diff --git a/api/api_list.yaml b/api/api_list.yaml index fb266e8bb..fc641fe72 100644 --- a/api/api_list.yaml +++ b/api/api_list.yaml @@ -948,3 +948,122 @@ - List - Patch - Update +- api_packages: + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra + model: github.com/vmware/vsphere-automation-sdk-go/runtime/data + list_result_model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Local + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra + model: github.com/vmware/vsphere-automation-sdk-go/runtime/data + list_result_model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model + type: Global + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra + model: github.com/vmware/vsphere-automation-sdk-go/runtime/data + list_result_model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Multitenancy + model_name: StructValue + obj_name: FloodProtectionProfiles + client_name: FloodProtectionProfilesClient + list_result_name: FloodProtectionProfileListResult + model_prefix: vapiData_ + model_pass_ptr: true + file_name: FloodProtectionProfilesClient + supported_method: + - New + - Get + - Delete + - List + - Patch + - Update + - List +- api_packages: + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/domains/groups + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Local + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/domains/groups + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model + type: Global + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra/domains/groups + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Multitenancy + model_name: PolicyFirewallFloodProtectionProfileBindingMap + obj_name: PolicyFirewallFloodProtectionProfileBindingMap + client_name: FirewallFloodProtectionProfileBindingMapsClient + list_result_name: PolicyFirewallFloodProtectionProfileBindingMapListResult + supported_method: + - New + - Get + - Delete + - Patch + - Update + - List +- api_packages: + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/tier_0s + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Local + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/tier_0s + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model + type: Global + model_name: FloodProtectionProfileBindingMap + obj_name: FloodProtectionProfileBindingMap + client_name: FloodProtectionProfileBindingsClient + supported_method: + - New + - Get + - Delete + - Patch + - Update +- api_packages: + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/tier_0s/locale_services + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Local + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/tier_0s/locale_services + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model + type: Global + model_name: FloodProtectionProfileBindingMap + obj_name: FloodProtectionProfileBindingMap + client_name: FloodProtectionProfileBindingsClient + supported_method: + - New + - Get + - Delete + - Patch + - Update +- api_packages: + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/tier_1s + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Local + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/tier_1s + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model + type: Global + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra/tier_1s + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Multitenancy + model_name: FloodProtectionProfileBindingMap + obj_name: FloodProtectionProfileBindingMap + client_name: FloodProtectionProfileBindingsClient + supported_method: + - New + - Get + - Delete + - Patch + - Update +- api_packages: + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/tier_1s/locale_services + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Local + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/tier_1s/locale_services + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model + type: Global + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra/tier_1s/locale_services + model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Multitenancy + model_name: FloodProtectionProfileBindingMap + obj_name: FloodProtectionProfileBindingMap + client_name: FloodProtectionProfileBindingsClient + supported_method: + - New + - Get + - Delete + - Patch + - Update \ No newline at end of file diff --git a/api/infra/domains/groups/policy_firewall_flood_protection_profile_binding_map.go b/api/infra/domains/groups/policy_firewall_flood_protection_profile_binding_map.go new file mode 100644 index 000000000..375763991 --- /dev/null +++ b/api/infra/domains/groups/policy_firewall_flood_protection_profile_binding_map.go @@ -0,0 +1,192 @@ +//nolint:revive +package groups + +// The following file has been autogenerated. Please avoid any changes! +import ( + "errors" + + vapiProtocolClient_ "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + client1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/domains/groups" + model1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + client0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/domains/groups" + model0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + client2 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra/domains/groups" + + utl "github.com/vmware/terraform-provider-nsxt/api/utl" +) + +type PolicyFirewallFloodProtectionProfileBindingMapClientContext utl.ClientContext + +func NewFirewallFloodProtectionProfileBindingMapsClient(sessionContext utl.SessionContext, connector vapiProtocolClient_.Connector) *PolicyFirewallFloodProtectionProfileBindingMapClientContext { + var client interface{} + + switch sessionContext.ClientType { + + case utl.Local: + client = client0.NewFirewallFloodProtectionProfileBindingMapsClient(connector) + + case utl.Global: + client = client1.NewFirewallFloodProtectionProfileBindingMapsClient(connector) + + case utl.Multitenancy: + client = client2.NewFirewallFloodProtectionProfileBindingMapsClient(connector) + + default: + return nil + } + return &PolicyFirewallFloodProtectionProfileBindingMapClientContext{Client: client, ClientType: sessionContext.ClientType, ProjectID: sessionContext.ProjectID} +} + +func (c PolicyFirewallFloodProtectionProfileBindingMapClientContext) Get(domainIdParam string, groupIdParam string, firewallFloodProtectionProfileBindingMapIdParam string) (model0.PolicyFirewallFloodProtectionProfileBindingMap, error) { + var obj model0.PolicyFirewallFloodProtectionProfileBindingMap + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FirewallFloodProtectionProfileBindingMapsClient) + obj, err = client.Get(domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam) + if err != nil { + return obj, err + } + + case utl.Global: + client := c.Client.(client1.FirewallFloodProtectionProfileBindingMapsClient) + gmObj, err1 := client.Get(domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam) + if err1 != nil { + return obj, err1 + } + var rawObj interface{} + rawObj, err = utl.ConvertModelBindingType(gmObj, model1.PolicyFirewallFloodProtectionProfileBindingMapBindingType(), model0.PolicyFirewallFloodProtectionProfileBindingMapBindingType()) + obj = rawObj.(model0.PolicyFirewallFloodProtectionProfileBindingMap) + + case utl.Multitenancy: + client := c.Client.(client2.FirewallFloodProtectionProfileBindingMapsClient) + obj, err = client.Get(utl.DefaultOrgID, c.ProjectID, domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam) + if err != nil { + return obj, err + } + + default: + return obj, errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c PolicyFirewallFloodProtectionProfileBindingMapClientContext) Delete(domainIdParam string, groupIdParam string, firewallFloodProtectionProfileBindingMapIdParam string) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FirewallFloodProtectionProfileBindingMapsClient) + err = client.Delete(domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam) + + case utl.Global: + client := c.Client.(client1.FirewallFloodProtectionProfileBindingMapsClient) + err = client.Delete(domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam) + + case utl.Multitenancy: + client := c.Client.(client2.FirewallFloodProtectionProfileBindingMapsClient) + err = client.Delete(utl.DefaultOrgID, c.ProjectID, domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c PolicyFirewallFloodProtectionProfileBindingMapClientContext) Patch(domainIdParam string, groupIdParam string, firewallFloodProtectionProfileBindingMapIdParam string, policyFirewallFloodProtectionProfileBindingMapParam model0.PolicyFirewallFloodProtectionProfileBindingMap) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FirewallFloodProtectionProfileBindingMapsClient) + err = client.Patch(domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam, policyFirewallFloodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FirewallFloodProtectionProfileBindingMapsClient) + gmObj, err1 := utl.ConvertModelBindingType(policyFirewallFloodProtectionProfileBindingMapParam, model0.PolicyFirewallFloodProtectionProfileBindingMapBindingType(), model1.PolicyFirewallFloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return err1 + } + err = client.Patch(domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam, gmObj.(model1.PolicyFirewallFloodProtectionProfileBindingMap)) + + case utl.Multitenancy: + client := c.Client.(client2.FirewallFloodProtectionProfileBindingMapsClient) + err = client.Patch(utl.DefaultOrgID, c.ProjectID, domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam, policyFirewallFloodProtectionProfileBindingMapParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c PolicyFirewallFloodProtectionProfileBindingMapClientContext) Update(domainIdParam string, groupIdParam string, firewallFloodProtectionProfileBindingMapIdParam string, policyFirewallFloodProtectionProfileBindingMapParam model0.PolicyFirewallFloodProtectionProfileBindingMap) (model0.PolicyFirewallFloodProtectionProfileBindingMap, error) { + var err error + var obj model0.PolicyFirewallFloodProtectionProfileBindingMap + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FirewallFloodProtectionProfileBindingMapsClient) + obj, err = client.Update(domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam, policyFirewallFloodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FirewallFloodProtectionProfileBindingMapsClient) + gmObj, err := utl.ConvertModelBindingType(policyFirewallFloodProtectionProfileBindingMapParam, model0.PolicyFirewallFloodProtectionProfileBindingMapBindingType(), model1.PolicyFirewallFloodProtectionProfileBindingMapBindingType()) + if err != nil { + return obj, err + } + gmObj, err = client.Update(domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam, gmObj.(model1.PolicyFirewallFloodProtectionProfileBindingMap)) + if err != nil { + return obj, err + } + obj1, err1 := utl.ConvertModelBindingType(gmObj, model1.PolicyFirewallFloodProtectionProfileBindingMapBindingType(), model0.PolicyFirewallFloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return obj, err1 + } + obj = obj1.(model0.PolicyFirewallFloodProtectionProfileBindingMap) + + case utl.Multitenancy: + client := c.Client.(client2.FirewallFloodProtectionProfileBindingMapsClient) + obj, err = client.Update(utl.DefaultOrgID, c.ProjectID, domainIdParam, groupIdParam, firewallFloodProtectionProfileBindingMapIdParam, policyFirewallFloodProtectionProfileBindingMapParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c PolicyFirewallFloodProtectionProfileBindingMapClientContext) List(domainIdParam string, groupIdParam string, cursorParam *string, includeMarkForDeleteObjectsParam *bool, includedFieldsParam *string, pageSizeParam *int64, sortAscendingParam *bool, sortByParam *string) (model0.PolicyFirewallFloodProtectionProfileBindingMapListResult, error) { + var err error + var obj model0.PolicyFirewallFloodProtectionProfileBindingMapListResult + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FirewallFloodProtectionProfileBindingMapsClient) + obj, err = client.List(domainIdParam, groupIdParam, cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + + case utl.Global: + client := c.Client.(client1.FirewallFloodProtectionProfileBindingMapsClient) + gmObj, err := client.List(domainIdParam, groupIdParam, cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + if err != nil { + return obj, err + } + obj1, err1 := utl.ConvertModelBindingType(gmObj, model1.PolicyFirewallFloodProtectionProfileBindingMapListResultBindingType(), model0.PolicyFirewallFloodProtectionProfileBindingMapListResultBindingType()) + if err1 != nil { + return obj, err1 + } + obj = obj1.(model0.PolicyFirewallFloodProtectionProfileBindingMapListResult) + + case utl.Multitenancy: + client := c.Client.(client2.FirewallFloodProtectionProfileBindingMapsClient) + obj, err = client.List(utl.DefaultOrgID, c.ProjectID, domainIdParam, groupIdParam, cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} diff --git a/api/infra/flood_protection_profiles_client.go b/api/infra/flood_protection_profiles_client.go new file mode 100644 index 000000000..bc3cf8e6e --- /dev/null +++ b/api/infra/flood_protection_profiles_client.go @@ -0,0 +1,174 @@ +//nolint:revive +package infra + +// The following file has been autogenerated. Please avoid any changes! +import ( + "errors" + + model0 "github.com/vmware/vsphere-automation-sdk-go/runtime/data" + vapiProtocolClient_ "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + client1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra" + lrmodel1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + client0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra" + lrmodel0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + client2 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra" + + utl "github.com/vmware/terraform-provider-nsxt/api/utl" +) + +type StructValueClientContext utl.ClientContext + +func NewFloodProtectionProfilesClient(sessionContext utl.SessionContext, connector vapiProtocolClient_.Connector) *StructValueClientContext { + var client interface{} + + switch sessionContext.ClientType { + + case utl.Local: + client = client0.NewFloodProtectionProfilesClient(connector) + + case utl.Global: + client = client1.NewFloodProtectionProfilesClient(connector) + + case utl.Multitenancy: + client = client2.NewFloodProtectionProfilesClient(connector) + + default: + return nil + } + return &StructValueClientContext{Client: client, ClientType: sessionContext.ClientType, ProjectID: sessionContext.ProjectID} +} + +func (c StructValueClientContext) Get(floodProtectionProfileIdParam string) (*model0.StructValue, error) { + var obj *model0.StructValue + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + obj, err = client.Get(floodProtectionProfileIdParam) + if err != nil { + return obj, err + } + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + obj, err = client.Get(floodProtectionProfileIdParam) + if err != nil { + return obj, err + } + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + obj, err = client.Get(utl.DefaultOrgID, c.ProjectID, floodProtectionProfileIdParam) + if err != nil { + return obj, err + } + + default: + return obj, errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c StructValueClientContext) Delete(floodProtectionProfileIdParam string, overrideParam *bool) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + err = client.Delete(floodProtectionProfileIdParam, overrideParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + err = client.Delete(floodProtectionProfileIdParam, overrideParam) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + err = client.Delete(utl.DefaultOrgID, c.ProjectID, floodProtectionProfileIdParam, overrideParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c StructValueClientContext) Patch(floodProtectionProfileIdParam string, floodProtectionProfileParam *model0.StructValue, overrideParam *bool) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + err = client.Patch(floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + err = client.Patch(floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + err = client.Patch(utl.DefaultOrgID, c.ProjectID, floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c StructValueClientContext) Update(floodProtectionProfileIdParam string, floodProtectionProfileParam *model0.StructValue, overrideParam *bool) (*model0.StructValue, error) { + var err error + var obj *model0.StructValue + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + obj, err = client.Update(floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + obj, err = client.Update(floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + obj, err = client.Update(utl.DefaultOrgID, c.ProjectID, floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c StructValueClientContext) List(cursorParam *string, includeMarkForDeleteObjectsParam *bool, includedFieldsParam *string, pageSizeParam *int64, sortAscendingParam *bool, sortByParam *string) (lrmodel0.FloodProtectionProfileListResult, error) { + var err error + var obj lrmodel0.FloodProtectionProfileListResult + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + obj, err = client.List(cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + gmObj, err := client.List(cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + if err != nil { + return obj, err + } + obj1, err1 := utl.ConvertModelBindingType(gmObj, lrmodel1.FloodProtectionProfileListResultBindingType(), lrmodel0.FloodProtectionProfileListResultBindingType()) + if err1 != nil { + return obj, err1 + } + obj = obj1.