Terraform ACI - Tenant Module

A Terraform module to configure ACI Tenant Policies.

NOTE: THIS MODULE IS DESIGNED TO BE CONSUMED USING "EASY ACI"

A comprehensive example using this module is available below:

Easy ACI

Requirements

Name	Version
terraform	>= 1.3.0
aci	>=2.13.0
mso	>=1.0.0

Providers

Name	Version
aci	2.13.2
mso	1.0.0

Inputs

Name	Description	Type	Default	Required
model	Model data.	any	n/a	yes
tenant	Name of the Tenant.	any	n/a	yes
tenant_sensitive	Note: Sensitive Variables cannot be added to a for_each loop so these are added seperately. * mcp_instance_policy_default: MisCabling Protocol Instance Settings. - key: The key or password used to uniquely identify this configuration object. * virtual_networking: ACI to Virtual Infrastructure Integration. - password: Username/Password combination to Authenticate to the Virtual Infrastructure.	object({ bgp = object({ password = map(string) }) nexus_dashboard = object({ aws_secret_key = map(string) azure_client_secret = map(string) }) ospf = object({ authentication_key = map(string) }) vrf = object({ snmp_community = map(string) }) })	{ "bgp": { "password": {} }, "nexus_dashboard": { "aws_secret_key": {}, "azure_client_secret": {} }, "ospf": { "authentication_key": {} }, "vrf": { "snmp_community": {} } }	no

Outputs

Name	Description
application_profiles	Identifiers for Application Profiles: * application_profiles: - ACI: Tenants => {Tenant Name} => Application Profiles: {Name} - NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => {Template} => Application Profile: {Name} - application_epgs: * ACI: Tenants => {Tenant Name} => Application Profiles: {Name} => Application EPGs: {Name} * NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => {Template} => Application Profile: {Name} => EPGs: {Name} * epg_to_contracts: - ACI: Tenants => {Tenant Name} => Application Profiles: {Name} => Application EPGs: {Name} => Contracts - NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => {Template} => Application Profile: {Name} => EPGs: {Name}: Contracts * epg_to_domains: - ACI: Tenants => {Tenant Name} => Application Profiles: {Name} => Application EPGs: {Name} => Domains - NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => {Template} => Application Profile: {Name} => EPGs: {Name}: {Select Site}: Domains * epg_to_static_paths: - ACI: Tenants => {Tenant Name} => Application Profiles: {Name} => Application EPGs: {Name} => Static Ports - NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => {Template} => Application Profile: {Name} => EPGs: {Name}: {Select Site}: Static Ports
contracts	Identifiers for Contracts: * contracts: - oob_contracts: Tenants => {Tenant Name} => Contracts => Out-of-Band Contracts: {Name} - standard_contracts: * ACI: Tenants => {Tenant Name} => Contracts => Standard: {Name} * NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => {Template} => Contracts: {Name} - taboo_contracts: Tenants => {Tenant Name} => Contracts => Taboos: {Name} * filters: - filters: Tenants => {Tenant Name} => Contracts => Filters: {Name} - filter_entries: * ACI: Tenants => {Tenant Name} => Contracts => Filters: {Name} => Entries * NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => {Template} => Filter: {Name}
networking	Identifiers for Tenant Networking: * bridge_domains: - ACI: Tenants => {Tenant Name} => Networking => Bridge Domains: {Name} - NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => Bridge Domains: {Name} - bridge_domain_subnets: Tenants => {Tenant Name} => Networking => Bridge Domains: {Name} => Subnets * l3outs: - ACI: Tenants => {Tenant Name} => Networking => L3Outs: {Name} - NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => Bridge Domains: {Name} - l3out_bgp_external_policy: Tenants => {Tenant Name} => Networking => L3Outs: {Name} => Policy => Enabled BGP/EIGRP/OSPF: BGP - l3out_external_epgs: Tenants => Tenants => {Tenant Name} => Networking => L3Outs: {Name} => External EPGs: {Name} * l3out_external_epg_subnets: Tenants => Tenants => {Tenant Name} => Networking => L3Outs: {Name} => External EPGs: {Name} => Subnets - l3out_node_profiles: Tenants => {Tenant Name} => Networking => L3Outs: {Name} => Logical Node Profiles: {Name} * l3out_interface_profiles: Tenants => {Tenant Name} => Networking => L3Outs: {Name} => Logical Node Profiles: {Name} => Logical Interface Profiles: {Name} - l3out_interface_profile_ospf_interfaces: Tenants => {Tenant Name} => Networking => L3Outs: {Name} => Logical Node Profiles: {Name} => Logical Interface Profiles: {Name} => OSPF Interface Profile - l3out_interface_profile_path_attachment: Tenants => {Tenant Name} => Networking => L3Outs: {Name} => Logical Node Profiles: {Name} => Logical Interface Profiles: {Name}: Routed Sub-Interfaces/Routed Interfaces/SVI/Floating SVI * l3out_node_profile_bgp_peers: Tenants => {Tenant Name} => Networking => L3Outs: {Name} => Logical Node Profiles: {Name}: BGP Peer Connectivity * l3out_node_profile_static_routes: Tenants => {Tenant Name} => Networking => L3Outs: {Name} => Logical Node Profiles: {Name}: (Double click node under Nodes): Static Routes * l3out_ospf_external_policy: Tenants => {Tenant Name} => Networking => L3Outs: {Name} => Policy => Enabled BGP/EIGRP/OSPF: OSPF * vrf: - ACI: Tenants => {Tenant Name} => Networking => VRFs: {Name} - NDO: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => {Template} => VRFs
nd_orchestrator	Identifiers for Nexus Dashboard Orchestrator: * schema: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} * schema_sites: Nexus Dashboard => Orchestrator => Configure => Tenant Templates => Applications: {Schema Name} => Sites * sites: Nexus Dashboard => Sites: {Site Name} * users: - External Users: Nexus Dashboard => Admin Console => Administrative => Authentication - Local Users: Nexus Dashboard => Admin Console => Administrative => Users
policies	Identifiers for Tenant Policies: * bfd: Tenants => {Tenant Name} => Policies => Protocol => BFD: {Name} * bgp: - bgp_address_family_context: Tenants => {Tenant Name} => Policies => Protocol => BGP => BGP Address Family Context: {Name} - bgp_best_path: Tenants => {Tenant Name} => Policies => Protocol => BGP => BGP Best Path Policy: {Name} - bgp_route_summarization: Tenants => {Tenant Name} => Policies => Protocol => BGP => BGP Route Summarization: {Name} - bgp_timers: Tenants => {Tenant Name} => Policies => Protocol => BGP => BGP Timers: {Name} * dhcp: - dhcp_option: Tenants => {Tenant Name} => Policies => Protocol => DHCP => Option Policies: {Name} - dhcp_relay: Tenants => {Tenant Name} => Policies => Protocol => DHCP => Relay Policies: {Name} * endpoint_retention: Tenants => {Tenant Name} => Policies => Protocol => End Point Retention: {Name} * hsrp: - hsrp_group: Tenants => {Tenant Name} => Policies => Protocol => HSRP => Interface Policies: {Name} - hsrp_interface: Tenants => {Tenant Name} => Policies => Protocol => HSRP => Group Policies: {Name} * ip_sla: - ip_sla_monitoring: Tenants => {Tenant Name} => Policies => Protocol => IP SLA => IP SLA Monitoring Policies: {Name} - track_lists: Tenants => {Tenant Name} => Policies => Protocol => IP SLA => Track Lists: {Name} - track_members: Tenants => {Tenant Name} => Policies => Protocol => IP SLA => Track Members: {Name} * l4_l7_pbr: Tenants => {Tenant Name} => Policies => Protocol => L4-L7 Policy-Based Redirect: {Name} * l4_l7_redirect_health_groups: Tenants => {Tenant Name} => Policies => Protocol => L4-L7 Policy-Based Redirect Health Groups: {Name} * l4_l7_pbr_destinations: Tenants => {Tenant Name} => Policies => Protocol => L4-L7 Policy-Based Redirect Destinations: {Name} * ospf: - ospf_interface: Tenants => {Tenant Name} => Policies => Protocol => OSPF => OSPF Interface: {Name} - ospf_route_summarization: Tenants => {Tenant Name} => Policies => Protocol => OSPF => OSPF Route Summarization: {Name} - ospf_timers: Tenants => {Tenant Name} => Policies => Protocol => OSPF => OSPF Timers: {Name}
tenants	Tenant Identifiers.

