diff --git a/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/import.sh b/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/import.sh new file mode 100644 index 00000000..f587964e --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/import.sh @@ -0,0 +1,42 @@ +#!/bin/bash +# An OSPF authentication routing profile can be imported by providing the following base64 encoded object as the ID + +# Import from an NGFW device +# { +# location = { +# ngfw = { +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospf-simple-password" +# } +terraform import panos_ospf_auth_routing_profile.example $(echo '{"location":{"ngfw":{"ngfw_device":"localhost.localdomain"}},"name":"ospf-simple-password"}' | base64) + +# Import from a Panorama template +# { +# location = { +# template = { +# name = "ospf-routing-template" +# panorama_device = "localhost.localdomain" +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospf-md5-auth" +# } +terraform import panos_ospf_auth_routing_profile.example $(echo '{"location":{"template":{"name":"ospf-routing-template","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}},"name":"ospf-md5-auth"}' | base64) + +# Import from a Panorama template stack +# { +# location = { +# template_stack = { +# name = "ospf-routing-stack" +# panorama_device = "localhost.localdomain" +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospf-md5-auth" +# } +terraform import panos_ospf_auth_routing_profile.example $(echo '{"location":{"template_stack":{"name":"ospf-routing-stack","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}},"name":"ospf-md5-auth"}' | base64) diff --git a/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/md5-auth.tf b/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/md5-auth.tf new file mode 100644 index 00000000..7fece937 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/md5-auth.tf @@ -0,0 +1,30 @@ +# Create a template for the OSPF routing configuration +resource "panos_template" "ospf_template" { + location = { panorama = {} } + name = "ospf-routing-template" +} + +# OSPF Authentication Profile with MD5 authentication using multiple keys +# This allows for key rotation - the preferred key is used for sending packets +# while all keys can validate incoming packets +resource "panos_ospf_auth_routing_profile" "md5_auth" { + location = { + template = { + name = panos_template.ospf_template.name + } + } + + name = "ospf-md5-auth" + + md5 = [ + { + name = "key-1" + key = "SecureKey123456" + preferred = true + }, + { + name = "key-2" + key = "BackupKey987654" + } + ] +} diff --git a/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/password-auth.tf b/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/password-auth.tf new file mode 100644 index 00000000..4c4e18f8 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/password-auth.tf @@ -0,0 +1,17 @@ +# Create a template for the OSPF routing configuration +resource "panos_template" "ospf_password_template" { + location = { panorama = {} } + name = "ospf-password-template" +} + +# OSPF Authentication Profile with simple password authentication +resource "panos_ospf_auth_routing_profile" "password_auth" { + location = { + template = { + name = panos_template.ospf_password_template.name + } + } + + name = "ospf-simple-password" + password = "Palo@123" +} diff --git a/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/resource.tf b/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/resource.tf new file mode 100644 index 00000000..85587fb1 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_auth_routing_profile/resource.tf @@ -0,0 +1,17 @@ +# Create a template +resource "panos_template" "ospf_simple_template" { + location = { panorama = {} } + name = "ospf-simple-template" +} + +# OSPF Authentication Profile using simple password +resource "panos_ospf_auth_routing_profile" "simple_password" { + location = { + template = { + name = panos_template.ospf_simple_template.name + } + } + + name = "ospf-simple-auth" + password = "ospf-pass" +} diff --git a/assets/terraform/examples/resources/panos_ospf_interface_timer_routing_profile/import.sh b/assets/terraform/examples/resources/panos_ospf_interface_timer_routing_profile/import.sh new file mode 100644 index 00000000..d1ed92ff --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_interface_timer_routing_profile/import.sh @@ -0,0 +1,5 @@ +#!/bin/bash +# Import an OSPF interface timer routing profile from a template +location='{"template":{"name":"ospf-routing-template","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}}' +encoded_location=$(echo -n "$location" | base64) +terraform import "panos_ospf_interface_timer_routing_profile.custom_timers" "$encoded_location:custom-if-timer-profile" diff --git a/assets/terraform/examples/resources/panos_ospf_interface_timer_routing_profile/resource.tf b/assets/terraform/examples/resources/panos_ospf_interface_timer_routing_profile/resource.tf new file mode 100644 index 00000000..f7b7ecab --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_interface_timer_routing_profile/resource.tf @@ -0,0 +1,21 @@ +# Create a template +resource "panos_template" "ospf_template" { + location = { panorama = {} } + name = "ospf-routing-template" +} + +# OSPF Interface Timer Profile with custom timer values +resource "panos_ospf_interface_timer_routing_profile" "custom_timers" { + location = { + template = { + name = panos_template.ospf_template.name + } + } + + name = "custom-if-timer-profile" + hello_interval = 30 + dead_counts = 4 + retransmit_interval = 10 + transit_delay = 2 + gr_delay = 5 +} diff --git a/assets/terraform/examples/resources/panos_ospf_redistribution_routing_profile/import.sh b/assets/terraform/examples/resources/panos_ospf_redistribution_routing_profile/import.sh new file mode 100644 index 00000000..990f5403 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_redistribution_routing_profile/import.sh @@ -0,0 +1,41 @@ +# An OSPF redistribution routing profile can be imported by providing the following base64 encoded object as the ID + +# Import from an NGFW device +# { +# location = { +# ngfw = { +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospf-redistribute-connected" +# } +terraform import panos_ospf_redistribution_routing_profile.example $(echo '{"location":{"ngfw":{"ngfw_device":"localhost.localdomain"}},"name":"ospf-redistribute-connected"}' | base64) + +# Import from a Panorama template +# { +# location = { +# template = { +# name = "ospf-routing-template" +# panorama_device = "localhost.localdomain" +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospf-redistribute-connected" +# } +terraform import panos_ospf_redistribution_routing_profile.example $(echo '{"location":{"template":{"name":"ospf-routing-template","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}},"name":"ospf-redistribute-connected"}' | base64) + +# Import from a Panorama template stack +# { +# location = { +# template_stack = { +# name = "ospf-routing-stack" +# panorama_device = "localhost.localdomain" +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospf-redistribute-connected" +# } +terraform import panos_ospf_redistribution_routing_profile.example $(echo '{"location":{"template_stack":{"name":"ospf-routing-stack","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}},"name":"ospf-redistribute-connected"}' | base64) diff --git a/assets/terraform/examples/resources/panos_ospf_redistribution_routing_profile/resource.tf b/assets/terraform/examples/resources/panos_ospf_redistribution_routing_profile/resource.tf new file mode 100644 index 00000000..528afde0 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_redistribution_routing_profile/resource.tf @@ -0,0 +1,111 @@ +# Create a template for OSPF redistribution profiles +resource "panos_template" "ospf_template" { + location = { panorama = {} } + name = "ospf-routing-template" +} + +# Redistribute connected routes into OSPF with basic configuration +resource "panos_ospf_redistribution_routing_profile" "connected" { + location = { + template = { + name = panos_template.ospf_template.name + } + } + + name = "ospf-redistribute-connected" + + connected = { + enable = true + metric = 10 + metric_type = "type-1" + } +} + +# Redistribute BGP routes into OSPF with type-2 metric +resource "panos_ospf_redistribution_routing_profile" "bgp" { + location = { + template = { + name = panos_template.ospf_template.name + } + } + + name = "ospf-redistribute-bgp" + + bgp = { + enable = true + metric = 100 + metric_type = "type-2" + } +} + +# Redistribute static routes with route-map filtering +resource "panos_ospf_redistribution_routing_profile" "static_with_map" { + location = { + template = { + name = panos_template.ospf_template.name + } + } + + name = "ospf-redistribute-static-filtered" + + static = { + enable = true + route_map = "static-route-filter" + # Note: metric and metric_type are ignored when route_map is configured + } +} + +# Redistribute multiple sources into OSPF with different configurations +resource "panos_ospf_redistribution_routing_profile" "multiple" { + location = { + template = { + name = panos_template.ospf_template.name + } + } + + name = "ospf-redistribute-multiple" + + connected = { + enable = true + metric = 10 + metric_type = "type-1" + } + + static = { + enable = true + metric = 20 + metric_type = "type-1" + } + + bgp = { + enable = true + metric = 100 + metric_type = "type-2" + } + + rip = { + enable = true + metric = 50 + metric_type = "type-2" + route_map = "rip-filter-map" + } +} + +# Default route redistribution with always option +# The 'always' option generates a default route even if one doesn't exist +resource "panos_ospf_redistribution_routing_profile" "default_route" { + location = { + template = { + name = panos_template.ospf_template.name + } + } + + name = "ospf-redistribute-default" + + default_route = { + enable = true + always = true + metric = 1 + metric_type = "type-1" + } +} diff --git a/assets/terraform/examples/resources/panos_ospf_spf_timer_routing_profile/resource.tf b/assets/terraform/examples/resources/panos_ospf_spf_timer_routing_profile/resource.tf new file mode 100644 index 00000000..c3e1744a --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospf_spf_timer_routing_profile/resource.tf @@ -0,0 +1,20 @@ +# Create a template +resource "panos_template" "ospf_template" { + location = { panorama = {} } + name = "ospf-routing-template" +} + +# OSPF SPF Timer Profile with custom timing values +resource "panos_ospf_spf_timer_routing_profile" "custom_timers" { + location = { + template = { + name = panos_template.ospf_template.name + } + } + + name = "custom-spf-timer-profile" + spf_calculation_delay = 10 + initial_hold_time = 15 + max_hold_time = 30 + lsa_interval = 8 +} diff --git a/assets/terraform/examples/resources/panos_ospfv3_auth_routing_profile/import.sh b/assets/terraform/examples/resources/panos_ospfv3_auth_routing_profile/import.sh new file mode 100644 index 00000000..cff12ce0 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospfv3_auth_routing_profile/import.sh @@ -0,0 +1,41 @@ +# An OSPFv3 auth routing profile can be imported by providing the following base64 encoded object as the ID + +# Import from an NGFW device +# { +# location = { +# ngfw = { +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospfv3-ah-sha256-profile" +# } +terraform import panos_ospfv3_auth_routing_profile.example $(echo '{"location":{"ngfw":{"ngfw_device":"localhost.localdomain"}},"name":"ospfv3-ah-sha256-profile"}' | base64) + +# Import from a Panorama template +# { +# location = { +# template = { +# name = "my-template" +# panorama_device = "localhost.localdomain" +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospfv3-esp-secure-profile" +# } +terraform import panos_ospfv3_auth_routing_profile.example $(echo '{"location":{"template":{"name":"my-template","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}},"name":"ospfv3-esp-secure-profile"}' | base64) + +# Import from a Panorama template stack +# { +# location = { +# template_stack = { +# name = "my-template-stack" +# panorama_device = "localhost.localdomain" +# ngfw_device = "localhost.localdomain" +# } +# } +# +# name = "ospfv3-esp-encrypt-only" +# } +terraform import panos_ospfv3_auth_routing_profile.example $(echo '{"location":{"template_stack":{"name":"my-template-stack","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}},"name":"ospfv3-esp-encrypt-only"}' | base64) diff --git a/assets/terraform/examples/resources/panos_ospfv3_auth_routing_profile/resource.tf b/assets/terraform/examples/resources/panos_ospfv3_auth_routing_profile/resource.tf new file mode 100644 index 00000000..87e144f8 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospfv3_auth_routing_profile/resource.tf @@ -0,0 +1,69 @@ +# Create a template +resource "panos_template" "ospfv3_template" { + location = { panorama = {} } + name = "ospfv3-routing-template" +} + +# OSPFv3 Authentication Profile using AH with SHA-256 +resource "panos_ospfv3_auth_routing_profile" "ah_sha256" { + location = { + template = { + name = panos_template.ospfv3_template.name + } + } + + name = "ospfv3-ah-sha256-profile" + spi = "00000101" + + ah = { + sha256 = { + key = "a1b2c3d4-e5f6a7b8-c9d0e1f2-a3b4c5d6-e7f8a9b0-c1d2e3f4-a5b6c7d8-e9f0a1b2" + } + } +} + +# OSPFv3 Authentication Profile using ESP with authentication and encryption +resource "panos_ospfv3_auth_routing_profile" "esp_full" { + location = { + template = { + name = panos_template.ospfv3_template.name + } + } + + name = "ospfv3-esp-secure-profile" + spi = "00000201" + + esp = { + authentication = { + sha512 = { + key = "1a2b3c4d-5e6f7a8b-9c0d1e2f-3a4b5c6d-7e8f9a0b-1c2d3e4f-5a6b7c8d-9e0f1a2b-3c4d5e6f-7a8b9c0d-1e2f3a4b-5c6d7e8f-9a0b1c2d-3e4f5a6b-7c8d9e0f-1a2b3c4d" + } + } + encryption = { + algorithm = "aes-256-cbc" + key = "f1e2d3c4-b5a69788-9a0b1c2d-3e4f5a6b-7c8d9e0f-1a2b3c4d-5e6f7a8b-9c0d1e2f" + } + } +} + +# OSPFv3 Authentication Profile using ESP with encryption only (no authentication) +resource "panos_ospfv3_auth_routing_profile" "esp_encrypt_only" { + location = { + template = { + name = panos_template.ospfv3_template.name + } + } + + name = "ospfv3-esp-encrypt-only" + spi = "00000301" + + esp = { + authentication = { + none = {} + } + encryption = { + algorithm = "aes-128-cbc" + key = "a1b2c3d4-e5f6a7b8-c9d0e1f2-a3b4c5d6" + } + } +} diff --git a/assets/terraform/examples/resources/panos_ospfv3_if_timer_routing_profile/resource.tf b/assets/terraform/examples/resources/panos_ospfv3_if_timer_routing_profile/resource.tf new file mode 100644 index 00000000..75e6023c --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospfv3_if_timer_routing_profile/resource.tf @@ -0,0 +1,21 @@ +# Create a template +resource "panos_template" "ospfv3_template" { + location = { panorama = {} } + name = "ospfv3-routing-template" +} + +# OSPFv3 Interface Timer Profile with custom timer values +resource "panos_ospfv3_if_timer_routing_profile" "custom_timers" { + location = { + template = { + name = panos_template.ospfv3_template.name + } + } + + name = "custom-if-timer-profile" + hello_interval = 30 + dead_counts = 4 + retransmit_interval = 10 + transit_delay = 2 + gr_delay = 5 +} diff --git a/assets/terraform/examples/resources/panos_ospfv3_redistribution_routing_profile/import.sh b/assets/terraform/examples/resources/panos_ospfv3_redistribution_routing_profile/import.sh new file mode 100644 index 00000000..ac879b87 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospfv3_redistribution_routing_profile/import.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +# An OSPFv3 redistribution routing profile can be imported by providing a base64 encoded JSON object as the ID + +# Import from an NGFW device +# { +# "location": { +# "ngfw": { +# "ngfw_device": "localhost.localdomain" +# } +# }, +# "name": "ospfv3-redistribute-connected" +# } +terraform import panos_ospfv3_redistribution_routing_profile.connected_routes $(echo '{"location":{"ngfw":{"ngfw_device":"localhost.localdomain"}},"name":"ospfv3-redistribute-connected"}' | base64) + +# Import from a Panorama template +# { +# "location": { +# "template": { +# "name": "production-template", +# "panorama_device": "localhost.localdomain", +# "ngfw_device": "localhost.localdomain" +# } +# }, +# "name": "ospfv3-redistribute-connected" +# } +terraform import panos_ospfv3_redistribution_routing_profile.connected_routes $(echo '{"location":{"template":{"name":"production-template","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}},"name":"ospfv3-redistribute-connected"}' | base64) + +# Import from a Panorama template stack +# { +# "location": { +# "template_stack": { +# "name": "production-stack", +# "panorama_device": "localhost.localdomain", +# "ngfw_device": "localhost.localdomain" +# } +# }, +# "name": "ospfv3-redistribute-connected" +# } +terraform import panos_ospfv3_redistribution_routing_profile.connected_routes $(echo '{"location":{"template_stack":{"name":"production-stack","panorama_device":"localhost.localdomain","ngfw_device":"localhost.localdomain"}},"name":"ospfv3-redistribute-connected"}' | base64) diff --git a/assets/terraform/examples/resources/panos_ospfv3_redistribution_routing_profile/resource.tf b/assets/terraform/examples/resources/panos_ospfv3_redistribution_routing_profile/resource.tf new file mode 100644 index 00000000..065f4774 --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospfv3_redistribution_routing_profile/resource.tf @@ -0,0 +1,75 @@ +# OSPFv3 Redistribution Profile - Connected Routes +# This example redistributes directly connected routes into OSPFv3 +# with Type-1 metric, making OSPFv3 prefer these routes based on +# accumulated cost from the redistributing router +resource "panos_ospfv3_redistribution_routing_profile" "connected_routes" { + location = { + template = { + name = "production-template" + } + } + + name = "ospfv3-redistribute-connected" + + connected = { + enable = true + metric = 10 + metric_type = "type-1" + } +} + +# OSPFv3 Redistribution Profile - Default Route with Always Option +# This example advertises a default route into OSPFv3 even if the +# router doesn't have one in its routing table. The 'always' flag +# is critical for ensuring default route availability +resource "panos_ospfv3_redistribution_routing_profile" "default_route" { + location = { + template = { + name = "production-template" + } + } + + name = "ospfv3-default-originate" + + default_route = { + enable = true + always = true + metric = 1 + metric_type = "type-1" + } +} + +# OSPFv3 Redistribution Profile - Multiple Sources with Route Map +# This example redistributes multiple route sources (connected, static, BGP) +# into