(lrmodel0.FloodProtectionProfileListResult) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + obj, err = client.List(utl.DefaultOrgID, c.ProjectID, cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} diff --git a/api/infra/tier_0s/flood_protection_profile_binding_map.go b/api/infra/tier_0s/flood_protection_profile_binding_map.go new file mode 100644 index 000000000..bb40590bc --- /dev/null +++ b/api/infra/tier_0s/flood_protection_profile_binding_map.go @@ -0,0 +1,137 @@ +//nolint:revive +package tier0s + +// The following file has been autogenerated. Please avoid any changes! +import ( + "errors" + + vapiProtocolClient_ "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + client1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/tier_0s" + model1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + client0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/tier_0s" + model0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + + utl "github.com/vmware/terraform-provider-nsxt/api/utl" +) + +type FloodProtectionProfileBindingMapClientContext utl.ClientContext + +func NewFloodProtectionProfileBindingsClient(sessionContext utl.SessionContext, connector vapiProtocolClient_.Connector) *FloodProtectionProfileBindingMapClientContext { + var client interface{} + + switch sessionContext.ClientType { + + case utl.Local: + client = client0.NewFloodProtectionProfileBindingsClient(connector) + + case utl.Global: + client = client1.NewFloodProtectionProfileBindingsClient(connector) + + default: + return nil + } + return &FloodProtectionProfileBindingMapClientContext{Client: client, ClientType: sessionContext.ClientType, ProjectID: sessionContext.ProjectID} +} + +func (c FloodProtectionProfileBindingMapClientContext) Get(tier0IdParam string, floodProtectionProfileBindingIdParam string) (model0.FloodProtectionProfileBindingMap, error) { + var obj model0.FloodProtectionProfileBindingMap + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + obj, err = client.Get(tier0IdParam, floodProtectionProfileBindingIdParam) + if err != nil { + return obj, err + } + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err1 := client.Get(tier0IdParam, floodProtectionProfileBindingIdParam) + if err1 != nil { + return obj, err1 + } + var rawObj interface{} + rawObj, err = utl.ConvertModelBindingType(gmObj, model1.FloodProtectionProfileBindingMapBindingType(), model0.FloodProtectionProfileBindingMapBindingType()) + obj = rawObj.(model0.FloodProtectionProfileBindingMap) + + default: + return obj, errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c FloodProtectionProfileBindingMapClientContext) Delete(tier0IdParam string, floodProtectionProfileBindingIdParam string) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + err = client.Delete(tier0IdParam, floodProtectionProfileBindingIdParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + err = client.Delete(tier0IdParam, floodProtectionProfileBindingIdParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c FloodProtectionProfileBindingMapClientContext) Patch(tier0IdParam string, floodProtectionProfileBindingIdParam string, floodProtectionProfileBindingMapParam model0.FloodProtectionProfileBindingMap) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + err = client.Patch(tier0IdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err1 := utl.ConvertModelBindingType(floodProtectionProfileBindingMapParam, model0.FloodProtectionProfileBindingMapBindingType(), model1.FloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return err1 + } + err = client.Patch(tier0IdParam, floodProtectionProfileBindingIdParam, gmObj.(model1.FloodProtectionProfileBindingMap)) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c FloodProtectionProfileBindingMapClientContext) Update(tier0IdParam string, floodProtectionProfileBindingIdParam string, floodProtectionProfileBindingMapParam model0.FloodProtectionProfileBindingMap) (model0.FloodProtectionProfileBindingMap, error) { + var err error + var obj model0.FloodProtectionProfileBindingMap + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + obj, err = client.Update(tier0IdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err := utl.ConvertModelBindingType(floodProtectionProfileBindingMapParam, model0.FloodProtectionProfileBindingMapBindingType(), model1.FloodProtectionProfileBindingMapBindingType()) + if err != nil { + return obj, err + } + gmObj, err = client.Update(tier0IdParam, floodProtectionProfileBindingIdParam, gmObj.(model1.FloodProtectionProfileBindingMap)) + if err != nil { + return obj, err + } + obj1, err1 := utl.ConvertModelBindingType(gmObj, model1.FloodProtectionProfileBindingMapBindingType(), model0.FloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return obj, err1 + } + obj = obj1.(model0.FloodProtectionProfileBindingMap) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} diff --git a/api/infra/tier_0s/locale_services/flood_protection_profile_binding_map.go b/api/infra/tier_0s/locale_services/flood_protection_profile_binding_map.go new file mode 100644 index 000000000..d269f48fb --- /dev/null +++ b/api/infra/tier_0s/locale_services/flood_protection_profile_binding_map.go @@ -0,0 +1,137 @@ +//nolint:revive +package localeservices + +// The following file has been autogenerated. Please avoid any changes! +import ( + "errors" + + vapiProtocolClient_ "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + client1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/tier_0s/locale_services" + model1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + client0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/tier_0s/locale_services" + model0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + + utl "github.com/vmware/terraform-provider-nsxt/api/utl" +) + +type FloodProtectionProfileBindingMapClientContext utl.ClientContext + +func NewFloodProtectionProfileBindingsClient(sessionContext utl.SessionContext, connector vapiProtocolClient_.Connector) *FloodProtectionProfileBindingMapClientContext { + var client interface{} + + switch sessionContext.ClientType { + + case utl.Local: + client = client0.NewFloodProtectionProfileBindingsClient(connector) + + case utl.Global: + client = client1.NewFloodProtectionProfileBindingsClient(connector) + + default: + return nil + } + return &FloodProtectionProfileBindingMapClientContext{Client: client, ClientType: sessionContext.ClientType, ProjectID: sessionContext.ProjectID} +} + +func (c FloodProtectionProfileBindingMapClientContext) Get(tier0IdParam string, localeServicesIdParam string, floodProtectionProfileBindingIdParam string) (model0.FloodProtectionProfileBindingMap, error) { + var obj model0.FloodProtectionProfileBindingMap + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + obj, err = client.Get(tier0IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + if err != nil { + return obj, err + } + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err1 := client.Get(tier0IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + if err1 != nil { + return obj, err1 + } + var rawObj interface{} + rawObj, err = utl.ConvertModelBindingType(gmObj, model1.FloodProtectionProfileBindingMapBindingType(), model0.FloodProtectionProfileBindingMapBindingType()) + obj = rawObj.(model0.FloodProtectionProfileBindingMap) + + default: + return obj, errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c FloodProtectionProfileBindingMapClientContext) Delete(tier0IdParam string, localeServicesIdParam string, floodProtectionProfileBindingIdParam string) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + err = client.Delete(tier0IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + err = client.Delete(tier0IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c FloodProtectionProfileBindingMapClientContext) Patch(tier0IdParam string, localeServicesIdParam string, floodProtectionProfileBindingIdParam string, floodProtectionProfileBindingMapParam model0.FloodProtectionProfileBindingMap) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + err = client.Patch(tier0IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err1 := utl.ConvertModelBindingType(floodProtectionProfileBindingMapParam, model0.FloodProtectionProfileBindingMapBindingType(), model1.FloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return err1 + } + err = client.Patch(tier0IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, gmObj.(model1.FloodProtectionProfileBindingMap)) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c FloodProtectionProfileBindingMapClientContext) Update(tier0IdParam string, localeServicesIdParam string, floodProtectionProfileBindingIdParam string, floodProtectionProfileBindingMapParam model0.FloodProtectionProfileBindingMap) (model0.FloodProtectionProfileBindingMap, error) { + var err error + var obj model0.FloodProtectionProfileBindingMap + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + obj, err = client.Update(tier0IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err := utl.ConvertModelBindingType(floodProtectionProfileBindingMapParam, model0.FloodProtectionProfileBindingMapBindingType(), model1.FloodProtectionProfileBindingMapBindingType()) + if err != nil { + return obj, err + } + gmObj, err = client.Update(tier0IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, gmObj.(model1.FloodProtectionProfileBindingMap)) + if err != nil { + return obj, err + } + obj1, err1 := utl.ConvertModelBindingType(gmObj, model1.FloodProtectionProfileBindingMapBindingType(), model0.FloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return obj, err1 + } + obj = obj1.(model0.FloodProtectionProfileBindingMap) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} diff --git a/api/infra/tier_1s/flood_protection_profile_binding_map.go b/api/infra/tier_1s/flood_protection_profile_binding_map.go new file mode 100644 index 000000000..72ce15a03 --- /dev/null +++ b/api/infra/tier_1s/flood_protection_profile_binding_map.go @@ -0,0 +1,160 @@ +//nolint:revive +package tier1s + +// The following file has been autogenerated. Please avoid any changes! +import ( + "errors" + + vapiProtocolClient_ "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + client1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/tier_1s" + model1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + client0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/tier_1s" + model0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + client2 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra/tier_1s" + + utl "github.com/vmware/terraform-provider-nsxt/api/utl" +) + +type FloodProtectionProfileBindingMapClientContext utl.ClientContext + +func NewFloodProtectionProfileBindingsClient(sessionContext utl.SessionContext, connector vapiProtocolClient_.Connector) *FloodProtectionProfileBindingMapClientContext { + var client interface{} + + switch sessionContext.ClientType { + + case utl.Local: + client = client0.NewFloodProtectionProfileBindingsClient(connector) + + case utl.Global: + client = client1.NewFloodProtectionProfileBindingsClient(connector) + + case utl.Multitenancy: + client = client2.NewFloodProtectionProfileBindingsClient(connector) + + default: + return nil + } + return &FloodProtectionProfileBindingMapClientContext{Client: client, ClientType: sessionContext.ClientType, ProjectID: sessionContext.ProjectID} +} + +func (c FloodProtectionProfileBindingMapClientContext) Get(tier1IdParam string, floodProtectionProfileBindingIdParam string) (model0.FloodProtectionProfileBindingMap, error) { + var obj model0.FloodProtectionProfileBindingMap + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + obj, err = client.Get(tier1IdParam, floodProtectionProfileBindingIdParam) + if err != nil { + return obj, err + } + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err1 := client.Get(tier1IdParam, floodProtectionProfileBindingIdParam) + if err1 != nil { + return obj, err1 + } + var rawObj interface{} + rawObj, err = utl.ConvertModelBindingType(gmObj, model1.FloodProtectionProfileBindingMapBindingType(), model0.FloodProtectionProfileBindingMapBindingType()) + obj = rawObj.(model0.FloodProtectionProfileBindingMap) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfileBindingsClient) + obj, err = client.Get(utl.DefaultOrgID, c.ProjectID, tier1IdParam, floodProtectionProfileBindingIdParam) + if err != nil { + return obj, err + } + + default: + return obj, errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c FloodProtectionProfileBindingMapClientContext) Delete(tier1IdParam string, floodProtectionProfileBindingIdParam string) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + err = client.Delete(tier1IdParam, floodProtectionProfileBindingIdParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + err = client.Delete(tier1IdParam, floodProtectionProfileBindingIdParam) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfileBindingsClient) + err = client.Delete(utl.DefaultOrgID, c.ProjectID, tier1IdParam, floodProtectionProfileBindingIdParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c FloodProtectionProfileBindingMapClientContext) Patch(tier1IdParam string, floodProtectionProfileBindingIdParam string, floodProtectionProfileBindingMapParam model0.FloodProtectionProfileBindingMap) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + err = client.Patch(tier1IdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err1 := utl.ConvertModelBindingType(floodProtectionProfileBindingMapParam, model0.FloodProtectionProfileBindingMapBindingType(), model1.FloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return err1 + } + err = client.Patch(tier1IdParam, floodProtectionProfileBindingIdParam, gmObj.(model1.FloodProtectionProfileBindingMap)) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfileBindingsClient) + err = client.Patch(utl.DefaultOrgID, c.ProjectID, tier1IdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c FloodProtectionProfileBindingMapClientContext) Update(tier1IdParam string, floodProtectionProfileBindingIdParam string, floodProtectionProfileBindingMapParam model0.FloodProtectionProfileBindingMap) (model0.FloodProtectionProfileBindingMap, error) { + var err error + var obj model0.FloodProtectionProfileBindingMap + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + obj, err = client.Update(tier1IdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err := utl.ConvertModelBindingType(floodProtectionProfileBindingMapParam, model0.FloodProtectionProfileBindingMapBindingType(), model1.FloodProtectionProfileBindingMapBindingType()) + if err != nil { + return obj, err + } + gmObj, err = client.Update(tier1IdParam, floodProtectionProfileBindingIdParam, gmObj.(model1.FloodProtectionProfileBindingMap)) + if err != nil { + return obj, err + } + obj1, err1 := utl.ConvertModelBindingType(gmObj, model1.FloodProtectionProfileBindingMapBindingType(), model0.FloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return obj, err1 + } + obj = obj1.(model0.FloodProtectionProfileBindingMap) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfileBindingsClient) + obj, err = client.Update(utl.DefaultOrgID, c.ProjectID, tier1IdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} diff --git a/api/infra/tier_1s/locale_services/flood_protection_profile_binding_map.go b/api/infra/tier_1s/locale_services/flood_protection_profile_binding_map.go new file mode 100644 index 000000000..a8c7a0aa1 --- /dev/null +++ b/api/infra/tier_1s/locale_services/flood_protection_profile_binding_map.go @@ -0,0 +1,160 @@ +//nolint:revive +package localeservices + +// The following file has been autogenerated. Please avoid any changes! +import ( + "errors" + + vapiProtocolClient_ "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + client1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra/tier_1s/locale_services" + model1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + client0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/tier_1s/locale_services" + model0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + client2 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra/tier_1s/locale_services" + + utl "github.com/vmware/terraform-provider-nsxt/api/utl" +) + +type FloodProtectionProfileBindingMapClientContext utl.ClientContext + +func NewFloodProtectionProfileBindingsClient(sessionContext utl.SessionContext, connector vapiProtocolClient_.Connector) *FloodProtectionProfileBindingMapClientContext { + var client interface{} + + switch sessionContext.ClientType { + + case utl.Local: + client = client0.NewFloodProtectionProfileBindingsClient(connector) + + case utl.Global: + client = client1.NewFloodProtectionProfileBindingsClient(connector) + + case utl.Multitenancy: + client = client2.NewFloodProtectionProfileBindingsClient(connector) + + default: + return nil + } + return &FloodProtectionProfileBindingMapClientContext{Client: client, ClientType: sessionContext.ClientType, ProjectID: sessionContext.ProjectID} +} + +func (c FloodProtectionProfileBindingMapClientContext) Get(tier1IdParam string, localeServicesIdParam string, floodProtectionProfileBindingIdParam string) (model0.FloodProtectionProfileBindingMap, error) { + var obj model0.FloodProtectionProfileBindingMap + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + obj, err = client.Get(tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + if err != nil { + return obj, err + } + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err1 := client.Get(tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + if err1 != nil { + return obj, err1 + } + var rawObj interface{} + rawObj, err = utl.ConvertModelBindingType(gmObj, model1.FloodProtectionProfileBindingMapBindingType(), model0.FloodProtectionProfileBindingMapBindingType()) + obj = rawObj.(model0.FloodProtectionProfileBindingMap) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfileBindingsClient) + obj, err = client.Get(utl.DefaultOrgID, c.ProjectID, tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + if err != nil { + return obj, err + } + + default: + return obj, errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c FloodProtectionProfileBindingMapClientContext) Delete(tier1IdParam string, localeServicesIdParam string, floodProtectionProfileBindingIdParam string) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + err = client.Delete(tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + err = client.Delete(tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfileBindingsClient) + err = client.Delete(utl.DefaultOrgID, c.ProjectID, tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c FloodProtectionProfileBindingMapClientContext) Patch(tier1IdParam string, localeServicesIdParam string, floodProtectionProfileBindingIdParam string, floodProtectionProfileBindingMapParam model0.FloodProtectionProfileBindingMap) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + err = client.Patch(tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err1 := utl.ConvertModelBindingType(floodProtectionProfileBindingMapParam, model0.FloodProtectionProfileBindingMapBindingType(), model1.FloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return err1 + } + err = client.Patch(tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, gmObj.