m, false, true) } func resourceNsxtPolicyParentSecurityPolicyDelete(d *schema.ResourceData, m interface{}) error { diff --git a/nsxt/resource_nsxt_policy_parent_security_policy_test.go b/nsxt/resource_nsxt_policy_parent_security_policy_test.go index c7f732de6..62abeebff 100644 --- a/nsxt/resource_nsxt_policy_parent_security_policy_test.go +++ b/nsxt/resource_nsxt_policy_parent_security_policy_test.go @@ -142,7 +142,7 @@ func testAccNsxtPolicyParentSecurityPolicyCheckDestroy(state *terraform.State, d func testAccNsxtPolicyParentSecurityPolicyTemplate(withContext bool, name, locked, seqNum, tcpStrict string) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_parent_security_policy" "test" { diff --git a/nsxt/resource_nsxt_policy_predefined_gateway_policy_test.go b/nsxt/resource_nsxt_policy_predefined_gateway_policy_test.go index e1dbd287a..1c9c001c3 100644 --- a/nsxt/resource_nsxt_policy_predefined_gateway_policy_test.go +++ b/nsxt/resource_nsxt_policy_predefined_gateway_policy_test.go @@ -173,7 +173,7 @@ data "nsxt_policy_gateway_policy" "test" { func testAccNsxtPolicyPredefinedGatewayPolicyPrerequisitesMultitenancy() string { t1EdgeCluster := `edge_cluster_path = data.nsxt_policy_edge_cluster.test.path` - context := testAccNsxtPolicyMultitenancyContext() + context := testAccNsxtPolicyContext() return testAccNsxtPolicyEdgeClusterReadTemplate(getEdgeClusterName()) + fmt.Sprintf(` resource "nsxt_policy_tier1_gateway" "test" { @@ -207,7 +207,7 @@ resource "nsxt_policy_predefined_gateway_policy" "test" { path = data.nsxt_policy_gateway_policy.test.path description = "%s" %s -}`, testAccNsxtPolicyMultitenancyContext(), description, tags) +}`, testAccNsxtPolicyContext(), description, tags) } func testAccNsxtPolicyPredefinedGatewayPolicyDefaultRule(description string, action string, label string, tags string) string { diff --git a/nsxt/resource_nsxt_policy_predefined_security_policy_test.go b/nsxt/resource_nsxt_policy_predefined_security_policy_test.go index a3226bbd5..bba0575f2 100644 --- a/nsxt/resource_nsxt_policy_predefined_security_policy_test.go +++ b/nsxt/resource_nsxt_policy_predefined_security_policy_test.go @@ -175,7 +175,7 @@ func TestAccResourceNsxtPolicyPredefinedSecurityPolicy_rules(t *testing.T) { func testAccNsxtPolicyPredefinedSecurityPolicyPrerequisites(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_group" "group1" { @@ -198,7 +198,7 @@ data "nsxt_policy_security_policy" "test" { func testAccNsxtPolicyPredefinedSecurityPolicyBasic(description string, tags string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return testAccNsxtPolicyPredefinedSecurityPolicyPrerequisites(withContext) + fmt.Sprintf(` resource "nsxt_policy_predefined_security_policy" "test" { diff --git a/nsxt/resource_nsxt_policy_qos_profile_test.go b/nsxt/resource_nsxt_policy_qos_profile_test.go index 43533278a..3e38521bd 100644 --- a/nsxt/resource_nsxt_policy_qos_profile_test.go +++ b/nsxt/resource_nsxt_policy_qos_profile_test.go @@ -208,7 +208,7 @@ func testAccNSXPolicyQosProfileCheckDestroy(state *terraform.State, displayName func testAccNSXPolicyQosProfileBasicTemplate(name string, cos string, peak string, direction string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_qos_profile" "test" { @@ -242,7 +242,7 @@ resource "nsxt_policy_qos_profile" "test" { func testAccNSXPolicyQosProfileUpdateTemplate(name string, cos string, peak string, direction string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_qos_profile" "test" { @@ -273,7 +273,7 @@ resource "nsxt_policy_qos_profile" "test" { func testAccNSXPolicyQosProfileEmptyTemplate(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_qos_profile" "test" { @@ -286,7 +286,7 @@ resource "nsxt_policy_qos_profile" "test" { func testAccNSXPolicyQosProfileCreateTemplateTrivial(name string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_qos_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_security_policy.go b/nsxt/resource_nsxt_policy_security_policy.go index 7792712c9..c23f012fd 100644 --- a/nsxt/resource_nsxt_policy_security_policy.go +++ b/nsxt/resource_nsxt_policy_security_policy.go @@ -24,7 +24,7 @@ func resourceNsxtPolicySecurityPolicy() *schema.Resource { Importer: &schema.ResourceImporter{ State: nsxtDomainResourceImporter, }, - Schema: getPolicySecurityPolicySchema(false, true, true), + Schema: getPolicySecurityPolicySchema(false, true, true, true), } } @@ -55,9 +55,12 @@ func resourceNsxtPolicySecurityPolicyExistsPartial(domainName string) func(sessi } } -func policySecurityPolicyBuildAndPatch(d *schema.ResourceData, m interface{}, id string, createFlow, withRule bool) error { +func policySecurityPolicyBuildAndPatch(d *schema.ResourceData, m interface{}, id string, createFlow, withRule, withDomain bool) error { obj := parentSecurityPolicySchemaToModel(d, id) - domain := d.Get("domain").