OSPFv3. BGP routes use a route-map for selective redistribution and +# metric manipulation, while connected/static use direct metrics +resource "panos_ospfv3_redistribution_routing_profile" "multi_source" { + location = { + template = { + name = "production-template" + } + } + + name = "ospfv3-redistribute-all" + + # Redistribute connected interfaces with low metric + connected = { + enable = true + metric = 10 + metric_type = "type-1" + } + + # Redistribute static routes with medium metric + static = { + enable = true + metric = 50 + metric_type = "type-2" + } + + # Redistribute BGP routes using route-map for filtering + # Note: When route-map is configured, metric and metric_type are ignored + bgp = { + enable = true + route_map = "bgp-to-ospfv3-filter" + } +} diff --git a/assets/terraform/examples/resources/panos_ospfv3_spf_timer_routing_profile/resource.tf b/assets/terraform/examples/resources/panos_ospfv3_spf_timer_routing_profile/resource.tf new file mode 100644 index 00000000..258d538f --- /dev/null +++ b/assets/terraform/examples/resources/panos_ospfv3_spf_timer_routing_profile/resource.tf @@ -0,0 +1,20 @@ +# Create a template +resource "panos_template" "ospfv3_template" { + location = { panorama = {} } + name = "ospfv3-routing-template" +} + +# OSPFv3 SPF Timer Profile with custom timing values +resource "panos_ospfv3_spf_timer_routing_profile" "custom_timers" { + location = { + template = { + name = panos_template.ospfv3_template.name + } + } + + name = "custom-spf-timer-profile" + spf_calculation_delay = 10 + initial_hold_time = 15 + max_hold_time = 30 + lsa_interval = 8 +} diff --git a/assets/terraform/test/resource_ospf_auth_routing_profile_test.go b/assets/terraform/test/resource_ospf_auth_routing_profile_test.go new file mode 100644 index 00000000..e73200e2 --- /dev/null +++ b/assets/terraform/test/resource_ospf_auth_routing_profile_test.go @@ -0,0 +1,176 @@ +package provider_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/config" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/knownvalue" + "github.com/hashicorp/terraform-plugin-testing/statecheck" + "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" +) + +func TestAccOspfAuthRoutingProfile_Password(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfAuthRoutingProfile_Password_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + // Password is hashed, so we can't check exact value + // Just verify it's not null since we set it + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("password"), + knownvalue.NotNull(), + ), + }, + }, + }, + }) +} + +const ospfAuthRoutingProfile_Password_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospf_auth_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + password = "test123" +} +` + +func TestAccOspfAuthRoutingProfile_Md5(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfAuthRoutingProfile_Md5_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + // Check MD5 list has 2 entries + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("md5"), + knownvalue.ListSizeExact(2), + ), + // Check first MD5 entry name + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("md5").AtSliceIndex(0).AtMapKey("name"), + knownvalue.StringExact("1"), + ), + // Key is hashed, so verify it's not null + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("md5").AtSliceIndex(0).AtMapKey("key"), + knownvalue.NotNull(), + ), + // Check preferred flag + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("md5").AtSliceIndex(0).AtMapKey("preferred"), + knownvalue.Bool(true), + ), + // Check second MD5 entry name + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("md5").AtSliceIndex(1).AtMapKey("name"), + knownvalue.StringExact("2"), + ), + // Key is hashed, so verify it's not null + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("md5").AtSliceIndex(1).AtMapKey("key"), + knownvalue.NotNull(), + ), + // Check preferred flag (should be false/null for second entry) + statecheck.ExpectKnownValue( + "panos_ospf_auth_routing_profile.example", + tfjsonpath.New("md5").AtSliceIndex(1).AtMapKey("preferred"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfAuthRoutingProfile_Md5_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospf_auth_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + md5 = [ + { + name = "1" + key = "mykey123" + preferred = true + }, + { + name = "2" + key = "anotherkey456" + } + ] +} +` diff --git a/assets/terraform/test/resource_ospf_interface_timer_routing_profile_test.go b/assets/terraform/test/resource_ospf_interface_timer_routing_profile_test.go new file mode 100644 index 00000000..d484732c --- /dev/null +++ b/assets/terraform/test/resource_ospf_interface_timer_routing_profile_test.go @@ -0,0 +1,94 @@ +package provider_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/config" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/knownvalue" + "github.com/hashicorp/terraform-plugin-testing/statecheck" + "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" +) + +func TestAccOspfInterfaceTimerRoutingProfile_Basic(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfInterfaceTimerRoutingProfile_Basic_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospf_interface_timer_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospf_interface_timer_routing_profile.example", + tfjsonpath.New("dead_counts"), + knownvalue.Int64Exact(10), + ), + statecheck.ExpectKnownValue( + "panos_ospf_interface_timer_routing_profile.example", + tfjsonpath.New("gr_delay"), + knownvalue.Int64Exact(5), + ), + statecheck.ExpectKnownValue( + "panos_ospf_interface_timer_routing_profile.example", + tfjsonpath.New("hello_interval"), + knownvalue.Int64Exact(30), + ), + statecheck.ExpectKnownValue( + "panos_ospf_interface_timer_routing_profile.example", + tfjsonpath.New("retransmit_interval"), + knownvalue.Int64Exact(10), + ), + statecheck.ExpectKnownValue( + "panos_ospf_interface_timer_routing_profile.example", + tfjsonpath.New("transit_delay"), + knownvalue.Int64Exact(5), + ), + }, + }, + }, + }) +} + +const ospfInterfaceTimerRoutingProfile_Basic_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospf_interface_timer_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + dead_counts = 10 + gr_delay = 5 + hello_interval = 30 + retransmit_interval = 10 + transit_delay = 5 +} +` diff --git a/assets/terraform/test/resource_ospf_redistribution_routing_profile_test.go b/assets/terraform/test/resource_ospf_redistribution_routing_profile_test.go new file mode 100644 index 00000000..17ff01e8 --- /dev/null +++ b/assets/terraform/test/resource_ospf_redistribution_routing_profile_test.go @@ -0,0 +1,297 @@ +package provider_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/config" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/knownvalue" + "github.com/hashicorp/terraform-plugin-testing/statecheck" + "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" +) + +func TestAccOspfRedistributionRoutingProfile_Basic(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfRedistributionRoutingProfile_Basic_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("bgp"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(100), + "metric_type": knownvalue.StringExact("type-1"), + "route_map": knownvalue.Null(), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("connected"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(50), + "metric_type": knownvalue.StringExact("type-2"), + "route_map": knownvalue.Null(), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("default_route"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("rip"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("static"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfRedistributionRoutingProfile_Basic_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospf_redistribution_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + + bgp = { + enable = true + metric = 100 + metric_type = "type-1" + } + + connected = { + enable = true + metric = 50 + metric_type = "type-2" + } +} +` + +func TestAccOspfRedistributionRoutingProfile_DefaultRoute(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfRedistributionRoutingProfile_DefaultRoute_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("default_route"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "always": knownvalue.Bool(true), + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(10), + "metric_type": knownvalue.StringExact("type-1"), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("bgp"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("connected"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("rip"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("static"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfRedistributionRoutingProfile_DefaultRoute_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospf_redistribution_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + + default_route = { + always = true + enable = true + metric = 10 + metric_type = "type-1" + } +} +` + +func