(model1.FloodProtectionProfileBindingMap)) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfileBindingsClient) + err = client.Patch(utl.DefaultOrgID, c.ProjectID, tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c FloodProtectionProfileBindingMapClientContext) Update(tier1IdParam string, localeServicesIdParam string, floodProtectionProfileBindingIdParam string, floodProtectionProfileBindingMapParam model0.FloodProtectionProfileBindingMap) (model0.FloodProtectionProfileBindingMap, error) { + var err error + var obj model0.FloodProtectionProfileBindingMap + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfileBindingsClient) + obj, err = client.Update(tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfileBindingsClient) + gmObj, err := utl.ConvertModelBindingType(floodProtectionProfileBindingMapParam, model0.FloodProtectionProfileBindingMapBindingType(), model1.FloodProtectionProfileBindingMapBindingType()) + if err != nil { + return obj, err + } + gmObj, err = client.Update(tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, gmObj.(model1.FloodProtectionProfileBindingMap)) + if err != nil { + return obj, err + } + obj1, err1 := utl.ConvertModelBindingType(gmObj, model1.FloodProtectionProfileBindingMapBindingType(), model0.FloodProtectionProfileBindingMapBindingType()) + if err1 != nil { + return obj, err1 + } + obj = obj1.(model0.FloodProtectionProfileBindingMap) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfileBindingsClient) + obj, err = client.Update(utl.DefaultOrgID, c.ProjectID, tier1IdParam, localeServicesIdParam, floodProtectionProfileBindingIdParam, floodProtectionProfileBindingMapParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} diff --git a/nsxt/data_source_nsxt_policy_distributed_flood_protection_profile.go b/nsxt/data_source_nsxt_policy_distributed_flood_protection_profile.go new file mode 100644 index 000000000..176d1dc17 --- /dev/null +++ b/nsxt/data_source_nsxt_policy_distributed_flood_protection_profile.go @@ -0,0 +1,33 @@ +/* Copyright © 2023 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceNsxtPolicyDistributedFloodProtectionProfile() *schema.Resource { + return &schema.Resource{ + Read: dataSourceNsxtPolicyDistributedFloodProtectionProfileRead, + + Schema: map[string]*schema.Schema{ + "id": getDataSourceIDSchema(), + "display_name": getDataSourceExtendedDisplayNameSchema(), + "description": getDataSourceDescriptionSchema(), + "path": getPathSchema(), + "context": getContextSchema(), + }, + } +} + +func dataSourceNsxtPolicyDistributedFloodProtectionProfileRead(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + + _, err := policyDataSourceResourceRead(d, connector, getSessionContext(d, m), "DistributedFloodProtectionProfile", nil) + if err != nil { + return err + } + + return nil +} diff --git a/nsxt/data_source_nsxt_policy_gateway_flood_protection_profile.go b/nsxt/data_source_nsxt_policy_gateway_flood_protection_profile.go new file mode 100644 index 000000000..95f432ec7 --- /dev/null +++ b/nsxt/data_source_nsxt_policy_gateway_flood_protection_profile.go @@ -0,0 +1,33 @@ +/* Copyright © 2023 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceNsxtPolicyGatewayFloodProtectionProfile() *schema.Resource { + return &schema.Resource{ + Read: dataSourceNsxtPolicyGatewayFloodProtectionProfileRead, + + Schema: map[string]*schema.Schema{ + "id": getDataSourceIDSchema(), + "display_name": getDataSourceExtendedDisplayNameSchema(), + "description": getDataSourceDescriptionSchema(), + "path": getPathSchema(), + "context": getContextSchema(), + }, + } +} + +func dataSourceNsxtPolicyGatewayFloodProtectionProfileRead(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + + _, err := policyDataSourceResourceRead(d, connector, getSessionContext(d, m), "GatewayFloodProtectionProfile", nil) + if err != nil { + return err + } + + return nil +} diff --git a/nsxt/provider.go b/nsxt/provider.go index 6ff30e638..989343152 100644 --- a/nsxt/provider.go +++ b/nsxt/provider.go @@ -322,168 +322,174 @@ func Provider() *schema.Provider { "nsxt_upgrade_postcheck": dataSourceNsxtUpgradePostCheck(), "nsxt_upgrade_prepare_ready": dataSourceNsxtUpgradePrepareReady(), "nsxt_policy_vtep_ha_host_switch_profile": dataSourceNsxtVtepHAHostSwitchProfile(), + "nsxt_policy_distributed_flood_protection_profile": dataSourceNsxtPolicyDistributedFloodProtectionProfile(), + "nsxt_policy_gateway_flood_protection_profile": dataSourceNsxtPolicyGatewayFloodProtectionProfile(), }, ResourcesMap: map[string]*schema.Resource{ - "nsxt_dhcp_relay_profile": resourceNsxtDhcpRelayProfile(), - "nsxt_dhcp_relay_service": resourceNsxtDhcpRelayService(), - "nsxt_dhcp_server_profile": resourceNsxtDhcpServerProfile(), - "nsxt_logical_dhcp_server": resourceNsxtLogicalDhcpServer(), - "nsxt_dhcp_server_ip_pool": resourceNsxtDhcpServerIPPool(), - "nsxt_logical_switch": resourceNsxtLogicalSwitch(), - "nsxt_vlan_logical_switch": resourceNsxtVlanLogicalSwitch(), - "nsxt_logical_dhcp_port": resourceNsxtLogicalDhcpPort(), - "nsxt_logical_port": resourceNsxtLogicalPort(), - "nsxt_logical_tier0_router": resourceNsxtLogicalTier0Router(), - "nsxt_logical_tier1_router": resourceNsxtLogicalTier1Router(), - "nsxt_logical_router_centralized_service_port": resourceNsxtLogicalRouterCentralizedServicePort(), - "nsxt_logical_router_downlink_port": resourceNsxtLogicalRouterDownLinkPort(), - "nsxt_logical_router_link_port_on_tier0": resourceNsxtLogicalRouterLinkPortOnTier0(), - "nsxt_logical_router_link_port_on_tier1": resourceNsxtLogicalRouterLinkPortOnTier1(), - "nsxt_ip_discovery_switching_profile": resourceNsxtIPDiscoverySwitchingProfile(), - "nsxt_mac_management_switching_profile": resourceNsxtMacManagementSwitchingProfile(), - "nsxt_qos_switching_profile": resourceNsxtQosSwitchingProfile(), - "nsxt_spoofguard_switching_profile": resourceNsxtSpoofGuardSwitchingProfile(), - "nsxt_switch_security_switching_profile": resourceNsxtSwitchSecuritySwitchingProfile(), - "nsxt_l4_port_set_ns_service": resourceNsxtL4PortSetNsService(), - "nsxt_algorithm_type_ns_service": resourceNsxtAlgorithmTypeNsService(), - "nsxt_icmp_type_ns_service": resourceNsxtIcmpTypeNsService(), - "nsxt_igmp_type_ns_service": resourceNsxtIgmpTypeNsService(), - "nsxt_ether_type_ns_service": resourceNsxtEtherTypeNsService(), - "nsxt_ip_protocol_ns_service": resourceNsxtIPProtocolNsService(), - "nsxt_ns_service_group": resourceNsxtNsServiceGroup(), - "nsxt_ns_group": resourceNsxtNsGroup(), - "nsxt_firewall_section": resourceNsxtFirewallSection(), - "nsxt_nat_rule": resourceNsxtNatRule(), - "nsxt_ip_block": resourceNsxtIPBlock(), - "nsxt_ip_block_subnet": resourceNsxtIPBlockSubnet(), - "nsxt_ip_pool": resourceNsxtIPPool(), - "nsxt_ip_pool_allocation_ip_address": resourceNsxtIPPoolAllocationIPAddress(), - "nsxt_ip_set": resourceNsxtIPSet(), - "nsxt_static_route": resourceNsxtStaticRoute(), - "nsxt_vm_tags": resourceNsxtVMTags(), - "nsxt_lb_icmp_monitor": resourceNsxtLbIcmpMonitor(), - "nsxt_lb_tcp_monitor": resourceNsxtLbTCPMonitor(), - "nsxt_lb_udp_monitor": resourceNsxtLbUDPMonitor(), - "nsxt_lb_http_monitor": resourceNsxtLbHTTPMonitor(), - "nsxt_lb_https_monitor": resourceNsxtLbHTTPSMonitor(), - "nsxt_lb_passive_monitor": resourceNsxtLbPassiveMonitor(), - "nsxt_lb_pool": resourceNsxtLbPool(), - "nsxt_lb_tcp_virtual_server": resourceNsxtLbTCPVirtualServer(), - "nsxt_lb_udp_virtual_server": resourceNsxtLbUDPVirtualServer(), - "nsxt_lb_http_virtual_server": resourceNsxtLbHTTPVirtualServer(), - "nsxt_lb_http_forwarding_rule": resourceNsxtLbHTTPForwardingRule(), - "nsxt_lb_http_request_rewrite_rule": resourceNsxtLbHTTPRequestRewriteRule(), - "nsxt_lb_http_response_rewrite_rule": resourceNsxtLbHTTPResponseRewriteRule(), - "nsxt_lb_cookie_persistence_profile": resourceNsxtLbCookiePersistenceProfile(), - "nsxt_lb_source_ip_persistence_profile": resourceNsxtLbSourceIPPersistenceProfile(), - "nsxt_lb_client_ssl_profile": resourceNsxtLbClientSslProfile(), - "nsxt_lb_server_ssl_profile": resourceNsxtLbServerSslProfile(), - "nsxt_lb_service": resourceNsxtLbService(), - "nsxt_lb_fast_tcp_application_profile": resourceNsxtLbFastTCPApplicationProfile(), - "nsxt_lb_fast_udp_application_profile": resourceNsxtLbFastUDPApplicationProfile(), - "nsxt_lb_http_application_profile": resourceNsxtLbHTTPApplicationProfile(), - "nsxt_policy_tier1_gateway": resourceNsxtPolicyTier1Gateway(), - "nsxt_policy_tier1_gateway_interface": resourceNsxtPolicyTier1GatewayInterface(), - "nsxt_policy_tier0_gateway": resourceNsxtPolicyTier0Gateway(), - "nsxt_policy_tier0_gateway_interface": resourceNsxtPolicyTier0GatewayInterface(), - "nsxt_policy_tier0_gateway_ha_vip_config": resourceNsxtPolicyTier0GatewayHAVipConfig(), - "nsxt_policy_group": resourceNsxtPolicyGroup(), - "nsxt_policy_domain": resourceNsxtPolicyDomain(), - "nsxt_policy_security_policy": resourceNsxtPolicySecurityPolicy(), - "nsxt_policy_service": resourceNsxtPolicyService(), - "nsxt_policy_gateway_policy": resourceNsxtPolicyGatewayPolicy(), - "nsxt_policy_predefined_gateway_policy": resourceNsxtPolicyPredefinedGatewayPolicy(), - "nsxt_policy_predefined_security_policy": resourceNsxtPolicyPredefinedSecurityPolicy(), - "nsxt_policy_segment": resourceNsxtPolicySegment(), - "nsxt_policy_vlan_segment": resourceNsxtPolicyVlanSegment(), - "nsxt_policy_fixed_segment": resourceNsxtPolicyFixedSegment(), - "nsxt_policy_static_route": resourceNsxtPolicyStaticRoute(), - "nsxt_policy_gateway_prefix_list": resourceNsxtPolicyGatewayPrefixList(), - "nsxt_policy_vm_tags": resourceNsxtPolicyVMTags(), - "nsxt_policy_nat_rule": resourceNsxtPolicyNATRule(), - "nsxt_policy_ip_block": resourceNsxtPolicyIPBlock(), - "nsxt_policy_lb_pool": resourceNsxtPolicyLBPool(), - "nsxt_policy_ip_pool": resourceNsxtPolicyIPPool(), - "nsxt_policy_ip_pool_block_subnet": resourceNsxtPolicyIPPoolBlockSubnet(), - "nsxt_policy_ip_pool_static_subnet": resourceNsxtPolicyIPPoolStaticSubnet(), - "nsxt_policy_lb_service": resourceNsxtPolicyLBService(), - "nsxt_policy_lb_virtual_server": resourceNsxtPolicyLBVirtualServer(), - "nsxt_policy_ip_address_allocation": resourceNsxtPolicyIPAddressAllocation(), - "nsxt_policy_bgp_neighbor": resourceNsxtPolicyBgpNeighbor(), - "nsxt_policy_bgp_config": resourceNsxtPolicyBgpConfig(), - "nsxt_policy_dhcp_relay": resourceNsxtPolicyDhcpRelayConfig(), - "nsxt_policy_dhcp_server": resourceNsxtPolicyDhcpServer(), - "nsxt_policy_context_profile": resourceNsxtPolicyContextProfile(), - "nsxt_policy_dhcp_v4_static_binding": resourceNsxtPolicyDhcpV4StaticBinding(), - "nsxt_policy_dhcp_v6_static_binding": resourceNsxtPolicyDhcpV6StaticBinding(), - "nsxt_policy_dns_forwarder_zone": resourceNsxtPolicyDNSForwarderZone(), - "nsxt_policy_gateway_dns_forwarder": resourceNsxtPolicyGatewayDNSForwarder(), - "nsxt_policy_gateway_community_list": resourceNsxtPolicyGatewayCommunityList(), - "nsxt_policy_gateway_route_map": resourceNsxtPolicyGatewayRouteMap(), - "nsxt_policy_intrusion_service_policy": resourceNsxtPolicyIntrusionServicePolicy(), - "nsxt_policy_static_route_bfd_peer": resourceNsxtPolicyStaticRouteBfdPeer(), - "nsxt_policy_intrusion_service_profile": resourceNsxtPolicyIntrusionServiceProfile(), - "nsxt_policy_evpn_tenant": resourceNsxtPolicyEvpnTenant(), - "nsxt_policy_evpn_config": resourceNsxtPolicyEvpnConfig(), - "nsxt_policy_evpn_tunnel_endpoint": resourceNsxtPolicyEvpnTunnelEndpoint(), - "nsxt_policy_vni_pool": resourceNsxtPolicyVniPool(), - "nsxt_policy_qos_profile": resourceNsxtPolicyQosProfile(), - "nsxt_policy_ospf_config": resourceNsxtPolicyOspfConfig(), - "nsxt_policy_ospf_area": resourceNsxtPolicyOspfArea(), - "nsxt_policy_gateway_redistribution_config": resourceNsxtPolicyGatewayRedistributionConfig(), - "nsxt_policy_mac_discovery_profile": resourceNsxtPolicyMacDiscoveryProfile(), - "nsxt_policy_ipsec_vpn_ike_profile": resourceNsxtPolicyIPSecVpnIkeProfile(), - "nsxt_policy_ipsec_vpn_tunnel_profile": resourceNsxtPolicyIPSecVpnTunnelProfile(), - "nsxt_policy_ipsec_vpn_dpd_profile": resourceNsxtPolicyIPSecVpnDpdProfile(), - "nsxt_policy_ipsec_vpn_session": resourceNsxtPolicyIPSecVpnSession(), - "nsxt_policy_l2_vpn_session": resourceNsxtPolicyL2VPNSession(), - "nsxt_policy_ipsec_vpn_service": resourceNsxtPolicyIPSecVpnService(), - "nsxt_policy_l2_vpn_service": resourceNsxtPolicyL2VpnService(), - "nsxt_policy_ipsec_vpn_local_endpoint": resourceNsxtPolicyIPSecVpnLocalEndpoint(), - "nsxt_policy_ip_discovery_profile": resourceNsxtPolicyIPDiscoveryProfile(), - "nsxt_policy_context_profile_custom_attribute": resourceNsxtPolicyContextProfileCustomAttribute(), - "nsxt_policy_segment_security_profile": resourceNsxtPolicySegmentSecurityProfile(), - "nsxt_policy_spoof_guard_profile": resourceNsxtPolicySpoofGuardProfile(), - "nsxt_policy_gateway_qos_profile": resourceNsxtPolicyGatewayQosProfile(), - "nsxt_policy_project": resourceNsxtPolicyProject(), - "nsxt_policy_transport_zone": resourceNsxtPolicyTransportZone(), - "nsxt_policy_user_management_role": resourceNsxtPolicyUserManagementRole(), - "nsxt_policy_user_management_role_binding": resourceNsxtPolicyUserManagementRoleBinding(), - "nsxt_policy_ldap_identity_source": resourceNsxtPolicyLdapIdentitySource(), - "nsxt_edge_cluster": resourceNsxtEdgeCluster(), - "nsxt_compute_manager": resourceNsxtComputeManager(), - "nsxt_manager_cluster": resourceNsxtManagerCluster(), - "nsxt_policy_uplink_host_switch_profile": resourceNsxtUplinkHostSwitchProfile(), - "nsxt_node_user": resourceNsxtUsers(), - "nsxt_principal_identity": resourceNsxtPrincipalIdentity(), - "nsxt_edge_transport_node": resourceNsxtEdgeTransportNode(), - "nsxt_failure_domain": resourceNsxtFailureDomain(), - "nsxt_cluster_virtual_ip": resourceNsxtClusterVirualIP(), - "nsxt_policy_host_transport_node_profile": resourceNsxtPolicyHostTransportNodeProfile(), - "nsxt_policy_host_transport_node": resourceNsxtPolicyHostTransportNode(), - "nsxt_edge_high_availability_profile": resourceNsxtEdgeHighAvailabilityProfile(), - "nsxt_policy_host_transport_node_collection": resourceNsxtPolicyHostTransportNodeCollection(), - "nsxt_policy_lb_client_ssl_profile": resourceNsxtPolicyLBClientSslProfile(), - "nsxt_policy_lb_http_application_profile": resourceNsxtPolicyLBHttpApplicationProfile(), - "nsxt_policy_security_policy_rule": resourceNsxtPolicySecurityPolicyRule(), - "nsxt_policy_parent_security_policy": resourceNsxtPolicyParentSecurityPolicy(), - "nsxt_policy_firewall_exclude_list_member": resourceNsxtPolicyFirewallExcludeListMember(), - "nsxt_policy_lb_http_monitor_profile": resourceNsxtPolicyLBHttpMonitorProfile(), - "nsxt_policy_lb_https_monitor_profile": resourceNsxtPolicyLBHttpsMonitorProfile(), - "nsxt_policy_lb_icmp_monitor_profile": resourceNsxtPolicyLBIcmpMonitorProfile(), - "nsxt_policy_lb_passive_monitor_profile": resourceNsxtPolicyLBPassiveMonitorProfile(), - "nsxt_policy_lb_tcp_monitor_profile": resourceNsxtPolicyLBTcpMonitorProfile(), - "nsxt_policy_lb_udp_monitor_profile": resourceNsxtPolicyLBUdpMonitorProfile(), - "nsxt_policy_tier0_gateway_gre_tunnel": resourceNsxtPolicyTier0GatewayGRETunnel(), - "nsxt_upgrade_run": resourceNsxtUpgradeRun(), - "nsxt_upgrade_prepare": resourceNsxtUpgradePrepare(), - "nsxt_upgrade_precheck_acknowledge": resourceNsxtUpgradePrecheckAcknowledge(), - "nsxt_policy_vtep_ha_host_switch_profile": resourceNsxtVtepHAHostSwitchProfile(), - "nsxt_policy_site": resourceNsxtPolicySite(), - "nsxt_policy_global_manager": resourceNsxtPolicyGlobalManager(), - "nsxt_policy_metadata_proxy": resourceNsxtPolicyMetadataProxy(), - "nsxt_edge_transport_node_rtep": resourceNsxtEdgeTransportNodeRTEP(), + "nsxt_dhcp_relay_profile": resourceNsxtDhcpRelayProfile(), + "nsxt_dhcp_relay_service": resourceNsxtDhcpRelayService(), + "nsxt_dhcp_server_profile": resourceNsxtDhcpServerProfile(), + "nsxt_logical_dhcp_server": resourceNsxtLogicalDhcpServer(), + "nsxt_dhcp_server_ip_pool": resourceNsxtDhcpServerIPPool(), + "nsxt_logical_switch": resourceNsxtLogicalSwitch(), + "nsxt_vlan_logical_switch": resourceNsxtVlanLogicalSwitch(), + "nsxt_logical_dhcp_port": resourceNsxtLogicalDhcpPort(), + "nsxt_logical_port": resourceNsxtLogicalPort(), + "nsxt_logical_tier0_router": resourceNsxtLogicalTier0Router(), + "nsxt_logical_tier1_router": resourceNsxtLogicalTier1Router(), + "nsxt_logical_router_centralized_service_port": resourceNsxtLogicalRouterCentralizedServicePort(), + "nsxt_logical_router_downlink_port": resourceNsxtLogicalRouterDownLinkPort(), + "nsxt_logical_router_link_port_on_tier0": resourceNsxtLogicalRouterLinkPortOnTier0(), + "nsxt_logical_router_link_port_on_tier1": resourceNsxtLogicalRouterLinkPortOnTier1(), + "nsxt_ip_discovery_switching_profile": resourceNsxtIPDiscoverySwitchingProfile(), + "nsxt_mac_management_switching_profile": resourceNsxtMacManagementSwitchingProfile(), + "nsxt_qos_switching_profile": resourceNsxtQosSwitchingProfile(), + "nsxt_spoofguard_switching_profile": resourceNsxtSpoofGuardSwitchingProfile(), + "nsxt_switch_security_switching_profile": resourceNsxtSwitchSecuritySwitchingProfile(), + "nsxt_l4_port_set_ns_service": resourceNsxtL4PortSetNsService(), + "nsxt_algorithm_type_ns_service": resourceNsxtAlgorithmTypeNsService(), + "nsxt_icmp_type_ns_service": resourceNsxtIcmpTypeNsService(), + "nsxt_igmp_type_ns_service": resourceNsxtIgmpTypeNsService(), + "nsxt_ether_type_ns_service": resourceNsxtEtherTypeNsService(), + "nsxt_ip_protocol_ns_service": resourceNsxtIPProtocolNsService(), + "nsxt_ns_service_group": resourceNsxtNsServiceGroup(), + "nsxt_ns_group": resourceNsxtNsGroup(), + "nsxt_firewall_section": resourceNsxtFirewallSection(), + "nsxt_nat_rule": resourceNsxtNatRule(), + "nsxt_ip_block": resourceNsxtIPBlock(), + "nsxt_ip_block_subnet": resourceNsxtIPBlockSubnet(), + "nsxt_ip_pool": resourceNsxtIPPool(), + "nsxt_ip_pool_allocation_ip_address": resourceNsxtIPPoolAllocationIPAddress(), + "nsxt_ip_set": resourceNsxtIPSet(), + "nsxt_static_route": resourceNsxtStaticRoute(), + "nsxt_vm_tags": resourceNsxtVMTags(), + "nsxt_lb_icmp_monitor": resourceNsxtLbIcmpMonitor(), + "nsxt_lb_tcp_monitor": resourceNsxtLbTCPMonitor(), + "nsxt_lb_udp_monitor": resourceNsxtLbUDPMonitor(), + "nsxt_lb_http_monitor": resourceNsxtLbHTTPMonitor(), + "nsxt_lb_https_monitor": resourceNsxtLbHTTPSMonitor(), + "nsxt_lb_passive_monitor": resourceNsxtLbPassiveMonitor(), + "nsxt_lb_pool": resourceNsxtLbPool(), + "nsxt_lb_tcp_virtual_server": resourceNsxtLbTCPVirtualServer(), + "nsxt_lb_udp_virtual_server": resourceNsxtLbUDPVirtualServer(), + "nsxt_lb_http_virtual_server": resourceNsxtLbHTTPVirtualServer(), + "nsxt_lb_http_forwarding_rule": resourceNsxtLbHTTPForwardingRule(), + "nsxt_lb_http_request_rewrite_rule": resourceNsxtLbHTTPRequestRewriteRule(), + "nsxt_lb_http_response_rewrite_rule": resourceNsxtLbHTTPResponseRewriteRule(), + "nsxt_lb_cookie_persistence_profile": resourceNsxtLbCookiePersistenceProfile(), + "nsxt_lb_source_ip_persistence_profile": resourceNsxtLbSourceIPPersistenceProfile(), + "nsxt_lb_client_ssl_profile": resourceNsxtLbClientSslProfile(), + "nsxt_lb_server_ssl_profile": resourceNsxtLbServerSslProfile(), + "nsxt_lb_service": resourceNsxtLbService(), + "nsxt_lb_fast_tcp_application_profile": resourceNsxtLbFastTCPApplicationProfile(), + "nsxt_lb_fast_udp_application_profile": resourceNsxtLbFastUDPApplicationProfile(), + "nsxt_lb_http_application_profile": resourceNsxtLbHTTPApplicationProfile(), + "nsxt_policy_tier1_gateway": resourceNsxtPolicyTier1Gateway(), + "nsxt_policy_tier1_gateway_interface": resourceNsxtPolicyTier1GatewayInterface(), + "nsxt_policy_tier0_gateway": resourceNsxtPolicyTier0Gateway(), + "nsxt_policy_tier0_gateway_interface": resourceNsxtPolicyTier0GatewayInterface(), + "nsxt_policy_tier0_gateway_ha_vip_config": resourceNsxtPolicyTier0GatewayHAVipConfig(), + "nsxt_policy_group": resourceNsxtPolicyGroup(), + "nsxt_policy_domain": resourceNsxtPolicyDomain(), + "nsxt_policy_security_policy": resourceNsxtPolicySecurityPolicy(), + "nsxt_policy_service": resourceNsxtPolicyService(), + "nsxt_policy_gateway_policy": resourceNsxtPolicyGatewayPolicy(), + "nsxt_policy_predefined_gateway_policy": resourceNsxtPolicyPredefinedGatewayPolicy(), + "nsxt_policy_predefined_security_policy": resourceNsxtPolicyPredefinedSecurityPolicy(), + "nsxt_policy_segment": resourceNsxtPolicySegment(), + "nsxt_policy_vlan_segment": resourceNsxtPolicyVlanSegment(), + "nsxt_policy_fixed_segment": resourceNsxtPolicyFixedSegment(), + "nsxt_policy_static_route": resourceNsxtPolicyStaticRoute(), + "nsxt_policy_gateway_prefix_list": resourceNsxtPolicyGatewayPrefixList(), + "nsxt_policy_vm_tags": resourceNsxtPolicyVMTags(), + "nsxt_policy_nat_rule": resourceNsxtPolicyNATRule(), + "nsxt_policy_ip_block": resourceNsxtPolicyIPBlock(), + "nsxt_policy_lb_pool": resourceNsxtPolicyLBPool(), + "nsxt_policy_ip_pool": resourceNsxtPolicyIPPool(), + "nsxt_policy_ip_pool_block_subnet": resourceNsxtPolicyIPPoolBlockSubnet(), + "nsxt_policy_ip_pool_static_subnet": resourceNsxtPolicyIPPoolStaticSubnet(), + "nsxt_policy_lb_service": resourceNsxtPolicyLBService(), + "nsxt_policy_lb_virtual_server": resourceNsxtPolicyLBVirtualServer(), + "nsxt_policy_ip_address_allocation": resourceNsxtPolicyIPAddressAllocation(), + "nsxt_policy_bgp_neighbor": resourceNsxtPolicyBgpNeighbor(), + "nsxt_policy_bgp_config": resourceNsxtPolicyBgpConfig(), + "nsxt_policy_dhcp_relay": resourceNsxtPolicyDhcpRelayConfig(), + "nsxt_policy_dhcp_server": resourceNsxtPolicyDhcpServer(), + "nsxt_policy_context_profile": resourceNsxtPolicyContextProfile(), + "nsxt_policy_dhcp_v4_static_binding": resourceNsxtPolicyDhcpV4StaticBinding(), + "nsxt_policy_dhcp_v6_static_binding": resourceNsxtPolicyDhcpV6StaticBinding(), + "nsxt_policy_dns_forwarder_zone": resourceNsxtPolicyDNSForwarderZone(), + "nsxt_policy_gateway_dns_forwarder": resourceNsxtPolicyGatewayDNSForwarder(), + "nsxt_policy_gateway_community_list": resourceNsxtPolicyGatewayCommunityList(), + "nsxt_policy_gateway_route_map": resourceNsxtPolicyGatewayRouteMap(), + "nsxt_policy_intrusion_service_policy": resourceNsxtPolicyIntrusionServicePolicy(), + "nsxt_policy_static_route_bfd_peer": resourceNsxtPolicyStaticRouteBfdPeer(), + "nsxt_policy_intrusion_service_profile": resourceNsxtPolicyIntrusionServiceProfile(), + "nsxt_policy_evpn_tenant": resourceNsxtPolicyEvpnTenant(), + "nsxt_policy_evpn_config": resourceNsxtPolicyEvpnConfig(), + "nsxt_policy_evpn_tunnel_endpoint": resourceNsxtPolicyEvpnTunnelEndpoint(), + "nsxt_policy_vni_pool": resourceNsxtPolicyVniPool(), + "nsxt_policy_qos_profile": resourceNsxtPolicyQosProfile(), + "nsxt_policy_ospf_config": resourceNsxtPolicyOspfConfig(), + "nsxt_policy_ospf_area": resourceNsxtPolicyOspfArea(), + "nsxt_policy_gateway_redistribution_config": resourceNsxtPolicyGatewayRedistributionConfig(), + "nsxt_policy_mac_discovery_profile": resourceNsxtPolicyMacDiscoveryProfile(), + "nsxt_policy_ipsec_vpn_ike_profile": resourceNsxtPolicyIPSecVpnIkeProfile(), + "nsxt_policy_ipsec_vpn_tunnel_profile": resourceNsxtPolicyIPSecVpnTunnelProfile(), + "nsxt_policy_ipsec_vpn_dpd_profile": resourceNsxtPolicyIPSecVpnDpdProfile(), + "nsxt_policy_ipsec_vpn_session": resourceNsxtPolicyIPSecVpnSession(), + "nsxt_policy_l2_vpn_session": resourceNsxtPolicyL2VPNSession(), + "nsxt_policy_ipsec_vpn_service": resourceNsxtPolicyIPSecVpnService(), + "nsxt_policy_l2_vpn_service": resourceNsxtPolicyL2VpnService(), + "nsxt_policy_ipsec_vpn_local_endpoint": resourceNsxtPolicyIPSecVpnLocalEndpoint(), + "nsxt_policy_ip_discovery_profile": resourceNsxtPolicyIPDiscoveryProfile(), + "nsxt_policy_context_profile_custom_attribute": resourceNsxtPolicyContextProfileCustomAttribute(), + "nsxt_policy_segment_security_profile": resourceNsxtPolicySegmentSecurityProfile(), + "nsxt_policy_spoof_guard_profile": resourceNsxtPolicySpoofGuardProfile(), + "nsxt_policy_gateway_qos_profile": resourceNsxtPolicyGatewayQosProfile(), + "nsxt_policy_project": resourceNsxtPolicyProject(), + "nsxt_policy_transport_zone": resourceNsxtPolicyTransportZone(), + "nsxt_policy_user_management_role": resourceNsxtPolicyUserManagementRole(), + "nsxt_policy_user_management_role_binding": resourceNsxtPolicyUserManagementRoleBinding(), + "nsxt_policy_ldap_identity_source": resourceNsxtPolicyLdapIdentitySource(), + "nsxt_edge_cluster": resourceNsxtEdgeCluster(), + "nsxt_compute_manager": resourceNsxtComputeManager(), + "nsxt_manager_cluster": resourceNsxtManagerCluster(), + "nsxt_policy_uplink_host_switch_profile": resourceNsxtUplinkHostSwitchProfile(), + "nsxt_node_user": resourceNsxtUsers(), + "nsxt_principal_identity": resourceNsxtPrincipalIdentity(), + "nsxt_edge_transport_node": resourceNsxtEdgeTransportNode(), + "nsxt_failure_domain": resourceNsxtFailureDomain(), + "nsxt_cluster_virtual_ip": resourceNsxtClusterVirualIP(), + "nsxt_policy_host_transport_node_profile": resourceNsxtPolicyHostTransportNodeProfile(), + "nsxt_policy_host_transport_node": resourceNsxtPolicyHostTransportNode(), + "nsxt_edge_high_availability_profile": resourceNsxtEdgeHighAvailabilityProfile(), + "nsxt_policy_host_transport_node_collection": resourceNsxtPolicyHostTransportNodeCollection(), + "nsxt_policy_lb_client_ssl_profile": resourceNsxtPolicyLBClientSslProfile(), + "nsxt_policy_lb_http_application_profile": resourceNsxtPolicyLBHttpApplicationProfile(), + "nsxt_policy_security_policy_rule": resourceNsxtPolicySecurityPolicyRule(), + "nsxt_policy_parent_security_policy": resourceNsxtPolicyParentSecurityPolicy(), + "nsxt_policy_firewall_exclude_list_member": resourceNsxtPolicyFirewallExcludeListMember(), + "nsxt_policy_lb_http_monitor_profile": resourceNsxtPolicyLBHttpMonitorProfile(), + "nsxt_policy_lb_https_monitor_profile": resourceNsxtPolicyLBHttpsMonitorProfile(), + "nsxt_policy_lb_icmp_monitor_profile": resourceNsxtPolicyLBIcmpMonitorProfile(), + "nsxt_policy_lb_passive_monitor_profile": resourceNsxtPolicyLBPassiveMonitorProfile(), + "nsxt_policy_lb_tcp_monitor_profile": resourceNsxtPolicyLBTcpMonitorProfile(), + "nsxt_policy_lb_udp_monitor_profile": resourceNsxtPolicyLBUdpMonitorProfile(), + "nsxt_policy_tier0_gateway_gre_tunnel": resourceNsxtPolicyTier0GatewayGRETunnel(), + "nsxt_upgrade_run": resourceNsxtUpgradeRun(), + "nsxt_upgrade_prepare": resourceNsxtUpgradePrepare(), + "nsxt_upgrade_precheck_acknowledge": resourceNsxtUpgradePrecheckAcknowledge(), + "nsxt_policy_vtep_ha_host_switch_profile": resourceNsxtVtepHAHostSwitchProfile(), + "nsxt_policy_site": resourceNsxtPolicySite(), + "nsxt_policy_global_manager": resourceNsxtPolicyGlobalManager(), + "nsxt_policy_metadata_proxy": resourceNsxtPolicyMetadataProxy(), + "nsxt_edge_transport_node_rtep": resourceNsxtEdgeTransportNodeRTEP(), + "nsxt_policy_distributed_flood_protection_profile": resourceNsxtPolicyDistributedFloodProtectionProfile(), + "nsxt_policy_distributed_flood_protection_profile_binding": resourceNsxtPolicyDistributedFloodProtectionProfileBinding(), + "nsxt_policy_gateway_flood_protection_profile": resourceNsxtPolicyGatewayFloodProtectionProfile(), + "nsxt_policy_gateway_flood_protection_profile_binding": resourceNsxtPolicyGatewayFloodProtectionProfileBinding(), }, ConfigureFunc: providerConfigure, diff --git a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile.go b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile.go new file mode 100644 index 000000000..a1212fe4f --- /dev/null +++ b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile.go @@ -0,0 +1,233 @@ +/* Copyright © 2023 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/vmware/vsphere-automation-sdk-go/runtime/bindings" + "github.com/vmware/vsphere-automation-sdk-go/runtime/data" + "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + + "github.com/vmware/terraform-provider-nsxt/api/infra" + utl "github.com/vmware/terraform-provider-nsxt/api/utl" +) + +func resourceNsxtPolicyDistributedFloodProtectionProfile() *schema.Resource { + return &schema.Resource{ + Create: resourceNsxtPolicyDistributedFloodProtectionProfileCreate, + Read: resourceNsxtPolicyDistributedFloodProtectionProfileRead, + Update: resourceNsxtPolicyDistributedFloodProtectionProfileUpdate, + Delete: resourceNsxtPolicyFloodProtectionProfileDelete, + Importer: &schema.ResourceImporter{ + State: nsxtPolicyPathResourceImporter, + }, + Schema: getDistributedFloodProtectionProfile(), + } +} + +func getFloodProtectionProfile() map[string]*schema.Schema { + return map[string]*schema.Schema{ + "nsx_id": getNsxIDSchema(), + "path": getPathSchema(), + "display_name": getDisplayNameSchema(), + "description": getDescriptionSchema(), + "revision": getRevisionSchema(), + "tag": getTagsSchema(), + "context": getContextSchema(), + "icmp_active_flow_limit": { + Type: schema.TypeInt, + Description: "Active ICMP connections limit", + Optional: true, + ValidateFunc: validation.IntBetween(0, 1000000), + }, + "other_active_conn_limit": { + Type: schema.TypeInt, + Description: "Timeout after first TN", + Optional: true, + ValidateFunc: validation.IntBetween(0, 1000000), + }, + "tcp_half_open_conn_limit": { + Type: schema.TypeInt, + Description: "Active half open TCP connections limit", + Optional: true, + ValidateFunc: validation.IntBetween(0, 1000000), + }, + "udp_active_flow_limit": { + Type: schema.TypeInt, + Description: "Active UDP connections limit", + Optional: true, + ValidateFunc: validation.IntBetween(0, 1000000), + }, + } +} + +func getDistributedFloodProtectionProfile() map[string]*schema.Schema { + baseProfile := getFloodProtectionProfile() + baseProfile["enable_rst_spoofing"] = &schema.Schema{ + Type: schema.TypeBool, + Description: "Flag to indicate rst spoofing is enabled", + Optional: true, + Default: false, + } + baseProfile["enable_syncache"] = &schema.Schema{ + Type: schema.TypeBool, + Description: "Flag to indicate syncache is enabled", + Optional: true, + Default: false, + } + return baseProfile +} + +func resourceNsxtPolicyFloodProtectionProfileExists(sessionContext utl.SessionContext, id string, connector client.Connector) (bool, error) { + + client := infra.NewFloodProtectionProfilesClient(sessionContext, connector) + _, err := client.Get(id) + if err == nil { + return true, nil + } + + if isNotFoundError(err) { + return false, nil + } + + return false, logAPIError("Error retrieving resource", err) +} + +func resourceNsxtPolicyDistributedFloodProtectionProfilePatch(d *schema.ResourceData, m interface{}, id string) error { + connector := getPolicyConnector(m) + + displayName := d.Get("display_name").(string) + description := d.Get("description").(string) + tags := getPolicyTagsFromSchema(d) + icmpActiveFlowLimit := int64(d.Get("icmp_active_flow_limit").(int)) + otherActiveConnLimit := int64(d.Get("other_active_conn_limit").(int)) + tcpHalfOpenConnLimit := int64(d.Get("tcp_half_open_conn_limit").(int)) + udpActiveFlowLimit := int64(d.Get("udp_active_flow_limit").(int)) + enableRstSpoofing := d.Get("enable_rst_spoofing").(bool) + enableSyncache := d.Get("enable_syncache").(bool) + + obj := model.DistributedFloodProtectionProfile{ + DisplayName: &displayName, + Description: &description, + Tags: tags, + ResourceType: model.FloodProtectionProfile_RESOURCE_TYPE_DISTRIBUTEDFLOODPROTECTIONPROFILE, + EnableRstSpoofing: &enableRstSpoofing, + EnableSyncache: &enableSyncache, + } + if icmpActiveFlowLimit != 0 { + obj.IcmpActiveFlowLimit = &icmpActiveFlowLimit + } + if otherActiveConnLimit != 0 { + obj.OtherActiveConnLimit = &otherActiveConnLimit + } + if tcpHalfOpenConnLimit != 0 { + obj.TcpHalfOpenConnLimit = &tcpHalfOpenConnLimit + } + if udpActiveFlowLimit != 0 { + obj.UdpActiveFlowLimit = &udpActiveFlowLimit + } + + converter := bindings.NewTypeConverter() + profileValue, errs := converter.ConvertToVapi(obj, model.DistributedFloodProtectionProfileBindingType()) + if errs != nil { + return errs[0] + } + profileStruct := profileValue.(*data.StructValue) + + log.Printf("[INFO] Patching DistributedFloodProtectionProfile with ID %s", id) + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) + return client.Patch(id, profileStruct, nil) +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileCreate(d *schema.ResourceData, m interface{}) error { + + // Initialize resource Id and verify this ID is not yet used + id, err := getOrGenerateID2(d, m, resourceNsxtPolicyFloodProtectionProfileExists) + if err != nil { + return err + } + + err = resourceNsxtPolicyDistributedFloodProtectionProfilePatch(d, m, id) + if err != nil { + return handleCreateError("FloodProtectionProfile", id, err) + } + + d.SetId(id) + d.Set("nsx_id", id) + + return resourceNsxtPolicyDistributedFloodProtectionProfileRead(d, m) +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileRead(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + converter := bindings.NewTypeConverter() + + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining FloodProtectionProfile ID") + } + + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) + dpffData, err := client.Get(id) + if err != nil { + return handleReadError(d, "FloodProtectionProfile", id, err) + } + + dfppInterface, errs := converter.ConvertToGolang(dpffData, model.DistributedFloodProtectionProfileBindingType()) + if errs != nil { + return errs[0] + } + obj := dfppInterface.(model.DistributedFloodProtectionProfile) + + d.Set("display_name", obj.DisplayName) + d.Set("description", obj.Description) + setPolicyTagsInSchema(d, obj.Tags) + d.Set("nsx_id", id) + d.Set("path", obj.Path) + d.Set("revision", obj.Revision) + + d.Set("icmp_active_flow_limit", obj.IcmpActiveFlowLimit) + d.Set("other_active_conn_limit", obj.OtherActiveConnLimit) + d.Set("tcp_half_open_conn_limit", obj.TcpHalfOpenConnLimit) + d.Set("udp_active_flow_limit", obj.UdpActiveFlowLimit) + d.Set("enable_rst_spoofing", obj.EnableRstSpoofing) + d.Set("enable_syncache", obj.EnableSyncache) + + return nil +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileUpdate(d *schema.ResourceData, m interface{}) error { + + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining FloodProtectionProfile ID") + } + + err := resourceNsxtPolicyDistributedFloodProtectionProfilePatch(d, m, id) + if err != nil { + return handleUpdateError("FloodProtectionProfile", id, err) + } + + return resourceNsxtPolicyDistributedFloodProtectionProfileRead(d, m) +} + +func resourceNsxtPolicyFloodProtectionProfileDelete(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining FloodProtectionProfile ID") + } + + connector := getPolicyConnector(m) + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) + err := client.Delete(id, nil) + if err != nil { + return handleDeleteError("FloodProtectionProfile", id, err) + } + return nil +} diff --git a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding.go b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding.go new file mode 100644 index 000000000..0eaee9972 --- /dev/null +++ b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding.go @@ -0,0 +1,225 @@ +/* Copyright © 2024 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "strings" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/vmware/terraform-provider-nsxt/api/infra/domains/groups" + utl "github.com/vmware/terraform-provider-nsxt/api/utl" + "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" +) + +func resourceNsxtPolicyDistributedFloodProtectionProfileBinding() *schema.Resource { + return &schema.Resource{ + Create: resourceNsxtPolicyDistributedFloodProtectionProfileBindingCreate, + Read: resourceNsxtPolicyDistributedFloodProtectionProfileBindingRead, + Update: resourceNsxtPolicyDistributedFloodProtectionProfileBindingUpdate, + Delete: resourceNsxtPolicyDistributedFloodProtectionProfileBindingDelete, + Importer: &schema.ResourceImporter{ + State: nsxtDistributedFloodProtectionProfileBindingImporter, + }, + Schema: map[string]*schema.Schema{ + "nsx_id": getNsxIDSchema(), + "path": getPathSchema(), + "display_name": getDisplayNameSchema(), + "description": getDescriptionSchema(), + "revision": getRevisionSchema(), + "tag": getTagsSchema(), + "context": getContextSchema(), + "profile_path": { + Type: schema.TypeString, + Description: "The path of the flood protection profile", + Required: true, + ValidateFunc: validatePolicyPath(), + }, + "group_path": { + Type: schema.TypeString, + Description: "The path of the group to bind with the flood protection profile", + Required: true, + ForceNew: true, + ValidateFunc: validatePolicyPath(), + }, + "sequence_number": { + Type: schema.TypeInt, + Description: "Sequence number of this profile binding", + Required: true, + }, + }, + } +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileBindingPatch(d *schema.ResourceData, m interface{}, id string, isCreate bool) error { + connector := getPolicyConnector(m) + bindingClient := groups.NewFirewallFloodProtectionProfileBindingMapsClient(getSessionContext(d, m), connector) + + displayName := d.Get("display_name").(string) + description := d.Get("description").(string) + tags := getPolicyTagsFromSchema(d) + profilePath := d.Get("profile_path").(string) + seqNum := int64(d.Get("sequence_number").(int)) + obj := model.PolicyFirewallFloodProtectionProfileBindingMap{ + DisplayName: &displayName, + Description: &description, + Tags: tags, + ProfilePath: &profilePath, + SequenceNumber: &seqNum, + } + + groupPath := d.Get("group_path").