diff --git a/avi/data_source_avi_serviceenginegroup_test.go b/avi/data_source_avi_serviceenginegroup_test.go index f124453a8..9171bd4de 100644 --- a/avi/data_source_avi_serviceenginegroup_test.go +++ b/avi/data_source_avi_serviceenginegroup_test.go @@ -153,6 +153,18 @@ func TestAVIDataSourceServiceEngineGroupBasic(t *testing.T) { "avi_serviceenginegroup.testServiceEngineGroup", "sdb_pipeline_size", "100"), resource.TestCheckResourceAttr( "avi_serviceenginegroup.testServiceEngineGroup", "sdb_scan_count", "1000"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "ignore_docker_mac_change", "true"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_emulated_cores", "0"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_dump_core_on_assert", "false"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_packet_buffer_max", "0"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_dp_if_state_poll_interval", "10"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "baremetal_dispatcher_handles_flows", "false"), ), }, }, @@ -249,6 +261,12 @@ resource "avi_serviceenginegroup" "testServiceEngineGroup" { sdb_flush_interval = "100" sdb_pipeline_size = "100" sdb_scan_count = "1000" + ignore_docker_mac_change = true + se_emulated_cores = "0" + se_dump_core_on_assert = false + se_packet_buffer_max = "0" + se_dp_if_state_poll_interval = "10" + baremetal_dispatcher_handles_flows = false } data "avi_serviceenginegroup" "testServiceEngineGroup" { diff --git a/avi/data_source_avi_wafprofile_test.go b/avi/data_source_avi_wafprofile_test.go index 1c73a059d..d621927b5 100644 --- a/avi/data_source_avi_wafprofile_test.go +++ b/avi/data_source_avi_wafprofile_test.go @@ -4019,7 +4019,6 @@ EOF } config { regex_match_limit = "1500" - allowed_request_content_types = ["application/x-www-form-urlencoded","multipart/form-data","text/xml","application/xml","application/x-amf","application/json"] allowed_methods = ["HTTP_METHOD_GET","HTTP_METHOD_HEAD","HTTP_METHOD_POST","HTTP_METHOD_OPTIONS"] content_type_mappings { content_type = "application/x-www-form-urlencoded" diff --git a/avi/datasource_avi_authprofile.go b/avi/datasource_avi_authprofile.go index f3b1093e3..2200bb9f9 100644 --- a/avi/datasource_avi_authprofile.go +++ b/avi/datasource_avi_authprofile.go @@ -42,6 +42,11 @@ func dataSourceAviAuthProfile() *schema.Resource { Optional: true, Computed: true, }, + "oauth_profile": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceOAuthProfileSchema(), + }, "pa_agent_ref": { Type: schema.TypeString, Computed: true, diff --git a/avi/datasource_avi_healthmonitor.go b/avi/datasource_avi_healthmonitor.go index 085bac33e..a0f1ec180 100644 --- a/avi/datasource_avi_healthmonitor.go +++ b/avi/datasource_avi_healthmonitor.go @@ -45,6 +45,16 @@ func dataSourceAviHealthMonitor() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "ftp_monitor": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceHealthMonitorFtpSchema(), + }, + "ftps_monitor": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceHealthMonitorFtpSchema(), + }, "http_monitor": { Type: schema.TypeSet, Computed: true, @@ -69,6 +79,16 @@ func dataSourceAviHealthMonitor() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "ldap_monitor": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceHealthMonitorLdapSchema(), + }, + "ldaps_monitor": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceHealthMonitorLdapSchema(), + }, "markers": { Type: schema.TypeList, Computed: true, diff --git a/avi/datasource_avi_licensestatus.go b/avi/datasource_avi_licensestatus.go new file mode 100644 index 000000000..a3375a0cd --- /dev/null +++ b/avi/datasource_avi_licensestatus.go @@ -0,0 +1,39 @@ +// Copyright 2019 VMware, Inc. +// SPDX-License-Identifier: Mozilla Public License 2.0 + +package avi + +import "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + +func dataSourceAviLicenseStatus() *schema.Resource { + return &schema.Resource{ + Read: ResourceAviLicenseStatusRead, + Schema: map[string]*schema.Schema{ + "configpb_attributes": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceConfigPbAttributesSchema(), + }, + "name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "saas_status": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceSaasLicensingStatusSchema(), + }, + "tenant_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} diff --git a/avi/datasource_avi_serviceenginegroup.go b/avi/datasource_avi_serviceenginegroup.go index 4b8cf4d99..ae4fe8ae3 100644 --- a/avi/datasource_avi_serviceenginegroup.go +++ b/avi/datasource_avi_serviceenginegroup.go @@ -80,6 +80,10 @@ func dataSourceAviServiceEngineGroup() *schema.Resource { Computed: true, Elem: &schema.Schema{Type: schema.TypeString}, }, + "baremetal_dispatcher_handles_flows": { + Type: schema.TypeString, + Computed: true, + }, "bgp_peer_monitor_failover_enabled": { Type: schema.TypeString, Computed: true, @@ -334,10 +338,18 @@ func dataSourceAviServiceEngineGroup() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "hybrid_rss_mode": { + Type: schema.TypeString, + Computed: true, + }, "hypervisor": { Type: schema.TypeString, Computed: true, }, + "ignore_docker_mac_change": { + Type: schema.TypeString, + Computed: true, + }, "ignore_rtt_threshold": { Type: schema.TypeString, Computed: true, @@ -364,6 +376,11 @@ func dataSourceAviServiceEngineGroup() *schema.Resource { Computed: true, Elem: ResourceIptableRuleSetSchema(), }, + "kni_allowed_server_ports": { + Type: schema.TypeList, + Computed: true, + Elem: ResourceKniPortRangeSchema(), + }, "l7_conns_per_core": { Type: schema.TypeString, Computed: true, @@ -584,6 +601,10 @@ func dataSourceAviServiceEngineGroup() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "num_dispatcher_queues": { + Type: schema.TypeString, + Computed: true, + }, "num_flow_cores_sum_changes_to_ignore": { Type: schema.TypeString, Computed: true, @@ -680,6 +701,10 @@ func dataSourceAviServiceEngineGroup() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "se_dp_if_state_poll_interval": { + Type: schema.TypeString, + Computed: true, + }, "se_dp_isolation": { Type: schema.TypeString, Computed: true, @@ -724,6 +749,14 @@ func dataSourceAviServiceEngineGroup() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "se_dump_core_on_assert": { + Type: schema.TypeString, + Computed: true, + }, + "se_emulated_cores": { + Type: schema.TypeString, + Computed: true, + }, "se_flow_probe_retries": { Type: schema.TypeString, Computed: true, @@ -781,6 +814,10 @@ func dataSourceAviServiceEngineGroup() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "se_packet_buffer_max": { + Type: schema.TypeString, + Computed: true, + }, "se_pcap_lookahead": { Type: schema.TypeString, Computed: true, diff --git a/avi/datasource_avi_statediffoperation.go b/avi/datasource_avi_statediffoperation.go new file mode 100644 index 000000000..2a5f90317 --- /dev/null +++ b/avi/datasource_avi_statediffoperation.go @@ -0,0 +1,55 @@ +// Copyright 2019 VMware, Inc. +// SPDX-License-Identifier: Mozilla Public License 2.0 + +package avi + +import "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + +func dataSourceAviStatediffOperation() *schema.Resource { + return &schema.Resource{ + Read: ResourceAviStatediffOperationRead, + Schema: map[string]*schema.Schema{ + "configpb_attributes": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceConfigPbAttributesSchema(), + }, + "events": { + Type: schema.TypeList, + Computed: true, + Elem: ResourceStatediffEventSchema(), + }, + "name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "node_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "operation": { + Type: schema.TypeString, + Computed: true, + }, + "phase": { + Type: schema.TypeString, + Computed: true, + }, + "status": { + Type: schema.TypeString, + Computed: true, + }, + "tenant_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} diff --git a/avi/datasource_avi_statediffsnapshot.go b/avi/datasource_avi_statediffsnapshot.go new file mode 100644 index 000000000..362ceeae9 --- /dev/null +++ b/avi/datasource_avi_statediffsnapshot.go @@ -0,0 +1,92 @@ +// Copyright 2019 VMware, Inc. +// SPDX-License-Identifier: Mozilla Public License 2.0 + +package avi + +import "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + +func dataSourceAviStatediffSnapshot() *schema.Resource { + return &schema.Resource{ + Read: ResourceAviStatediffSnapshotRead, + Schema: map[string]*schema.Schema{ + "configpb_attributes": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceConfigPbAttributesSchema(), + }, + "gslb_name": { + Type: schema.TypeString, + Computed: true, + }, + "gslb_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "pool_name": { + Type: schema.TypeString, + Computed: true, + }, + "pool_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "post_snapshot": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourcepostsnapshotSchema(), + }, + "pre_snapshot": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourcepresnapshotSchema(), + }, + "se_group_name": { + Type: schema.TypeString, + Computed: true, + }, + "se_group_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "se_name": { + Type: schema.TypeString, + Computed: true, + }, + "se_uuid": { + Type: schema.TypeString, + Computed: true, + }, + "snapshot_type": { + Type: schema.TypeString, + Computed: true, + }, + "statediff_operation_ref": { + Type: schema.TypeString, + Computed: true, + }, + "tenant_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "vs_name": { + Type: schema.TypeString, + Computed: true, + }, + "vs_uuid": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} diff --git a/avi/datasource_avi_upgradestatusinfo.go b/avi/datasource_avi_upgradestatusinfo.go index 339bbf9fe..ea4f1bd9b 100644 --- a/avi/datasource_avi_upgradestatusinfo.go +++ b/avi/datasource_avi_upgradestatusinfo.go @@ -162,6 +162,10 @@ func dataSourceAviUpgradeStatusInfo() *schema.Resource { Computed: true, Elem: ResourceUpgradeOpsStateSchema(), }, + "statediff_ref": { + Type: schema.TypeString, + Computed: true, + }, "system": { Type: schema.TypeString, Computed: true, diff --git a/avi/datasource_avi_virtualservice.go b/avi/datasource_avi_virtualservice.go index 3a0a1274a..707fff177 100644 --- a/avi/datasource_avi_virtualservice.go +++ b/avi/datasource_avi_virtualservice.go @@ -209,6 +209,11 @@ func dataSourceAviVirtualService() *schema.Resource { Computed: true, Elem: &schema.Schema{Type: schema.TypeString}, }, + "oauth_vs_config": { + Type: schema.TypeSet, + Computed: true, + Elem: ResourceOAuthVSConfigSchema(), + }, "performance_limits": { Type: schema.TypeSet, Computed: true, diff --git a/avi/datasource_avi_wafpolicy.go b/avi/datasource_avi_wafpolicy.go index 2898d9be0..5e8e5fb55 100644 --- a/avi/datasource_avi_wafpolicy.go +++ b/avi/datasource_avi_wafpolicy.go @@ -108,11 +108,6 @@ func dataSourceAviWafPolicy() *schema.Resource { Computed: true, Elem: ResourceWafRuleGroupSchema(), }, - "resolved_crs_groups": { - Type: schema.TypeList, - Computed: true, - Elem: ResourceWafRuleGroupSchema(), - }, "tenant_ref": { Type: schema.TypeString, Optional: true, diff --git a/avi/provider.go b/avi/provider.go index e7c66a93f..ba8a07264 100644 --- a/avi/provider.go +++ b/avi/provider.go @@ -71,6 +71,8 @@ func Provider() *schema.Provider { "avi_siteversion": dataSourceAviSiteVersion(), "avi_networkservice": dataSourceAviNetworkService(), "avi_securitypolicy": dataSourceAviSecurityPolicy(), + "avi_statediffoperation": dataSourceAviStatediffOperation(), + "avi_statediffsnapshot": dataSourceAviStatediffSnapshot(), "avi_vsvip": dataSourceAviVsVip(), "avi_virtualservice": dataSourceAviVirtualService(), "avi_serviceenginegroup": dataSourceAviServiceEngineGroup(), @@ -156,6 +158,7 @@ func Provider() *schema.Provider { "avi_testsedatastorelevel3": dataSourceAviTestSeDatastoreLevel3(), "avi_albservicesfileupload": dataSourceAviALBServicesFileUpload(), "avi_dynamicdnsrecord": dataSourceAviDynamicDnsRecord(), + "avi_licensestatus": dataSourceAviLicenseStatus(), "avi_seproperties": dataSourceAviSeProperties(), "avi_cloudproperties": dataSourceAviCloudProperties(), "avi_controllerportalregistration": dataSourceAviControllerPortalRegistration(), @@ -180,6 +183,8 @@ func Provider() *schema.Provider { "avi_siteversion": resourceAviSiteVersion(), "avi_networkservice": resourceAviNetworkService(), "avi_securitypolicy": resourceAviSecurityPolicy(), + "avi_statediffoperation": resourceAviStatediffOperation(), + "avi_statediffsnapshot": resourceAviStatediffSnapshot(), "avi_vsvip": resourceAviVsVip(), "avi_virtualservice": resourceAviVirtualService(), "avi_serviceenginegroup": resourceAviServiceEngineGroup(), @@ -265,6 +270,7 @@ func Provider() *schema.Provider { "avi_testsedatastorelevel3": resourceAviTestSeDatastoreLevel3(), "avi_albservicesfileupload": resourceAviALBServicesFileUpload(), "avi_dynamicdnsrecord": resourceAviDynamicDnsRecord(), + "avi_licensestatus": resourceAviLicenseStatus(), "avi_seproperties": resourceAviSeProperties(), "avi_cloudproperties": resourceAviCloudProperties(), "avi_controllerportalregistration": resourceAviControllerPortalRegistration(), diff --git a/avi/resource_avi_albservicesconfig.go b/avi/resource_avi_albservicesconfig.go index b89f04270..df196d6a5 100644 --- a/avi/resource_avi_albservicesconfig.go +++ b/avi/resource_avi_albservicesconfig.go @@ -62,8 +62,7 @@ func ResourceALBServicesConfigSchema() map[string]*schema.Schema { }, "saas_licensing_config": { Type: schema.TypeSet, - Optional: true, - Computed: true, + Required: true, Elem: ResourceSaasLicensingInfoSchema(), }, "split_proxy_configuration": { diff --git a/avi/resource_avi_authprofile.go b/avi/resource_avi_authprofile.go index 706ceaa9c..e1f1c3003 100644 --- a/avi/resource_avi_authprofile.go +++ b/avi/resource_avi_authprofile.go @@ -50,6 +50,12 @@ func ResourceAuthProfileSchema() map[string]*schema.Schema { Type: schema.TypeString, Required: true, }, + "oauth_profile": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOAuthProfileSchema(), + }, "pa_agent_ref": { Type: schema.TypeString, Optional: true, diff --git a/avi/resource_avi_controllerproperties_test.go b/avi/resource_avi_controllerproperties_test.go index b629f3679..7ad9f0764 100644 --- a/avi/resource_avi_controllerproperties_test.go +++ b/avi/resource_avi_controllerproperties_test.go @@ -12,9 +12,8 @@ import ( func TestAVIControllerPropertiesBasic(t *testing.T) { resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAVIControllerPropertiesDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, Steps: []resource.TestStep{ { Config: testAccAVIControllerPropertiesConfig, @@ -230,30 +229,6 @@ func testAccCheckAVIControllerPropertiesExists(resourcename string) resource.Tes } -func testAccCheckAVIControllerPropertiesDestroy(s *terraform.State) error { - conn := testAccProvider.Meta().(*clients.AviClient).AviSession - var obj interface{} - for _, rs := range s.RootModule().Resources { - if rs.Type != "avi_controllerproperties" { - continue - } - url := strings.SplitN(rs.Primary.ID, "/api", 2)[1] - uuid := strings.Split(url, "#")[0] - path := "api" + uuid - err := conn.Get(path, &obj) - if err != nil { - if strings.Contains(err.Error(), "404") { - return nil - } - return err - } - if len(obj.