(string) + domain := "" + if withDomain { + domain = d.Get("domain").(string) + } revision := int64(d.Get("revision").(int)) log.Printf("[INFO] Creating Security Policy with ID %s", id) @@ -86,15 +89,15 @@ func policySecurityPolicyBuildAndPatch(d *schema.ResourceData, m interface{}, id } func resourceNsxtPolicySecurityPolicyCreate(d *schema.ResourceData, m interface{}) error { - return resourceNsxtPolicySecurityPolicyGeneralCreate(d, m, true) + return resourceNsxtPolicySecurityPolicyGeneralCreate(d, m, true, true) } func resourceNsxtPolicySecurityPolicyRead(d *schema.ResourceData, m interface{}) error { - return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, true) + return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, true, true) } func resourceNsxtPolicySecurityPolicyUpdate(d *schema.ResourceData, m interface{}) error { - return resourceNsxtPolicySecurityPolicyGeneralUpdate(d, m, true) + return resourceNsxtPolicySecurityPolicyGeneralUpdate(d, m, true, true) } func resourceNsxtPolicySecurityPolicyDelete(d *schema.ResourceData, m interface{}) error { @@ -115,14 +118,18 @@ func resourceNsxtPolicySecurityPolicyDelete(d *schema.ResourceData, m interface{ return nil } -func resourceNsxtPolicySecurityPolicyGeneralCreate(d *schema.ResourceData, m interface{}, withRule bool) error { +func resourceNsxtPolicySecurityPolicyGeneralCreate(d *schema.ResourceData, m interface{}, withRule, withDomain bool) error { // Initialize resource Id and verify this ID is not yet used - id, err := getOrGenerateID2(d, m, resourceNsxtPolicySecurityPolicyExistsPartial(d.Get("domain").(string))) + domain := "" + if withDomain { + domain = d.Get("domain").(string) + } + id, err := getOrGenerateID2(d, m, resourceNsxtPolicySecurityPolicyExistsPartial(domain)) if err != nil { return err } - err = policySecurityPolicyBuildAndPatch(d, m, id, true, withRule) + err = policySecurityPolicyBuildAndPatch(d, m, id, true, withRule, withDomain) if err != nil { return handleCreateError("Security Policy", id, err) @@ -131,11 +138,11 @@ func resourceNsxtPolicySecurityPolicyGeneralCreate(d *schema.ResourceData, m int d.SetId(id) d.Set("nsx_id", id) - return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, withRule) + return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, withRule, withDomain) } -func resourceNsxtPolicySecurityPolicyGeneralRead(d *schema.ResourceData, m interface{}, withRule bool) error { - obj, err := parentSecurityPolicyModelToSchema(d, m) +func resourceNsxtPolicySecurityPolicyGeneralRead(d *schema.ResourceData, m interface{}, withRule, withDomain bool) error { + obj, err := parentSecurityPolicyModelToSchema(d, m, withDomain) if err != nil { return handleReadError(d, "SecurityPolicy", d.Id(), err) } @@ -145,15 +152,15 @@ func resourceNsxtPolicySecurityPolicyGeneralRead(d *schema.ResourceData, m inter return nil } -func resourceNsxtPolicySecurityPolicyGeneralUpdate(d *schema.ResourceData, m interface{}, withRule bool) error { +func resourceNsxtPolicySecurityPolicyGeneralUpdate(d *schema.ResourceData, m interface{}, withRule, withDomain bool) error { id := d.Id() if id == "" { return fmt.Errorf("Error obtaining Security Policy id") } - err := policySecurityPolicyBuildAndPatch(d, m, id, false, withRule) + err := policySecurityPolicyBuildAndPatch(d, m, id, false, withRule, withDomain) if err != nil { return handleUpdateError("Security Policy", id, err) } - return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, withRule) + return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, withRule, withDomain) } diff --git a/nsxt/resource_nsxt_policy_security_policy_rule.go b/nsxt/resource_nsxt_policy_security_policy_rule.go index 2ff54f1d1..a8855737d 100644 --- a/nsxt/resource_nsxt_policy_security_policy_rule.go +++ b/nsxt/resource_nsxt_policy_security_policy_rule.go @@ -62,7 +62,7 @@ func resourceNsxtPolicySecurityPolicyRuleCreate(d *schema.ResourceData, m interf } func setSecurityPolicyRuleContext(d *schema.ResourceData, projectID string) error { - providedProjectID := getProjectIDFromSchema(d) + providedProjectID, _ := getContextDataFromSchema(d) if providedProjectID == "" { contexts := make([]interface{}, 1) ctxMap := make(map[string]interface{}) diff --git a/nsxt/resource_nsxt_policy_security_policy_rule_test.go b/nsxt/resource_nsxt_policy_security_policy_rule_test.go index 34bfb3ff1..fcbce200e 100644 --- a/nsxt/resource_nsxt_policy_security_policy_rule_test.go +++ b/nsxt/resource_nsxt_policy_security_policy_rule_test.go @@ -247,7 +247,7 @@ func testAccNsxtPolicySecurityPolicyRuleCheckDestroy(state *terraform.State, dis func testAccNsxtPolicySecurityPolicyRuleDeps(withContext bool, displayName, locked string) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_parent_security_policy" "policy1" { diff --git a/nsxt/resource_nsxt_policy_security_policy_test.go b/nsxt/resource_nsxt_policy_security_policy_test.go index f756cff22..70384c7b6 100644 --- a/nsxt/resource_nsxt_policy_security_policy_test.go +++ b/nsxt/resource_nsxt_policy_security_policy_test.go @@ -12,22 +12,22 @@ import ( ) func TestAccResourceNsxtPolicySecurityPolicy_basic(t *testing.T) { - testAccResourceNsxtPolicySecurityPolicyBasic(t, false, func() { + testAccResourceNsxtPolicySecurityPolicyBasic(t, "nsxt_policy_security_policy", false, func() { testAccPreCheck(t) }) } func TestAccResourceNsxtPolicySecurityPolicy_multitenancy(t *testing.T) { - testAccResourceNsxtPolicySecurityPolicyBasic(t, true, func() { + testAccResourceNsxtPolicySecurityPolicyBasic(t, "nsxt_policy_security_policy", true, func() { testAccPreCheck(t) testAccOnlyMultitenancy(t) }) } -func testAccResourceNsxtPolicySecurityPolicyBasic(t *testing.T, withContext bool, preCheck func()) { +func testAccResourceNsxtPolicySecurityPolicyBasic(t *testing.T, resourceName string, withContext bool, preCheck func()) { name := getAccTestResourceName() updatedName := getAccTestResourceName() - testResourceName := "nsxt_policy_security_policy.test" + testResourceName := fmt.Sprintf("%s.test", resourceName) comments1 := "Acceptance test create" comments2 := "Acceptance test update" direction1 := "IN" @@ -46,7 +46,7 @@ func testAccResourceNsxtPolicySecurityPolicyBasic(t *testing.T, withContext bool }, Steps: []resource.TestStep{ { - Config: testAccNsxtPolicySecurityPolicyBasic(name, comments1, defaultDomain, withContext), + Config: testAccNsxtPolicySecurityPolicyBasic(resourceName, name, comments1, defaultDomain, withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, defaultDomain), resource.TestCheckResourceAttr(testResourceName, "display_name", name), @@ -64,7 +64,7 @@ func testAccResourceNsxtPolicySecurityPolicyBasic(t *testing.T, withContext bool ), }, { - Config: testAccNsxtPolicySecurityPolicyBasic(updatedName, comments2, defaultDomain, withContext), + Config: testAccNsxtPolicySecurityPolicyBasic(resourceName, updatedName, comments2, defaultDomain, withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, defaultDomain), resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), @@ -81,7 +81,7 @@ func testAccResourceNsxtPolicySecurityPolicyBasic(t *testing.T, withContext bool ), }, { - Config: testAccNsxtPolicySecurityPolicyWithRule(updatedName, direction1, proto1, tag1, defaultDomain, "", withContext), + Config: testAccNsxtPolicySecurityPolicyWithRule(resourceName, updatedName, direction1, proto1, tag1, defaultDomain, "", withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, defaultDomain), resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), @@ -105,7 +105,7 @@ func testAccResourceNsxtPolicySecurityPolicyBasic(t *testing.T, withContext bool ), }, { - Config: testAccNsxtPolicySecurityPolicyWithRule(updatedName, direction2, proto2, tag2, defaultDomain, "", withContext), + Config: testAccNsxtPolicySecurityPolicyWithRule(resourceName, updatedName, direction2, proto2, tag2, defaultDomain, "", withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, defaultDomain), resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), @@ -128,7 +128,7 @@ func testAccResourceNsxtPolicySecurityPolicyBasic(t *testing.T, withContext bool ), }, { - Config: testAccNsxtPolicySecurityPolicyWithProfiles(updatedName, direction2, proto2, tag2, defaultDomain, withContext), + Config: testAccNsxtPolicySecurityPolicyWithProfiles(resourceName, updatedName, direction2, proto2, tag2, defaultDomain, withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, defaultDomain), resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), @@ -425,7 +425,8 @@ func TestAccResourceNsxtPolicySecurityPolicy_withIPCidrRange(t *testing.T) { func TestAccResourceNsxtPolicySecurityPolicy_importBasic(t *testing.T) { name := getAccTestResourceName() - testResourceName := "nsxt_policy_security_policy.test" + resourceName := "nsxt_policy_security_policy" + testResourceName := fmt.Sprintf("%s.test", resourceName) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -435,7 +436,7 @@ func TestAccResourceNsxtPolicySecurityPolicy_importBasic(t *testing.T) { }, Steps: []resource.TestStep{ { - Config: testAccNsxtPolicySecurityPolicyBasic(name, "import", defaultDomain, false), + Config: testAccNsxtPolicySecurityPolicyBasic(resourceName, name, "import", defaultDomain, false), }, { ResourceName: testResourceName, @@ -448,7 +449,8 @@ func TestAccResourceNsxtPolicySecurityPolicy_importBasic(t *testing.T) { func TestAccResourceNsxtPolicySecurityPolicy_importBasic_multitenancy(t *testing.T) { name := getAccTestResourceName() - testResourceName := "nsxt_policy_security_policy.test" + resourceName := "nsxt_policy_security_policy" + testResourceName := fmt.Sprintf("%s.test", resourceName) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -458,7 +460,7 @@ func TestAccResourceNsxtPolicySecurityPolicy_importBasic_multitenancy(t *testing }, Steps: []resource.TestStep{ { - Config: testAccNsxtPolicySecurityPolicyBasic(name, "import", defaultDomain, true), + Config: testAccNsxtPolicySecurityPolicyBasic(resourceName, name, "import", defaultDomain, true), }, { ResourceName: testResourceName, @@ -473,7 +475,8 @@ func TestAccResourceNsxtPolicySecurityPolicy_importBasic_multitenancy(t *testing func TestAccResourceNsxtGlobalPolicySecurityPolicy_withSite(t *testing.T) { name := getAccTestResourceName() updatedName := getAccTestResourceName() - testResourceName := "nsxt_policy_security_policy.test" + resourceName := "nsxt_policy_security_policy" + testResourceName := fmt.Sprintf("%s.test", resourceName) comments1 := "Acceptance test create" comments2 := "Acceptance test update" direction1 := "IN" @@ -496,7 +499,7 @@ func TestAccResourceNsxtGlobalPolicySecurityPolicy_withSite(t *testing.T) { }, Steps: []resource.TestStep{ { - Config: testAccNsxtPolicySecurityPolicyBasic(name, comments1, domain, false), + Config: testAccNsxtPolicySecurityPolicyBasic(resourceName, name, comments1, domain, false), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, domain), resource.TestCheckResourceAttr(testResourceName, "display_name", name), @@ -514,7 +517,7 @@ func TestAccResourceNsxtGlobalPolicySecurityPolicy_withSite(t *testing.T) { ), }, { - Config: testAccNsxtPolicySecurityPolicyBasic(updatedName, comments2, domain, false), + Config: testAccNsxtPolicySecurityPolicyBasic(resourceName, updatedName, comments2, domain, false), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, domain), resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), @@ -531,7 +534,7 @@ func TestAccResourceNsxtGlobalPolicySecurityPolicy_withSite(t *testing.T) { ), }, { - Config: testAccNsxtPolicySecurityPolicyWithRule(updatedName, direction1, proto1, tag1, domain, "", false), + Config: testAccNsxtPolicySecurityPolicyWithRule(resourceName, updatedName, direction1, proto1, tag1, domain, "", false), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, domain), resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), @@ -555,7 +558,7 @@ func TestAccResourceNsxtGlobalPolicySecurityPolicy_withSite(t *testing.T) { ), }, { - Config: testAccNsxtPolicySecurityPolicyWithRule(updatedName, direction2, proto2, tag2, domain, "", false), + Config: testAccNsxtPolicySecurityPolicyWithRule(resourceName, updatedName, direction2, proto2, tag2, domain, "", false), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, domain), resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), @@ -579,7 +582,7 @@ func TestAccResourceNsxtGlobalPolicySecurityPolicy_withSite(t *testing.T) { ), }, { - Config: testAccNsxtPolicySecurityPolicyWithProfiles(updatedName, direction2, proto2, tag2, domain, false), + Config: testAccNsxtPolicySecurityPolicyWithProfiles(resourceName, updatedName, direction2, proto2, tag2, domain, false), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicySecurityPolicyExists(testResourceName, domain), resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), @@ -652,14 +655,14 @@ func testAccNsxtPolicySecurityPolicyCheckDestroy(state *terraform.State, display return nil } -func testAccNsxtPolicySecurityPolicyBasic(name string, comments string, domainName string, withContext bool) string { +func testAccNsxtPolicySecurityPolicyBasic(resourceName, name, comments, domainName string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } if domainName == defaultDomain { return fmt.Sprintf(` -resource "nsxt_policy_security_policy" "test" { +resource "%s" "test" { %s display_name = "%s" description = "Acceptance Test" @@ -675,10 +678,10 @@ resource "nsxt_policy_security_policy" "test" { tag = "orange" } -}`, context, name, comments) +}`, resourceName, context, name, comments) } return testAccNsxtGlobalPolicySite(domainName) + fmt.Sprintf(` -resource "nsxt_policy_security_policy" "test" { +resource "%s" "test" { %s display_name = "%s" description = "Acceptance Test" @@ -695,17 +698,17 @@ resource "nsxt_policy_security_policy" "test" { tag = "orange" } -}`, context, name, comments) +}`, resourceName, context, name, comments) } -func testAccNsxtPolicySecurityPolicyWithRule(name string, direction string, protocol string, ruleTag string, domainName string, profiles string, withContext bool) string { +func testAccNsxtPolicySecurityPolicyWithRule(resourceName, name, direction, protocol, ruleTag, domainName, profiles string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } if domainName == defaultDomain { return fmt.Sprintf(` -resource "nsxt_policy_security_policy" "test" { +resource "%s" "test" { %s display_name = "%s" description = "Acceptance Test" @@ -732,10 +735,10 @@ resource "nsxt_policy_security_policy" "test" { } %s } -}`, context, name, name, direction, protocol, ruleTag, profiles) +}`, resourceName, context, name, name, direction, protocol, ruleTag, profiles) } return testAccNsxtGlobalPolicyGroupIPAddressCreateTemplate("group", domainName) + fmt.Sprintf(` -resource "nsxt_policy_security_policy" "test" { +resource "%s" "test" { %s display_name = "%s" description = "Acceptance Test" @@ -764,7 +767,7 @@ resource "nsxt_policy_security_policy" "test" { } %s } -}`, context, name, name, direction, protocol, ruleTag, profiles) +}`, resourceName, context, name, name, direction, protocol, ruleTag, profiles) } func testAccNsxtPolicySecurityPolicyWithEthernetRule(name string, direction string, protocol string, ruleTag string, domainName string, profiles string) string { @@ -989,9 +992,9 @@ func testAccNsxtPolicySecurityPolicyWithIPCidrRange(name string, destIP string, }`, name, destIP, destCidr, destIPRange, sourceIP, sourceCidr, sourceIPRange) } -func testAccNsxtPolicySecurityPolicyWithProfiles(name string, direction string, protocol string, ruleTag string, domainName string, withContext bool) string { +func testAccNsxtPolicySecurityPolicyWithProfiles(resourceName, name, direction, protocol, ruleTag, domainName string, withContext bool) string { profiles := ` profiles = [nsxt_policy_context_profile.test.path] ` - return testAccNsxtPolicyContextProfileTemplate("security-policy-test-profile", testAccNsxtPolicyContextProfileAttributeDomainNameTemplate(testSystemDomainName), withContext) + testAccNsxtPolicySecurityPolicyWithRule(name, direction, protocol, ruleTag, domainName, profiles, withContext) + return testAccNsxtPolicyContextProfileTemplate("security-policy-test-profile", testAccNsxtPolicyContextProfileAttributeDomainNameTemplate(testSystemDomainName), withContext) + testAccNsxtPolicySecurityPolicyWithRule(resourceName, name, direction, protocol, ruleTag, domainName, profiles, withContext) } diff --git a/nsxt/resource_nsxt_policy_segment_security_profile_test.go b/nsxt/resource_nsxt_policy_segment_security_profile_test.go index c5c37ed26..fb77bba35 100644 --- a/nsxt/resource_nsxt_policy_segment_security_profile_test.go +++ b/nsxt/resource_nsxt_policy_segment_security_profile_test.go @@ -243,7 +243,7 @@ func testAccNsxtPolicySegmentSecurityProfileTemplate(createFlow, withContext boo } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_segment_security_profile" "test" { @@ -277,7 +277,7 @@ resource "nsxt_policy_segment_security_profile" "test" { func testAccNsxtPolicySegmentSecurityProfileMinimalistic(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_segment_security_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_segment_test.go b/nsxt/resource_nsxt_policy_segment_test.go index 7111f9aba..2fac89ea8 100644 --- a/nsxt/resource_nsxt_policy_segment_test.go +++ b/nsxt/resource_nsxt_policy_segment_test.go @@ -478,7 +478,7 @@ func