(string) + groupID := getPolicyIDFromPath(groupPath) + domain := getDomainFromResourcePath(groupPath) + + if !isCreate { + // Regular API doesn't support UPDATE operation, response example below: + // Cannot create an object with path=[/infra/domains/default/groups/testgroup/firewall-flood-protection-profile-binding-maps/994019f3-aba0-4592-96ff-f00326e13976] as it already exists. (code 500127) + // Instead of using H-API to increase complexity, we choose to delete and then create the resource for UPDATE. + err := bindingClient.Delete(domain, groupID, id) + if err != nil { + return err + } + stateConf := &resource.StateChangeConf{ + Pending: []string{"exist"}, + Target: []string{"deleted"}, + Refresh: func() (interface{}, string, error) { + state, err := bindingClient.Get(domain, groupID, id) + if isNotFoundError(err) { + return state, "deleted", nil + } + return state, "exist", nil + }, + Timeout: 30 * time.Second, + PollInterval: 200 * time.Millisecond, + Delay: 200 * time.Millisecond, + } + _, err = stateConf.WaitForState() + if err != nil { + return fmt.Errorf("failed to update GatewayFloodProtectionProfileBinding %s: %v", id, err) + } + } + return bindingClient.Patch(domain, groupID, id, obj) +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileBindingExists(sessionContext utl.SessionContext, connector client.Connector, groupPath, id string) (bool, error) { + bindingClient := groups.NewFirewallFloodProtectionProfileBindingMapsClient(sessionContext, connector) + domain := getDomainFromResourcePath(groupPath) + groupID := getPolicyIDFromPath(groupPath) + _, err := bindingClient.Get(domain, groupID, id) + + if err == nil { + return true, nil + } + + if isNotFoundError(err) { + return false, nil + } + + return false, logAPIError("Error retrieving resource", err) +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileBindingCreate(d *schema.ResourceData, m interface{}) error { + id := d.Get("nsx_id").(string) + if id == "" { + id = newUUID() + } + + groupPath := d.Get("group_path").(string) + exist, err := resourceNsxtPolicyDistributedFloodProtectionProfileBindingExists(getSessionContext(d, m), getPolicyConnector(m), groupPath, id) + if err != nil { + return err + } + if exist { + return fmt.Errorf("Resource with id %s already exists", id) + } + + err = resourceNsxtPolicyDistributedFloodProtectionProfileBindingPatch(d, m, id, true) + if err != nil { + return handleCreateError("DistributedFloodProtectionProfile", id, err) + } + + d.SetId(id) + d.Set("nsx_id", id) + + return resourceNsxtPolicyDistributedFloodProtectionProfileBindingRead(d, m) +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileBindingRead(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining FloodProtectionProfile ID") + } + + connector := getPolicyConnector(m) + bindingClient := groups.NewFirewallFloodProtectionProfileBindingMapsClient(getSessionContext(d, m), connector) + + groupPath := d.Get("group_path").(string) + domain := getDomainFromResourcePath(groupPath) + groupID := getPolicyIDFromPath(groupPath) + + binding, err := bindingClient.Get(domain, groupID, id) + if err != nil { + return handleReadError(d, "FloodProtectionProfileBinding", id, err) + } + + floodProtectionProfileBindingModelToSchema(d, *binding.DisplayName, *binding.Description, id, *binding.Path, *binding.ProfilePath, *binding.SequenceNumber, binding.Tags, *binding.Revision) + + return nil +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileBindingUpdate(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining DistributedFloodProtectionProfileBinding ID") + } + + err := resourceNsxtPolicyDistributedFloodProtectionProfileBindingPatch(d, m, id, false) + if err != nil { + return handleUpdateError("DistributedFloodProtectionProfileBinding", id, err) + } + + return resourceNsxtPolicyDistributedFloodProtectionProfileBindingRead(d, m) +} + +func resourceNsxtPolicyDistributedFloodProtectionProfileBindingDelete(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining DistributedFloodProtectionProfileBinding ID") + } + + connector := getPolicyConnector(m) + bindingClient := groups.NewFirewallFloodProtectionProfileBindingMapsClient(getSessionContext(d, m), connector) + + groupPath := d.Get("group_path").(string) + domain := getDomainFromResourcePath(groupPath) + groupID := getPolicyIDFromPath(groupPath) + + err := bindingClient.Delete(domain, groupID, id) + if err != nil { + return handleDeleteError("FloodProtectionProfileBinding", id, err) + } + return nil +} + +func nsxtDistributedFloodProtectionProfileBindingImporter(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) { + importID := d.Id() + _, err := nsxtPolicyPathResourceImporterHelper(d, m) + if err != nil { + return nil, err + } + targetSection := "/firewall-flood-protection-profile-binding-maps/" + splitIdx := strings.LastIndex(importID, targetSection) + if splitIdx == -1 { + return nil, fmt.Errorf("invalid importID for DistributedFloodProtectionProfileBinding: %s", importID) + } + parentPath := importID[:splitIdx] + id := importID[splitIdx+len(targetSection):] + d.Set("group_path", parentPath) + d.SetId(id) + return []*schema.ResourceData{d}, nil +} diff --git a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding_test.go b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding_test.go new file mode 100644 index 000000000..de70dc807 --- /dev/null +++ b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_binding_test.go @@ -0,0 +1,257 @@ +//* Copyright © 2024 VMware, Inc. All Rights Reserved. +// SPDX-License-Identifier: MPL-2.0 */ + +// This test file tests both distributed_flood_protection_profile and distributed_flood_protection_profile_binding +package nsxt + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +var accTestPolicyDistributedFloodProtectionProfileBindingCreateAttributes = map[string]string{ + "description": "terraform created", + "profile_res_name": "test1", + "seq_num": "10", +} + +var accTestPolicyDistributedFloodProtectionProfileBindingUpdateAttributes = map[string]string{ + "description": "terraform updated", + "profile_res_name": "test2", + "seq_num": "12", +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfileBinding_basic(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfileBindingBasic(t, false, func() { + testAccPreCheck(t) + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfileBinding_multitenancy(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfileBindingBasic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }) +} + +func testAccResourceNsxtPolicyDistributedFloodProtectionProfileBindingBasic(t *testing.T, withContext bool, preCheck func()) { + testResourceName := "nsxt_policy_distributed_flood_protection_profile_binding.test" + if withContext { + testResourceName = "nsxt_policy_distributed_flood_protection_profile_binding.mttest" + } + name := getAccTestResourceName() + updatedName := fmt.Sprintf("%s-updated", name) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyDistributedFloodProtectionProfileBindingCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyDistributedFloodProtectionProfileBindingTemplate(true, withContext, name), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyDistributedFloodProtectionProfileBindingExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", name), + resource.TestCheckResourceAttr(testResourceName, "description", accTestPolicyDistributedFloodProtectionProfileBindingCreateAttributes["description"]), + resource.TestCheckResourceAttr(testResourceName, "sequence_number", accTestPolicyDistributedFloodProtectionProfileBindingCreateAttributes["seq_num"]), + resource.TestCheckResourceAttrSet(testResourceName, "profile_path"), + + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + ), + }, + { + Config: testAccNsxtPolicyDistributedFloodProtectionProfileBindingTemplate(false, withContext, updatedName), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyDistributedFloodProtectionProfileBindingExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", accTestPolicyDistributedFloodProtectionProfileBindingUpdateAttributes["description"]), + resource.TestCheckResourceAttr(testResourceName, "sequence_number", accTestPolicyDistributedFloodProtectionProfileBindingUpdateAttributes["seq_num"]), + resource.TestCheckResourceAttrSet(testResourceName, "profile_path"), + + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfileBinding_importBasic(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfileBindingImportBasic(t, false, func() { + testAccPreCheck(t) + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfileBinding_importBasic_multitenancy(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfileBindingImportBasic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }) +} + +func testAccResourceNsxtPolicyDistributedFloodProtectionProfileBindingImportBasic(t *testing.T, withContext bool, preCheck func()) { + testResourceName := "nsxt_policy_distributed_flood_protection_profile_binding.test" + if withContext { + testResourceName = "nsxt_policy_distributed_flood_protection_profile_binding.mttest" + } + name := getAccTestResourceName() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyDistributedFloodProtectionProfileBindingCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyDistributedFloodProtectionProfileBindingTemplate(true, withContext, name), + }, + { + ResourceName: testResourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccResourceNsxtPolicyImportIDRetriever(testResourceName), + }, + }, + }) +} + +func testAccNsxtPolicyDistributedFloodProtectionProfileBindingExists(resourceName string) resource.TestCheckFunc { + return func(state *terraform.State) error { + + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + + rs, ok := state.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("Policy DistributedFloodProtectionProfileBinding resource %s not found in resources", resourceName) + } + + resourceID := rs.Primary.ID + if resourceID == "" { + return fmt.Errorf("Policy DistributedFloodProtectionProfileBinding resource ID not set in resources") + } + groupPath := rs.Primary.Attributes["group_path"] + if groupPath == "" { + return fmt.Errorf("Policy DistributedFloodProtectionProfileBinding resource group_path not set in resources") + } + + exists, err := resourceNsxtPolicyDistributedFloodProtectionProfileBindingExists(testAccGetSessionContext(), connector, groupPath, resourceID) + if err != nil { + return err + } + if !exists { + return fmt.Errorf("Policy DistributedFloodProtectionProfileBinding %s does not exist", resourceID) + } + + return nil + } +} + +func testAccNsxtPolicyDistributedFloodProtectionProfileBindingCheckDestroy(state *terraform.State, displayName string) error { + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + for _, rs := range state.RootModule().Resources { + + if rs.Type != "nsxt_policy_distributed_flood_protection_profile_binding" { + continue + } + + resourceID := rs.Primary.Attributes["id"] + groupPath := rs.Primary.Attributes["group_path"] + exists, err := resourceNsxtPolicyDistributedFloodProtectionProfileBindingExists(testAccGetSessionContext(), connector, groupPath, resourceID) + if err == nil { + return err + } + + if exists { + return fmt.Errorf("Policy DistributedFloodProtectionProfile %s still exists", displayName) + } + } + return nil +} + +func testAccNsxtPolicyDistributedFloodProtectionProfileBindingTemplate(createFlow, withContext bool, name string) string { + var attrMap map[string]string + if createFlow { + attrMap = accTestPolicyDistributedFloodProtectionProfileBindingCreateAttributes + } else { + attrMap = accTestPolicyDistributedFloodProtectionProfileBindingUpdateAttributes + } + context := "" + resourceName := "test" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + resourceName = "mttest" + } + return testAccNsxtPolicyDistributedFloodProtectionProfileBindingDeps(withContext) + fmt.Sprintf(` +resource "nsxt_policy_distributed_flood_protection_profile_binding" "%s" { +%s + display_name = "%s" + description = "%s" + profile_path = nsxt_policy_distributed_flood_protection_profile.%s.path + group_path = nsxt_policy_group.test.path + sequence_number = %s + + tag { + scope = "scope1" + tag = "tag1" + } +} +`, resourceName, context, name, attrMap["description"], attrMap["profile_res_name"], attrMap["seq_num"]) +} + +func testAccNsxtPolicyDistributedFloodProtectionProfileBindingDeps(withContext bool) string { + context := "" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + } + return fmt.Sprintf(` +resource "nsxt_policy_group" "test" { +%s + display_name = "testgroup" + description = "Acceptance Test" + + criteria { + condition { + key = "OSName" + member_type = "VirtualMachine" + operator = "CONTAINS" + value = "Ubuntu" + } + } +} + +resource "nsxt_policy_distributed_flood_protection_profile" "test1" { +%s + display_name = "dfpp1" + description = "Acceptance Test" + icmp_active_flow_limit = 3 + other_active_conn_limit = 3 + tcp_half_open_conn_limit = 3 + udp_active_flow_limit = 3 + enable_rst_spoofing = false + enable_syncache = false +} + +resource "nsxt_policy_distributed_flood_protection_profile" "test2" { +%s + display_name = "dfpp2" + description = "Acceptance Test" + icmp_active_flow_limit = 4 + other_active_conn_limit = 4 + tcp_half_open_conn_limit = 4 + udp_active_flow_limit = 4 + enable_rst_spoofing = false + enable_syncache = false +} +`, context, context, context) +} diff --git a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go new file mode 100644 index 000000000..41530a004 --- /dev/null +++ b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go @@ -0,0 +1,264 @@ +/* Copyright © 2023 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +var accTestPolicyDistributedFloodProtectionProfileCreateAttributes = map[string]string{ + "description": "terraform created", + "icmp_active_flow_limit": "2", + "other_active_conn_limit": "2", + "tcp_half_open_conn_limit": "2", + "udp_active_flow_limit": "2", + "enable_rst_spoofing": "false", + "enable_syncache": "false", +} + +var accTestPolicyDistributedFloodProtectionProfileUpdateAttributes = map[string]string{ + "description": "terraform updated", + "icmp_active_flow_limit": "5", + "other_active_conn_limit": "5", + "tcp_half_open_conn_limit": "5", + "udp_active_flow_limit": "5", + "enable_rst_spoofing": "true", + "enable_syncache": "true", +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_minimal(t *testing.T) { + testResourceName := "nsxt_policy_distributed_flood_protection_profile.test" + name := getAccTestResourceName() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyDistributedFloodProtectionProfileCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyDistributedFloodProtectionProfileMinimalistic(false, name), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyDistributedFloodProtectionProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "description", ""), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "0"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfileBasic(t, false, func() { + testAccPreCheck(t) + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_multitenancy(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfileBasic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }) +} + +func testAccResourceNsxtPolicyDistributedFloodProtectionProfileBasic(t *testing.T, withContext bool, preCheck func()) { + testResourceName := "nsxt_policy_distributed_flood_protection_profile.test" + if withContext { + testResourceName = "nsxt_policy_distributed_flood_protection_profile.mttest" + } + name := getAccTestResourceName() + updatedName := fmt.Sprintf("%s-updated", name) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyDistributedFloodProtectionProfileCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(true, withContext, name), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyDistributedFloodProtectionProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", name), + resource.TestCheckResourceAttr(testResourceName, "description", accTestPolicyDistributedFloodProtectionProfileCreateAttributes["description"]), + resource.TestCheckResourceAttr(testResourceName, "icmp_active_flow_limit", accTestPolicyDistributedFloodProtectionProfileCreateAttributes["icmp_active_flow_limit"]), + resource.TestCheckResourceAttr(testResourceName, "other_active_conn_limit", accTestPolicyDistributedFloodProtectionProfileCreateAttributes["other_active_conn_limit"]), + resource.TestCheckResourceAttr(testResourceName, "tcp_half_open_conn_limit", accTestPolicyDistributedFloodProtectionProfileCreateAttributes["tcp_half_open_conn_limit"]), + resource.TestCheckResourceAttr(testResourceName, "udp_active_flow_limit", accTestPolicyDistributedFloodProtectionProfileCreateAttributes["udp_active_flow_limit"]), + resource.TestCheckResourceAttr(testResourceName, "enable_rst_spoofing", accTestPolicyDistributedFloodProtectionProfileCreateAttributes["enable_rst_spoofing"]), + resource.TestCheckResourceAttr(testResourceName, "enable_syncache", accTestPolicyDistributedFloodProtectionProfileCreateAttributes["enable_syncache"]), + + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + ), + }, + { + Config: testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(false, withContext, updatedName), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyDistributedFloodProtectionProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["description"]), + resource.TestCheckResourceAttr(testResourceName, "icmp_active_flow_limit", accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["icmp_active_flow_limit"]), + resource.TestCheckResourceAttr(testResourceName, "other_active_conn_limit", accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["other_active_conn_limit"]), + resource.TestCheckResourceAttr(testResourceName, "tcp_half_open_conn_limit", accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["tcp_half_open_conn_limit"]), + resource.TestCheckResourceAttr(testResourceName, "udp_active_flow_limit", accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["udp_active_flow_limit"]), + resource.TestCheckResourceAttr(testResourceName, "enable_rst_spoofing", accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["enable_rst_spoofing"]), + resource.TestCheckResourceAttr(testResourceName, "enable_syncache", accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["enable_syncache"]), + + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_importBasic(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfileImportBasic(t, false, func() { + testAccPreCheck(t) + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_importBasic_multitenancy(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfileImportBasic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }) +} + +func testAccResourceNsxtPolicyDistributedFloodProtectionProfileImportBasic(t *testing.T, withContext bool, preCheck func()) { + name := getAccTestResourceName() + testResourceName := "nsxt_policy_distributed_flood_protection_profile.