(map[string]interface{})) > 0 { - return fmt.Errorf("AVI ControllerProperties still exists") - } - } - return nil -} - const testAccAVIControllerPropertiesConfig = ` resource "avi_controllerproperties" "testControllerProperties" { vs_se_ping_fail = "60" diff --git a/avi/resource_avi_healthmonitor.go b/avi/resource_avi_healthmonitor.go index f74307783..6f061fca7 100644 --- a/avi/resource_avi_healthmonitor.go +++ b/avi/resource_avi_healthmonitor.go @@ -60,6 +60,18 @@ func ResourceHealthMonitorSchema() map[string]*schema.Schema { Default: "2", ValidateFunc: validateInteger, }, + "ftp_monitor": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceHealthMonitorFtpSchema(), + }, + "ftps_monitor": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceHealthMonitorFtpSchema(), + }, "http_monitor": { Type: schema.TypeSet, Optional: true, @@ -90,6 +102,18 @@ func ResourceHealthMonitorSchema() map[string]*schema.Schema { Default: "false", ValidateFunc: validateBool, }, + "ldap_monitor": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceHealthMonitorLdapSchema(), + }, + "ldaps_monitor": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceHealthMonitorLdapSchema(), + }, "markers": { Type: schema.TypeList, Optional: true, diff --git a/avi/resource_avi_licensestatus.go b/avi/resource_avi_licensestatus.go new file mode 100644 index 000000000..8de70503c --- /dev/null +++ b/avi/resource_avi_licensestatus.go @@ -0,0 +1,108 @@ +// Copyright 2019 VMware, Inc. +// SPDX-License-Identifier: Mozilla Public License 2.0 + +package avi + +import ( + "log" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/vmware/alb-sdk/go/clients" +) + +func ResourceLicenseStatusSchema() map[string]*schema.Schema { + return map[string]*schema.Schema{ + "configpb_attributes": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceConfigPbAttributesSchema(), + }, + "name": { + Type: schema.TypeString, + Required: true, + }, + "saas_status": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceSaasLicensingStatusSchema(), + }, + "tenant_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + } +} + +func resourceAviLicenseStatus() *schema.Resource { + return &schema.Resource{ + Create: resourceAviLicenseStatusCreate, + Read: ResourceAviLicenseStatusRead, + Update: resourceAviLicenseStatusUpdate, + Delete: resourceAviLicenseStatusDelete, + Schema: ResourceLicenseStatusSchema(), + Importer: &schema.ResourceImporter{ + State: ResourceLicenseStatusImporter, + }, + } +} + +func ResourceLicenseStatusImporter(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) { + s := ResourceLicenseStatusSchema() + return ResourceImporter(d, m, "licensestatus", s) +} + +func ResourceAviLicenseStatusRead(d *schema.ResourceData, meta interface{}) error { + s := ResourceLicenseStatusSchema() + err := APIRead(d, meta, "licensestatus", s) + if err != nil { + log.Printf("[ERROR] in reading object %v\n", err) + } + return err +} + +func resourceAviLicenseStatusCreate(d *schema.ResourceData, meta interface{}) error { + s := ResourceLicenseStatusSchema() + err := APICreateOrUpdate(d, meta, "licensestatus", s) + if err == nil { + err = ResourceAviLicenseStatusRead(d, meta) + } + return err +} + +func resourceAviLicenseStatusUpdate(d *schema.ResourceData, meta interface{}) error { + s := ResourceLicenseStatusSchema() + var err error + err = APICreateOrUpdate(d, meta, "licensestatus", s) + if err == nil { + err = ResourceAviLicenseStatusRead(d, meta) + } + return err +} + +func resourceAviLicenseStatusDelete(d *schema.ResourceData, meta interface{}) error { + objType := "licensestatus" + client := meta.(*clients.AviClient) + if APIDeleteSystemDefaultCheck(d) { + return nil + } + uuid := d.Get("uuid").(string) + if uuid != "" { + path := "api/" + objType + "/" + uuid + err := client.AviSession.Delete(path) + if err != nil && !(strings.Contains(err.Error(), "404") || strings.Contains(err.Error(), "204") || strings.Contains(err.Error(), "403")) { + log.Println("[INFO] resourceAviLicenseStatusDelete not found") + return err + } + d.SetId("") + } + return nil +} diff --git a/avi/resource_avi_rest_dependants.go b/avi/resource_avi_rest_dependants.go index 9145863e3..60ca50dfe 100644 --- a/avi/resource_avi_rest_dependants.go +++ b/avi/resource_avi_rest_dependants.go @@ -172,6 +172,11 @@ func ResourceALBServicesCaseSchema() *schema.Resource { Optional: true, Computed: true, }, + "mode": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "patch_version": { Type: schema.TypeString, Optional: true, @@ -1145,11 +1150,6 @@ func ResourceAppSignatureConfigSchema() *schema.Resource { Default: "1440", ValidateFunc: validateInteger, }, - "category": { - Type: schema.TypeString, - Optional: true, - Default: "ALB_THREAT_INTELLIGENCE_CATEGORY", - }, }, } } @@ -1237,6 +1237,11 @@ func ResourceApplicationLogSchema() *schema.Resource { Computed: true, ValidateFunc: validateInteger, }, + "auth_status": { + Type: schema.TypeString, + Optional: true, + Default: "AUTH_STATUS_NO_AUTHENTICATION", + }, "avg_ingress_latency_be": { Type: schema.TypeString, Optional: true, @@ -1518,6 +1523,12 @@ func ResourceApplicationLogSchema() *schema.Resource { Computed: true, Elem: ResourceNtlmLogSchema(), }, + "oauth_log": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOauthLogSchema(), + }, "ocsp_status_resp_sent": { Type: schema.TypeString, Optional: true, @@ -1813,6 +1824,17 @@ func ResourceApplicationLogSchema() *schema.Resource { Optional: true, Computed: true, }, + "source_ip": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "source_ip6": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "spdy_version": { Type: schema.TypeString, Optional: true, @@ -2275,7 +2297,8 @@ func ResourceAuthenticationPolicySchema() *schema.Resource { }, "default_auth_profile_ref": { Type: schema.TypeString, - Required: true, + Optional: true, + Computed: true, }, }, } @@ -4204,11 +4227,6 @@ func ResourceCaptureIPCSchema() *schema.Resource { func ResourceCaseConfigSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "category": { - Type: schema.TypeString, - Optional: true, - Default: "ALB_SUPPORT_CATEGORY", - }, "enable_auto_case_creation_on_controller_failure": { Type: schema.TypeString, Optional: true, @@ -5340,6 +5358,11 @@ func ResourceClusterNodeSchema() *schema.Resource { Optional: true, Elem: &schema.Schema{Type: schema.TypeString}, }, + "interfaces": { + Type: schema.TypeList, + Optional: true, + Elem: ResourceControllerInterfaceSchema(), + }, "ip": { Type: schema.TypeSet, Required: true, @@ -5363,6 +5386,11 @@ func ResourceClusterNodeSchema() *schema.Resource { Computed: true, Elem: ResourceIpAddrSchema(), }, + "static_routes": { + Type: schema.TypeList, + Optional: true, + Elem: ResourceStaticRouteSchema(), + }, "vm_hostname": { Type: schema.TypeString, Optional: true, @@ -7023,6 +7051,51 @@ func ResourceControllerInfoSchema() *schema.Resource { } } +func ResourceControllerInterfaceSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "gateway": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceIpAddrSchema(), + }, + "if_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "ip": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceIpAddrPrefixSchema(), + }, + "labels": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "mac_address": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "mode": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "public_ip_or_name": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceIpAddrSchema(), + }, + }, + } +} + func ResourceControllerInternalAuthSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -7238,6 +7311,12 @@ func ResourceControllerLimitsSchema() *schema.Resource { Computed: true, ValidateFunc: validateInteger, }, + "ipaddress_limits": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceIPAddrLimitsSchema(), + }, "ips_per_ipgroup": { Type: schema.TypeString, Optional: true, @@ -7274,6 +7353,12 @@ func ResourceControllerLimitsSchema() *schema.Resource { Computed: true, ValidateFunc: validateInteger, }, + "rules_per_nat_policy": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, "rules_per_networksecuritypolicy": { Type: schema.TypeString, Optional: true, @@ -10904,6 +10989,12 @@ func ResourceEventDetailsSchema() *schema.Resource { Computed: true, Elem: ResourceNetworkSubnetInfoSchema(), }, + "nsxt_endpoint_details": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceNsxtSIEndpointDetailsSchema(), + }, "nsxt_img_details": { Type: schema.TypeSet, Optional: true, @@ -10916,6 +11007,24 @@ func ResourceEventDetailsSchema() *schema.Resource { Computed: true, Elem: ResourceNsxtSetupSchema(), }, + "nsxt_policy_details": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceNsxtSIPolicyDetailsSchema(), + }, + "nsxt_rule_details": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceNsxtSIRuleDetailsSchema(), + }, + "nsxt_service_details": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceNsxtSIServiceDetailsSchema(), + }, "nw_subnet_clash_details": { Type: schema.TypeSet, Optional: true, @@ -11426,12 +11535,6 @@ func ResourceEventDetailsSchema() *schema.Resource { Computed: true, Elem: ResourceVinfraVcenterDiscoveryFailureSchema(), }, - "vcenter_img_details": { - Type: schema.TypeSet, - Optional: true, - Computed: true, - Elem: ResourceVcenterImageDetailsSchema(), - }, "vcenter_network_limit": { Type: schema.TypeSet, Optional: true, @@ -11829,6 +11932,58 @@ func ResourceFalsePositiveResultSchema() *schema.Resource { } } +func ResourceFbGsInfoSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "oper_status": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOperationalStatusSchema(), + }, + }, + } +} + +func ResourceFbPoolInfoSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "oper_status": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOperationalStatusSchema(), + }, + }, + } +} + +func ResourceFbSeInfoSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "oper_status": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOperationalStatusSchema(), + }, + }, + } +} + +func ResourceFbVsInfoSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "oper_status": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOperationalStatusSchema(), + }, + }, + } +} + func ResourceFeProxyRoutePublishConfigSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -14883,12 +15038,24 @@ func ResourceHTTPApplicationProfileSchema() *schema.Resource { Optional: true, Default: "SSL_CLIENT_CERTIFICATE_NONE", }, + "true_client_ip": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceTrueClientIPConfigSchema(), + }, "use_app_keepalive_timeout": { Type: schema.TypeString, Optional: true, Default: "false", ValidateFunc: validateBool, }, + "use_true_client_ip": { + Type: schema.TypeString, + Optional: true, + Default: "false", + ValidateFunc: validateBool, + }, "websockets_enabled": { Type: schema.TypeString, Optional: true, @@ -15725,6 +15892,28 @@ func ResourceHealthMonitorExternalSchema() *schema.Resource { } } +func ResourceHealthMonitorFtpSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "filename": { + Type: schema.TypeString, + Required: true, + }, + "mode": { + Type: schema.TypeString, + Optional: true, + Default: "FTP_PASSIVE_MODE", + }, + "ssl_attributes": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceHealthMonitorSSLAttributesSchema(), + }, + }, + } +} + func ResourceHealthMonitorHttpSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -15803,6 +15992,38 @@ func ResourceHealthMonitorImapSchema() *schema.Resource { } } +func ResourceHealthMonitorLdapSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "attributes": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "base_dn": { + Type: schema.TypeString, + Required: true, + }, + "filter": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "scope": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "ssl_attributes": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceHealthMonitorSSLAttributesSchema(), + }, + }, + } +} + func ResourceHealthMonitorPop3Schema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -16306,6 +16527,37 @@ func ResourceHypervisor_PropertiesSchema() *schema.Resource { } } +func ResourceIPAddrLimitsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "ip_address_group_per_match_criteria": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "ip_address_prefix_per_match_criteria": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "ip_address_range_per_match_criteria": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "ip_addresses_per_match_criteria": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + }, + } +} + func ResourceIPNetworkSubnetSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -16983,11 +17235,6 @@ func ResourceIpCommunitySchema() *schema.Resource { func ResourceIpReputationConfigSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "category": { - Type: schema.TypeString, - Optional: true, - Default: "ALB_THREAT_INTELLIGENCE_CATEGORY", - }, "ip_reputation_file_object_expiry_duration": { Type: schema.TypeString, Optional: true, @@ -17579,6 +17826,17 @@ func ResourceJWTMatchSchema() *schema.Resource { } } +func ResourceJWTValidationParamsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "audience": { + Type: schema.TypeString, + Required: true, + }, + }, + } +} + func ResourceJWTValidationVsConfigSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -17696,6 +17954,22 @@ func ResourceKeyValueTupleSchema() *schema.Resource { } } +func ResourceKniPortRangeSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "protocol": { + Type: schema.TypeString, + Required: true, + }, + "range": { + Type: schema.TypeSet, + Required: true, + Elem: ResourcePortRangeSchema(), + }, + }, + } +} + func ResourceL4ConnectionPolicySchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -18923,6 +19197,12 @@ func ResourceMatchTargetSchema() *schema.Resource { Computed: true, Elem: ResourceQueryMatchSchema(), }, + "source_ip": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceIpAddrMatchSchema(), + }, "version": { Type: schema.TypeSet, Optional: true, @@ -20970,6 +21250,150 @@ func ResourceNsxtImageDetailsSchema() *schema.Resource { } } +func ResourceNsxtSIEndpointDetailsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "endpoint": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "error_string": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "segroup": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "services": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "targetips": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "tier1": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} + +func ResourceNsxtSIPolicyDetailsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "error_string": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "policy": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "redirectto": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "scope": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "segroup": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "tier1": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} + +func ResourceNsxtSIRuleDetailsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "action": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "destexclude": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateBool, + }, + "dests": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "direction": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "error_string": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "pool": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "segroup": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "services": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "sources": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + }, + } +} + +func ResourceNsxtSIServiceDetailsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "error_string": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "service": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} + func ResourceNsxtSetupSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -21139,6 +21563,166 @@ func ResourceNuageSDNControllerSchema() *schema.Resource { } } +func ResourceOAuthAppSettingsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "client_id": { + Type: schema.TypeString, + Required: true, + }, + "client_secret": { + Type: schema.TypeString, + Required: true, + Sensitive: true, + DiffSuppressFunc: suppressSensitiveFieldDiffs, + }, + "oidc_config": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOIDCConfigSchema(), + }, + "scopes": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + }, + } +} + +func ResourceOAuthProfileSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "authorization_endpoint": { + Type: schema.TypeString, + Required: true, + }, + "introspection_endpoint": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "issuer": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "jwks_timeout": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "jwks_uri": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "oauth_resp_buffer_sz": { + Type: schema.TypeString, + Optional: true, + Default: "102400", + ValidateFunc: validateInteger, + }, + "pool_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "token_endpoint": { + Type: schema.TypeString, + Required: true, + }, + "userinfo_endpoint": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} + +func ResourceOAuthResourceServerSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "access_type": { + Type: schema.TypeString, + Optional: true, + Default: "ACCESS_TOKEN_TYPE_JWT", + }, + "jwt_params": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceJWTValidationParamsSchema(), + }, + "opaque_token_params": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOpaqueTokenValidationParamsSchema(), + }, + }, + } +} + +func ResourceOAuthSettingsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "app_settings": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOAuthAppSettingsSchema(), + }, + "auth_profile_ref": { + Type: schema.TypeString, + Required: true, + }, + "resource_server": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOAuthResourceServerSchema(), + }, + }, + } +} + +func ResourceOAuthVSConfigSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "cookie_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "cookie_timeout": { + Type: schema.TypeString, + Optional: true, + Default: "60", + ValidateFunc: validateInteger, + }, + "key": { + Type: schema.TypeList, + Optional: true, + Elem: ResourceHttpCookiePersistenceKeySchema(), + }, + "oauth_settings": { + Type: schema.TypeList, + Optional: true, + Elem: ResourceOAuthSettingsSchema(), + }, + "redirect_uri": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} + func ResourceOCICredentialsSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -21256,6 +21840,31 @@ func ResourceOCSPResponseInfoSchema() *schema.Resource { } } +func ResourceOIDCConfigSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "oidc_enable": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateBool, + }, + "profile": { + Type: schema.TypeString, + Optional: true, + Default: "true", + ValidateFunc: validateBool, + }, + "userinfo": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateBool, + }, + }, + } +} + func ResourceOShiftK8SConfigurationSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -21558,6 +22167,88 @@ func ResourceOShiftK8SConfigurationSchema() *schema.Resource { } } +func ResourceOauthLogSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "authn_rule_match": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceAuthnRuleMatchSchema(), + }, + "authz_rule_match": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceAuthzRuleMatchSchema(), + }, + "is_session_cookie_expired": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateBool, + }, + "jwks_subrequest": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOauthSubRequestLogSchema(), + }, + "oauth_state": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "state": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "token_exchange_subrequest": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOauthSubRequestLogSchema(), + }, + "token_introspection_subrequest": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOauthSubRequestLogSchema(), + }, + "token_refresh_subrequest": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOauthSubRequestLogSchema(), + }, + }, + } +} + +func ResourceOauthSubRequestLogSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "error_code": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "error_description": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "sub_request_log": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceSubRequestLogSchema(), + }, + }, + } +} + func ResourceObjSyncConfigSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -21583,6 +22274,23 @@ func ResourceObjSyncConfigSchema() *schema.Resource { } } +func ResourceOpaqueTokenValidationParamsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "server_id": { + Type: schema.TypeString, + Required: true, + }, + "server_secret": { + Type: schema.TypeString, + Required: true, + Sensitive: true, + DiffSuppressFunc: suppressSensitiveFieldDiffs, + }, + }, + } +} + func ResourceOpenStackApiVersionCheckFailureSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -22138,6 +22846,11 @@ func ResourceOpsHistorySchema() *schema.Resource { Computed: true, Elem: ResourceUpgradeOpsStateSchema(), }, + "statediff_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "upgrade_events": { Type: schema.TypeList, Optional: true, @@ -23143,12 +23856,6 @@ func ResourcePortalFeatureOptInSchema() *schema.Resource { Default: "true", ValidateFunc: validateBool, }, - "enable_saas_licensing": { - Type: schema.TypeString, - Optional: true, - Default: "false", - ValidateFunc: validateBool, - }, "enable_user_agent_db_sync": { Type: schema.TypeString, Optional: true, @@ -23867,6 +24574,12 @@ func ResourceResponseMatchTargetSchema() *schema.Resource { Optional: true, Elem: ResourceHdrMatchSchema(), }, + "source_ip": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceIpAddrMatchSchema(), + }, "status": { Type: schema.TypeSet, Optional: true, @@ -25227,21 +25940,56 @@ func ResourceSSLVersionSchema() *schema.Resource { func ResourceSaasLicensingInfoSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "cache_service_units": { + "max_service_units": { Type: schema.TypeString, Optional: true, Default: "0", ValidateFunc: validateFloat, }, - "category": { + "reserve_service_units": { + Type: schema.TypeString, + Optional: true, + Default: "0", + ValidateFunc: validateFloat, + }, + }, + } +} + +func ResourceSaasLicensingStatusSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "connected": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateBool, + }, + "enabled": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateBool, + }, + "message": { Type: schema.TypeString, Optional: true, - Default: "ALB_LICENSE_CATEGORY", + Computed: true, }, - "max_service_units": { + "name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "public_key": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "reserve_service_units": { Type: schema.TypeString, Optional: true, - Default: "1000", + Computed: true, ValidateFunc: validateFloat, }, }, @@ -29679,12 +30427,23 @@ func ResourceSidebandProfileSchema() *schema.Resource { func ResourceSingleLicenseSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ + "addons": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, "burst_cores": { Type: schema.TypeString, Optional: true, Computed: true, ValidateFunc: validateInteger, }, + "capacity": { + Type: schema.TypeString, + Optional: true, + Default: "0", + ValidateFunc: validateFloat, + }, "ccu": { Type: schema.TypeString, Optional: true, @@ -29790,6 +30549,11 @@ func ResourceSingleLicenseSchema() *schema.Resource { Optional: true, Computed: true, }, + "unit": { + Type: schema.TypeString, + Optional: true, + Default: "SERVICE_UNIT", + }, "valid_until": { Type: schema.TypeString, Required: true, @@ -30053,6 +30817,44 @@ func ResourceStateCacheMgrDebugFilterSchema() *schema.Resource { } } +func ResourceStatediffEventSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "duration": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "end_time": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "message": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "start_time": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "status": { + Type: schema.TypeString, + Optional: true, + Default: "FB_INIT", + }, + "task_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} + func ResourceStaticIpAllocInfoSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -30241,6 +31043,100 @@ func ResourceSubJobSchema() *schema.Resource { } } +func ResourceSubRequestLogSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "headers_received_from_server": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "headers_sent_to_server": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "http_response_code": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "http_version": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "method": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "pool_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "pool_uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "request_length": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "response_length": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "server_ip": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "server_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "server_port": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "source_port": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "total_time": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validateInteger, + }, + "uri_path": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "uri_query": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} + func ResourceSubResourceSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -30443,6 +31339,11 @@ func ResourceSwitchoverEventDetailsSchema() *schema.Resource { Optional: true, Computed: true, }, + "reason": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "to_se_name": { Type: schema.TypeString, Optional: true, @@ -30864,6 +31765,11 @@ func ResourceTencentZoneNetworkSchema() *schema.Resource { func ResourceTier1LogicalRouterInfoSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ + "locale_service": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "segment_id": { Type: schema.TypeString, Optional: true, @@ -30894,6 +31800,29 @@ func ResourceTimeStampSchema() *schema.Resource { } } +func ResourceTrueClientIPConfigSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "direction": { + Type: schema.TypeString, + Optional: true, + Default: "LEFT", + }, + "headers": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "index_in_header": { + Type: schema.TypeString, + Optional: true, + Default: "1", + ValidateFunc: validateInteger, + }, + }, + } +} + func ResourceUDPFastPathProfileSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -31451,11 +32380,6 @@ func ResourceUserAgentDBConfigSchema() *schema.Resource { Default: "500", ValidateFunc: validateInteger, }, - "category": { - Type: schema.TypeString, - Optional: true, - Default: "ALB_THREAT_INTELLIGENCE_CATEGORY", - }, }, } } @@ -32897,33 +33821,6 @@ func ResourceVcenterHostsSchema() *schema.Resource { } } -func ResourceVcenterImageDetailsSchema() *schema.Resource { - return &schema.Resource{ - Schema: map[string]*schema.Schema{ - "cc_id": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - "error_string": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - "image_version": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - "vc_url": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - }, - } -} - func ResourceVersionInfoSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -36389,11 +37286,6 @@ func ResourceWafConfigSchema() *schema.Resource { Optional: true, Elem: &schema.Schema{Type: schema.TypeString}, }, - "allowed_request_content_types": { - Type: schema.TypeList, - Optional: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, "argument_separator": { Type: schema.TypeString, Optional: true, @@ -36525,11 +37417,6 @@ func ResourceWafContentTypeMappingSchema() *schema.Resource { func ResourceWafCrsConfigSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "category": { - Type: schema.TypeString, - Optional: true, - Default: "ALB_THREAT_INTELLIGENCE_CATEGORY", - }, "enable_auto_download_waf_signatures": { Type: schema.TypeString, Optional: true, @@ -37260,15 +38147,71 @@ func ResourceWebApplicationSignatureServiceStatusSchema() *schema.Resource { } } -func ResourcevCenterConfigurationSchema() *schema.Resource { +func ResourcepostsnapshotSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "content_lib": { + "gssnapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceFbGsInfoSchema(), + }, + "poolsnapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceFbPoolInfoSchema(), + }, + "sesnapshot": { Type: schema.TypeSet, Optional: true, Computed: true, - Elem: ResourceContentLibConfigSchema(), + Elem: ResourceFbSeInfoSchema(), }, + "vssnapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceFbVsInfoSchema(), + }, + }, + } +} + +func ResourcepresnapshotSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "gssnapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceFbGsInfoSchema(), + }, + "poolsnapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceFbPoolInfoSchema(), + }, + "sesnapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceFbSeInfoSchema(), + }, + "vssnapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceFbVsInfoSchema(), + }, + }, + } +} + +func ResourcevCenterConfigurationSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ "datacenter": { Type: schema.TypeString, Optional: true, @@ -37302,12 +38245,6 @@ func ResourcevCenterConfigurationSchema() *schema.Resource { Type: schema.TypeString, Required: true, }, - "use_content_lib": { - Type: schema.TypeString, - Optional: true, - Default: "true", - ValidateFunc: validateBool, - }, "username": { Type: schema.TypeString, Optional: true, diff --git a/avi/resource_avi_serviceenginegroup.go b/avi/resource_avi_serviceenginegroup.go index 250b7d93f..74ac4eea7 100644 --- a/avi/resource_avi_serviceenginegroup.go +++ b/avi/resource_avi_serviceenginegroup.go @@ -113,6 +113,12 @@ func ResourceServiceEngineGroupSchema() map[string]*schema.Schema { Optional: true, Elem: &schema.Schema{Type: schema.TypeString}, }, + "baremetal_dispatcher_handles_flows": { + Type: schema.TypeString, + Optional: true, + Default: "false", + ValidateFunc: validateBool, + }, "bgp_peer_monitor_failover_enabled": { Type: schema.TypeString, Optional: true, @@ -475,11 +481,23 @@ func ResourceServiceEngineGroupSchema() map[string]*schema.Schema { Default: "64", ValidateFunc: validateInteger, }, + "hybrid_rss_mode": { + Type: schema.TypeString, + Optional: true, + Default: "false", + ValidateFunc: validateBool, + }, "hypervisor": { Type: schema.TypeString, Optional: true, Computed: true, }, + "ignore_docker_mac_change": { + Type: schema.TypeString, + Optional: true, + Default: "true", + ValidateFunc: validateBool, + }, "ignore_rtt_threshold": { Type: schema.TypeString, Optional: true, @@ -512,6 +530,11 @@ func ResourceServiceEngineGroupSchema() map[string]*schema.Schema { Optional: true, Elem: ResourceIptableRuleSetSchema(), }, + "kni_allowed_server_ports": { + Type: schema.TypeList, + Optional: true, + Elem: ResourceKniPortRangeSchema(), + }, "l7_conns_per_core": { Type: schema.TypeString, Optional: true, @@ -829,6 +852,12 @@ func ResourceServiceEngineGroupSchema() map[string]*schema.Schema { Default: "0", ValidateFunc: validateInteger, }, + "num_dispatcher_queues": { + Type: schema.TypeString, + Optional: true, + Default: "1", + ValidateFunc: validateInteger, + }, "num_flow_cores_sum_changes_to_ignore": { Type: schema.TypeString, Optional: true, @@ -961,6 +990,12 @@ func ResourceServiceEngineGroupSchema() map[string]*schema.Schema { Default: "0", ValidateFunc: validateInteger, }, + "se_dp_if_state_poll_interval": { + Type: schema.TypeString, + Optional: true, + Default: "10", + ValidateFunc: validateInteger, + }, "se_dp_isolation": { Type: schema.TypeString, Optional: true, @@ -1027,6 +1062,18 @@ func ResourceServiceEngineGroupSchema() map[string]*schema.Schema { Default: "0", ValidateFunc: validateInteger, }, + "se_dump_core_on_assert": { + Type: schema.TypeString, + Optional: true, + Default: "false", + ValidateFunc: validateBool, + }, + "se_emulated_cores": { + Type: schema.TypeString, + Optional: true, + Default: "0", + ValidateFunc: validateInteger, + }, "se_flow_probe_retries": { Type: schema.TypeString, Optional: true, @@ -1109,6 +1156,12 @@ func ResourceServiceEngineGroupSchema() map[string]*schema.Schema { Optional: true, Default: "Avi", }, + "se_packet_buffer_max": { + Type: schema.TypeString, + Optional: true, + Default: "0", + ValidateFunc: validateInteger, + }, "se_pcap_lookahead": { Type: schema.TypeString, Optional: true, diff --git a/avi/resource_avi_serviceenginegroup_test.go b/avi/resource_avi_serviceenginegroup_test.go index 933a65f24..52d0a8520 100644 --- a/avi/resource_avi_serviceenginegroup_test.go +++ b/avi/resource_avi_serviceenginegroup_test.go @@ -156,6 +156,18 @@ func TestAVIServiceEngineGroupBasic(t *testing.T) { "avi_serviceenginegroup.testServiceEngineGroup", "sdb_pipeline_size", "100"), resource.TestCheckResourceAttr( "avi_serviceenginegroup.testServiceEngineGroup", "sdb_scan_count", "1000"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "ignore_docker_mac_change", "true"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_emulated_cores", "0"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_dump_core_on_assert", "false"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_packet_buffer_max", "0"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_dp_if_state_poll_interval", "10"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "baremetal_dispatcher_handles_flows", "false"), ), }, { @@ -298,6 +310,18 @@ func TestAVIServiceEngineGroupBasic(t *testing.T) { "avi_serviceenginegroup.testServiceEngineGroup", "sdb_pipeline_size", "100"), resource.TestCheckResourceAttr( "avi_serviceenginegroup.testServiceEngineGroup", "sdb_scan_count", "1000"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "ignore_docker_mac_change", "true"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_emulated_cores", "0"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_dump_core_on_assert", "false"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_packet_buffer_max", "0"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "se_dp_if_state_poll_interval", "10"), + resource.TestCheckResourceAttr( + "avi_serviceenginegroup.testServiceEngineGroup", "baremetal_dispatcher_handles_flows", "false"), ), }, { @@ -447,6 +471,12 @@ resource "avi_serviceenginegroup" "testServiceEngineGroup" { sdb_flush_interval = "100" sdb_pipeline_size = "100" sdb_scan_count = "1000" + ignore_docker_mac_change = true + se_emulated_cores = "0" + se_dump_core_on_assert = false + se_packet_buffer_max = "0" + se_dp_if_state_poll_interval = "10" + baremetal_dispatcher_handles_flows = false } ` @@ -539,5 +569,11 @@ resource "avi_serviceenginegroup" "testServiceEngineGroup" { sdb_flush_interval = "100" sdb_pipeline_size = "100" sdb_scan_count = "1000" + ignore_docker_mac_change = true + se_emulated_cores = "0" + se_dump_core_on_assert = false + se_packet_buffer_max = "0" + se_dp_if_state_poll_interval = "10" + baremetal_dispatcher_handles_flows = false } ` diff --git a/avi/resource_avi_ssopolicy.go b/avi/resource_avi_ssopolicy.go index 9ebfc3a5d..fb380e847 100644 --- a/avi/resource_avi_ssopolicy.go +++ b/avi/resource_avi_ssopolicy.go @@ -15,7 +15,8 @@ func ResourceSSOPolicySchema() map[string]*schema.Schema { return map[string]*schema.Schema{ "authentication_policy": { Type: schema.TypeSet, - Required: true, + Optional: true, + Computed: true, Elem: ResourceAuthenticationPolicySchema(), }, "authorization_policy": { diff --git a/avi/resource_avi_statediffoperation.go b/avi/resource_avi_statediffoperation.go new file mode 100644 index 000000000..9cbddba9e --- /dev/null +++ b/avi/resource_avi_statediffoperation.go @@ -0,0 +1,128 @@ +// Copyright 2019 VMware, Inc. +// SPDX-License-Identifier: Mozilla Public License 2.0 + +package avi + +import ( + "log" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/vmware/alb-sdk/go/clients" +) + +func ResourceStatediffOperationSchema() map[string]*schema.Schema { + return map[string]*schema.Schema{ + "configpb_attributes": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceConfigPbAttributesSchema(), + }, + "events": { + Type: schema.TypeList, + Optional: true, + Elem: ResourceStatediffEventSchema(), + }, + "name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "node_uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "operation": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "phase": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "status": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "tenant_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + } +} + +func resourceAviStatediffOperation() *schema.Resource { + return &schema.Resource{ + Create: resourceAviStatediffOperationCreate, + Read: ResourceAviStatediffOperationRead, + Update: resourceAviStatediffOperationUpdate, + Delete: resourceAviStatediffOperationDelete, + Schema: ResourceStatediffOperationSchema(), + Importer: &schema.ResourceImporter{ + State: ResourceStatediffOperationImporter, + }, + } +} + +func ResourceStatediffOperationImporter(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) { + s := ResourceStatediffOperationSchema() + return ResourceImporter(d, m, "statediffoperation", s) +} + +func ResourceAviStatediffOperationRead(d *schema.ResourceData, meta interface{}) error { + s := ResourceStatediffOperationSchema() + err := APIRead(d, meta, "statediffoperation", s) + if err != nil { + log.Printf("[ERROR] in reading object %v\n", err) + } + return err +} + +func resourceAviStatediffOperationCreate(d *schema.ResourceData, meta interface{}) error { + s := ResourceStatediffOperationSchema() + err := APICreateOrUpdate(d, meta, "statediffoperation", s) + if err == nil { + err = ResourceAviStatediffOperationRead(d, meta) + } + return err +} + +func resourceAviStatediffOperationUpdate(d *schema.ResourceData, meta interface{}) error { + s := ResourceStatediffOperationSchema() + var err error + err = APICreateOrUpdate(d, meta, "statediffoperation", s) + if err == nil { + err = ResourceAviStatediffOperationRead(d, meta) + } + return err +} + +func resourceAviStatediffOperationDelete(d *schema.ResourceData, meta interface{}) error { + objType := "statediffoperation" + client := meta.(*clients.AviClient) + if APIDeleteSystemDefaultCheck(d) { + return nil + } + uuid := d.Get("uuid").(string) + if uuid != "" { + path := "api/" + objType + "/" + uuid + err := client.AviSession.Delete(path) + if err != nil && !(strings.Contains(err.Error(), "404") || strings.Contains(err.Error(), "204") || strings.Contains(err.Error(), "403")) { + log.Println("[INFO] resourceAviStatediffOperationDelete not found") + return err + } + d.SetId("") + } + return nil +} diff --git a/avi/resource_avi_statediffsnapshot.go b/avi/resource_avi_statediffsnapshot.go new file mode 100644 index 000000000..b6710791a --- /dev/null +++ b/avi/resource_avi_statediffsnapshot.go @@ -0,0 +1,175 @@ +// Copyright 2019 VMware, Inc. +// SPDX-License-Identifier: Mozilla Public License 2.0 + +package avi + +import ( + "log" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/vmware/alb-sdk/go/clients" +) + +func ResourceStatediffSnapshotSchema() map[string]*schema.Schema { + return map[string]*schema.Schema{ + "configpb_attributes": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceConfigPbAttributesSchema(), + }, + "gslb_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "gslb_uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "pool_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "pool_uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "post_snapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourcepostsnapshotSchema(), + }, + "pre_snapshot": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourcepresnapshotSchema(), + }, + "se_group_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "se_group_uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "se_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "se_uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "snapshot_type": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "statediff_operation_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "tenant_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "vs_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "vs_uuid": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + } +} + +func resourceAviStatediffSnapshot() *schema.Resource { + return &schema.Resource{ + Create: resourceAviStatediffSnapshotCreate, + Read: ResourceAviStatediffSnapshotRead, + Update: resourceAviStatediffSnapshotUpdate, + Delete: resourceAviStatediffSnapshotDelete, + Schema: ResourceStatediffSnapshotSchema(), + Importer: &schema.ResourceImporter{ + State: ResourceStatediffSnapshotImporter, + }, + } +} + +func ResourceStatediffSnapshotImporter(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) { + s := ResourceStatediffSnapshotSchema() + return ResourceImporter(d, m, "statediffsnapshot", s) +} + +func ResourceAviStatediffSnapshotRead(d *schema.ResourceData, meta interface{}) error { + s := ResourceStatediffSnapshotSchema() + err := APIRead(d, meta, "statediffsnapshot", s) + if err != nil { + log.Printf("[ERROR] in reading object %v\n", err) + } + return err +} + +func resourceAviStatediffSnapshotCreate(d *schema.ResourceData, meta interface{}) error { + s := ResourceStatediffSnapshotSchema() + err := APICreateOrUpdate(d, meta, "statediffsnapshot", s) + if err == nil { + err = ResourceAviStatediffSnapshotRead(d, meta) + } + return err +} + +func resourceAviStatediffSnapshotUpdate(d *schema.ResourceData, meta interface{}) error { + s := ResourceStatediffSnapshotSchema() + var err error + err = APICreateOrUpdate(d, meta, "statediffsnapshot", s) + if err == nil { + err = ResourceAviStatediffSnapshotRead(d, meta) + } + return err +} + +func resourceAviStatediffSnapshotDelete(d *schema.ResourceData, meta interface{}) error { + objType := "statediffsnapshot" + client := meta.(*clients.AviClient) + if APIDeleteSystemDefaultCheck(d) { + return nil + } + uuid := d.Get("uuid").(string) + if uuid != "" { + path := "api/" + objType + "/" + uuid + err := client.AviSession.Delete(path) + if err != nil && !