TestAccOspfRedistributionRoutingProfile_StaticAndRip(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfRedistributionRoutingProfile_StaticAndRip_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("static"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(200), + "metric_type": knownvalue.StringExact("type-2"), + "route_map": knownvalue.Null(), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("rip"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(150), + "metric_type": knownvalue.StringExact("type-1"), + "route_map": knownvalue.Null(), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("bgp"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("connected"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospf_redistribution_routing_profile.example", + tfjsonpath.New("default_route"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfRedistributionRoutingProfile_StaticAndRip_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospf_redistribution_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + + static = { + enable = true + metric = 200 + metric_type = "type-2" + } + + rip = { + enable = true + metric = 150 + metric_type = "type-1" + } +} +` diff --git a/assets/terraform/test/resource_ospf_spf_timer_routing_profile_test.go b/assets/terraform/test/resource_ospf_spf_timer_routing_profile_test.go new file mode 100644 index 00000000..1c36fabf --- /dev/null +++ b/assets/terraform/test/resource_ospf_spf_timer_routing_profile_test.go @@ -0,0 +1,88 @@ +package provider_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/config" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/knownvalue" + "github.com/hashicorp/terraform-plugin-testing/statecheck" + "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" +) + +func TestAccOspfSpfTimerRoutingProfile_Basic(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfSpfTimerRoutingProfile_Basic_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospf_spf_timer_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospf_spf_timer_routing_profile.example", + tfjsonpath.New("initial_hold_time"), + knownvalue.Int64Exact(10), + ), + statecheck.ExpectKnownValue( + "panos_ospf_spf_timer_routing_profile.example", + tfjsonpath.New("lsa_interval"), + knownvalue.Int64Exact(7), + ), + statecheck.ExpectKnownValue( + "panos_ospf_spf_timer_routing_profile.example", + tfjsonpath.New("max_hold_time"), + knownvalue.Int64Exact(20), + ), + statecheck.ExpectKnownValue( + "panos_ospf_spf_timer_routing_profile.example", + tfjsonpath.New("spf_calculation_delay"), + knownvalue.Int64Exact(15), + ), + }, + }, + }, + }) +} + +const ospfSpfTimerRoutingProfile_Basic_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospf_spf_timer_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + initial_hold_time = 10 + lsa_interval = 7 + max_hold_time = 20 + spf_calculation_delay = 15 +} +` diff --git a/assets/terraform/test/resource_ospfv3_auth_routing_profile_test.go b/assets/terraform/test/resource_ospfv3_auth_routing_profile_test.go new file mode 100644 index 00000000..d8b41efd --- /dev/null +++ b/assets/terraform/test/resource_ospfv3_auth_routing_profile_test.go @@ -0,0 +1,276 @@ +package provider_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/config" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/knownvalue" + "github.com/hashicorp/terraform-plugin-testing/statecheck" + "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" +) + +func TestAccOspfv3AuthRoutingProfile_Basic(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfv3AuthRoutingProfile_Basic_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("spi"), + knownvalue.StringExact("12345678"), + ), + // Verify AH variant is set + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("ah"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "sha256": knownvalue.ObjectExact(map[string]knownvalue.Check{ + // Don't check key value - it will be hashed/encrypted + "key": knownvalue.NotNull(), + }), + "md5": knownvalue.Null(), + "sha1": knownvalue.Null(), + "sha384": knownvalue.Null(), + "sha512": knownvalue.Null(), + }), + ), + // Verify ESP variant is null (mutually exclusive with AH) + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("esp"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfv3AuthRoutingProfile_Basic_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospfv3_auth_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + spi = "12345678" + ah = { + sha256 = { + key = "aaaaaaaa-bbbbbbbb-cccccccc-dddddddd-eeeeeeee-ffffffff-99999999-88888888" + } + } +} +` + +func TestAccOspfv3AuthRoutingProfile_Ah_Md5(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfv3AuthRoutingProfile_Ah_Md5_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("spi"), + knownvalue.StringExact("abcdef00"), + ), + // Verify AH variant with MD5 + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("ah"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "md5": knownvalue.ObjectExact(map[string]knownvalue.Check{ + // Don't check key value - it will be hashed/encrypted + "key": knownvalue.NotNull(), + }), + "sha1": knownvalue.Null(), + "sha256": knownvalue.Null(), + "sha384": knownvalue.Null(), + "sha512": knownvalue.Null(), + }), + ), + // Verify ESP variant is null + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("esp"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfv3AuthRoutingProfile_Ah_Md5_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospfv3_auth_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + spi = "abcdef00" + ah = { + md5 = { + key = "11111111-22222222-33333333-44444444" + } + } +} +` + +func TestAccOspfv3AuthRoutingProfile_Esp_AuthAndEncryption(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfv3AuthRoutingProfile_Esp_AuthAndEncryption_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("spi"), + knownvalue.StringExact("aabbccdd"), + ), + // Verify AH variant is null (mutually exclusive with ESP) + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("ah"), + knownvalue.Null(), + ), + // Verify ESP variant is set with authentication and encryption + statecheck.ExpectKnownValue( + "panos_ospfv3_auth_routing_profile.example", + tfjsonpath.New("esp"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "authentication": knownvalue.ObjectExact(map[string]knownvalue.Check{ + "sha256": knownvalue.ObjectExact(map[string]knownvalue.Check{ + // Don't check key value - it will be hashed/encrypted + "key": knownvalue.NotNull(), + }), + "md5": knownvalue.Null(), + "none": knownvalue.Null(), + "sha1": knownvalue.Null(), + "sha384": knownvalue.Null(), + "sha512": knownvalue.Null(), + }), + "encryption": knownvalue.ObjectExact(map[string]knownvalue.Check{ + "algorithm": knownvalue.StringExact("aes-256-cbc"), + // Don't check key value - it will be hashed/encrypted + "key": knownvalue.NotNull(), + }), + }), + ), + }, + }, + }, + }) +} + +const ospfv3AuthRoutingProfile_Esp_AuthAndEncryption_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospfv3_auth_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + spi = "aabbccdd" + esp = { + authentication = { + sha256 = { + key = "aaaaaaaa-bbbbbbbb-cccccccc-dddddddd-eeeeeeee-ffffffff-99999999-88888888" + } + } + encryption = { + algorithm = "aes-256-cbc" + key = "11111111-22222222-33333333-44444444-55555555-66666666-77777777-88888888" + } + } +} +` diff --git a/assets/terraform/test/resource_ospfv3_if_timer_routing_profile_test.go b/assets/terraform/test/resource_ospfv3_if_timer_routing_profile_test.go new file mode 100644 index 00000000..4ace24f1 --- /dev/null +++ b/assets/terraform/test/resource_ospfv3_if_timer_routing_profile_test.go @@ -0,0 +1,94 @@ +package provider_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/config" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/knownvalue" + "github.com/hashicorp/terraform-plugin-testing/statecheck" + "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" +) + +func TestAccOspfv3IfTimerRoutingProfile_Basic(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfv3IfTimerRoutingProfile_Basic_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospfv3_if_timer_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_if_timer_routing_profile.example", + tfjsonpath.New("dead_counts"), + knownvalue.Int64Exact(10), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_if_timer_routing_profile.example", + tfjsonpath.New("gr_delay"), + knownvalue.Int64Exact(5), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_if_timer_routing_profile.example", + tfjsonpath.New("hello_interval"), + knownvalue.Int64Exact(30), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_if_timer_routing_profile.example", + tfjsonpath.New("retransmit_interval"), + knownvalue.Int64Exact(10), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_if_timer_routing_profile.example", + tfjsonpath.New("transit_delay"), + knownvalue.Int64Exact(5), + ), + }, + }, + }, + }) +} + +const ospfv3IfTimerRoutingProfile_Basic_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospfv3_if_timer_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + dead_counts = 10 + gr_delay = 5 + hello_interval = 30 + retransmit_interval = 10 + transit_delay = 5 +} +` diff --git a/assets/terraform/test/resource_ospfv3_redistribution_routing_profile_test.go b/assets/terraform/test/resource_ospfv3_redistribution_routing_profile_test.go new file mode 100644 index 00000000..5482cfb9 --- /dev/null +++ b/assets/terraform/test/resource_ospfv3_redistribution_routing_profile_test.go @@ -0,0 +1,267 @@ +package provider_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/config" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/knownvalue" + "github.com/hashicorp/terraform-plugin-testing/statecheck" + "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" +) + +func