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyDistributedFloodProtectionProfileCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyDistributedFloodProtectionProfileMinimalistic(withContext, name), + }, + { + ResourceName: testResourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccResourceNsxtPolicyImportIDRetriever(testResourceName), + }, + }, + }) +} + +func testAccNsxtPolicyDistributedFloodProtectionProfileExists(resourceName string) resource.TestCheckFunc { + return func(state *terraform.State) error { + + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + + rs, ok := state.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("Policy DistributedFloodProtectionProfile resource %s not found in resources", resourceName) + } + + resourceID := rs.Primary.ID + if resourceID == "" { + return fmt.Errorf("Policy DistributedFloodProtectionProfile resource ID not set in resources") + } + + exists, err := resourceNsxtPolicyFloodProtectionProfileExists(testAccGetSessionContext(), resourceID, connector) + if err != nil { + return err + } + if !exists { + return fmt.Errorf("Policy DistributedFloodProtectionProfile %s does not exist", resourceID) + } + + return nil + } +} + +func testAccNsxtPolicyDistributedFloodProtectionProfileCheckDestroy(state *terraform.State, displayName string) error { + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + for _, rs := range state.RootModule().Resources { + + if rs.Type != "nsxt_policy_distributed_flood_protection_profile" { + continue + } + + resourceID := rs.Primary.Attributes["id"] + exists, err := resourceNsxtPolicyFloodProtectionProfileExists(testAccGetSessionContext(), resourceID, connector) + if err == nil { + return err + } + + if exists { + return fmt.Errorf("Policy DistributedFloodProtectionProfile %s still exists", displayName) + } + } + return nil +} + +func testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(createFlow, withContext bool, name string) string { + var attrMap map[string]string + if createFlow { + attrMap = accTestPolicyDistributedFloodProtectionProfileCreateAttributes + } else { + attrMap = accTestPolicyDistributedFloodProtectionProfileUpdateAttributes + } + context := "" + resourceName := "test" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + resourceName = "mttest" + } + return fmt.Sprintf(` +resource "nsxt_policy_distributed_flood_protection_profile" "%s" { +%s + display_name = "%s" + description = "%s" + icmp_active_flow_limit = %s + other_active_conn_limit = %s + tcp_half_open_conn_limit = %s + udp_active_flow_limit = %s + enable_rst_spoofing = %s + enable_syncache = %s + + tag { + scope = "scope1" + tag = "tag1" + } +} + +data "nsxt_policy_distributed_flood_protection_profile" "%s" { +%s + display_name = "%s" + depends_on = [nsxt_policy_distributed_flood_protection_profile.%s] +}`, resourceName, context, name, attrMap["description"], attrMap["icmp_active_flow_limit"], attrMap["other_active_conn_limit"], attrMap["tcp_half_open_conn_limit"], attrMap["udp_active_flow_limit"], attrMap["enable_rst_spoofing"], attrMap["enable_syncache"], resourceName, context, name, resourceName) +} + +func testAccNsxtPolicyDistributedFloodProtectionProfileMinimalistic(withContext bool, name string) string { + context := "" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + } + return fmt.Sprintf(` +resource "nsxt_policy_distributed_flood_protection_profile" "test" { +%s + display_name = "%s" + +}`, context, name) +} diff --git a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile.go b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile.go new file mode 100644 index 000000000..ac96413b0 --- /dev/null +++ b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile.go @@ -0,0 +1,161 @@ +/* Copyright © 2023 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/vmware/vsphere-automation-sdk-go/runtime/bindings" + "github.com/vmware/vsphere-automation-sdk-go/runtime/data" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + + "github.com/vmware/terraform-provider-nsxt/api/infra" +) + +func resourceNsxtPolicyGatewayFloodProtectionProfile() *schema.Resource { + return &schema.Resource{ + Create: resourceNsxtPolicyGatewayFloodProtectionProfileCreate, + Read: resourceNsxtPolicyGatewayFloodProtectionProfileRead, + Update: resourceNsxtPolicyGatewayFloodProtectionProfileUpdate, + Delete: resourceNsxtPolicyFloodProtectionProfileDelete, + Importer: &schema.ResourceImporter{ + State: nsxtPolicyPathResourceImporter, + }, + Schema: getGatewayFloodProtectionProfile(), + } +} + +func getGatewayFloodProtectionProfile() map[string]*schema.Schema { + baseProfile := getFloodProtectionProfile() + baseProfile["nat_active_conn_limit"] = &schema.Schema{ + Type: schema.TypeInt, + Description: "Maximum limit of active NAT connections", + Optional: true, + ValidateFunc: validation.IntBetween(1, 4294967295), + Default: 4294967295, + } + return baseProfile +} + +func resourceNsxtPolicyGatewayFloodProtectionProfilePatch(d *schema.ResourceData, m interface{}, id string) error { + connector := getPolicyConnector(m) + + displayName := d.Get("display_name").(string) + description := d.Get("description").(string) + tags := getPolicyTagsFromSchema(d) + + icmpActiveFlowLimit := int64(d.Get("icmp_active_flow_limit").(int)) + otherActiveConnLimit := int64(d.Get("other_active_conn_limit").(int)) + tcpHalfOpenConnLimit := int64(d.Get("tcp_half_open_conn_limit").(int)) + udpActiveFlowLimit := int64(d.Get("udp_active_flow_limit").(int)) + natActiveConnLimit := int64(d.Get("nat_active_conn_limit").(int)) + + obj := model.GatewayFloodProtectionProfile{ + DisplayName: &displayName, + Description: &description, + Tags: tags, + ResourceType: model.FloodProtectionProfile_RESOURCE_TYPE_GATEWAYFLOODPROTECTIONPROFILE, + } + + if icmpActiveFlowLimit != 0 { + obj.IcmpActiveFlowLimit = &icmpActiveFlowLimit + } + if otherActiveConnLimit != 0 { + obj.OtherActiveConnLimit = &otherActiveConnLimit + } + if tcpHalfOpenConnLimit != 0 { + obj.TcpHalfOpenConnLimit = &tcpHalfOpenConnLimit + } + if udpActiveFlowLimit != 0 { + obj.UdpActiveFlowLimit = &udpActiveFlowLimit + } + if natActiveConnLimit != 0 { + obj.NatActiveConnLimit = &natActiveConnLimit + } + + converter := bindings.NewTypeConverter() + profileValue, errs := converter.ConvertToVapi(obj, model.GatewayFloodProtectionProfileBindingType()) + if errs != nil { + return errs[0] + } + profileStruct := profileValue.(*data.StructValue) + + log.Printf("[INFO] Patching GatewayFloodProtectionProfile with ID %s", id) + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) + return client.Patch(id, profileStruct, nil) +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileCreate(d *schema.ResourceData, m interface{}) error { + + // Initialize resource Id and verify this ID is not yet used + id, err := getOrGenerateID2(d, m, resourceNsxtPolicyFloodProtectionProfileExists) + if err != nil { + return err + } + + err = resourceNsxtPolicyGatewayFloodProtectionProfilePatch(d, m, id) + if err != nil { + return handleCreateError("GatewayFloodProtectionProfile", id, err) + } + + d.SetId(id) + d.Set("nsx_id", id) + + return resourceNsxtPolicyGatewayFloodProtectionProfileRead(d, m) +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileRead(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + converter := bindings.NewTypeConverter() + + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining FloodProtectionProfile ID") + } + + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) + gpffData, err := client.Get(id) + if err != nil { + return handleReadError(d, "GatewayFloodProtectionProfile", id, err) + } + + gfppInterface, errs := converter.ConvertToGolang(gpffData, model.GatewayFloodProtectionProfileBindingType()) + if errs != nil { + return errs[0] + } + obj := gfppInterface.(model.GatewayFloodProtectionProfile) + + d.Set("display_name", obj.DisplayName) + d.Set("description", obj.Description) + setPolicyTagsInSchema(d, obj.Tags) + d.Set("nsx_id", id) + d.Set("path", obj.Path) + d.Set("revision", obj.Revision) + + d.Set("icmp_active_flow_limit", obj.IcmpActiveFlowLimit) + d.Set("other_active_conn_limit", obj.OtherActiveConnLimit) + d.Set("tcp_half_open_conn_limit", obj.TcpHalfOpenConnLimit) + d.Set("udp_active_flow_limit", obj.UdpActiveFlowLimit) + d.Set("nat_active_conn_limit", obj.NatActiveConnLimit) + + return nil +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileUpdate(d *schema.ResourceData, m interface{}) error { + + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining GatewayFloodProtectionProfile ID") + } + + err := resourceNsxtPolicyGatewayFloodProtectionProfilePatch(d, m, id) + if err != nil { + return handleUpdateError("GatewayFloodProtectionProfile", id, err) + } + + return resourceNsxtPolicyGatewayFloodProtectionProfileRead(d, m) +} diff --git a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding.go b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding.go new file mode 100644 index 000000000..fd00c4377 --- /dev/null +++ b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding.go @@ -0,0 +1,289 @@ +/* Copyright © 2024 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + tier0s "github.com/vmware/terraform-provider-nsxt/api/infra/tier_0s" + t0localeservices "github.com/vmware/terraform-provider-nsxt/api/infra/tier_0s/locale_services" + tier1s "github.com/vmware/terraform-provider-nsxt/api/infra/tier_1s" + t1localeservices "github.com/vmware/terraform-provider-nsxt/api/infra/tier_1s/locale_services" + utl "github.com/vmware/terraform-provider-nsxt/api/utl" + "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" +) + +func resourceNsxtPolicyGatewayFloodProtectionProfileBinding() *schema.Resource { + return &schema.Resource{ + Create: resourceNsxtPolicyGatewayFloodProtectionProfileBindingCreate, + Read: resourceNsxtPolicyGatewayFloodProtectionProfileBindingRead, + Update: resourceNsxtPolicyGatewayFloodProtectionProfileBindingUpdate, + Delete: resourceNsxtPolicyGatewayFloodProtectionProfileBindingDelete, + Importer: &schema.ResourceImporter{ + State: nsxtGatewayFloodProtectionProfileBindingImporter, + }, + Schema: map[string]*schema.Schema{ + "nsx_id": getNsxIDSchema(), + "path": getPathSchema(), + "display_name": getDisplayNameSchema(), + "description": getDescriptionSchema(), + "revision": getRevisionSchema(), + "tag": getTagsSchema(), + "context": getContextSchema(), + "profile_path": { + Type: schema.TypeString, + Description: "The path of the flood protection profile", + Required: true, + ValidateFunc: validatePolicyPath(), + }, + "parent_path": { + Type: schema.TypeString, + Description: "The path of the parent to be bind with the profile. It could be either Tier0 path, Tier1 path, or locale service path", + Required: true, + ValidateFunc: validatePolicyPath(), + }, + }, + } +} + +func extractGatewayIDLocaleServiceID(parentPath string) (string, string, string, error) { + var tier0ID, tier1ID, localeServiceID string + // Example: + // 1: /infra/tier-0s/{tier0-id} + // 2: /infra/tier-0s/{tier0-id}/locale-services/{locale-services-id} + parentPathList := strings.Split(parentPath, "/") + for i := 0; i < len(parentPathList)-1; i++ { + if parentPathList[i] == "tier-0s" { + tier0ID = parentPathList[i+1] + } else if parentPathList[i] == "tier-1s" { + tier1ID = parentPathList[i+1] + } else if parentPathList[i] == "locale-services" { + localeServiceID = parentPathList[i+1] + } + } + + if tier0ID == "" && tier1ID == "" { + return "", "", "", fmt.Errorf("invalid parent_path: %s", parentPath) + } + return tier0ID, tier1ID, localeServiceID, nil +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileBindingPatch(d *schema.ResourceData, m interface{}, parentPath string, id string) error { + connector := getPolicyConnector(m) + + displayName := d.Get("display_name").(string) + description := d.Get("description").(string) + tags := getPolicyTagsFromSchema(d) + profilePath := d.Get("profile_path").(string) + obj := model.FloodProtectionProfileBindingMap{ + DisplayName: &displayName, + Description: &description, + Tags: tags, + ProfilePath: &profilePath, + } + + tier0ID, tier1ID, localeServiceID, err := extractGatewayIDLocaleServiceID(parentPath) + if err != nil { + return err + } + if tier0ID != "" { + if localeServiceID == "" { + bindingClient := tier0s.NewFloodProtectionProfileBindingsClient(getSessionContext(d, m), connector) + err = bindingClient.Patch(tier0ID, id, obj) + } else { + bindingClient := t0localeservices.NewFloodProtectionProfileBindingsClient(getSessionContext(d, m), connector) + err = bindingClient.Patch(tier0ID, localeServiceID, id, obj) + } + if err != nil { + return err + } + } else if tier1ID != "" { + if localeServiceID == "" { + bindingClient := tier1s.NewFloodProtectionProfileBindingsClient(getSessionContext(d, m), connector) + err = bindingClient.Patch(tier1ID, id, obj) + } else { + bindingClient := t1localeservices.NewFloodProtectionProfileBindingsClient(getSessionContext(d, m), connector) + err = bindingClient.Patch(tier1ID, localeServiceID, id, obj) + } + } + return err +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileBindingGet(sessionContext utl.SessionContext, connector client.Connector, parentPath, id string) (model.FloodProtectionProfileBindingMap, error) { + var binding model.FloodProtectionProfileBindingMap + tier0ID, tier1ID, localeServiceID, err := extractGatewayIDLocaleServiceID(parentPath) + if err != nil { + return binding, err + } + + if tier0ID != "" { + if localeServiceID == "" { + bindingClient := tier0s.NewFloodProtectionProfileBindingsClient(sessionContext, connector) + binding, err = bindingClient.Get(tier0ID, id) + } else { + bindingClient := t0localeservices.NewFloodProtectionProfileBindingsClient(sessionContext, connector) + binding, err = bindingClient.Get(tier0ID, localeServiceID, id) + } + } else if tier1ID != "" { + if localeServiceID == "" { + bindingClient := tier1s.NewFloodProtectionProfileBindingsClient(sessionContext, connector) + binding, err = bindingClient.Get(tier1ID, id) + } else { + bindingClient := t1localeservices.NewFloodProtectionProfileBindingsClient(sessionContext, connector) + binding, err = bindingClient.Get(tier1ID, localeServiceID, id) + } + } + return binding, err +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileBindingExists(sessionContext utl.SessionContext, connector client.Connector, parentPath, id string) (bool, error) { + _, err := resourceNsxtPolicyGatewayFloodProtectionProfileBindingGet(sessionContext, connector, parentPath, id) + if err == nil { + return true, nil + } + + if isNotFoundError(err) { + return false, nil + } + + return false, logAPIError("Error retrieving resource", err) +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileBindingCreate(d *schema.ResourceData, m interface{}) error { + + var err error + // While binding flood protection profile with gateway, the only supported profile binding id value is 'default'. + // API response: Invalid profile binding id c1cf7a71-7549-45d5-ba9f-19b7979e2620, only supported value is 'default'. (code 523203) + id := "default" + parentPath := d.Get("parent_path").(string) + + exist, err := resourceNsxtPolicyGatewayFloodProtectionProfileBindingExists(getSessionContext(d, m), getPolicyConnector(m), parentPath, id) + if err != nil { + return err + } + if exist { + return fmt.Errorf("Resource with id %s already exists", id) + } + + err = resourceNsxtPolicyGatewayFloodProtectionProfileBindingPatch(d, m, parentPath, id) + if err != nil { + return handleCreateError("GatewayFloodProtectionProfile", id, err) + } + + d.SetId(id) + d.Set("nsx_id", id) + + return resourceNsxtPolicyGatewayFloodProtectionProfileBindingRead(d, m) +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileBindingRead(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining GatewayFloodProtectionProfile ID") + } + + parentPath := d.Get("parent_path").(string) + binding, err := resourceNsxtPolicyGatewayFloodProtectionProfileBindingGet(getSessionContext(d, m), connector, parentPath, id) + if err != nil { + return handleReadError(d, "GatewayFloodProtectionProfileBinding", id, err) + } + + floodProtectionProfileBindingModelToSchema(d, *binding.DisplayName, *binding.Description, id, *binding.Path, *binding.ProfilePath, -1, binding.Tags, *binding.Revision) + return nil +} + +func floodProtectionProfileBindingModelToSchema(d *schema.ResourceData, displayName, description, nsxID, path, profilePath string, seqNum int64, tags []model.Tag, revision int64) { + d.Set("display_name", displayName) + d.Set("description", description) + setPolicyTagsInSchema(d, tags) + d.Set("nsx_id", nsxID) + d.Set("path", path) + d.Set("revision", revision) + + d.Set("profile_path", profilePath) + if seqNum != -1 { + d.Set("sequence_number", seqNum) + } +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileBindingUpdate(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining GatewayFloodProtectionProfileBinding ID") + } + + parentPath := d.Get("parent_path").(string) + + err := resourceNsxtPolicyGatewayFloodProtectionProfileBindingPatch(d, m, parentPath, id) + if err != nil { + return handleUpdateError("GatewayFloodProtectionProfileBinding", id, err) + } + + return resourceNsxtPolicyGatewayFloodProtectionProfileBindingRead(d, m) +} + +func resourceNsxtPolicyGatewayFloodProtectionProfileBindingDelete(d *schema.ResourceData, m interface{}) error { + + id := d.Id() + if id == "" { + return fmt.Errorf("Error obtaining GatewayFloodProtectionProfileBinding ID") + } + + connector := getPolicyConnector(m) + parentPath := d.Get("parent_path").