(strings.Contains(err.Error(), "404") || strings.Contains(err.Error(), "204") || strings.Contains(err.Error(), "403")) { + log.Println("[INFO] resourceAviStatediffSnapshotDelete not found") + return err + } + d.SetId("") + } + return nil +} diff --git a/avi/resource_avi_upgradestatusinfo.go b/avi/resource_avi_upgradestatusinfo.go index 4413e4489..4b3b52b0e 100644 --- a/avi/resource_avi_upgradestatusinfo.go +++ b/avi/resource_avi_upgradestatusinfo.go @@ -204,6 +204,11 @@ func ResourceUpgradeStatusInfoSchema() map[string]*schema.Schema { Computed: true, Elem: ResourceUpgradeOpsStateSchema(), }, + "statediff_ref": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, "system": { Type: schema.TypeString, Optional: true, diff --git a/avi/resource_avi_virtualservice.go b/avi/resource_avi_virtualservice.go index a15276b60..2f5da2f3a 100644 --- a/avi/resource_avi_virtualservice.go +++ b/avi/resource_avi_virtualservice.go @@ -262,6 +262,12 @@ func ResourceVirtualServiceSchema() map[string]*schema.Schema { Optional: true, Elem: &schema.Schema{Type: schema.TypeString}, }, + "oauth_vs_config": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: ResourceOAuthVSConfigSchema(), + }, "performance_limits": { Type: schema.TypeSet, Optional: true, diff --git a/avi/resource_avi_wafpolicy.go b/avi/resource_avi_wafpolicy.go index 56a8029a3..f96c1fc8b 100644 --- a/avi/resource_avi_wafpolicy.go +++ b/avi/resource_avi_wafpolicy.go @@ -132,11 +132,6 @@ func ResourceWafPolicySchema() map[string]*schema.Schema { Optional: true, Elem: ResourceWafRuleGroupSchema(), }, - "resolved_crs_groups": { - Type: schema.TypeList, - Optional: true, - Elem: ResourceWafRuleGroupSchema(), - }, "tenant_ref": { Type: schema.TypeString, Optional: true, diff --git a/avi/resource_avi_wafprofile_test.go b/avi/resource_avi_wafprofile_test.go index c9ade57f1..38b15db79 100644 --- a/avi/resource_avi_wafprofile_test.go +++ b/avi/resource_avi_wafprofile_test.go @@ -4083,7 +4083,6 @@ EOF } config { regex_match_limit = "1500" - allowed_request_content_types = ["application/x-www-form-urlencoded","multipart/form-data","text/xml","application/xml","application/x-amf","application/json"] allowed_methods = ["HTTP_METHOD_GET","HTTP_METHOD_HEAD","HTTP_METHOD_POST","HTTP_METHOD_OPTIONS"] content_type_mappings { content_type = "application/x-www-form-urlencoded" @@ -8148,7 +8147,6 @@ EOF } config { regex_match_limit = "1500" - allowed_request_content_types = ["application/x-www-form-urlencoded","multipart/form-data","text/xml","application/xml","application/x-amf","application/json"] allowed_methods = ["HTTP_METHOD_GET","HTTP_METHOD_HEAD","HTTP_METHOD_POST","HTTP_METHOD_OPTIONS"] response_hdr_default_action = "phase:3,deny,status:403,log,auditlog" allowed_http_versions = ["ONE_ZERO","ONE_ONE"] diff --git a/go.mod b/go.mod index 0a2268e2a..1624a2a2f 100644 --- a/go.mod +++ b/go.mod @@ -4,5 +4,5 @@ go 1.13 require ( github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0 - github.com/vmware/alb-sdk v0.0.0-20211004043454-b896e8d4e830 + github.com/vmware/alb-sdk v0.0.0-20211112041002-7388b1a055c9 ) diff --git a/go.sum b/go.sum index 75e13bca3..8efa56a8c 100644 --- a/go.sum +++ b/go.sum @@ -312,6 +312,8 @@ github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+ github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/vmware/alb-sdk v0.0.0-20211004043454-b896e8d4e830 h1:c9li2S4kYjGz13nE52hqnXV9Oz1FiICxguV9ZWRI0UE= github.com/vmware/alb-sdk v0.0.0-20211004043454-b896e8d4e830/go.mod h1:GuFjFl3UCYMUyEnbwPjpu+9wlkGs/10xuJuqE/1rqKI= +github.com/vmware/alb-sdk v0.0.0-20211112041002-7388b1a055c9 h1:F+fJ9Tbv4iZXfIy2jvGGnDixmISGeyuahA87C75G//A= +github.com/vmware/alb-sdk v0.0.0-20211112041002-7388b1a055c9/go.mod h1:GuFjFl3UCYMUyEnbwPjpu+9wlkGs/10xuJuqE/1rqKI= github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= diff --git a/website/avi.erb b/website/avi.erb index 939e5661a..bb3367468 100644 --- a/website/avi.erb +++ b/website/avi.erb @@ -52,6 +52,12 @@ > SecurityPolicy + + > + StatediffOperation + + > + StatediffSnapshot > VsVip @@ -307,6 +313,9 @@ > DynamicDnsRecord + + > + LicenseStatus > SeProperties @@ -379,6 +388,12 @@ > SecurityPolicy + + > + StatediffOperation + + > + StatediffSnapshot > VsVip @@ -634,6 +649,9 @@ > DynamicDnsRecord + + > + LicenseStatus > SeProperties diff --git a/website/docs/d/avi_albservicesconfig.html.markdown b/website/docs/d/avi_albservicesconfig.html.markdown index ee362c7b0..dc26fc388 100644 --- a/website/docs/d/avi_albservicesconfig.html.markdown +++ b/website/docs/d/avi_albservicesconfig.html.markdown @@ -38,7 +38,7 @@ In addition to all arguments above, the following attributes are exported: * `configpb_attributes` - Protobuf versioning for config pbs. Field introduced in 21.1.1. * `feature_opt_in_status` - Information about the portal features opted in for controller. Field introduced in 20.1.1. * `ip_reputation_config` - Default values to be used for ip reputation sync. Field introduced in 20.1.1. -* `mode` - Mode helps log collection and upload. Enum options - SALESFORCE, SYSTEST, MYVMWARE. Field introduced in 20.1.2. Allowed in basic(allowed values- salesforce,myvmware,systest) edition, essentials(allowed values- salesforce,myvmware,systest) edition, enterprise edition. +* `mode` - Mode helps log collection and upload. Enum options - MODE_UNKNOWN, SALESFORCE, SYSTEST, MYVMWARE. Field introduced in 20.1.2. Allowed in basic(allowed values- salesforce,myvmware,systest) edition, essentials(allowed values- salesforce,myvmware,systest) edition, enterprise edition. * `polling_interval` - Time interval in minutes. Allowed values are 5-60. Field introduced in 18.2.6. * `portal_url` - The fqdn or ip address of the customer portal. Field introduced in 18.2.6. * `saas_licensing_config` - Saas licensing configuration. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. diff --git a/website/docs/d/avi_authprofile.html.markdown b/website/docs/d/avi_authprofile.html.markdown index 166cf6f30..7c393ce76 100644 --- a/website/docs/d/avi_authprofile.html.markdown +++ b/website/docs/d/avi_authprofile.html.markdown @@ -39,10 +39,11 @@ In addition to all arguments above, the following attributes are exported: * `ldap` - Ldap server and directory settings. * `markers` - List of labels to be used for granular rbac. Field introduced in 20.1.6. Allowed in basic edition, essentials edition, enterprise edition. * `name` - Name of the auth profile. +* `oauth_profile` - Oauth profile - common endpoint information. Field introduced in 21.1.3. * `pa_agent_ref` - Pingaccessagent uuid. It is a reference to an object of type pingaccessagent. Field introduced in 18.2.3. Allowed in basic edition, essentials edition, enterprise edition. * `saml` - Saml settings. Field introduced in 17.2.3. * `tacacs_plus` - Tacacs+ settings. * `tenant_ref` - It is a reference to an object of type tenant. -* `type` - Type of the auth profile. Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS, AUTH_PROFILE_JWT. +* `type` - Type of the auth profile. Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS, AUTH_PROFILE_JWT, AUTH_PROFILE_OAUTH. * `uuid` - Uuid of the auth profile. diff --git a/website/docs/d/avi_healthmonitor.html.markdown b/website/docs/d/avi_healthmonitor.html.markdown index 84349e792..73a52d18e 100644 --- a/website/docs/d/avi_healthmonitor.html.markdown +++ b/website/docs/d/avi_healthmonitor.html.markdown @@ -40,11 +40,15 @@ In addition to all arguments above, the following attributes are exported: * `dns_monitor` - Dict settings for healthmonitor. * `external_monitor` - Dict settings for healthmonitor. * `failed_checks` - Number of continuous failed health checks before the server is marked down. Allowed values are 1-50. +* `ftp_monitor` - Health monitor for ftp. Field introduced in 21.1.3. +* `ftps_monitor` - Health monitor for ftps. Field introduced in 21.1.3. * `http_monitor` - Dict settings for healthmonitor. * `https_monitor` - Dict settings for healthmonitor. * `imap_monitor` - Health monitor for imap. Field introduced in 21.1.1. * `imaps_monitor` - Health monitor for imaps. Field introduced in 21.1.1. * `is_federated` - This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Field introduced in 17.1.3. Allowed in basic(allowed values- false) edition, essentials(allowed values- false) edition, enterprise edition. +* `ldap_monitor` - Health monitor for ldap. Field introduced in 21.1.3. +* `ldaps_monitor` - Health monitor for ldaps. Field introduced in 21.1.3. * `markers` - List of labels to be used for granular rbac. Field introduced in 20.1.5. Allowed in basic edition, essentials edition, enterprise edition. * `monitor_port` - Use this port instead of the port defined for the server in the pool. If the monitor succeeds to this port, the load balanced traffic will still be sent to the port of the server defined within the pool. Allowed values are 1-65535. Special values are 0 - 'use server port'. * `name` - A user friendly name for this health monitor. @@ -59,7 +63,7 @@ In addition to all arguments above, the following attributes are exported: * `successful_checks` - Number of continuous successful health checks before server is marked up. Allowed values are 1-50. * `tcp_monitor` - Dict settings for healthmonitor. * `tenant_ref` - It is a reference to an object of type tenant. -* `type` - Type of the health monitor. Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP, HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB, HEALTH_MONITOR_SIP, HEALTH_MONITOR_RADIUS, HEALTH_MONITOR_SMTP, HEALTH_MONITOR_SMTPS, HEALTH_MONITOR_POP3, HEALTH_MONITOR_POP3S, HEALTH_MONITOR_IMAP, HEALTH_MONITOR_IMAPS. Allowed in basic(allowed values- health_monitor_ping,health_monitor_tcp,health_monitor_udp,health_monitor_http,health_monitor_https) edition, essentials(allowed values- health_monitor_ping,health_monitor_tcp,health_monitor_udp) edition, enterprise edition. +* `type` - Type of the health monitor. Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP, HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB, HEALTH_MONITOR_SIP, HEALTH_MONITOR_RADIUS, HEALTH_MONITOR_SMTP, HEALTH_MONITOR_SMTPS, HEALTH_MONITOR_POP3, HEALTH_MONITOR_POP3S, HEALTH_MONITOR_IMAP, HEALTH_MONITOR_IMAPS, HEALTH_MONITOR_FTP, HEALTH_MONITOR_FTPS, HEALTH_MONITOR_LDAP, HEALTH_MONITOR_LDAPS. Allowed in basic(allowed values- health_monitor_ping,health_monitor_tcp,health_monitor_udp,health_monitor_http,health_monitor_https) edition, essentials(allowed values- health_monitor_ping,health_monitor_tcp,health_monitor_udp) edition, enterprise edition. * `udp_monitor` - Dict settings for healthmonitor. * `uuid` - Uuid of the health monitor. diff --git a/website/docs/d/avi_licensestatus.html.markdown b/website/docs/d/avi_licensestatus.html.markdown new file mode 100644 index 000000000..da189cf17 --- /dev/null +++ b/website/docs/d/avi_licensestatus.html.markdown @@ -0,0 +1,40 @@ + +--- +layout: "avi" +page_title: "AVI: avi_licensestatus" +sidebar_current: "docs-avi-datasource-licensestatus" +description: |- + Get information of Avi LicenseStatus. +--- + +# avi_licensestatus + +This data source is used to to get avi_licensestatus objects. + +## Example Usage + +```hcl +data "avi_licensestatus" "foo_licensestatus" { + uuid = "licensestatus-f9cf6b3e-a411-436f-95e2-2982ba2b217b" + name = "foo" +} +``` + +## Argument Reference + +* `name` - (Optional) Search LicenseStatus by name. +* `uuid` - (Optional) Search LicenseStatus by uuid. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `configpb_attributes` - Protobuf versioning for config pbs. Field introduced in 21.1.3. +* `name` - Name. Field introduced in 21.1.3. +* `saas_status` - Saas licensing status. Field introduced in 21.1.3. +* `tenant_ref` - Tenant. It is a reference to an object of type tenant. Field introduced in 21.1.3. +* `uuid` - Uuid. Field introduced in 21.1.3. + diff --git a/website/docs/d/avi_serviceenginegroup.html.markdown b/website/docs/d/avi_serviceenginegroup.html.markdown index 31596f74e..d576b14eb 100644 --- a/website/docs/d/avi_serviceenginegroup.html.markdown +++ b/website/docs/d/avi_serviceenginegroup.html.markdown @@ -51,6 +51,7 @@ In addition to all arguments above, the following attributes are exported: * `auto_rebalance_interval` - Frequency of rebalance, if 'auto rebalance' is enabled. Unit is sec. * `auto_redistribute_active_standby_load` - Redistribution of virtual services from the takeover se to the replacement se can cause momentary traffic loss. If the auto-redistribute load option is left in its default off state, any desired rebalancing requires calls to rest api. Allowed in basic(allowed values- false) edition, essentials(allowed values- false) edition, enterprise edition. * `availability_zone_refs` - Availability zones for virtual service high availability. It is a reference to an object of type availabilityzone. Field introduced in 20.1.1. +* `baremetal_dispatcher_handles_flows` - Control if dispatcher core also handles tcp flows in baremetal se. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `bgp_peer_monitor_failover_enabled` - Enable bgp peer monitoring based failover. Field introduced in 21.1.3. * `bgp_state_update_interval` - Bgp peer state update interval. Allowed values are 5-100. Field introduced in 17.2.14,18.1.5,18.2.1. Unit is sec. * `buffer_se` - Excess service engine capacity provisioned for ha failover. @@ -113,13 +114,16 @@ In addition to all arguments above, the following attributes are exported: * `host_gateway_monitor` - Enable the host gateway monitor when service engine is deployed as docker container. Disabled by default. Field introduced in 17.2.4. * `http_rum_console_log` - Enable javascript console logs on the client browser when collecting client insights. Field introduced in 21.1.1. Allowed in basic(allowed values- false) edition, essentials(allowed values- false) edition, enterprise edition. * `http_rum_min_content_length` - Minimum response size content length to sample for client insights. Field introduced in 21.1.1. Allowed in basic(allowed values- 64) edition, essentials(allowed values- 64) edition, enterprise edition. +* `hybrid_rss_mode` - Toggles se hybrid only mode of operation in dpdk mode with rss configured;where-in each se datapath instance operates as an independent standalonehybrid instance performing both dispatcher and proxy function. Requires reboot. Field introduced in 21.1.3. * `hypervisor` - Override default hypervisor. Enum options - DEFAULT, VMWARE_ESX, KVM, VMWARE_VSAN, XEN. +* `ignore_docker_mac_change` - Ignore docker mac change. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `ignore_rtt_threshold` - Ignore rtt samples if it is above threshold. Field introduced in 17.1.6,17.2.2. Unit is milliseconds. * `ingress_access_data` - Program se security group ingress rules to allow vip data access from remote cidr type. Enum options - SG_INGRESS_ACCESS_NONE, SG_INGRESS_ACCESS_ALL, SG_INGRESS_ACCESS_VPC. Field introduced in 17.1.5. * `ingress_access_mgmt` - Program se security group ingress rules to allow ssh/icmp management access from remote cidr type. Enum options - SG_INGRESS_ACCESS_NONE, SG_INGRESS_ACCESS_ALL, SG_INGRESS_ACCESS_VPC. Field introduced in 17.1.5. * `instance_flavor` - Instance/flavor name for se instance. * `instance_flavor_info` - Additional information associated with instance_flavor. Field introduced in 20.1.1. * `iptables` - Iptable rules. Maximum of 128 items allowed. +* `kni_allowed_server_ports` - Port ranges for any servers running in inband linuxserver clouds. Field introduced in 21.1.3. * `l7_conns_per_core` - Number of l7 connections that can be cached per core. Field introduced in 21.1.1. * `l7_resvd_listen_conns_per_core` - Number of reserved l7 listener connections per core. Field introduced in 21.1.1. * `labels` - Labels associated with this se group. Field introduced in 20.1.1. Maximum of 1 items allowed. @@ -174,6 +178,7 @@ In addition to all arguments above, the following attributes are exported: * `non_significant_log_throttle` - This setting limits the number of non-significant logs generated per second per core on this se. Default is 100 logs per second. Set it to zero (0) to deactivate throttling. Field introduced in 17.1.3. Unit is per_second. * `ns_helper_deq_interval_msec` - Dequeue interval for receive queue from ns helper. Allowed values are 1-1000. Field introduced in 21.1.1. Unit is milliseconds. Allowed in basic edition, essentials edition, enterprise edition. * `num_dispatcher_cores` - Number of dispatcher cores (0,1,2,4,8 or 16). If set to 0, then number of dispatcher cores is deduced automatically.requires se reboot. Allowed values are 0,1,2,4,8,16. Field introduced in 17.2.12, 18.1.3, 18.2.1. Allowed in basic(allowed values- 0) edition, essentials(allowed values- 0) edition, enterprise edition. +* `num_dispatcher_queues` - Number of queues to each dispatcher. Allowed values are 2-8. Special values are 0 - 'auto-compute', 1 - 'single-queue'. Field introduced in 21.1.3. * `num_flow_cores_sum_changes_to_ignore` - Number of changes in num flow cores sum to ignore. * `objsync_config` - Configuration knobs for interse object distribution. Field introduced in 20.1.3. * `objsync_port` - Tcp port on se management interface for interse object distribution. Supported only for externally managed security groups. Not supported on full access deployments. Requires se reboot. Field introduced in 20.1.3. @@ -197,6 +202,7 @@ In addition to all arguments above, the following attributes are exported: * `se_deprovision_delay` - Duration to preserve unused service engine virtual machines before deleting them. If traffic to a virtual service were to spike up abruptly, this se would still be available to be utilized again rather than creating a new se. If this value is set to 0, controller will never delete any ses and administrator has to manually cleanup unused ses. Allowed values are 0-525600. Unit is min. * `se_dos_profile` - Dict settings for serviceenginegroup. * `se_dp_hm_drops` - Internal only. Used to simulate se - se hb failure. Field introduced in 20.1.3. +* `se_dp_if_state_poll_interval` - Number of jiffies between polling interface state. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `se_dp_isolation` - Toggle support to run se datapath instances in isolation on exclusive cpus. This improves latency and performance. However, this could reduce the total number of se_dp instances created on that se instance. Supported for >= 8 cpus. Requires se reboot. Field introduced in 20.1.4. * `se_dp_isolation_num_non_dp_cpus` - Number of cpus for non se-dp tasks in se datapath isolation mode. Translates total cpus minus 'num_non_dp_cpus' for datapath use. It is recommended to reserve an even number of cpus for hyper-threaded processors. Requires se reboot. Allowed values are 1-8. Special values are 0- 'auto'. Field introduced in 20.1.4. * `se_dp_log_nf_enqueue_percent` - Internal buffer full indicator on the service engine beyond which the unfiltered logs are abandoned. Field introduced in 21.1.1. @@ -208,6 +214,8 @@ In addition to all arguments above, the following attributes are exported: * `se_dp_vnic_restart_on_queue_stall_count` - Number of consecutive transmit queue stall events in se_dp_vnic_stall_se_restart_window to look for before restarting se. Field introduced in 18.2.5. * `se_dp_vnic_stall_se_restart_window` - Window of time (in seconds) during which se_dp_vnic_restart_on_queue_stall_count number of consecutive stalls results in a se restart. Field introduced in 18.2.5. * `se_dpdk_pmd` - Determines if dpdk pool mode driver should be used or not 0 automatically determine based on hypervisor/nic type 1 unconditionally use dpdk poll mode driver 2 don't use dpdk poll mode driver.requires se reboot. Allowed values are 0-2. Field introduced in 18.1.3. +* `se_dump_core_on_assert` - Enable core dump on assert. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. +* `se_emulated_cores` - Use this to emulate more/less cpus than is actually available. One datapath process is started for each core. Field introduced in 21.1.3. Allowed in basic(allowed values- 0) edition, essentials(allowed values- 0) edition, enterprise edition. * `se_flow_probe_retries` - Flow probe retry count if no replies are received.requires se reboot. Allowed values are 0-5. Field introduced in 18.1.4, 18.2.1. * `se_flow_probe_retry_timer` - Timeout in milliseconds for flow probe retries.requires se reboot. Allowed values are 20-50. Field introduced in 18.2.5. Unit is milliseconds. * `se_group_analytics_policy` - Analytics policy for serviceenginegroup. Field introduced in 20.1.3. @@ -222,6 +230,7 @@ In addition to all arguments above, the following attributes are exported: * `se_mp_ring_retry_count` - The retry count for the multi-producer enqueue before yielding the cpu. To be used under surveillance of avi support. Field introduced in 20.1.3. Allowed in basic(allowed values- 500) edition, essentials(allowed values- 500) edition, enterprise edition. * `se_mtu` - Mtu for the vnics of ses in the se group. Allowed values are 512-9000. Field introduced in 18.2.8, 20.1.1. * `se_name_prefix` - Prefix to use for virtual machine name of service engines. +* `se_packet_buffer_max` - Internal use only. Used to artificially reduce the available number of packet buffers. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `se_pcap_lookahead` - Enables lookahead mode of packet receive in pcap mode. Introduced to overcome an issue with hv_netvsc driver. Lookahead mode attempts to ensure that application and kernel's view of the receive rings are consistent. Field introduced in 18.2.3. * `se_pcap_pkt_count` - Max number of packets the pcap interface can hold and if the value is 0 the optimum value will be chosen. The optimum value will be chosen based on se-memory, cloud type and number of interfaces.requires se reboot. Field introduced in 18.2.5. * `se_pcap_pkt_sz` - Max size of each packet in the pcap interface. Requires se reboot. Field introduced in 18.2.5. diff --git a/website/docs/d/avi_ssopolicy.html.markdown b/website/docs/d/avi_ssopolicy.html.markdown index 1003eb8ec..a800a6cf0 100644 --- a/website/docs/d/avi_ssopolicy.html.markdown +++ b/website/docs/d/avi_ssopolicy.html.markdown @@ -38,6 +38,6 @@ In addition to all arguments above, the following attributes are exported: * `markers` - List of labels to be used for granular rbac. Field introduced in 20.1.5. Allowed in basic edition, essentials edition, enterprise edition. * `name` - Name of the sso policy. Field introduced in 18.2.3. * `tenant_ref` - Uuid of the tenant. It is a reference to an object of type tenant. Field introduced in 18.2.3. -* `type` - Sso policy type. Enum options - SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT, SSO_TYPE_LDAP. Field introduced in 18.2.5. +* `type` - Sso policy type. Enum options - SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT, SSO_TYPE_LDAP, SSO_TYPE_OAUTH. Field introduced in 18.2.5. * `uuid` - Uuid of the sso policy. Field introduced in 18.2.3. diff --git a/website/docs/d/avi_statediffoperation.html.markdown b/website/docs/d/avi_statediffoperation.html.markdown new file mode 100644 index 000000000..42fa5ee42 --- /dev/null +++ b/website/docs/d/avi_statediffoperation.html.markdown @@ -0,0 +1,44 @@ + +--- +layout: "avi" +page_title: "AVI: avi_statediffoperation" +sidebar_current: "docs-avi-datasource-statediffoperation" +description: |- + Get information of Avi StatediffOperation. +--- + +# avi_statediffoperation + +This data source is used to to get avi_statediffoperation objects. + +## Example Usage + +```hcl +data "avi_statediffoperation" "foo_statediffoperation" { + uuid = "statediffoperation-f9cf6b3e-a411-436f-95e2-2982ba2b217b" + name = "foo" +} +``` + +## Argument Reference + +* `name` - (Optional) Search StatediffOperation by name. +* `uuid` - (Optional) Search StatediffOperation by uuid. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `configpb_attributes` - Protobuf versioning for config pbs. Field introduced in 21.1.1. +* `events` - Info for each statediff event. Field introduced in 21.1.3. +* `name` - Name of statediff operation. Field introduced in 21.1.3. +* `node_uuid` - Uuid of node for statediff operation entry. Field introduced in 21.1.3. +* `operation` - Type of statediff operation. Enum options - FB_UPGRADE, FB_ROLLBACK, FB_PATCH, FB_ROLLBACK_PATCH. Field introduced in 21.1.3. +* `phase` - Phase of statediff operation. Enum options - FB_PRE_SNAPSHOT, FB_POST_SNAPSHOT. Field introduced in 21.1.3. +* `status` - Status of statediff operation. Enum options - FB_INIT, FB_IN_PROGRESS, FB_COMPLETED, FB_FAILED, FB_COMPLETED_WITH_ERRORS. Field introduced in 21.1.3. +* `tenant_ref` - Tenant that this object belongs to. It is a reference to an object of type tenant. Field introduced in 21.1.3. +* `uuid` - Unique identifier for statediff entry. Field introduced in 21.1.3. + diff --git a/website/docs/d/avi_statediffsnapshot.html.markdown b/website/docs/d/avi_statediffsnapshot.html.markdown new file mode 100644 index 000000000..a98567a41 --- /dev/null +++ b/website/docs/d/avi_statediffsnapshot.html.markdown @@ -0,0 +1,53 @@ + +--- +layout: "avi" +page_title: "AVI: avi_statediffsnapshot" +sidebar_current: "docs-avi-datasource-statediffsnapshot" +description: |- + Get information of Avi StatediffSnapshot. +--- + +# avi_statediffsnapshot + +This data source is used to to get avi_statediffsnapshot objects. + +## Example Usage + +```hcl +data "avi_statediffsnapshot" "foo_statediffsnapshot" { + uuid = "statediffsnapshot-f9cf6b3e-a411-436f-95e2-2982ba2b217b" + name = "foo" +} +``` + +## Argument Reference + +* `name` - (Optional) Search StatediffSnapshot by name. +* `uuid` - (Optional) Search StatediffSnapshot by uuid. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `configpb_attributes` - Protobuf versioning for config pbs. Field introduced in 21.1.1. +* `gslb_name` - Name of gslb object. Field introduced in 21.1.3. +* `gslb_uuid` - Reference to base gslb object. Field introduced in 21.1.3. +* `name` - Name of statediff operation. Field introduced in 21.1.3. +* `pool_name` - Name of pool object. Field introduced in 21.1.3. +* `pool_uuid` - Reference to base pool object. Field introduced in 21.1.3. +* `post_snapshot` - Post-upgrade snapshot for vs. Field introduced in 21.1.3. +* `pre_snapshot` - Pre-upgrade snapshot for vs. Field introduced in 21.1.3. +* `se_group_name` - Name of seg object. Field introduced in 21.1.3. +* `se_group_uuid` - Reference to base seg object. Field introduced in 21.1.3. +* `se_name` - Name of seg object. Field introduced in 21.1.3. +* `se_uuid` - Reference to base se object. Field introduced in 21.1.3. +* `snapshot_type` - Type of snapshot eg. Vs_snapshot, se_snapshot etc. Enum options - FB_VS_SNAPSHOT, FB_SE_SNAPSHOT, FB_GSLB_SNAPSHOT, FB_POOL_SNAPSHOT. Field introduced in 21.1.3. +* `statediff_operation_ref` - Statediff operation uuid for identifying the operation. It is a reference to an object of type statediffoperation. Field introduced in 21.1.3. +* `tenant_ref` - Tenant that this object belongs to. It is a reference to an object of type tenant. Field introduced in 21.1.3. +* `uuid` - Unique identifier for statediff entry. Field introduced in 21.1.3. +* `vs_name` - Name of vs object. Field introduced in 21.1.3. +* `vs_uuid` - Reference to base vs object. Field introduced in 21.1.3. + diff --git a/website/docs/d/avi_upgradestatusinfo.html.markdown b/website/docs/d/avi_upgradestatusinfo.html.markdown index 34f09d2a6..84e1cae5d 100644 --- a/website/docs/d/avi_upgradestatusinfo.html.markdown +++ b/website/docs/d/avi_upgradestatusinfo.html.markdown @@ -68,6 +68,7 @@ In addition to all arguments above, the following attributes are exported: * `seg_status` - Detailed segroup status. Field introduced in 18.2.6. * `start_time` - Start time of upgrade operation. Field introduced in 18.2.6. * `state` - Current status of the upgrade operation. Field introduced in 18.2.6. +* `statediff_ref` - Record of pre/post snapshot captured for current upgrade operation. It is a reference to an object of type statediffoperation. Field introduced in 21.1.3. * `system` - Flag is set only in the cluster if the upgrade is initiated as a system-upgrade. Field introduced in 18.2.6. * `tasks_completed` - Completed set of tasks in the upgrade operation. Field introduced in 18.2.6. * `tenant_ref` - Tenant that this object belongs to. It is a reference to an object of type tenant. Field introduced in 18.2.6. diff --git a/website/docs/d/avi_virtualservice.html.markdown b/website/docs/d/avi_virtualservice.html.markdown index 80ec6b068..857c6e36d 100644 --- a/website/docs/d/avi_virtualservice.html.markdown +++ b/website/docs/d/avi_virtualservice.html.markdown @@ -80,6 +80,7 @@ In addition to all arguments above, the following attributes are exported: * `network_profile_ref` - Determines network settings such as protocol, tcp or udp, and related options for the protocol. It is a reference to an object of type networkprofile. Special default for essentials edition is system-tcp-fast-path. * `network_security_policy_ref` - Network security policies for the virtual service. It is a reference to an object of type networksecuritypolicy. * `nsx_securitygroup` - A list of nsx groups representing the clients which can access the virtual ip of the virtual service. Field introduced in 17.1.1. +* `oauth_vs_config` - Virtualservice specific oauth config. Field introduced in 21.1.3. * `performance_limits` - Optional settings that determine performance limits like max connections or bandwdith etc. * `pool_group_ref` - The pool group is an object that contains pools. It is a reference to an object of type poolgroup. * `pool_ref` - The pool is an object that contains destination servers and related attributes such as load-balancing and persistence. It is a reference to an object of type pool. diff --git a/website/docs/d/avi_wafpolicy.html.markdown b/website/docs/d/avi_wafpolicy.html.markdown index bdff9725b..b774a0c43 100644 --- a/website/docs/d/avi_wafpolicy.html.markdown +++ b/website/docs/d/avi_wafpolicy.html.markdown @@ -54,7 +54,6 @@ In addition to all arguments above, the following attributes are exported: * `positive_security_model` - The positive security model. This is used to describe how the request or parts of the request should look like. It is executed in the request body phase of avi waf. Field introduced in 18.2.3. * `post_crs_groups` - Waf rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced after the crs groups. Field introduced in 17.2.1. * `pre_crs_groups` - Waf rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced before the crs groups. Field introduced in 17.2.1. -* `resolved_crs_groups` - A resolved version of waf_crs_ref with waf_crs_overrides applied. Field introduced in 20.1.6. * `tenant_ref` - It is a reference to an object of type tenant. Field introduced in 17.2.1. * `uuid` - Field introduced in 17.2.1. * `waf_crs_ref` - Waf core ruleset used for the crs part of this policy. It is a reference to an object of type wafcrs. Field introduced in 18.1.1. diff --git a/website/docs/r/avi_albservicesconfig.html.markdown b/website/docs/r/avi_albservicesconfig.html.markdown index b48213740..9597278c9 100644 --- a/website/docs/r/avi_albservicesconfig.html.markdown +++ b/website/docs/r/avi_albservicesconfig.html.markdown @@ -32,13 +32,13 @@ The following arguments are supported: * `feature_opt_in_status` - (Required) Information about the portal features opted in for controller. Field introduced in 20.1.1. * `ip_reputation_config` - (Required) Default values to be used for ip reputation sync. Field introduced in 20.1.1. * `portal_url` - (Required) The fqdn or ip address of the customer portal. Field introduced in 18.2.6. +* `saas_licensing_config` - (Required) Saas licensing configuration. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `user_agent_db_config` - (Required) Default values to be used for user agent db service. Field introduced in 21.1.1. Allowed in basic edition, essentials edition, enterprise edition. * `waf_config` - (Required) Default values to be used for pulse waf management. Field introduced in 21.1.1. Allowed in basic edition, essentials edition, enterprise edition. * `asset_contact` - (Optional) Information about the default contact for this controller cluster. Field introduced in 20.1.1. * `configpb_attributes` - (Optional) Protobuf versioning for config pbs. Field introduced in 21.1.1. -* `mode` - (Optional) Mode helps log collection and upload. Enum options - SALESFORCE, SYSTEST, MYVMWARE. Field introduced in 20.1.2. Allowed in basic(allowed values- salesforce,myvmware,systest) edition, essentials(allowed values- salesforce,myvmware,systest) edition, enterprise edition. +* `mode` - (Optional) Mode helps log collection and upload. Enum options - MODE_UNKNOWN, SALESFORCE, SYSTEST, MYVMWARE. Field introduced in 20.1.2. Allowed in basic(allowed values- salesforce,myvmware,systest) edition, essentials(allowed values- salesforce,myvmware,systest) edition, enterprise edition. * `polling_interval` - (Optional) Time interval in minutes. Allowed values are 5-60. Field introduced in 18.2.6. -* `saas_licensing_config` - (Optional) Saas licensing configuration. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `split_proxy_configuration` - (Optional) Split proxy configuration to connect external pulse services. Field introduced in 20.1.1. * `use_split_proxy` - (Optional) By default, pulse uses proxy added in system configuration. If pulse needs to use a seperate proxy, set this flag to true and configure split proxy configuration. Field introduced in 20.1.1. * `use_tls` - (Optional) Secure the controller to pulse communication over tls. Field introduced in 20.1.3. Allowed in basic edition, enterprise edition. diff --git a/website/docs/r/avi_authprofile.html.markdown b/website/docs/r/avi_authprofile.html.markdown index 713dd7ac4..5856a39fd 100644 --- a/website/docs/r/avi_authprofile.html.markdown +++ b/website/docs/r/avi_authprofile.html.markdown @@ -28,13 +28,14 @@ resource "avi_authprofile" "foo" { The following arguments are supported: * `name` - (Required) Name of the auth profile. -* `type` - (Required) Type of the auth profile. Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS, AUTH_PROFILE_JWT. +* `type` - (Required) Type of the auth profile. Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS, AUTH_PROFILE_JWT, AUTH_PROFILE_OAUTH. * `configpb_attributes` - (Optional) Protobuf versioning for config pbs. Field introduced in 21.1.1. * `description` - (Optional) User defined description for the object. * `http` - (Optional) Http user authentication params. * `jwt_profile_ref` - (Optional) Jwtserverprofile to be used for authentication. It is a reference to an object of type jwtserverprofile. Field introduced in 20.1.3. * `ldap` - (Optional) Ldap server and directory settings. * `markers` - (Optional) List of labels to be used for granular rbac. Field introduced in 20.1.6. Allowed in basic edition, essentials edition, enterprise edition. +* `oauth_profile` - (Optional) Oauth profile - common endpoint information. Field introduced in 21.1.3. * `pa_agent_ref` - (Optional) Pingaccessagent uuid. It is a reference to an object of type pingaccessagent. Field introduced in 18.2.3. Allowed in basic edition, essentials edition, enterprise edition. * `saml` - (Optional) Saml settings. Field introduced in 17.2.3. * `tacacs_plus` - (Optional) Tacacs+ settings. diff --git a/website/docs/r/avi_healthmonitor.html.markdown b/website/docs/r/avi_healthmonitor.html.markdown index 32e9276f6..35a7b9d54 100644 --- a/website/docs/r/avi_healthmonitor.html.markdown +++ b/website/docs/r/avi_healthmonitor.html.markdown @@ -28,7 +28,7 @@ resource "avi_healthmonitor" "foo" { The following arguments are supported: * `name` - (Required) A user friendly name for this health monitor. -* `type` - (Required) Type of the health monitor. Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP, HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB, HEALTH_MONITOR_SIP, HEALTH_MONITOR_RADIUS, HEALTH_MONITOR_SMTP, HEALTH_MONITOR_SMTPS, HEALTH_MONITOR_POP3, HEALTH_MONITOR_POP3S, HEALTH_MONITOR_IMAP, HEALTH_MONITOR_IMAPS. Allowed in basic(allowed values- health_monitor_ping,health_monitor_tcp,health_monitor_udp,health_monitor_http,health_monitor_https) edition, essentials(allowed values- health_monitor_ping,health_monitor_tcp,health_monitor_udp) edition, enterprise edition. +* `type` - (Required) Type of the health monitor. Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP, HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB, HEALTH_MONITOR_SIP, HEALTH_MONITOR_RADIUS, HEALTH_MONITOR_SMTP, HEALTH_MONITOR_SMTPS, HEALTH_MONITOR_POP3, HEALTH_MONITOR_POP3S, HEALTH_MONITOR_IMAP, HEALTH_MONITOR_IMAPS, HEALTH_MONITOR_FTP, HEALTH_MONITOR_FTPS, HEALTH_MONITOR_LDAP, HEALTH_MONITOR_LDAPS. Allowed in basic(allowed values- health_monitor_ping,health_monitor_tcp,health_monitor_udp,health_monitor_http,health_monitor_https) edition, essentials(allowed values- health_monitor_ping,health_monitor_tcp,health_monitor_udp) edition, enterprise edition. * `allow_duplicate_monitors` - (Optional) By default, multiple instances of the same healthmonitor to the same server are suppressed intelligently. In rare cases, the monitor may have specific constructs that go beyond the server keys (ip, port, etc.) during which such suppression is not desired. Use this knob to allow duplicates. Field introduced in 18.2.8. Allowed in basic(allowed values- true) edition, essentials(allowed values- true) edition, enterprise edition. * `authentication` - (Optional) Authentication information for username/password. Field introduced in 20.1.1. Allowed in basic edition, essentials edition, enterprise edition. * `configpb_attributes` - (Optional) Protobuf versioning for config pbs. Field introduced in 21.1.1. @@ -37,11 +37,15 @@ The following arguments are supported: * `dns_monitor` - (Optional) Dict settings for healthmonitor. * `external_monitor` - (Optional) Dict settings for healthmonitor. * `failed_checks` - (Optional) Number of continuous failed health checks before the server is marked down. Allowed values are 1-50. +* `ftp_monitor` - (Optional) Health monitor for ftp. Field introduced in 21.1.3. +* `ftps_monitor` - (Optional) Health monitor for ftps. Field introduced in 21.1.3. * `http_monitor` - (Optional) Dict settings for healthmonitor. * `https_monitor` - (Optional) Dict settings for healthmonitor. * `imap_monitor` - (Optional) Health monitor for imap. Field introduced in 21.1.1. * `imaps_monitor` - (Optional) Health monitor for imaps. Field introduced in 21.1.1. * `is_federated` - (Optional) This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Field introduced in 17.1.3. Allowed in basic(allowed values- false) edition, essentials(allowed values- false) edition, enterprise edition. +* `ldap_monitor` - (Optional) Health monitor for ldap. Field introduced in 21.1.3. +* `ldaps_monitor` - (Optional) Health monitor for ldaps. Field introduced in 21.1.3. * `markers` - (Optional) List of labels to be used for granular rbac. Field introduced in 20.1.5. Allowed in basic edition, essentials edition, enterprise edition. * `monitor_port` - (Optional) Use this port instead of the port defined for the server in the pool. If the monitor succeeds to this port, the load balanced traffic will still be sent to the port of the server defined within the pool. Allowed values are 1-65535. Special values are 0 - 'use server port'. * `pop3_monitor` - (Optional) Health monitor for pop3. Field introduced in 21.1.1. diff --git a/website/docs/r/avi_licensestatus.html.markdown b/website/docs/r/avi_licensestatus.html.markdown new file mode 100644 index 000000000..44af9fb9d --- /dev/null +++ b/website/docs/r/avi_licensestatus.html.markdown @@ -0,0 +1,49 @@ + +--- +layout: "avi" +page_title: "Avi: avi_licensestatus" +sidebar_current: "docs-avi-resource-licensestatus" +description: |- + Creates and manages Avi LicenseStatus. +--- + +# avi_licensestatus + +The LicenseStatus resource allows the creation and management of Avi LicenseStatus + +## Example Usage + +```hcl +resource "avi_licensestatus" "foo" { + name = "terraform-example-foo" + tenant_ref = "/api/tenant/?name=admin" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) Name. Field introduced in 21.1.3. +* `configpb_attributes` - (Optional) Protobuf versioning for config pbs. Field introduced in 21.1.3. +* `saas_status` - (Optional) Saas licensing status. Field introduced in 21.1.3. +* `tenant_ref` - (Optional) Tenant. It is a reference to an object of type tenant. Field introduced in 21.1.3. + + +### Timeouts + +The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions: + +* `create` - (Defaults to 40 mins) Used when creating the AMI +* `update` - (Defaults to 40 mins) Used when updating the AMI +* `delete` - (Defaults to 90 mins) Used when deregistering the AMI + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `uuid` - Uuid. Field introduced in 21.1.3. + diff --git a/website/docs/r/avi_serviceenginegroup.html.markdown b/website/docs/r/avi_serviceenginegroup.html.markdown index a079d6edb..7c3f81ac9 100644 --- a/website/docs/r/avi_serviceenginegroup.html.markdown +++ b/website/docs/r/avi_serviceenginegroup.html.markdown @@ -45,6 +45,7 @@ The following arguments are supported: * `auto_rebalance_interval` - (Optional) Frequency of rebalance, if 'auto rebalance' is enabled. Unit is sec. * `auto_redistribute_active_standby_load` - (Optional) Redistribution of virtual services from the takeover se to the replacement se can cause momentary traffic loss. If the auto-redistribute load option is left in its default off state, any desired rebalancing requires calls to rest api. Allowed in basic(allowed values- false) edition, essentials(allowed values- false) edition, enterprise edition. * `availability_zone_refs` - (Optional) Availability zones for virtual service high availability. It is a reference to an object of type availabilityzone. Field introduced in 20.1.1. +* `baremetal_dispatcher_handles_flows` - (Optional) Control if dispatcher core also handles tcp flows in baremetal se. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `bgp_peer_monitor_failover_enabled` - (Optional) Enable bgp peer monitoring based failover. Field introduced in 21.1.3. * `bgp_state_update_interval` - (Optional) Bgp peer state update interval. Allowed values are 5-100. Field introduced in 17.2.14,18.1.5,18.2.1. Unit is sec. * `buffer_se` - (Optional) Excess service engine capacity provisioned for ha failover. @@ -107,13 +108,16 @@ The following arguments are supported: * `host_gateway_monitor` - (Optional) Enable the host gateway monitor when service engine is deployed as docker container. Disabled by default. Field introduced in 17.2.4. * `http_rum_console_log` - (Optional) Enable javascript console logs on the client browser when collecting client insights. Field introduced in 21.1.1. Allowed in basic(allowed values- false) edition, essentials(allowed values- false) edition, enterprise edition. * `http_rum_min_content_length` - (Optional) Minimum response size content length to sample for client insights. Field introduced in 21.1.1. Allowed in basic(allowed values- 64) edition, essentials(allowed values- 64) edition, enterprise edition. +* `hybrid_rss_mode` - (Optional) Toggles se hybrid only mode of operation in dpdk mode with rss configured;where-in each se datapath instance operates as an independent standalonehybrid instance performing both dispatcher and proxy function. Requires reboot. Field introduced in 21.1.3. * `hypervisor` - (Optional) Override default hypervisor. Enum options - DEFAULT, VMWARE_ESX, KVM, VMWARE_VSAN, XEN. +* `ignore_docker_mac_change` - (Optional) Ignore docker mac change. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `ignore_rtt_threshold` - (Optional) Ignore rtt samples if it is above threshold. Field introduced in 17.1.6,17.2.2. Unit is milliseconds. * `ingress_access_data` - (Optional) Program se security group ingress rules to allow vip data access from remote cidr type. Enum options - SG_INGRESS_ACCESS_NONE, SG_INGRESS_ACCESS_ALL, SG_INGRESS_ACCESS_VPC. Field introduced in 17.1.5. * `ingress_access_mgmt` - (Optional) Program se security group ingress rules to allow ssh/icmp management access from remote cidr type. Enum options - SG_INGRESS_ACCESS_NONE, SG_INGRESS_ACCESS_ALL, SG_INGRESS_ACCESS_VPC. Field introduced in 17.1.5. * `instance_flavor` - (Optional) Instance/flavor name for se instance. * `instance_flavor_info` - (Optional) Additional information associated with instance_flavor. Field introduced in 20.1.1. * `iptables` - (Optional) Iptable rules. Maximum of 128 items allowed. +* `kni_allowed_server_ports` - (Optional) Port ranges for any servers running in inband linuxserver clouds. Field introduced in 21.1.3. * `l7_conns_per_core` - (Optional) Number of l7 connections that can be cached per core. Field introduced in 21.1.1. * `l7_resvd_listen_conns_per_core` - (Optional) Number of reserved l7 listener connections per core. Field introduced in 21.1.1. * `labels` - (Optional) Labels associated with this se group. Field introduced in 20.1.1. Maximum of 1 items allowed. @@ -167,6 +171,7 @@ The following arguments are supported: * `non_significant_log_throttle` - (Optional) This setting limits the number of non-significant logs generated per second per core on this se. Default is 100 logs per second. Set it to zero (0) to deactivate throttling. Field introduced in 17.1.3. Unit is per_second. * `ns_helper_deq_interval_msec` - (Optional) Dequeue interval for receive queue from ns helper. Allowed values are 1-1000. Field introduced in 21.1.1. Unit is milliseconds. Allowed in basic edition, essentials edition, enterprise edition. * `num_dispatcher_cores` - (Optional) Number of dispatcher cores (0,1,2,4,8 or 16). If set to 0, then number of dispatcher cores is deduced automatically.requires se reboot. Allowed values are 0,1,2,4,8,16. Field introduced in 17.2.12, 18.1.3, 18.2.1. Allowed in basic(allowed values- 0) edition, essentials(allowed values- 0) edition, enterprise edition. +* `num_dispatcher_queues` - (Optional) Number of queues to each dispatcher. Allowed values are 2-8. Special values are 0 - 'auto-compute', 1 - 'single-queue'. Field introduced in 21.1.3. * `num_flow_cores_sum_changes_to_ignore` - (Optional) Number of changes in num flow cores sum to ignore. * `objsync_config` - (Optional) Configuration knobs for interse object distribution. Field introduced in 20.1.3. * `objsync_port` - (Optional) Tcp port on se management interface for interse object distribution. Supported only for externally managed security groups. Not supported on full access deployments. Requires se reboot. Field introduced in 20.1.3. @@ -190,6 +195,7 @@ The following arguments are supported: * `se_deprovision_delay` - (Optional) Duration to preserve unused service engine virtual machines before deleting them. If traffic to a virtual service were to spike up abruptly, this se would still be available to be utilized again rather than creating a new se. If this value is set to 0, controller will never delete any ses and administrator has to manually cleanup unused ses. Allowed values are 0-525600. Unit is min. * `se_dos_profile` - (Optional) Dict settings for serviceenginegroup. * `se_dp_hm_drops` - (Optional) Internal only. Used to simulate se - se hb failure. Field introduced in 20.1.3. +* `se_dp_if_state_poll_interval` - (Optional) Number of jiffies between polling interface state. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `se_dp_isolation` - (Optional) Toggle support to run se datapath instances in isolation on exclusive cpus. This improves latency and performance. However, this could reduce the total number of se_dp instances created on that se instance. Supported for >= 8 cpus. Requires se reboot. Field introduced in 20.1.4. * `se_dp_isolation_num_non_dp_cpus` - (Optional) Number of cpus for non se-dp tasks in se datapath isolation mode. Translates total cpus minus 'num_non_dp_cpus' for datapath use. It is recommended to reserve an even number of cpus for hyper-threaded processors. Requires se reboot. Allowed values are 1-8. Special values are 0- 'auto'. Field introduced in 20.1.4. * `se_dp_log_nf_enqueue_percent` - (Optional) Internal buffer full indicator on the service engine beyond which the unfiltered logs are abandoned. Field introduced in 21.1.1. @@ -201,6 +207,8 @@ The following arguments are supported: * `se_dp_vnic_restart_on_queue_stall_count` - (Optional) Number of consecutive transmit queue stall events in se_dp_vnic_stall_se_restart_window to look for before restarting se. Field introduced in 18.2.5. * `se_dp_vnic_stall_se_restart_window` - (Optional) Window of time (in seconds) during which se_dp_vnic_restart_on_queue_stall_count number of consecutive stalls results in a se restart. Field introduced in 18.2.5. * `se_dpdk_pmd` - (Optional) Determines if dpdk pool mode driver should be used or not 0 automatically determine based on hypervisor/nic type 1 unconditionally use dpdk poll mode driver 2 don't use dpdk poll mode driver.requires se reboot. Allowed values are 0-2. Field introduced in 18.1.3. +* `se_dump_core_on_assert` - (Optional) Enable core dump on assert. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. +* `se_emulated_cores` - (Optional) Use this to emulate more/less cpus than is actually available. One datapath process is started for each core. Field introduced in 21.1.3. Allowed in basic(allowed values- 0) edition, essentials(allowed values- 0) edition, enterprise edition. * `se_flow_probe_retries` - (Optional) Flow probe retry count if no replies are received.requires se reboot. Allowed values are 0-5. Field introduced in 18.1.4, 18.2.1. * `se_flow_probe_retry_timer` - (Optional) Timeout in milliseconds for flow probe retries.requires se reboot. Allowed values are 20-50. Field introduced in 18.2.5. Unit is milliseconds. * `se_group_analytics_policy` - (Optional) Analytics policy for serviceenginegroup. Field introduced in 20.1.3. @@ -215,6 +223,7 @@ The following arguments are supported: * `se_mp_ring_retry_count` - (Optional) The retry count for the multi-producer enqueue before yielding the cpu. To be used under surveillance of avi support. Field introduced in 20.1.3. Allowed in basic(allowed values- 500) edition, essentials(allowed values- 500) edition, enterprise edition. * `se_mtu` - (Optional) Mtu for the vnics of ses in the se group. Allowed values are 512-9000. Field introduced in 18.2.8, 20.1.1. * `se_name_prefix` - (Optional) Prefix to use for virtual machine name of service engines. +* `se_packet_buffer_max` - (Optional) Internal use only. Used to artificially reduce the available number of packet buffers. Field introduced in 21.1.3. Allowed in basic edition, essentials edition, enterprise edition. * `se_pcap_lookahead` - (Optional) Enables lookahead mode of packet receive in pcap mode. Introduced to overcome an issue with hv_netvsc driver. Lookahead mode attempts to ensure that application and kernel's view of the receive rings are consistent. Field introduced in 18.2.3. * `se_pcap_pkt_count` - (Optional) Max number of packets the pcap interface can hold and if the value is 0 the optimum value will be chosen. The optimum value will be chosen based on se-memory, cloud type and number of interfaces.requires se reboot. Field introduced in 18.2.5. * `se_pcap_pkt_sz` - (Optional) Max size of each packet in the pcap interface. Requires se reboot. Field introduced in 18.2.5. diff --git a/website/docs/r/avi_ssopolicy.html.markdown b/website/docs/r/avi_ssopolicy.html.markdown index 3db8f2551..4334cdbf8 100644 --- a/website/docs/r/avi_ssopolicy.html.markdown +++ b/website/docs/r/avi_ssopolicy.html.markdown @@ -27,13 +27,13 @@ resource "avi_ssopolicy" "foo" { The following arguments are supported: -* `authentication_policy` - (Required) Authentication policy settings. Field introduced in 18.2.1. * `name` - (Required) Name of the sso policy. Field introduced in 18.2.3. +* `authentication_policy` - (Optional) Authentication policy settings. Field introduced in 18.2.1. * `authorization_policy` - (Optional) Authorization policy settings. Field introduced in 18.2.5. * `configpb_attributes` - (Optional) Protobuf versioning for config pbs. Field introduced in 21.1.1. * `markers` - (Optional) List of labels to be used for granular rbac. Field introduced in 20.1.5. Allowed in basic edition, essentials edition, enterprise edition. * `tenant_ref` - (Optional) Uuid of the tenant. It is a reference to an object of type tenant. Field introduced in 18.2.3. -* `type` - (Optional) Sso policy type. Enum options - SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT, SSO_TYPE_LDAP. Field introduced in 18.2.5. +* `type` - (Optional) Sso policy type. Enum options - SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT, SSO_TYPE_LDAP, SSO_TYPE_OAUTH. Field introduced in 18.2.5. ### Timeouts diff --git a/website/docs/r/avi_statediffoperation.html.markdown b/website/docs/r/avi_statediffoperation.html.markdown new file mode 100644 index 000000000..3052f5753 --- /dev/null +++ b/website/docs/r/avi_statediffoperation.html.markdown @@ -0,0 +1,53 @@ + +--- +layout: "avi" +page_title: "Avi: avi_statediffoperation" +sidebar_current: "docs-avi-resource-statediffoperation" +description: |- + Creates and manages Avi StatediffOperation. +--- + +# avi_statediffoperation + +The StatediffOperation resource allows the creation and management of Avi StatediffOperation + +## Example Usage + +```hcl +resource "avi_statediffoperation" "foo" { + name = "terraform-example-foo" + tenant_ref = "/api/tenant/?name=admin" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `configpb_attributes` - (Optional) Protobuf versioning for config pbs. Field introduced in 21.1.1. +* `events` - (Optional) Info for each statediff event. Field introduced in 21.1.3. +* `name` - (Optional) Name of statediff operation. Field introduced in 21.1.3. +* `node_uuid` - (Optional) Uuid of node for statediff operation entry. Field introduced in 21.1.3. +* `operation` - (Optional) Type of statediff operation. Enum options - FB_UPGRADE, FB_ROLLBACK, FB_PATCH, FB_ROLLBACK_PATCH. Field introduced in 21.1.3. +* `phase` - (Optional) Phase of statediff operation. Enum options - FB_PRE_SNAPSHOT, FB_POST_SNAPSHOT. Field introduced in 21.1.3. +* `status` - (Optional) Status of statediff operation. Enum options - FB_INIT, FB_IN_PROGRESS, FB_COMPLETED, FB_FAILED, FB_COMPLETED_WITH_ERRORS. Field introduced in 21.1.3. +* `tenant_ref` - (Optional) Tenant that this object belongs to. It is a reference to an object of type tenant. Field introduced in 21.1.3. + + +### Timeouts + +The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions: + +* `create` - (Defaults to 40 mins) Used when creating the AMI +* `update` - (Defaults to 40 mins) Used when updating the AMI +* `delete` - (Defaults to 90 mins) Used when deregistering the AMI + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `uuid` - Unique identifier for statediff entry. Field introduced in 21.1.3. + diff --git a/website/docs/r/avi_statediffsnapshot.html.markdown b/website/docs/r/avi_statediffsnapshot.html.markdown new file mode 100644 index 000000000..34fa45591 --- /dev/null +++ b/website/docs/r/avi_statediffsnapshot.html.markdown @@ -0,0 +1,62 @@ + +--- +layout: "avi" +page_title: "Avi: avi_statediffsnapshot" +sidebar_current: "docs-avi-resource-statediffsnapshot" +description: |- + Creates and manages Avi StatediffSnapshot. +--- + +# avi_statediffsnapshot + +The StatediffSnapshot resource allows the creation and management of Avi StatediffSnapshot + +## Example Usage + +```hcl +resource "avi_statediffsnapshot" "foo" { + name = "terraform-example-foo" + tenant_ref = "/api/tenant/?name=admin" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `configpb_attributes` - (Optional) Protobuf versioning for config pbs. Field introduced in 21.1.1. +* `gslb_name` - (Optional) Name of gslb object. Field introduced in 21.1.3. +* `gslb_uuid` - (Optional) Reference to base gslb object. Field introduced in 21.1.3. +* `name` - (Optional) Name of statediff operation. Field introduced in 21.1.3. +* `pool_name` - (Optional) Name of pool object. Field introduced in 21.1.3. +* `pool_uuid` - (Optional) Reference to base pool object. Field introduced in 21.1.3. +* `post_snapshot` - (Optional) Post-upgrade snapshot for vs. Field introduced in 21.1.3. +* `pre_snapshot` - (Optional) Pre-upgrade snapshot for vs. Field introduced in 21.1.3. +* `se_group_name` - (Optional) Name of seg object. Field introduced in 21.1.3. +* `se_group_uuid` - (Optional) Reference to base seg object. Field introduced in 21.1.3. +* `se_name` - (Optional) Name of seg object. Field introduced in 21.1.3. +* `se_uuid` - (Optional) Reference to base se object. Field introduced in 21.1.3. +* `snapshot_type` - (Optional) Type of snapshot eg. Vs_snapshot, se_snapshot etc. Enum options - FB_VS_SNAPSHOT, FB_SE_SNAPSHOT, FB_GSLB_SNAPSHOT, FB_POOL_SNAPSHOT. Field introduced in 21.1.3. +* `statediff_operation_ref` - (Optional) Statediff operation uuid for identifying the operation. It is a reference to an object of type statediffoperation. Field introduced in 21.1.3. +* `tenant_ref` - (Optional) Tenant that this object belongs to. It is a reference to an object of type tenant. Field introduced in 21.1.3. +* `vs_name` - (Optional) Name of vs object. Field introduced in 21.1.3. +* `vs_uuid` - (Optional) Reference to base vs object. Field introduced in 21.1.3. + + +### Timeouts + +The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions: + +* `create` - (Defaults to 40 mins) Used when creating the AMI +* `update` - (Defaults to 40 mins) Used when updating the AMI +* `delete` - (Defaults to 90 mins) Used when deregistering the AMI + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `uuid` - Unique identifier for statediff entry. Field introduced in 21.1.3. + diff --git a/website/docs/r/avi_upgradestatusinfo.html.markdown b/website/docs/r/avi_upgradestatusinfo.html.markdown index b0f34378d..9eb2b324a 100644 --- a/website/docs/r/avi_upgradestatusinfo.html.markdown +++ b/website/docs/r/avi_upgradestatusinfo.html.markdown @@ -63,6 +63,7 @@ The following arguments are supported: * `seg_status` - (Optional) Detailed segroup status. Field introduced in 18.2.6. * `start_time` - (Optional) Start time of upgrade operation. Field introduced in 18.2.6. * `state` - (Optional) Current status of the upgrade operation. Field introduced in 18.2.6. +* `statediff_ref` - (Optional) Record of pre/post snapshot captured for current upgrade operation. It is a reference to an object of type statediffoperation. Field introduced in 21.1.3. * `system` - (Optional) Flag is set only in the cluster if the upgrade is initiated as a system-upgrade. Field introduced in 18.2.6. * `tasks_completed` - (Optional) Completed set of tasks in the upgrade operation. Field introduced in 18.2.6. * `tenant_ref` - (Optional) Tenant that this object belongs to. It is a reference to an object of type tenant. Field introduced in 18.2.6. diff --git a/website/docs/r/avi_virtualservice.html.markdown b/website/docs/r/avi_virtualservice.html.markdown index c768faa50..2569fa2ca 100644 --- a/website/docs/r/avi_virtualservice.html.markdown +++ b/website/docs/r/avi_virtualservice.html.markdown @@ -73,6 +73,7 @@ The following arguments are supported: * `network_profile_ref` - (Optional) Determines network settings such as protocol, tcp or udp, and related options for the protocol. It is a reference to an object of type networkprofile. Special default for essentials edition is system-tcp-fast-path. * `network_security_policy_ref` - (Optional) Network security policies for the virtual service. It is a reference to an object of type networksecuritypolicy. * `nsx_securitygroup` - (Optional) A list of nsx groups representing the clients which can access the virtual ip of the virtual service. Field introduced in 17.1.1. +* `oauth_vs_config` - (Optional) Virtualservice specific oauth config. Field introduced in 21.1.3. * `performance_limits` - (Optional) Optional settings that determine performance limits like max connections or bandwdith etc. * `pool_group_ref` - (Optional) The pool group is an object that contains pools. It is a reference to an object of type poolgroup. * `pool_ref` - (Optional) The pool is an object that contains destination servers and related attributes such as load-balancing and persistence. It is a reference to an object of type pool. diff --git a/website/docs/r/avi_wafpolicy.html.markdown b/website/docs/r/avi_wafpolicy.html.markdown index f1e9c0bec..071dd38f6 100644 --- a/website/docs/r/avi_wafpolicy.html.markdown +++ b/website/docs/r/avi_wafpolicy.html.markdown @@ -50,7 +50,6 @@ The following arguments are supported: * `positive_security_model` - (Optional) The positive security model. This is used to describe how the request or parts of the request should look like. It is executed in the request body phase of avi waf. Field introduced in 18.2.3. * `post_crs_groups` - (Optional) Waf rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced after the crs groups. Field introduced in 17.2.1. * `pre_crs_groups` - (Optional) Waf rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced before the crs groups. Field introduced in 17.2.1. -* `resolved_crs_groups` - (Optional) A resolved version of waf_crs_ref with waf_crs_overrides applied. Field introduced in 20.1.6. * `tenant_ref` - (Optional) It is a reference to an object of type tenant. Field introduced in 17.2.1. * `waf_crs_ref` - (Optional) Waf core ruleset used for the crs part of this policy. It is a reference to an object of type wafcrs. Field introduced in 18.1.1.