TestAccOspfv3RedistributionRoutingProfile_Basic(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfv3RedistributionRoutingProfile_Basic_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("bgp"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(100), + "metric_type": knownvalue.StringExact("type-1"), + "route_map": knownvalue.Null(), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("connected"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("default_route"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("static"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfv3RedistributionRoutingProfile_Basic_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospfv3_redistribution_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + bgp = { + enable = true + metric = 100 + metric_type = "type-1" + } +} +` + +func TestAccOspfv3RedistributionRoutingProfile_DefaultRoute(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfv3RedistributionRoutingProfile_DefaultRoute_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("default_route"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "always": knownvalue.Bool(true), + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(10), + "metric_type": knownvalue.StringExact("type-1"), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("bgp"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("connected"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("static"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfv3RedistributionRoutingProfile_DefaultRoute_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospfv3_redistribution_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + default_route = { + always = true + enable = true + metric = 10 + metric_type = "type-1" + } +} +` + +func TestAccOspfv3RedistributionRoutingProfile_StaticAndConnected(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfv3RedistributionRoutingProfile_StaticAndConnected_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("static"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(200), + "metric_type": knownvalue.StringExact("type-2"), + "route_map": knownvalue.Null(), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("connected"), + knownvalue.ObjectExact(map[string]knownvalue.Check{ + "enable": knownvalue.Bool(true), + "metric": knownvalue.Int64Exact(50), + "metric_type": knownvalue.StringExact("type-1"), + "route_map": knownvalue.Null(), + }), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("bgp"), + knownvalue.Null(), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_redistribution_routing_profile.example", + tfjsonpath.New("default_route"), + knownvalue.Null(), + ), + }, + }, + }, + }) +} + +const ospfv3RedistributionRoutingProfile_StaticAndConnected_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospfv3_redistribution_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + static = { + enable = true + metric = 200 + metric_type = "type-2" + } + connected = { + enable = true + metric = 50 + metric_type = "type-1" + } +} +` diff --git a/assets/terraform/test/resource_ospfv3_spf_timer_routing_profile_test.go b/assets/terraform/test/resource_ospfv3_spf_timer_routing_profile_test.go new file mode 100644 index 00000000..5f690fe2 --- /dev/null +++ b/assets/terraform/test/resource_ospfv3_spf_timer_routing_profile_test.go @@ -0,0 +1,88 @@ +package provider_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/config" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/knownvalue" + "github.com/hashicorp/terraform-plugin-testing/statecheck" + "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" +) + +func TestAccOspfv3SpfTimerRoutingProfile_Basic(t *testing.T) { + t.Parallel() + + nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum) + prefix := fmt.Sprintf("test-acc-%s", nameSuffix) + + location := config.ObjectVariable(map[string]config.Variable{ + "template": config.ObjectVariable(map[string]config.Variable{ + "name": config.StringVariable(prefix), + }), + }) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: ospfv3SpfTimerRoutingProfile_Basic_Tmpl, + ConfigVariables: map[string]config.Variable{ + "prefix": config.StringVariable(prefix), + "location": location, + }, + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue( + "panos_ospfv3_spf_timer_routing_profile.example", + tfjsonpath.New("name"), + knownvalue.StringExact(prefix), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_spf_timer_routing_profile.example", + tfjsonpath.New("initial_hold_time"), + knownvalue.Int64Exact(100), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_spf_timer_routing_profile.example", + tfjsonpath.New("lsa_interval"), + knownvalue.Int64Exact(8), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_spf_timer_routing_profile.example", + tfjsonpath.New("max_hold_time"), + knownvalue.Int64Exact(300), + ), + statecheck.ExpectKnownValue( + "panos_ospfv3_spf_timer_routing_profile.example", + tfjsonpath.New("spf_calculation_delay"), + knownvalue.Int64Exact(200), + ), + }, + }, + }, + }) +} + +const ospfv3SpfTimerRoutingProfile_Basic_Tmpl = ` +variable "prefix" { type = string } +variable "location" { type = any } + +resource "panos_template" "example" { + location = { panorama = {} } + name = var.prefix +} + +resource "panos_ospfv3_spf_timer_routing_profile" "example" { + depends_on = [panos_template.example] + location = var.location + + name = var.prefix + initial_hold_time = 100 + lsa_interval = 8 + max_hold_time = 300 + spf_calculation_delay = 200 +} +` diff --git a/specs/network/routing-profiles/ospf-auth-profile.yaml b/specs/network/routing-profiles/ospf-auth-profile.yaml new file mode 100644 index 00000000..407aa38f --- /dev/null +++ b/specs/network/routing-profiles/ospf-auth-profile.yaml @@ -0,0 +1,183 @@ +name: ospf-auth-routing-profile +terraform_provider_config: + description: OSPF Auth Routing Profile + skip_resource: false + skip_datasource: false + resource_type: entry + resource_variants: + - singular + suffix: ospf_auth_routing_profile + plural_suffix: '' + plural_name: '' + plural_description: '' + custom_validation: false +go_sdk_config: + skip: false + package: + - network + - routing-profile + - ospf + - authprofile +panos_xpath: + path: + - network + - routing-profile + - ospf + - auth-profile + vars: [] +locations: +- name: ngfw + xpath: + path: + - config + - devices + - $ngfw_device + vars: + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific NGFW device + devices: + - ngfw + validators: [] + required: false + read_only: false +- name: template + xpath: + path: + - config + - devices + - $panorama_device + - template + - $template + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template + description: Specific Panorama template + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template + devices: + - panorama + validators: [] + required: false + read_only: false +- name: template-stack + xpath: + path: + - config + - devices + - $panorama_device + - template-stack + - $template_stack + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template_stack + description: Specific Panorama template stack + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template stack + devices: + - panorama + validators: [] + required: false + read_only: false +entries: +- name: name + description: '' + validators: [] +spec: + params: [] + variants: + - name: md5 + type: list + profiles: + - xpath: + - md5 + - entry + type: entry + validators: [] + spec: + type: object + items: + type: object + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 16 + spec: {} + description: key for the authentication + required: false + hashing: + type: solo + - name: preferred + type: bool + profiles: + - xpath: + - preferred + validators: [] + spec: {} + description: use this key when sending packet + required: false + variants: [] + description: '' + required: false + codegen_overrides: + terraform: + variant_check: Disabled + variant_group_id: 0 + - name: password + type: string + profiles: + - xpath: + - password + validators: + - type: length + spec: + max: 8 + spec: {} + description: Simple password authentication + required: false + hashing: + type: solo + variant_group_id: 0 diff --git a/specs/network/routing-profiles/ospf-if-timer-profile.yaml b/specs/network/routing-profiles/ospf-if-timer-profile.yaml new file mode 100644 index 00000000..22c880f5 --- /dev/null +++ b/specs/network/routing-profiles/ospf-if-timer-profile.yaml @@ -0,0 +1,195 @@ +name: ospf-interface-timer-routing-profile +terraform_provider_config: + description: OSPF Interface Timer Routing Profile + skip_resource: false + skip_datasource: false + resource_type: entry + resource_variants: + - singular + suffix: ospf_interface_timer_routing_profile + plural_suffix: '' + plural_name: '' + plural_description: '' + custom_validation: false +go_sdk_config: + skip: false + package: + - network + - routing-profile + - ospf + - interfacetimer +panos_xpath: + path: + - network + - routing-profile + - ospf + - if-timer-profile + vars: [] +locations: +- name: ngfw + xpath: + path: + - config + - devices + - $ngfw_device + vars: + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific NGFW device + devices: + - ngfw + validators: [] + required: false + read_only: false +- name: template + xpath: + path: + - config + - devices + - $panorama_device + - template + - $template + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template + description: Specific Panorama template + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template + devices: + - panorama + validators: [] + required: false + read_only: false +- name: template-stack + xpath: + path: + - config + - devices + - $panorama_device + - template-stack + - $template_stack + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template_stack + description: Specific Panorama template stack + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template stack + devices: + - panorama + validators: [] + required: false + read_only: false +entries: +- name: name + description: '' + validators: [] +spec: + params: + - name: dead-counts + type: int64 + profiles: + - xpath: + - dead-counts + validators: + - type: length + spec: + min: 3 + max: 20 + spec: + default: 4 + description: number of lost hello packets to declare router down + required: false + - name: gr-delay + type: int64 + profiles: + - xpath: + - gr-delay + validators: + - type: length + spec: + min: 1 + max: 10 + spec: + default: 10 + description: Period (in seconds) used to send grace LSAs before first hello is + sent when graceful restart starts + required: false + - name: hello-interval + type: int64 + profiles: + - xpath: + - hello-interval + validators: + - type: length + spec: + min: 1 + max: 3600 + spec: + default: 10 + description: Interval (in seconds) to send Hello packets + required: false + - name: retransmit-interval + type: int64 + profiles: + - xpath: + - retransmit-interval + validators: + - type: length + spec: + min: 1 + max: 1800 + spec: + default: 5 + description: Interval (in seconds) to retransmit LSAs + required: false + - name: transit-delay + type: int64 + profiles: + - xpath: + - transit-delay + validators: + - type: length + spec: + min: 1 + max: 1800 + spec: + default: 1 + description: Estimated delay (in seconds) to transmit LSAs + required: false + variants: [] diff --git a/specs/network/routing-profiles/ospf-redistribution-profile.yaml b/specs/network/routing-profiles/ospf-redistribution-profile.yaml new file mode 100644 index 00000000..67906795 --- /dev/null +++ b/specs/network/routing-profiles/ospf-redistribution-profile.yaml @@ -0,0 +1,436 @@ +name: ospf-redistribution-routing-profile +terraform_provider_config: + description: OSPF Redistribution Routing Profile + skip_resource: false + skip_datasource: false + resource_type: entry + resource_variants: + - singular + suffix: ospf_redistribution_routing_profile + plural_suffix: '' + plural_name: '' + plural_description: '' + custom_validation: false +go_sdk_config: + skip: false + package: + - network + - routing-profile + - ospf + - redistribution +panos_xpath: + path: + - network + - routing-profile + - ospf + - redistribution-profile + vars: [] +locations: +- name: ngfw + xpath: + path: + - config + - devices + - $ngfw_device + vars: + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific NGFW device + devices: + - ngfw + validators: [] + required: false + read_only: false +- name: template + xpath: + path: + - config + - devices + - $panorama_device + - template + - $template + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template + description: Specific Panorama template + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template + devices: + - panorama + validators: [] + required: false + read_only: false +- name: template-stack + xpath: + path: + - config + - devices + - $panorama_device + - template-stack + - $template_stack + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template_stack + description: Specific Panorama template stack + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template stack + devices: + - panorama + validators: [] + required: false + read_only: false +entries: +- name: name + description: '' + validators: [] +spec: + params: + - name: bgp + type: object + profiles: + - xpath: + - bgp + validators: [] + spec: + params: + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: Enable (default) or Disable + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 0 + max: 4294967295 + spec: {} + description: Set Metric (Field ignored if route-map configured). + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type (Field ignored if route-map configured). + required: false + - name: route-map + type: string + profiles: + - xpath: + - route-map + validators: + - type: length + spec: + max: 63 + spec: {} + description: Apply Route-Map on Redistributed Routes + required: false + variants: [] + description: Redistribute from BGP Source + required: false + - name: connected + type: object + profiles: + - xpath: + - connected + validators: [] + spec: + params: + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: Enable (default) or Disable + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 1 + max: 65535 + spec: {} + description: Set Metric (Field ignored if route-map configured). + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type (Field ignored if route-map configured). + required: false + - name: route-map + type: string + profiles: + - xpath: + - route-map + validators: + - type: length + spec: + max: 63 + spec: {} + description: Apply Route-Map on Redistributed Routes + required: false + variants: [] + description: Connected Routes + required: false + - name: default-route + type: object + profiles: + - xpath: + - default-route + validators: [] + spec: + params: + - name: always + type: bool + profiles: + - xpath: + - always + validators: [] + spec: {} + description: Generate default route if it doesn't exist + required: false + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: Enable (default) or Disable + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 0 + max: 4294967295 + spec: {} + description: Set Metric + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type + required: false + variants: [] + description: Allow redistribute default route + required: false + - name: rip + type: object + profiles: + - xpath: + - rip + validators: [] + spec: + params: + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: Enable (default) or Disable + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 0 + max: 4294967295 + spec: {} + description: Set Metric (Field ignored if route-map configured). + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type (Field ignored if route-map configured). + required: false + - name: route-map + type: string + profiles: + - xpath: + - route-map + validators: + - type: length + spec: + max: 63 + spec: {} + description: Apply Route-Map on Redistributed Routes + required: false + variants: [] + description: Redistribute from RIP Source + required: false + - name: static + type: object + profiles: + - xpath: + - static + validators: [] + spec: + params: + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: Enable (default) or Disable + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 1 + max: 65535 + spec: {} + description: Set Metric (Field ignored if route-map configured). + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type (Field ignored if route-map configured). + required: false + - name: route-map + type: string + profiles: + - xpath: + - route-map + validators: + - type: length + spec: + max: 63 + spec: {} + description: Apply Route-Map on Redistributed Routes + required: false + variants: [] + description: Static Routes + required: false + variants: [] diff --git a/specs/network/routing-profiles/ospf-spf-timer-profile.yaml b/specs/network/routing-profiles/ospf-spf-timer-profile.yaml new file mode 100644 index 00000000..1b75bbe4 --- /dev/null +++ b/specs/network/routing-profiles/ospf-spf-timer-profile.yaml @@ -0,0 +1,182 @@ +name: ospf-spf-timer-routing-profile +terraform_provider_config: + description: OSPF SPF Timer Routing Profile + skip_resource: false + skip_datasource: false + resource_type: entry + resource_variants: + - singular + suffix: ospf_spf_timer_routing_profile + plural_suffix: '' + plural_name: '' + plural_description: '' + custom_validation: false +go_sdk_config: + skip: false + package: + - network + - routing-profile + - ospf + - spf + - timer +panos_xpath: + path: + - network + - routing-profile + - ospf + - spf-timer-profile + vars: [] +locations: +- name: ngfw + xpath: + path: + - config + - devices + - $ngfw_device + vars: + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific NGFW device + devices: + - ngfw + validators: [] + required: false + read_only: false +- name: template + xpath: + path: + - config + - devices + - $panorama_device + - template + - $template + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template + description: Specific Panorama template + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template + devices: + - panorama + validators: [] + required: false + read_only: false +- name: template-stack + xpath: + path: + - config + - devices + - $panorama_device + - template-stack + - $template_stack + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template_stack + description: Specific Panorama template stack + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template stack + devices: + - panorama + validators: [] + required: false + read_only: false +entries: +- name: name + description: '' + validators: [] +spec: + params: + - name: initial-hold-time + type: int64 + profiles: + - xpath: + - initial-hold-time + validators: + - type: length + spec: + min: 0 + max: 600 + spec: + default: 5 + description: Initial hold time (second) between consecutive SPF calculations + required: false + - name: lsa-interval + type: int64 + profiles: + - xpath: + - lsa-interval + validators: + - type: length + spec: + min: 1 + max: 10 + spec: + default: 5 + description: The minimum time in seconds between distinct originations of any + particular LSA + required: false + - name: max-hold-time + type: int64 + profiles: + - xpath: + - max-hold-time + validators: + - type: length + spec: + min: 0 + max: 600 + spec: + default: 5 + description: Maximum hold time (second) + required: false + - name: spf-calculation-delay + type: int64 + profiles: + - xpath: + - spf-calculation-delay + validators: + - type: length + spec: + min: 0 + max: 600 + spec: + default: 5 + description: Delay in seconds before running the SPF algorithm + required: false + variants: [] diff --git a/specs/network/routing-profiles/ospfv3-auth-profile.yaml b/specs/network/routing-profiles/ospfv3-auth-profile.yaml new file mode 100644 index 00000000..eda4c006 --- /dev/null +++ b/specs/network/routing-profiles/ospfv3-auth-profile.yaml @@ -0,0 +1,489 @@ +name: ospfv3-auth-routing-profile +terraform_provider_config: + description: OSPFv3 Auth Routing Profile + skip_resource: false + skip_datasource: false + resource_type: entry + resource_variants: + - singular + suffix: ospfv3_auth_routing_profile + plural_suffix: '' + plural_name: '' + plural_description: '' + custom_validation: false +go_sdk_config: + skip: false + package: + - network + - routing-profile + - ospfv3 + - authprofile +panos_xpath: + path: + - network + - routing-profile + - ospfv3 + - auth-profile + vars: [] +locations: +- name: ngfw + xpath: + path: + - config + - devices + - $ngfw_device + vars: + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific NGFW device + devices: + - ngfw + validators: [] + required: false + read_only: false +- name: template + xpath: + path: + - config + - devices + - $panorama_device + - template + - $template + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template + description: Specific Panorama template + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template + devices: + - panorama + validators: [] + required: false + read_only: false +- name: template-stack + xpath: + path: + - config + - devices + - $panorama_device + - template-stack + - $template_stack + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template_stack + description: Specific Panorama template stack + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template stack + devices: + - panorama + validators: [] + required: false + read_only: false +entries: +- name: name + description: '' + validators: [] +spec: + params: + - name: spi + type: string + profiles: + - xpath: + - spi + validators: [] + spec: {} + description: SPI for both inbound and outbound SA, hex format xxxxxxxx. + required: false + variants: + - name: ah + type: object + profiles: + - xpath: + - ah + validators: [] + spec: + params: [] + variants: + - name: md5 + type: object + profiles: + - xpath: + - md5 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 4 sections + required: false + hashing: + type: solo + variants: [] + description: key is 128 bit + required: false + variant_group_id: 0 + - name: sha1 + type: object + profiles: + - xpath: + - sha1 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 5 sections + required: false + hashing: + type: solo + variants: [] + description: key is 160 bit + required: false + variant_group_id: 0 + - name: sha256 + type: object + profiles: + - xpath: + - sha256 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 8 sections + required: false + hashing: + type: solo + variants: [] + description: key is 256 bit + required: false + variant_group_id: 0 + - name: sha384 + type: object + profiles: + - xpath: + - sha384 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 12 sections + required: false + hashing: + type: solo + variants: [] + description: key is 384 bit + required: false + variant_group_id: 0 + - name: sha512 + type: object + profiles: + - xpath: + - sha512 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 16 sections + required: false + hashing: + type: solo + variants: [] + description: key is 512 bit + required: false + variant_group_id: 0 + description: AH options + required: false + variant_group_id: 0 + - name: esp + type: object + profiles: + - xpath: + - esp + validators: [] + spec: + params: + - name: authentication + type: object + profiles: + - xpath: + - authentication + validators: [] + spec: + params: [] + variants: + - name: md5 + type: object + profiles: + - xpath: + - md5 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 4 sections + required: false + hashing: + type: solo + variants: [] + description: key is 128 bit + required: false + variant_group_id: 0 + - name: none + type: object + profiles: + - xpath: + - none + validators: [] + spec: + params: [] + variants: [] + description: no authentication + required: false + variant_group_id: 0 + - name: sha1 + type: object + profiles: + - xpath: + - sha1 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 5 sections + required: false + hashing: + type: solo + variants: [] + description: key is 160 bit + required: false + variant_group_id: 0 + - name: sha256 + type: object + profiles: + - xpath: + - sha256 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 8 sections + required: false + hashing: + type: solo + variants: [] + description: key is 256 bit + required: false + variant_group_id: 0 + - name: sha384 + type: object + profiles: + - xpath: + - sha384 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 12 sections + required: false + hashing: + type: solo + variants: [] + description: key is 384 bit + required: false + variant_group_id: 0 + - name: sha512 + type: object + profiles: + - xpath: + - sha512 + validators: [] + spec: + params: + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: hex format xxxxxxxx[-xxxxxxxx]... total 16 sections + required: false + hashing: + type: solo + variants: [] + description: key is 512 bit + required: false + variant_group_id: 0 + description: authentication algorithm + required: false + - name: encryption + type: object + profiles: + - xpath: + - encryption + validators: [] + spec: + params: + - name: algorithm + type: enum + profiles: + - xpath: + - algorithm + validators: + - type: values + spec: + values: + - 3des + - aes-128-cbc + - aes-192-cbc + - aes-256-cbc + - 'null' + spec: + values: + - value: 3des + - value: aes-128-cbc + - value: aes-192-cbc + - value: aes-256-cbc + - value: 'null' + description: '' + required: false + - name: key + type: string + profiles: + - xpath: + - key + validators: + - type: length + spec: + max: 255 + spec: {} + description: 'hex format xxxxxxxx[-xxxxxxxx]... total number of sections: + 3des: 6, aes128: 4, aes192: 6, aes256: 8' + required: false + hashing: + type: solo + variants: [] + description: encryption algorithm + required: false + variants: [] + description: ESP options + required: false + variant_group_id: 0 diff --git a/specs/network/routing-profiles/ospfv3-if-timer-profile.yaml b/specs/network/routing-profiles/ospfv3-if-timer-profile.yaml new file mode 100644 index 00000000..2e1f1541 --- /dev/null +++ b/specs/network/routing-profiles/ospfv3-if-timer-profile.yaml @@ -0,0 +1,195 @@ +name: ospfv3-if-timer-routing-profile +terraform_provider_config: + description: OSPFv3 Interface Timer Routing Profile + skip_resource: false + skip_datasource: false + resource_type: entry + resource_variants: + - singular + suffix: ospfv3_if_timer_routing_profile + plural_suffix: '' + plural_name: '' + plural_description: '' + custom_validation: false +go_sdk_config: + skip: false + package: + - network + - routing-profile + - ospfv3 + - iftimer +panos_xpath: + path: + - network + - routing-profile + - ospfv3 + - if-timer-profile + vars: [] +locations: +- name: ngfw + xpath: + path: + - config + - devices + - $ngfw_device + vars: + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific NGFW device + devices: + - ngfw + validators: [] + required: false + read_only: false +- name: template + xpath: + path: + - config + - devices + - $panorama_device + - template + - $template + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template + description: Specific Panorama template + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template + devices: + - panorama + validators: [] + required: false + read_only: false +- name: template-stack + xpath: + path: + - config + - devices + - $panorama_device + - template-stack + - $template_stack + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template_stack + description: Specific Panorama template stack + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template stack + devices: + - panorama + validators: [] + required: false + read_only: false +entries: +- name: name + description: '' + validators: [] +spec: + params: + - name: dead-counts + type: int64 + profiles: + - xpath: + - dead-counts + validators: + - type: length + spec: + min: 3 + max: 20 + spec: + default: 4 + description: number of lost hello packets to declare router down + required: false + - name: gr-delay + type: int64 + profiles: + - xpath: + - gr-delay + validators: + - type: length + spec: + min: 1 + max: 10 + spec: + default: 10 + description: Period (in seconds) used to send grace LSAs before first hello is + sent when graceful restart starts + required: false + - name: hello-interval + type: int64 + profiles: + - xpath: + - hello-interval + validators: + - type: length + spec: + min: 1 + max: 3600 + spec: + default: 10 + description: Interval (in seconds) to send Hello packets + required: false + - name: retransmit-interval + type: int64 + profiles: + - xpath: + - retransmit-interval + validators: + - type: length + spec: + min: 1 + max: 1800 + spec: + default: 5 + description: Interval (in seconds) to retransmit LSAs + required: false + - name: transit-delay + type: int64 + profiles: + - xpath: + - transit-delay + validators: + - type: length + spec: + min: 1 + max: 1800 + spec: + default: 1 + description: Estimated delay (in seconds) to transmit LSAs + required: false + variants: [] diff --git a/specs/network/routing-profiles/ospfv3-redistribution-profile.yaml b/specs/network/routing-profiles/ospfv3-redistribution-profile.yaml new file mode 100644 index 00000000..a1d871f8 --- /dev/null +++ b/specs/network/routing-profiles/ospfv3-redistribution-profile.yaml @@ -0,0 +1,373 @@ +name: ospfv3-redistribution-routing-profile +terraform_provider_config: + description: OSPFv3 Redistribution Routing Profile + skip_resource: false + skip_datasource: false + resource_type: entry + resource_variants: + - singular + suffix: ospfv3_redistribution_routing_profile + plural_suffix: '' + plural_name: '' + plural_description: '' + custom_validation: false +go_sdk_config: + skip: false + package: + - network + - routing-profile + - ospfv3 + - redistribution +panos_xpath: + path: + - network + - routing-profile + - ospfv3 + - redistribution-profile + vars: [] +locations: +- name: ngfw + xpath: + path: + - config + - devices + - $ngfw_device + vars: + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific NGFW device + devices: + - ngfw + validators: [] + required: false + read_only: false +- name: template + xpath: + path: + - config + - devices + - $panorama_device + - template + - $template + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template + description: Specific Panorama template + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template + devices: + - panorama + validators: [] + required: false + read_only: false +- name: template-stack + xpath: + path: + - config + - devices + - $panorama_device + - template-stack + - $template_stack + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template_stack + description: Specific Panorama template stack + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template stack + devices: + - panorama + validators: [] + required: false + read_only: false +entries: +- name: name + description: '' + validators: [] +spec: + params: + - name: bgp + type: object + profiles: + - xpath: + - bgp + validators: [] + spec: + params: + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: Enable (default) or Disable + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 0 + max: 4294967295 + spec: {} + description: Set Metric (Field ignored if route-map configured). + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type (Field ignored if route-map configured). + required: false + - name: route-map + type: string + profiles: + - xpath: + - route-map + validators: + - type: length + spec: + max: 63 + spec: {} + description: Apply Route-Map on Redistributed Routes + required: false + variants: [] + description: Redistribute from BGP Source + required: false + - name: connected + type: object + profiles: + - xpath: + - connected + validators: [] + spec: + params: + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: '' + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 1 + max: 65535 + spec: {} + description: Set Metric (Field ignored if route-map configured). + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type (Field ignored if route-map configured). + required: false + - name: route-map + type: string + profiles: + - xpath: + - route-map + validators: + - type: length + spec: + max: 63 + spec: {} + description: Apply Route-Map on Redistributed Routes + required: false + variants: [] + description: Connected Routes + required: false + - name: default-route + type: object + profiles: + - xpath: + - default-route + validators: [] + spec: + params: + - name: always + type: bool + profiles: + - xpath: + - always + validators: [] + spec: {} + description: Generate default route if it doesn't exist + required: false + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: Enable (default) or Disable + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 0 + max: 4294967295 + spec: {} + description: Set Metric + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type + required: false + variants: [] + description: Allow redistribute default route + required: false + - name: static + type: object + profiles: + - xpath: + - static + validators: [] + spec: + params: + - name: enable + type: bool + profiles: + - xpath: + - enable + validators: [] + spec: {} + description: '' + required: false + - name: metric + type: int64 + profiles: + - xpath: + - metric + validators: + - type: length + spec: + min: 1 + max: 65535 + spec: {} + description: Set Metric (Field ignored if route-map configured). + required: false + - name: metric-type + type: enum + profiles: + - xpath: + - metric-type + validators: + - type: values + spec: + values: + - type-1 + - type-2 + spec: + default: type-2 + values: + - value: type-1 + - value: type-2 + description: Set Metric-Type (Field ignored if route-map configured). + required: false + - name: route-map + type: string + profiles: + - xpath: + - route-map + validators: + - type: length + spec: + max: 63 + spec: {} + description: Apply Route-Map on Redistributed Routes + required: false + variants: [] + description: Static Routes + required: false + variants: [] diff --git a/specs/network/routing-profiles/ospfv3-spf-timer-profile.yaml b/specs/network/routing-profiles/ospfv3-spf-timer-profile.yaml new file mode 100644 index 00000000..9500cfb9 --- /dev/null +++ b/specs/network/routing-profiles/ospfv3-spf-timer-profile.yaml @@ -0,0 +1,182 @@ +name: ospfv3-spf-timer-routing-profile +terraform_provider_config: + description: OSPFv3 SPF Timer Routing Profile + skip_resource: false + skip_datasource: false + resource_type: entry + resource_variants: + - singular + suffix: ospfv3_spf_timer_routing_profile + plural_suffix: '' + plural_name: '' + plural_description: '' + custom_validation: false +go_sdk_config: + skip: false + package: + - network + - routing-profile + - ospfv3 + - spf + - timer +panos_xpath: + path: + - network + - routing-profile + - ospfv3 + - spf-timer-profile + vars: [] +locations: +- name: ngfw + xpath: + path: + - config + - devices + - $ngfw_device + vars: + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific NGFW device + devices: + - ngfw + validators: [] + required: false + read_only: false +- name: template + xpath: + path: + - config + - devices + - $panorama_device + - template + - $template + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template + description: Specific Panorama template + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template + devices: + - panorama + validators: [] + required: false + read_only: false +- name: template-stack + xpath: + path: + - config + - devices + - $panorama_device + - template-stack + - $template_stack + - config + - devices + - $ngfw_device + vars: + - name: panorama_device + description: Specific Panorama device + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: template_stack + description: Specific Panorama template stack + required: true + validators: [] + type: entry + - name: ngfw_device + description: The NGFW device + required: false + default: localhost.localdomain + validators: [] + type: entry + description: Located in a specific template stack + devices: + - panorama + validators: [] + required: false + read_only: false +entries: +- name: name + description: '' + validators: [] +spec: + params: + - name: initial-hold-time + type: int64 + profiles: + - xpath: + - initial-hold-time + validators: + - type: length + spec: + min: 0 + max: 600 + spec: + default: 5 + description: Initial hold time (second) between consecutive SPF calculations + required: false + - name: lsa-interval + type: int64 + profiles: + - xpath: + - lsa-interval + validators: + - type: length + spec: + min: 1 + max: 10 + spec: + default: 5 + description: The minimum time in seconds between distinct originations of any + particular LSA + required: false + - name: max-hold-time + type: int64 + profiles: + - xpath: + - max-hold-time + validators: + - type: length + spec: + min: 0 + max: 600 + spec: + default: 5 + description: Maximum hold time (second) + required: false + - name: spf-calculation-delay + type: int64 + profiles: + - xpath: + - spf-calculation-delay + validators: + - type: length + spec: + min: 0 + max: 600 + spec: + default: 5 + description: Delay in seconds before running the SPF algorithm + required: false + variants: []