(string) + tier0ID, tier1ID, localeServiceID, err := extractGatewayIDLocaleServiceID(parentPath) + if err != nil { + return err + } + + if tier0ID != "" { + if localeServiceID == "" { + bindingClient := tier0s.NewFloodProtectionProfileBindingsClient(getSessionContext(d, m), connector) + err = bindingClient.Delete(tier0ID, id) + } else { + bindingClient := t0localeservices.NewFloodProtectionProfileBindingsClient(getSessionContext(d, m), connector) + err = bindingClient.Delete(tier0ID, localeServiceID, id) + } + if err != nil { + return err + } + } else if tier1ID != "" { + if localeServiceID == "" { + bindingClient := tier1s.NewFloodProtectionProfileBindingsClient(getSessionContext(d, m), connector) + err = bindingClient.Delete(tier1ID, id) + } else { + bindingClient := t1localeservices.NewFloodProtectionProfileBindingsClient(getSessionContext(d, m), connector) + err = bindingClient.Delete(tier1ID, localeServiceID, id) + } + } + + if err != nil { + return handleDeleteError("GatewayFloodProtectionProfileBinding", id, err) + } + return nil +} + +func nsxtGatewayFloodProtectionProfileBindingImporter(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) { + importID := d.Id() + _, err := nsxtPolicyPathResourceImporterHelper(d, m) + if err != nil { + return nil, err + } + + targetSection := "/flood-protection-profile-bindings/" + splitIdx := strings.LastIndex(importID, targetSection) + if splitIdx == -1 { + return nil, fmt.Errorf("invalid importID for GatewayFloodProtectionProfileBinding: %s", importID) + } + parentPath := importID[:splitIdx] + id := importID[splitIdx+len(targetSection):] + d.Set("parent_path", parentPath) + d.SetId(id) + return []*schema.ResourceData{d}, nil +} diff --git a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding_test.go b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding_test.go new file mode 100644 index 000000000..35d41a1f6 --- /dev/null +++ b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_binding_test.go @@ -0,0 +1,331 @@ +//* Copyright © 2024 VMware, Inc. All Rights Reserved. +// SPDX-License-Identifier: MPL-2.0 */ + +// This test file tests both distributed_flood_protection_profile and distributed_flood_protection_profile_binding +package nsxt + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +var accTestPolicyT0GatewayFloodProtectionProfileBindingCreateAttributes = map[string]string{ + "description": "terraform created", + "profile_res_name": "test1", + "parent_path": "nsxt_policy_tier0_gateway.test.path", +} + +var accTestPolicyT0GatewayFloodProtectionProfileBindingUpdateAttributes = map[string]string{ + "description": "terraform updated", + "profile_res_name": "test2", + "parent_path": "nsxt_policy_tier0_gateway.test.path", +} + +var accTestPolicyT0LSFloodProtectionProfileBindingCreateAttributes = map[string]string{ + "description": "terraform created", + "profile_res_name": "test1", + "parent_path": "data.nsxt_policy_gateway_locale_service.test.path", +} + +var accTestPolicyT0LSFloodProtectionProfileBindingUpdateAttributes = map[string]string{ + "description": "terraform updated", + "profile_res_name": "test2", + "parent_path": "data.nsxt_policy_gateway_locale_service.test.path", +} + +var accTestPolicyT1GatewayFloodProtectionProfileBindingCreateAttributes = map[string]string{ + "description": "terraform created", + "profile_res_name": "test1", + "parent_path": "nsxt_policy_tier1_gateway.test.path", +} + +var accTestPolicyT1GatewayFloodProtectionProfileBindingUpdateAttributes = map[string]string{ + "description": "terraform updated", + "profile_res_name": "test2", + "parent_path": "nsxt_policy_tier1_gateway.test.path", +} + +func TestAccResourceNsxtPolicyT0GatewayFloodProtectionProfileBinding_basic(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileBindingBasic(t, false, func() { + testAccPreCheck(t) + }, "tier0") +} + +func TestAccResourceNsxtPolicyT0LSFloodProtectionProfileBinding_basic(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileBindingBasic(t, false, func() { + testAccPreCheck(t) + testAccOnlyGlobalManager(t) + }, "ls") +} + +func TestAccResourceNsxtPolicyT1GatewayFloodProtectionProfileBinding_basic(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileBindingBasic(t, false, func() { + testAccPreCheck(t) + }, "tier1") +} + +func TestAccResourceNsxtPolicyT1GatewayFloodProtectionProfileBinding_multitenancy(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileBindingBasic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }, "tier1") +} + +func testAccResourceNsxtPolicyGatewayFloodProtectionProfileBindingBasic(t *testing.T, withContext bool, preCheck func(), parent string) { + testResourceName := "nsxt_policy_gateway_flood_protection_profile_binding.test" + if withContext { + testResourceName = "nsxt_policy_gateway_flood_protection_profile_binding.mttest" + } + name := getAccTestResourceName() + updatedName := fmt.Sprintf("%s-updated", name) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyGatewayFloodProtectionProfileBindingCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyGatewayFloodProtectionProfileBindingTemplate(true, withContext, name, parent), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyGatewayFloodProtectionProfileBindingExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", name), + resource.TestCheckResourceAttr(testResourceName, "description", "terraform created"), + resource.TestCheckResourceAttrSet(testResourceName, "profile_path"), + + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + ), + }, + { + Config: testAccNsxtPolicyGatewayFloodProtectionProfileBindingTemplate(false, withContext, updatedName, parent), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyGatewayFloodProtectionProfileBindingExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", "terraform updated"), + resource.TestCheckResourceAttrSet(testResourceName, "profile_path"), + + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfileBinding_importBasic(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileBindingImportBasic(t, false, func() { + testAccPreCheck(t) + }, "tier1") +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfileBinding_importBasic_multitenancy(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileBindingImportBasic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }, "tier1") +} + +func testAccResourceNsxtPolicyGatewayFloodProtectionProfileBindingImportBasic(t *testing.T, withContext bool, preCheck func(), parent string) { + testResourceName := "nsxt_policy_gateway_flood_protection_profile_binding.test" + if withContext { + testResourceName = "nsxt_policy_gateway_flood_protection_profile_binding.mttest" + } + name := getAccTestResourceName() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyGatewayFloodProtectionProfileBindingCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyGatewayFloodProtectionProfileBindingTemplate(true, withContext, name, parent), + }, + { + ResourceName: testResourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccResourceNsxtPolicyImportIDRetriever(testResourceName), + }, + }, + }) +} + +func testAccNsxtPolicyGatewayFloodProtectionProfileBindingExists(resourceName string) resource.TestCheckFunc { + return func(state *terraform.State) error { + + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + + rs, ok := state.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("Policy GatewayFloodProtectionProfileBinding resource %s not found in resources", resourceName) + } + + resourceID := rs.Primary.ID + if resourceID == "" { + return fmt.Errorf("Policy GatewayFloodProtectionProfileBinding resource ID not set in resources") + } + parentPath := rs.Primary.Attributes["parent_path"] + exists, err := resourceNsxtPolicyGatewayFloodProtectionProfileBindingExists(testAccGetSessionContext(), connector, parentPath, resourceID) + if err != nil { + return err + } + if !exists { + return fmt.Errorf("Policy GatewayFloodProtectionProfileBinding %s does not exist", resourceID) + } + + return nil + } +} + +func testAccNsxtPolicyGatewayFloodProtectionProfileBindingCheckDestroy(state *terraform.State, displayName string) error { + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + for _, rs := range state.RootModule().Resources { + + if rs.Type != "nsxt_policy_gateway_flood_protection_profile_binding" { + continue + } + + resourceID := rs.Primary.Attributes["id"] + parentPath := rs.Primary.Attributes["parent_path"] + exists, err := resourceNsxtPolicyGatewayFloodProtectionProfileBindingExists(testAccGetSessionContext(), connector, parentPath, resourceID) + if err == nil { + return err + } + + if exists { + return fmt.Errorf("Policy GatewayFloodProtectionProfile %s still exists", displayName) + } + } + return nil +} + +func testAccNsxtPolicyGatewayFloodProtectionProfileBindingTemplate(createFlow, withContext bool, name, parent string) string { + var attrMap map[string]string + if createFlow { + switch parent { + case "tier0": + attrMap = accTestPolicyT0GatewayFloodProtectionProfileBindingCreateAttributes + case "tier1": + attrMap = accTestPolicyT1GatewayFloodProtectionProfileBindingCreateAttributes + case "ls": + attrMap = accTestPolicyT0LSFloodProtectionProfileBindingCreateAttributes + } + } else { + switch parent { + case "tier0": + attrMap = accTestPolicyT0GatewayFloodProtectionProfileBindingUpdateAttributes + case "tier1": + attrMap = accTestPolicyT1GatewayFloodProtectionProfileBindingUpdateAttributes + case "ls": + attrMap = accTestPolicyT0LSFloodProtectionProfileBindingUpdateAttributes + } + } + context := "" + resourceName := "test" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + resourceName = "mttest" + } + return testAccNsxtPolicyGatewayFloodProtectionProfileBindingDeps(withContext) + fmt.Sprintf(` +resource "nsxt_policy_gateway_flood_protection_profile_binding" "%s" { +%s + display_name = "%s" + description = "%s" + profile_path = nsxt_policy_gateway_flood_protection_profile.%s.path + parent_path = %s + + tag { + scope = "scope1" + tag = "tag1" + } +} +`, resourceName, context, name, attrMap["description"], attrMap["profile_res_name"], attrMap["parent_path"]) +} + +func testAccNsxtPolicyGatewayFloodProtectionProfileBindingDeps(withContext bool) string { + context := "" + parentDeps := "" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + parentDeps = fmt.Sprintf(` +resource "nsxt_policy_tier1_gateway" "test" { +%s + display_name = "test" +} +`, context) + } else if testAccIsGlobalManager() { + parentDeps = fmt.Sprintf(` +data "nsxt_policy_site" "site1" { + display_name = "%s" +} + +data "nsxt_policy_edge_cluster" "ec_site1" { + site_path = data.nsxt_policy_site.site1.path +} + +data "nsxt_policy_edge_node" "en_site1" { + edge_cluster_path = data.nsxt_policy_edge_cluster.ec_site1.path + member_index = 0 +} + +resource "nsxt_policy_tier0_gateway" "test" { + display_name = "test" + locale_service { + edge_cluster_path = data.nsxt_policy_edge_cluster.ec_site1.path + preferred_edge_paths = [data.nsxt_policy_edge_node.en_site1.path] + } +} + +data "nsxt_policy_gateway_locale_service" "test" { + gateway_path = nsxt_policy_tier0_gateway.test.path +} + +resource "nsxt_policy_tier1_gateway" "test" { + display_name = "test" +}`, getTestSiteName()) + } else { + parentDeps = ` +resource "nsxt_policy_tier0_gateway" "test" { + display_name = "test" +} + +resource "nsxt_policy_tier1_gateway" "test" { + display_name = "test" +} +` + } + return parentDeps + fmt.Sprintf(` +resource "nsxt_policy_gateway_flood_protection_profile" "test1" { +%s + display_name = "gfpp1" + description = "Acceptance Test" + icmp_active_flow_limit = 3 + other_active_conn_limit = 3 + tcp_half_open_conn_limit = 3 + udp_active_flow_limit = 3 + nat_active_conn_limit = 3 +} + +resource "nsxt_policy_gateway_flood_protection_profile" "test2" { +%s + display_name = "gfpp2" + description = "Acceptance Test" + icmp_active_flow_limit = 4 + other_active_conn_limit = 4 + tcp_half_open_conn_limit = 4 + udp_active_flow_limit = 4 + nat_active_conn_limit = 4 +} +`, context, context) +} diff --git a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go new file mode 100644 index 000000000..c395d894c --- /dev/null +++ b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go @@ -0,0 +1,259 @@ +/* Copyright © 2023 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +var accTestPolicyGatewayFloodProtectionProfileCreateAttributes = map[string]string{ + "description": "terraform created", + "icmp_active_flow_limit": "2", + "other_active_conn_limit": "2", + "tcp_half_open_conn_limit": "2", + "udp_active_flow_limit": "2", + "nat_active_conn_limit": "2", +} + +var accTestPolicyGatewayFloodProtectionProfileUpdateAttributes = map[string]string{ + "description": "terraform updated", + "icmp_active_flow_limit": "5", + "other_active_conn_limit": "5", + "tcp_half_open_conn_limit": "5", + "udp_active_flow_limit": "5", + "nat_active_conn_limit": "5", +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_minimal(t *testing.T) { + testResourceName := "nsxt_policy_gateway_flood_protection_profile.test" + name := getAccTestResourceName() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyGatewayFloodProtectionProfileCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyGatewayFloodProtectionProfileMinimalistic(false, name), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyGatewayFloodProtectionProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "description", ""), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "0"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileBasic(t, false, func() { + testAccPreCheck(t) + }) +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_multitenancy(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileBasic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }) +} + +func testAccResourceNsxtPolicyGatewayFloodProtectionProfileBasic(t *testing.T, withContext bool, preCheck func()) { + testResourceName := "nsxt_policy_gateway_flood_protection_profile.test" + if withContext { + testResourceName = "nsxt_policy_gateway_flood_protection_profile.mttest" + } + name := getAccTestResourceName() + updatedName := fmt.Sprintf("%s-updated", name) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyGatewayFloodProtectionProfileCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(true, withContext, name), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyGatewayFloodProtectionProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", name), + resource.TestCheckResourceAttr(testResourceName, "description", accTestPolicyGatewayFloodProtectionProfileCreateAttributes["description"]), + resource.TestCheckResourceAttr(testResourceName, "icmp_active_flow_limit", accTestPolicyGatewayFloodProtectionProfileCreateAttributes["icmp_active_flow_limit"]), + resource.TestCheckResourceAttr(testResourceName, "other_active_conn_limit", accTestPolicyGatewayFloodProtectionProfileCreateAttributes["other_active_conn_limit"]), + resource.TestCheckResourceAttr(testResourceName, "tcp_half_open_conn_limit", accTestPolicyGatewayFloodProtectionProfileCreateAttributes["tcp_half_open_conn_limit"]), + resource.TestCheckResourceAttr(testResourceName, "udp_active_flow_limit", accTestPolicyGatewayFloodProtectionProfileCreateAttributes["udp_active_flow_limit"]), + resource.TestCheckResourceAttr(testResourceName, "nat_active_conn_limit", accTestPolicyGatewayFloodProtectionProfileCreateAttributes["nat_active_conn_limit"]), + + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + ), + }, + { + Config: testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(false, withContext, updatedName), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyGatewayFloodProtectionProfileExists(testResourceName), + resource.TestCheckResourceAttr(testResourceName, "display_name", updatedName), + resource.TestCheckResourceAttr(testResourceName, "description", accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["description"]), + resource.TestCheckResourceAttr(testResourceName, "icmp_active_flow_limit", accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["icmp_active_flow_limit"]), + resource.TestCheckResourceAttr(testResourceName, "other_active_conn_limit", accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["other_active_conn_limit"]), + resource.TestCheckResourceAttr(testResourceName, "tcp_half_open_conn_limit", accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["tcp_half_open_conn_limit"]), + resource.TestCheckResourceAttr(testResourceName, "udp_active_flow_limit", accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["udp_active_flow_limit"]), + resource.TestCheckResourceAttr(testResourceName, "nat_active_conn_limit", accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["nat_active_conn_limit"]), + + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_importBasic(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileImportBasic(t, false, func() { + testAccPreCheck(t) + }) +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_importBasic_multitenancy(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfileImportBasic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }) +} + +func testAccResourceNsxtPolicyGatewayFloodProtectionProfileImportBasic(t *testing.T, withContext bool, preCheck func()) { + name := getAccTestResourceName() + testResourceName := "nsxt_policy_gateway_flood_protection_profile.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyGatewayFloodProtectionProfileCheckDestroy(state, name) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyGatewayFloodProtectionProfileMinimalistic(withContext, name), + }, + { + ResourceName: testResourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccResourceNsxtPolicyImportIDRetriever(testResourceName), + }, + }, + }) +} + +func testAccNsxtPolicyGatewayFloodProtectionProfileExists(resourceName string) resource.TestCheckFunc { + return func(state *terraform.State) error { + + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + + rs, ok := state.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("Policy FloodProtectionProfile resource %s not found in resources", resourceName) + } + + resourceID := rs.Primary.ID + if resourceID == "" { + return fmt.Errorf("Policy GatewayFloodProtectionProfile resource ID not set in resources") + } + + exists, err := resourceNsxtPolicyFloodProtectionProfileExists(testAccGetSessionContext(), resourceID, connector) + if err != nil { + return err + } + if !exists { + return fmt.Errorf("Policy GatewayFloodProtectionProfile %s does not exist", resourceID) + } + + return nil + } +} + +func testAccNsxtPolicyGatewayFloodProtectionProfileCheckDestroy(state *terraform.State, displayName string) error { + connector := getPolicyConnector(testAccProvider.Meta().