Resources

Name	Type
aci_any.vz_any	resource
aci_application_epg.map	resource
aci_application_profile.map	resource
aci_bd_dhcp_label.map	resource
aci_bfd_interface_policy.map	resource
aci_bgp_address_family_context.map	resource
aci_bgp_best_path_policy.map	resource
aci_bgp_peer_connectivity_profile.map	resource
aci_bgp_peer_prefix.map	resource
aci_bgp_route_summarization.map	resource
aci_bgp_timers.map	resource
aci_bridge_domain.map	resource
aci_bulk_epg_to_static_path.map	resource
aci_concrete_device.map	resource
aci_concrete_interface.map	resource
aci_connection.l4_l7_service_graph_connections	resource
aci_contract.map	resource
aci_contract_subject.map	resource
aci_destination_of_redirected_traffic.map	resource
aci_dhcp_option_policy.map	resource
aci_dhcp_relay_policy.map	resource
aci_end_point_retention_policy.map	resource
aci_epg_to_domain.map	resource
aci_epgs_using_function.epg_to_aaeps	resource
aci_external_network_instance_profile.map	resource
aci_filter.map	resource
aci_filter_entry.map	resource
aci_function_node.map	resource
aci_hsrp_group_policy.map	resource
aci_hsrp_interface_policy.map	resource
aci_ip_sla_monitoring_policy.map	resource
aci_l3_ext_subnet.map	resource
aci_l3_outside.map	resource
aci_l3out_bgp_external_policy.map	resource
aci_l3out_hsrp_interface_group.map	resource
aci_l3out_hsrp_interface_profile.map	resource
aci_l3out_hsrp_secondary_vip.map	resource
aci_l3out_ospf_external_policy.map	resource
aci_l3out_ospf_interface_profile.map	resource
aci_l3out_path_attachment.map	resource
aci_l3out_path_attachment_secondary_ip.map	resource
aci_l3out_static_route.map	resource
aci_l3out_static_route_next_hop.map	resource
aci_l3out_vpc_member.map	resource
aci_l4_l7_device.map	resource
aci_l4_l7_logical_interface.map	resource
aci_l4_l7_redirect_health_group.map	resource
aci_l4_l7_service_graph_template.map	resource
aci_logical_interface_profile.map	resource
aci_logical_node_profile.map	resource
aci_logical_node_to_fabric_node.map	resource
aci_match_community_terms.map	resource
aci_match_regex_community_terms.map	resource
aci_match_route_destination_rule.map	resource
aci_match_rule.map	resource
aci_node_mgmt_epg.mgmt_epgs	resource
aci_ospf_interface_policy.map	resource
aci_ospf_route_summarization.map	resource
aci_ospf_timers.map	resource
aci_rest_managed.application_epgs_annotations	resource
aci_rest_managed.application_epgs_global_alias	resource
aci_rest_managed.application_profiles_annotations	resource
aci_rest_managed.application_profiles_global_alias	resource
aci_rest_managed.bridge_domain_annotations	resource
aci_rest_managed.bridge_domain_global_alias	resource
aci_rest_managed.contract_subject_filter	resource
aci_rest_managed.contract_to_epgs	resource
aci_rest_managed.contract_to_inb_epgs	resource
aci_rest_managed.contract_to_oob_epgs	resource
aci_rest_managed.external_epg_contracts	resource
aci_rest_managed.external_epg_contracts_taboo	resource
aci_rest_managed.external_epg_intra_epg_contracts	resource
aci_rest_managed.external_management_network_instance_profiles	resource
aci_rest_managed.l3out_annotations	resource
aci_rest_managed.l3out_consumer_label	resource
aci_rest_managed.l3out_global_alias	resource
aci_rest_managed.l3out_multicast	resource
aci_rest_managed.l3out_route_profiles_for_redistribution	resource
aci_rest_managed.oob_contract_subjects	resource
aci_rest_managed.oob_contracts	resource
aci_rest_managed.rogue_coop_exception_list	resource
aci_rest_managed.route_map_set_rules	resource
aci_rest_managed.route_map_set_rules_set_community	resource
aci_rest_managed.route_map_set_rules_set_dampening	resource
aci_rest_managed.route_map_set_rules_set_external_epg	resource
aci_rest_managed.route_map_set_rules_set_metric	resource
aci_rest_managed.route_map_set_rules_set_metric_type	resource
aci_rest_managed.route_map_set_rules_set_next_hop_address	resource
aci_rest_managed.route_map_set_rules_set_preference	resource
aci_rest_managed.route_map_set_rules_set_route_tag	resource
aci_rest_managed.route_map_set_rules_set_weight	resource
aci_rest_managed.route_maps_context_set_rules	resource
aci_rest_managed.route_maps_contexts	resource
aci_rest_managed.route_maps_for_route_control	resource
aci_rest_managed.set_rules_additional_communities	resource
aci_rest_managed.set_rules_multipath	resource
aci_rest_managed.set_rules_next_hop_propegation	resource
aci_rest_managed.set_rules_set_as_path	resource
aci_rest_managed.taboo_contract_subjects	resource
aci_rest_managed.taboo_subject_filter	resource
aci_rest_managed.tenant_annotations	resource
aci_rest_managed.tenant_global_alias	resource
aci_rest_managed.track_lists	resource
aci_rest_managed.track_members	resource
aci_rest_managed.vrf_annotations	resource
aci_rest_managed.vrf_global_alias	resource
aci_rest_managed.vzany_contracts	resource
aci_rest_managed.vzany_provider_contracts	resource
aci_service_redirect_policy.map	resource
aci_snmp_community.vrf_communities	resource
aci_static_node_mgmt_address.map	resource
aci_subnet.bridge_domain_subnets	resource
aci_taboo_contract.map	resource
aci_tenant.map	resource
aci_vrf.map	resource
aci_vrf_snmp_context.map	resource
mso_schema.map	resource
mso_schema_site.map	resource
mso_schema_site_anp_epg_bulk_staticport.map	resource
mso_schema_site_anp_epg_domain.map	resource
mso_schema_site_bd.map	resource
mso_schema_site_bd_l3out.map	resource
mso_schema_site_vrf.map	resource
mso_schema_template_anp.map	resource
mso_schema_template_anp_epg.map	resource
mso_schema_template_anp_epg_contract.map	resource
mso_schema_template_bd.map	resource
mso_schema_template_bd_subnet.map	resource
mso_schema_template_contract.map	resource
mso_schema_template_filter_entry.map	resource
mso_schema_template_l3out.map	resource
mso_schema_template_vrf.map	resource
mso_schema_template_vrf_contract.map	resource
mso_tenant.map	resource
mso_schema.map	data source
mso_site.map	data source
mso_tenant.map	data source
mso_user.map	data source