testAccNsxtPolicySegmentCheckDestroy(state *terraform.State, displayName st func testAccNsxtPolicySegmentDeps(tzName string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } s := fmt.Sprintf(` @@ -518,7 +518,7 @@ func testAccNsxtPolicySegmentImportTemplate(tzName string, name string, withCont context := "" tzSetting := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } else { tzSetting = "transport_zone_path = data.nsxt_policy_transport_zone.test.path" } @@ -859,7 +859,7 @@ resource "nsxt_policy_segment" "test" { func testAccNsxtPolicySegmentNoTransportZoneTemplate(name string, cidr string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` diff --git a/nsxt/resource_nsxt_policy_service_test.go b/nsxt/resource_nsxt_policy_service_test.go index f4c067b11..83adcb9f8 100644 --- a/nsxt/resource_nsxt_policy_service_test.go +++ b/nsxt/resource_nsxt_policy_service_test.go @@ -804,7 +804,7 @@ func testAccNsxtPolicyServiceCheckDestroy(state *terraform.State, displayName st func testAccNsxtPolicyIcmpTypeServiceCreateTypeCodeTemplate(name string, icmpType string, icmpCode string, protocol string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` @@ -831,7 +831,7 @@ resource "nsxt_policy_service" "test" { func testAccNsxtPolicyIcmpTypeServiceCreateTypeOnlyTemplate(name string, icmpType string, protocol string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_service" "test" { @@ -856,7 +856,7 @@ resource "nsxt_policy_service" "test" { func testAccNsxtPolicyIcmpTypeServiceCreateNoTypeCodeTemplate(name string, protocol string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_service" "test" { @@ -900,7 +900,7 @@ resource "nsxt_policy_service" "test" { func testAccNsxtPolicyIcmpTypeServiceCreate2Template(name string, icmpType string, icmpCode string, protocol string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_service" "test" { diff --git a/nsxt/resource_nsxt_policy_spoof_guard_profile_test.go b/nsxt/resource_nsxt_policy_spoof_guard_profile_test.go index 1821c5353..6d85714ae 100644 --- a/nsxt/resource_nsxt_policy_spoof_guard_profile_test.go +++ b/nsxt/resource_nsxt_policy_spoof_guard_profile_test.go @@ -193,7 +193,7 @@ func testAccNsxtPolicySpoofGuardProfileTemplate(createFlow, withContext bool) st } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_spoof_guard_profile" "test" { @@ -213,7 +213,7 @@ resource "nsxt_policy_spoof_guard_profile" "test" { func testAccNsxtPolicySpoofGuardProfileMinimalistic(withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_spoof_guard_profile" "test" { diff --git a/nsxt/resource_nsxt_policy_static_route_test.go b/nsxt/resource_nsxt_policy_static_route_test.go index 69d536856..33bab011b 100644 --- a/nsxt/resource_nsxt_policy_static_route_test.go +++ b/nsxt/resource_nsxt_policy_static_route_test.go @@ -340,7 +340,7 @@ resource "nsxt_policy_static_route" "test" { func testAccNsxtPolicyStaticRouteTier1CreateTemplate(name string, network string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_tier1_gateway" "t1test" { @@ -375,7 +375,7 @@ resource "nsxt_policy_static_route" "test" { func testAccNsxtPolicyStaticRouteMultipleHopsTier1CreateTemplate(name string, network string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` diff --git a/nsxt/resource_nsxt_policy_tier0_gateway_interface_test.go b/nsxt/resource_nsxt_policy_tier0_gateway_interface_test.go index 5980c12ae..d05211764 100644 --- a/nsxt/resource_nsxt_policy_tier0_gateway_interface_test.go +++ b/nsxt/resource_nsxt_policy_tier0_gateway_interface_test.go @@ -616,7 +616,7 @@ func testAccNsxtPolicyGatewayInterfaceDeps(vlans string, withContext bool) strin tzSpec := "transport_zone_path = data.nsxt_policy_transport_zone.test.path" defsSpec := testAccNsxtPolicyGatewayFabricDeps(true) if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() tzSpec = "" defsSpec, _ = testAccNsxtPolicyProjectSpec() } diff --git a/nsxt/resource_nsxt_policy_tier1_gateway_interface_test.go b/nsxt/resource_nsxt_policy_tier1_gateway_interface_test.go index 7eaed2161..f6f7764a9 100644 --- a/nsxt/resource_nsxt_policy_tier1_gateway_interface_test.go +++ b/nsxt/resource_nsxt_policy_tier1_gateway_interface_test.go @@ -415,7 +415,7 @@ func testAccNsxtPolicyTier1InterfaceTemplate(name string, subnet string, mtu str context := "" ecTemplate := testAccNsxtPolicyTier0EdgeClusterTemplate() if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() _, ecSpec := testAccNsxtPolicyProjectSpec() ecTemplate = fmt.Sprintf("edge_cluster_path = %s", ecSpec) } @@ -448,7 +448,7 @@ func testAccNsxtPolicyTier1InterfaceThinTemplate(name string, subnet string, wit context := "" ecTemplate := testAccNsxtPolicyTier0EdgeClusterTemplate() if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() _, ecSpec := testAccNsxtPolicyProjectSpec() ecTemplate = fmt.Sprintf("edge_cluster_path = %s", ecSpec) } diff --git a/nsxt/resource_nsxt_policy_tier1_gateway_test.go b/nsxt/resource_nsxt_policy_tier1_gateway_test.go index b6f347c9a..1339632ed 100644 --- a/nsxt/resource_nsxt_policy_tier1_gateway_test.go +++ b/nsxt/resource_nsxt_policy_tier1_gateway_test.go @@ -551,7 +551,7 @@ func testAccNsxtPolicyTier1CreateTemplate(name string, failoverMode string, with } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } config := fmt.Sprintf(` @@ -589,7 +589,7 @@ func testAccNsxtPolicyTier1UpdateTemplate(name string, failoverMode string, with } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } config := fmt.Sprintf(` resource "nsxt_policy_tier1_gateway" "test" { @@ -621,7 +621,7 @@ func testAccNsxtPolicyTier1Update2Template(name string, failoverMode string, wit } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } config := fmt.Sprintf(` resource "nsxt_policy_tier1_gateway" "test" { @@ -650,7 +650,7 @@ resource "nsxt_policy_tier1_gateway" "test" { func testAccNsxtPolicyTier1ImportTemplate(name string, failoverMode string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_tier1_gateway" "test" { diff --git a/nsxt/resource_nsxt_policy_vlan_segment_test.go b/nsxt/resource_nsxt_policy_vlan_segment_test.go index bd8c67b11..8d6cad2d4 100644 --- a/nsxt/resource_nsxt_policy_vlan_segment_test.go +++ b/nsxt/resource_nsxt_policy_vlan_segment_test.go @@ -328,7 +328,7 @@ func testAccNsxtPolicyVlanSegmentImportTemplate(name string, withContext bool) s context := "" tzSetting := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } else { tzSetting = "transport_zone_path = data.nsxt_policy_transport_zone.test.path" } @@ -352,7 +352,7 @@ func testAccNsxtPolicyVlanSegmentBasicTemplate(name string, withContext bool) st deps := testAccNsxtPolicyVlanSegmentDeps() tzSpec := "transport_zone_path = data.nsxt_policy_transport_zone.test.path" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() deps = "" tzSpec = "" } @@ -379,7 +379,7 @@ func testAccNsxtPolicyVlanSegmentBasicUpdateTemplate(name string, withContext bo deps := testAccNsxtPolicyVlanSegmentDeps() tzSpec := "transport_zone_path = data.nsxt_policy_transport_zone.test.path" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() deps = "" tzSpec = "" } diff --git a/nsxt/resource_nsxt_policy_vm_tags_test.go b/nsxt/resource_nsxt_policy_vm_tags_test.go index 4d3076e07..eb9343109 100644 --- a/nsxt/resource_nsxt_policy_vm_tags_test.go +++ b/nsxt/resource_nsxt_policy_vm_tags_test.go @@ -196,7 +196,7 @@ func testAccNSXPolicyVMTagsCheckDestroy(state *terraform.State) error { func testAccNSXPolicyVMTagsCreateTemplate(instanceID string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_vm_tags" "test" { @@ -213,7 +213,7 @@ resource "nsxt_policy_vm_tags" "test" { func testAccNSXPolicyVMTagsUpdateTemplate(instanceID string, withContext bool) string { context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_vm_tags" "test" { diff --git a/nsxt/resource_nsxt_policy_vpc_security_policy.go b/nsxt/resource_nsxt_policy_vpc_security_policy.go new file mode 100644 index 000000000..77760eb03 --- /dev/null +++ b/nsxt/resource_nsxt_policy_vpc_security_policy.go @@ -0,0 +1,55 @@ +/* Copyright © 2024 Broadcom, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/vmware/terraform-provider-nsxt/api/infra/domains" +) + +func resourceNsxtPolicyVPCSecurityPolicy() *schema.Resource { + return &schema.Resource{ + Create: resourceNsxtPolicyVPCSecurityPolicyCreate, + Read: resourceNsxtPolicyVPCSecurityPolicyRead, + Update: resourceNsxtPolicyVPCSecurityPolicyUpdate, + Delete: resourceNsxtPolicyVPCSecurityPolicyDelete, + Importer: &schema.ResourceImporter{ + State: nsxtPolicyPathResourceImporter, + }, + Schema: getPolicySecurityPolicySchema(false, true, true, false), + } +} + +func resourceNsxtPolicyVPCSecurityPolicyCreate(d *schema.ResourceData, m interface{}) error { + return resourceNsxtPolicySecurityPolicyGeneralCreate(d, m, true, false) +} + +func resourceNsxtPolicyVPCSecurityPolicyRead(d *schema.ResourceData, m interface{}) error { + return