(nsxtClients)) + for _, rs := range state.RootModule().Resources { + + if rs.Type != "nsxt_policy_gateway_flood_protection_profile" { + continue + } + + resourceID := rs.Primary.Attributes["id"] + exists, err := resourceNsxtPolicyFloodProtectionProfileExists(testAccGetSessionContext(), resourceID, connector) + if err == nil { + return err + } + + if exists { + return fmt.Errorf("Policy GatewayFloodProtectionProfile %s still exists", displayName) + } + } + return nil +} + +func testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(createFlow, withContext bool, name string) string { + var attrMap map[string]string + if createFlow { + attrMap = accTestPolicyGatewayFloodProtectionProfileCreateAttributes + } else { + attrMap = accTestPolicyGatewayFloodProtectionProfileUpdateAttributes + } + context := "" + resourceName := "test" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + resourceName = "mttest" + } + return fmt.Sprintf(` +resource "nsxt_policy_gateway_flood_protection_profile" "%s" { +%s + display_name = "%s" + description = "%s" + icmp_active_flow_limit = %s + other_active_conn_limit = %s + tcp_half_open_conn_limit = %s + udp_active_flow_limit = %s + nat_active_conn_limit = %s + + tag { + scope = "scope1" + tag = "tag1" + } +} + +data "nsxt_policy_gateway_flood_protection_profile" "%s" { +%s + display_name = "%s" + depends_on = [nsxt_policy_gateway_flood_protection_profile.%s] +}`, resourceName, context, name, attrMap["description"], attrMap["icmp_active_flow_limit"], attrMap["other_active_conn_limit"], attrMap["tcp_half_open_conn_limit"], attrMap["udp_active_flow_limit"], attrMap["nat_active_conn_limit"], resourceName, context, name, resourceName) +} + +func testAccNsxtPolicyGatewayFloodProtectionProfileMinimalistic(withContext bool, name string) string { + context := "" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + } + return fmt.Sprintf(` +resource "nsxt_policy_gateway_flood_protection_profile" "test" { +%s + display_name = "%s" + +}`, context, name) +} diff --git a/website/docs/d/policy_distributed_flood_protection_profile.html.markdown b/website/docs/d/policy_distributed_flood_protection_profile.html.markdown new file mode 100644 index 000000000..174b96977 --- /dev/null +++ b/website/docs/d/policy_distributed_flood_protection_profile.html.markdown @@ -0,0 +1,48 @@ +--- +subcategory: "Security" +layout: "nsxt" +page_title: "NSXT: policy_distributed_flood_protection_profile" +description: Policy Distributed Flood Protection Profile data source. +--- + +# nsxt_policy_distributed_flood_protection_profile + +This data source provides information about policy Distributed Flood Protection Profile configured in NSX. +This data source is applicable to NSX Global Manager and NSX Policy Manager. + +## Example Usage + +```hcl +resource "nsxt_policy_distributed_flood_protection_profile" "test" { + display_name = "test" +} +``` + +## Example Usage - Multi-Tenancy + +```hcl +data "nsxt_policy_project" "demoproj" { + display_name = "demoproj" +} + +resource "nsxt_policy_distributed_flood_protection_profile" "test" { + context { + project_id = data.nsxt_policy_project.demoproj.id + } + display_name = "test" +} +``` + +## Argument Reference + +* `id` - (Optional) The ID of Distributed Flood Protection Profile to retrieve. +* `display_name` - (Optional) The Display Name prefix of the Distributed Flood Protection Profile to retrieve. +* `context` - (Optional) The context which the object belongs to + * `project_id` - (Required) The ID of the project which the object belongs to + +## Attributes Reference + +In addition to arguments listed above, the following attributes are exported: + +* `description` - The description of the resource. +* `path` - The NSX path of the policy resource. diff --git a/website/docs/d/policy_gateway_flood_protection_profile.html.markdown b/website/docs/d/policy_gateway_flood_protection_profile.html.markdown new file mode 100644 index 000000000..0e68185e9 --- /dev/null +++ b/website/docs/d/policy_gateway_flood_protection_profile.html.markdown @@ -0,0 +1,48 @@ +--- +subcategory: "Security" +layout: "nsxt" +page_title: "NSXT: policy_gateway_flood_protection_profile" +description: Policy Gateway Flood Protection Profile data source. +--- + +# nsxt_policy_gateway_flood_protection_profile + +This data source provides information about policy Gateway Flood Protection Profile configured in NSX. +This data source is applicable to NSX Global Manager and NSX Policy Manager. + +## Example Usage + +```hcl +resource "nsxt_policy_gateway_flood_protection_profile" "test" { + display_name = "test" +} +``` + +## Example Usage - Multi-Tenancy + +```hcl +data "nsxt_policy_project" "demoproj" { + display_name = "demoproj" +} + +resource "nsxt_policy_gateway_flood_protection_profile" "test" { + context { + project_id = data.nsxt_policy_project.demoproj.id + } + display_name = "test" +} +``` + +## Argument Reference + +* `id` - (Optional) The ID of Gateway Flood Protection Profile to retrieve. +* `display_name` - (Optional) The Display Name prefix of the Gateway Flood Protection Profile to retrieve. +* `context` - (Optional) The context which the object belongs to + * `project_id` - (Required) The ID of the project which the object belongs to + +## Attributes Reference + +In addition to arguments listed above, the following attributes are exported: + +* `description` - The description of the resource. +* `path` - The NSX path of the policy resource. diff --git a/website/docs/r/policy_distributed_flood_protection_profile.html.markdown b/website/docs/r/policy_distributed_flood_protection_profile.html.markdown new file mode 100644 index 000000000..d9a9f512f --- /dev/null +++ b/website/docs/r/policy_distributed_flood_protection_profile.html.markdown @@ -0,0 +1,99 @@ +--- +subcategory: "Security" +layout: "nsxt" +page_title: "NSXT: policy_distributed_flood_protection_profile" +description: A resource to configure Policy Distributed Flood Protection Profile on NSX Policy manager. +--- + +# nsxt_policy_distributed_flood_protection_profile + +This resource provides a method for the management of a Distributed Flood Protection Profile. + +This resource is applicable to NSX Global Manager and NSX Policy Manager. + +## Example Usage + +```hcl +resource "nsxt_policy_distributed_flood_protection_profile" "test" { + display_name = "test" + description = "test" + icmp_active_flow_limit = 3 + other_active_conn_limit = 3 + tcp_half_open_conn_limit = 3 + udp_active_flow_limit = 3 + enable_rst_spoofing = true + enable_syncache = true + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + +## Example Usage - Multi-Tenancy + +```hcl +data "nsxt_policy_project" "demoproj" { + display_name = "demoproj" +} + +resource "nsxt_policy_distributed_flood_protection_profile" "test" { + context { + project_id = data.nsxt_policy_project.demoproj.id + } + display_name = "test" + description = "test" + icmp_active_flow_limit = 3 + other_active_conn_limit = 3 + tcp_half_open_conn_limit = 3 + udp_active_flow_limit = 3 + enable_rst_spoofing = true + enable_syncache = true + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `display_name` - (Required) Display name of the resource. +* `description` - (Optional) Description of the resource. +* `tag` - (Optional) A list of scope + tag pairs to associate with this resource. +* `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the policy resource. +* `icmp_active_flow_limit` - (Optional) Active ICMP connections limit. If this field is empty, firewall will not set a limit to active ICMP connections. Minimum: 1, Maximum: 1000000. +* `other_active_conn_limit` - (Optional) Timeout after first TN. If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections. Minimum: 1, Maximum: 1000000. +* `tcp_half_open_conn_limit` - (Optional) Active half open TCP connections limit. If this field is empty, firewall will not set a limit to half open TCP connections. Minimum: 1, Maximum: 1000000. +* `udp_active_flow_limit` - (Optional) Active UDP connections limit. If this field is empty, firewall will not set a limit to active UDP connections. Minimum: 1, Maximum: 1000000. +* `enable_rst_spoofing` - (Optional) Flag to indicate rst spoofing is enabled. If set to true, rst spoofing will be enabled. Flag is used only for distributed firewall profiles. Default: false. +* `enable_syncache` - (Optional) Flag to indicate syncache is enabled. If set to true, sync cache will be enabled. Flag is used only for distributed firewall profiles. Default: false. + +## Attributes Reference + +In addition to arguments listed above, the following attributes are exported: + +* `revision` - Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging. +* `path` - The NSX path of the policy resource. + +## Importing + +An existing Distributed Flood Protection Profile can be [imported][docs-import] into this resource, via the following command: + +[docs-import]: https://www.terraform.io/cli/import + +``` +terraform import nsxt_policy_distributed_flood_protection_profile.dfpp ID +``` + +The above command imports the Distributed Flood Protection Profile named `dfpp` with the NSX Policy ID `ID`. + +``` +terraform import nsxt_policy_distributed_flood_protection_profile.dfpp POLICY_PATH +``` +The above command imports the Distributed Flood Protection Profile named `dfpp` with the policy path `POLICY_PATH`. +Note: for multitenancy projects only the later form is usable. diff --git a/website/docs/r/policy_distributed_flood_protection_profile_binding.html.markdown b/website/docs/r/policy_distributed_flood_protection_profile_binding.html.markdown new file mode 100644 index 000000000..cf6572ab1 --- /dev/null +++ b/website/docs/r/policy_distributed_flood_protection_profile_binding.html.markdown @@ -0,0 +1,84 @@ +--- +subcategory: "Security" +layout: "nsxt" +page_title: "NSXT: policy_distributed_flood_protection_profile_binding" +description: A resource to configure Policy Distributed Flood Protection Profile BindingMap on NSX Policy manager. +--- + +# nsxt_policy_distributed_flood_protection_profile_binding + +This resource provides a method for the management of a Distributed Flood Protection Profile BindingMap. + +This resource is applicable to NSX Global Manager and NSX Policy Manager. + +## Example Usage + +```hcl +resource "nsxt_policy_distributed_flood_protection_profile_binding" "test" { + display_name = "test" + description = "test" + profile_path = nsxt_policy_distributed_flood_protection_profile.test.path + group_path = nsxt_policy_group.test.path + sequence_number = 3 + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + +## Example Usage - Multi-Tenancy + +```hcl +data "nsxt_policy_project" "demoproj" { + display_name = "demoproj" +} + +resource "nsxt_policy_distributed_flood_protection_profile_binding" "test" { + context { + project_id = data.nsxt_policy_project.demoproj.id + } + display_name = "test" + description = "test" + profile_path = nsxt_policy_distributed_flood_protection_profile.test.path + group_path = nsxt_policy_group.test.path + sequence_number = 3 + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `display_name` - (Required) Display name of the resource. +* `description` - (Optional) Description of the resource. +* `tag` - (Optional) A list of scope + tag pairs to associate with this resource. +* `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the policy resource. +* `profile_path` - (Required) The path of the flood protection profile to be binded. +* `group_path` - (Required) The path of the group to bind with the profile. +* `sequence_number` - (Optional) Sequence number of this profile binding map. + +## Attributes Reference + +In addition to arguments listed above, the following attributes are exported: + +* `revision` - Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging. +* `path` - The NSX path of the policy resource. + +## Importing + +An existing Distributed Flood Protection Profile BindingMap can be [imported][docs-import] into this resource, via the following command: + +[docs-import]: https://www.terraform.io/cli/import + +``` +terraform import nsxt_policy_distributed_flood_protection_profile_binding.dfppb POLICY_PATH +``` +The above command imports the Distributed Flood Protection Profile BindingMap named `dfppb` with the policy path `POLICY_PATH`. +Note: for multitenancy projects only the later form is usable. diff --git a/website/docs/r/policy_gateway_flood_protection_profile.html.markdown b/website/docs/r/policy_gateway_flood_protection_profile.html.markdown new file mode 100644 index 000000000..59c4b3112 --- /dev/null +++ b/website/docs/r/policy_gateway_flood_protection_profile.html.markdown @@ -0,0 +1,96 @@ +--- +subcategory: "Security" +layout: "nsxt" +page_title: "NSXT: policy_gateway_flood_protection_profile" +description: A resource to configure Policy Gateway Flood Protection Profile on NSX Policy manager. +--- + +# nsxt_policy_gateway_flood_protection_profile + +This resource provides a method for the management of a Gateway Flood Protection Profile. + +This resource is applicable to NSX Global Manager and NSX Policy Manager. + +## Example Usage + +```hcl +resource "nsxt_policy_gateway_flood_protection_profile" "test" { + display_name = "test" + description = "test" + icmp_active_flow_limit = 3 + other_active_conn_limit = 3 + tcp_half_open_conn_limit = 3 + udp_active_flow_limit = 3 + nat_active_conn_limit = 3 + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + +## Example Usage - Multi-Tenancy + +```hcl +data "nsxt_policy_project" "demoproj" { + display_name = "demoproj" +} + +resource "nsxt_policy_gateway_flood_protection_profile" "test" { + context { + project_id = data.nsxt_policy_project.demoproj.id + } + display_name = "test" + description = "test" + icmp_active_flow_limit = 3 + other_active_conn_limit = 3 + tcp_half_open_conn_limit = 3 + udp_active_flow_limit = 3 + nat_active_conn_limit = 3 + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `display_name` - (Required) Display name of the resource. +* `description` - (Optional) Description of the resource. +* `tag` - (Optional) A list of scope + tag pairs to associate with this resource. +* `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the policy resource. +* `icmp_active_flow_limit` - (Optional) Active ICMP connections limit. If this field is empty, firewall will not set a limit to active ICMP connections. Minimum: 1, Maximum: 1000000. +* `other_active_conn_limit` - (Optional) Timeout after first TN. If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections. Minimum: 1, Maximum: 1000000. +* `tcp_half_open_conn_limit` - (Optional) Active half open TCP connections limit. If this field is empty, firewall will not set a limit to half open TCP connections. Minimum: 1, Maximum: 1000000. +* `udp_active_flow_limit` - (Optional) Active UDP connections limit. If this field is empty, firewall will not set a limit to active UDP connections. Minimum: 1, Maximum: 1000000. +* `nat_active_conn_limit` - (Optional) Maximum limit of active NAT connections. The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource. Minimum: 1, Maximum: 4294967295, Default: 4294967295 + +## Attributes Reference + +In addition to arguments listed above, the following attributes are exported: + +* `revision` - Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging. +* `path` - The NSX path of the policy resource. + +## Importing + +An existing Gateway Flood Protection Profile can be [imported][docs-import] into this resource, via the following command: + +[docs-import]: https://www.terraform.io/cli/import + +``` +terraform import nsxt_policy_gateway_flood_protection_profile.gfpp ID +``` + +The above command imports the Gateway Flood Protection Profile named `gfpp` with the NSX Policy ID `ID`. + +``` +terraform import nsxt_policy_gateway_flood_protection_profile.gfpp POLICY_PATH +``` +The above command imports the Gateway Flood Protection Profile named `gfpp` with the policy path `POLICY_PATH`. +Note: for multitenancy projects only the later form is usable. diff --git a/website/docs/r/policy_gateway_flood_protection_profile_binding.html.markdown b/website/docs/r/policy_gateway_flood_protection_profile_binding.html.markdown new file mode 100644 index 000000000..bd0cc3005 --- /dev/null +++ b/website/docs/r/policy_gateway_flood_protection_profile_binding.html.markdown @@ -0,0 +1,89 @@ +--- +subcategory: "Security" +layout: "nsxt" +page_title: "NSXT: policy_gateway_flood_protection_profile_binding" +description: A resource to configure Policy Gateway Flood Protection Profile BindingMap on NSX Policy manager. +--- + +# nsxt_policy_gateway_flood_protection_profile_binding + +This resource provides a method for the management of a Gateway Flood Protection Profile BindingMap. + +This resource is applicable to NSX Global Manager and NSX Policy Manager. + +## Example Usage + +```hcl +data "nsxt_policy_tier0_gateway" "test" { + display_name = "tier0_gw" +} + +resource "nsxt_policy_gateway_flood_protection_profile_binding" "test" { + display_name = "test" + description = "test" + profile_path = nsxt_policy_gateway_flood_protection_profile.test.path + parent_path = data.nsxt_policy_tier0_gateway.test.path + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + +## Example Usage - Multi-Tenancy + +```hcl +data "nsxt_policy_project" "demoproj" { + display_name = "demoproj" +} + +data "nsxt_policy_tier1_gateway" "test" { + display_name = "tier1_gw" +} + +resource "nsxt_policy_gateway_flood_protection_profile_binding" "test" { + context { + project_id = data.nsxt_policy_project.demoproj.id + } + display_name = "test" + description = "test" + profile_path = nsxt_policy_gateway_flood_protection_profile.test.path + parent_path = data.nsxt_policy_tier1_gateway.test.path + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `display_name` - (Required) Display name of the resource. +* `description` - (Optional) Description of the resource. +* `tag` - (Optional) A list of scope + tag pairs to associate with this resource. +* `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the policy resource. +* `profile_path` - (Required) The path of the flood protection profile to be binded. +* `parent_path` - (Required) The path of the parent to bind with the profile. This could be either T0 path, T1 path or locale service path. + +## Attributes Reference + +In addition to arguments listed above, the following attributes are exported: + +* `revision` - Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging. +* `path` - The NSX path of the policy resource. + +## Importing + +An existing Gateway Flood Protection Profile BindingMap can be [imported][docs-import] into this resource, via the following command: + +[docs-import]: https://www.terraform.io/cli/import + +``` +terraform import nsxt_policy_gateway_flood_protection_profile_binding.gfppb POLICY_PATH +``` +The above command imports the Gateway Flood Protection Profile BindingMap named `gfppb` with the policy path `POLICY_PATH`. +Note: for multitenancy projects only the later form is usable.