diff --git a/ibm/resource_ibm_is_ike_policy.go b/ibm/resource_ibm_is_ike_policy.go index 0c4c9d1c3a..ef2760aa40 100644 --- a/ibm/resource_ibm_is_ike_policy.go +++ b/ibm/resource_ibm_is_ike_policy.go @@ -144,9 +144,9 @@ func resourceIBMISIKEPolicy() *schema.Resource { func resourceIBMISIKEValidator() *ResourceValidator { validateSchema := make([]ValidateSchema, 1) - authentication_algorithm := "md5, sha1, sha256" + authentication_algorithm := "md5, sha1, sha256, sha512" encryption_algorithm := "triple_des, aes128, aes256" - dh_group := "2, 5, 14" + dh_group := "2, 5, 14, 19" ike_version := "1, 2" validateSchema = append(validateSchema, ValidateSchema{ diff --git a/ibm/resource_ibm_is_ipsec_policy.go b/ibm/resource_ibm_is_ipsec_policy.go index cbef9594fa..691505fc25 100644 --- a/ibm/resource_ibm_is_ipsec_policy.go +++ b/ibm/resource_ibm_is_ipsec_policy.go @@ -143,7 +143,7 @@ func resourceIBMISIPSecPolicy() *schema.Resource { func resourceIBMISIPSECValidator() *ResourceValidator { validateSchema := make([]ValidateSchema, 1) - authentication_algorithm := "md5, sha1, sha256" + authentication_algorithm := "md5, sha1, sha256, sha512" encryption_algorithm := "triple_des, aes128, aes256" pfs := "disabled, group_2, group_5, group_14" validateSchema = append(validateSchema, diff --git a/ibm/validators.go b/ibm/validators.go index bbaa8f233e..937209427e 100644 --- a/ibm/validators.go +++ b/ibm/validators.go @@ -259,9 +259,9 @@ func validateMaxConn(v interface{}, k string) (ws []string, errors []error) { func validateKeyLifeTime(v interface{}, k string) (ws []string, errors []error) { secs := v.(int) - if secs < 300 || secs > 86400 { + if secs < 1800 || secs > 86400 { errors = append(errors, fmt.Errorf( - "%q must be between 300 and 86400", + "%q must be between 1800 and 86400", k)) return } diff --git a/website/docs/r/is_ike_policy.html.markdown b/website/docs/r/is_ike_policy.html.markdown index e8c0c7dbad..d1d33dc5c6 100644 --- a/website/docs/r/is_ike_policy.html.markdown +++ b/website/docs/r/is_ike_policy.html.markdown @@ -32,11 +32,11 @@ resource "ibm_is_ike_policy" "example" { The following arguments are supported: * `name` - (Required, string) Name of the IKE policy. -* `authentication_algorithm` - (Required, string) The authentication algorithm. Enumeration type: md5, sha1, sha256. +* `authentication_algorithm` - (Required, string) The authentication algorithm. Enumeration type: md5, sha1, sha256, sha512. * `encryption_algorithm` - (Required, string) The encryption algorithm. Enumeration type: triple_des, aes128, aes256. -* `dh_group` - (Required, int) The Diffie-Hellman group. Enumeration type: 2, 5, 14. +* `dh_group` - (Required, int) The Diffie-Hellman group. Enumeration type: 2, 5, 14, 19. * `ike_version` - (Optional,int) The IKE protocol version. Enumeration type: 1, 2. -* `key_lifetime` - (Optional, int) The key lifetime in seconds. Maximum: 86400, Minimum: 300. Default is 28800. +* `key_lifetime` - (Optional, int) The key lifetime in seconds. Maximum: 86400, Minimum: 1800. Default is 28800. * `resource_group` - (Optional, Forces new resource, string) The resource group ID where the ike policy to be created. ## Attribute Reference diff --git a/website/docs/r/is_ipsec_policy.html.markdown b/website/docs/r/is_ipsec_policy.html.markdown index e00bbb178e..0ed5d1fb6f 100644 --- a/website/docs/r/is_ipsec_policy.html.markdown +++ b/website/docs/r/is_ipsec_policy.html.markdown @@ -31,10 +31,10 @@ resource "ibm_is_ipsec_policy" "example" { The following arguments are supported: * `name` - (Required, string) Name of the IPsec policy. -* `authentication_algorithm` - (Required, string) The authentication algorithm. Enumeration type: md5, sha1, sha256. +* `authentication_algorithm` - (Required, string) The authentication algorithm. Enumeration type: md5, sha1, sha256, sha512. * `encryption_algorithm` - (Required, string) The encryption algorithm. Enumeration type: triple_des, aes128, aes256. * `pfs` - (Required, string) Perfect Forward Secrecy. Enumeration type: disabled, group_2, group_5, group_14. -* `key_lifetime` - (Optional, int) The key lifetime in seconds. Maximum: 86400, Minimum: 300. Default is 3600. +* `key_lifetime` - (Optional, int) The key lifetime in seconds. Maximum: 86400, Minimum: 1800. Default is 3600. * `resource_group` - (Optional, Forces new resource, string) The resource group ID where the ip sec policy to be created. ## Attribute Reference