resourceNsxtPolicySecurityPolicyGeneralRead(d, m, true, false) +} + +func resourceNsxtPolicyVPCSecurityPolicyUpdate(d *schema.ResourceData, m interface{}) error { + return resourceNsxtPolicySecurityPolicyGeneralUpdate(d, m, true, false) +} + +func resourceNsxtPolicyVPCSecurityPolicyDelete(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining VPC Security Policy id") + } + + connector := getPolicyConnector(m) + + client := domains.NewSecurityPoliciesClient(getSessionContext(d, m), connector) + err := client.Delete("", id) + + if err != nil { + return handleDeleteError("Security Policy", id, err) + } + + return nil +} diff --git a/nsxt/resource_nsxt_policy_vpc_security_policy_test.go b/nsxt/resource_nsxt_policy_vpc_security_policy_test.go new file mode 100644 index 000000000..725666e03 --- /dev/null +++ b/nsxt/resource_nsxt_policy_vpc_security_policy_test.go @@ -0,0 +1,45 @@ +/* Copyright © 2024 Broadcom, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +func TestAccResourceNsxtPolicyVPCSecurityPolicy_basic(t *testing.T) { + testAccResourceNsxtPolicySecurityPolicyBasic(t, "nsxt_policy_vpc_security_policy", true, func() { + testAccPreCheck(t) + testAccOnlyVPC(t) + }) +} + +func TestAccResourceNsxtPolicyVPCSecurityPolicy_importBasic(t *testing.T) { + name := getAccTestResourceName() + testResourceName := "nsxt_policy_vpc_security_policy.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testAccOnlyVPC(t) + }, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicySecurityPolicyCheckDestroy(state, name, defaultDomain) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicySecurityPolicyBasic("nsxt_policy_vpc_security_policy", name, "import", defaultDomain, true), + }, + { + ResourceName: testResourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccResourceNsxtPolicyImportIDRetriever(testResourceName), + }, + }, + }) +} diff --git a/nsxt/utils_test.go b/nsxt/utils_test.go index 95e886eef..f9d1fbf48 100644 --- a/nsxt/utils_test.go +++ b/nsxt/utils_test.go @@ -243,6 +243,10 @@ func testAccIsMultitenancy() bool { return os.Getenv("NSXT_PROJECT_ID") != "" } +func testAccIsVPC() bool { + return os.Getenv("NSXT_VPC_PROJECT_ID") != "" && os.Getenv("NSXT_VPC_ID") != "" +} + func testAccIsFabric() bool { return os.Getenv("NSXT_TEST_FABRIC") != "" } @@ -308,6 +312,13 @@ func testAccOnlyMultitenancy(t *testing.T) { } } +func testAccOnlyVPC(t *testing.T) { + testAccNSXVersion(t, "4.1.2") + if !testAccIsVPC() { + t.Skipf("This test requires a VPC environment") + } +} + func testAccNSXGlobalManagerSitePrecheck(t *testing.T) { if testAccIsGlobalManager() && getTestSiteName() == "" { str := fmt.Sprintf("%s must be set for this acceptance test", "NSXT_TEST_SITE_NAME") @@ -578,7 +589,7 @@ resource "nsxt_policy_tier%s_gateway" "test" { } context := "" if withContext { - context = testAccNsxtPolicyMultitenancyContext() + context = testAccNsxtPolicyContext() } return fmt.Sprintf(` resource "nsxt_policy_tier%s_gateway" "test" { @@ -676,7 +687,17 @@ func testAccNsxtPolicyResourceCheckDestroy(context tf_api.SessionContext, state return nil } -func testAccNsxtPolicyMultitenancyContext() string { +func testAccNsxtPolicyContext() string { + if testAccIsVPC() { + projectID := os.Getenv("NSXT_VPC_PROJECT_ID") + vpcID := os.Getenv("NSXT_VPC_ID") + return fmt.Sprintf(` + context { + project_id = "%s" + VPC_id = "%s" + } +`, projectID, vpcID) + } projectID := os.Getenv("NSXT_PROJECT_ID") if projectID != "" { return fmt.Sprintf(` diff --git a/tools/api-wrapper-generator.py b/tools/api-wrapper-generator.py index 3a8e1d14c..eae9fa9a7 100644 --- a/tools/api-wrapper-generator.py +++ b/tools/api-wrapper-generator.py @@ -76,6 +76,9 @@ def api_func_call_setup(api, subs_dict): arg_list = get_arglist(g[2]) if subs_dict['type'] == "Multitenancy": arg_list = ['utl.DefaultOrgID', 'c.ProjectID'] + arg_list + elif subs_dict['type'] == "VPC": + arg_list = ['utl.DefaultOrgID', 'c.ProjectID', 'c.VPCID'] + arg_list + arg_list.remove('domainIdParam') return '%s(%s)' % (g[1], ', '.join(arg_list)) @@ -88,6 +91,9 @@ def patch_func_call_setup(api, subs_dict): arg_list[n] = 'gmObj.(%s.%s)' % (subs_dict['model_import'], subs_dict['model_name']) elif subs_dict['type'] == "Multitenancy": arg_list = ['utl.DefaultOrgID', 'c.ProjectID'] + arg_list + elif subs_dict['type'] == "VPC": + arg_list = ['utl.DefaultOrgID', 'c.ProjectID', 'c.VPCID'] + arg_list + arg_list.remove('domainIdParam') return '%s(%s)' % (g[1], ', '.join(arg_list))