Add support for as_path_list and standard_community_list (#83)

* reorder the policy_objects * add support for sdwan_policy_object_as_path_list * add support for sdwan_policy_object_standard_community_list resource * fix ipv4_dhcp_helpers_variable * change sdwan_transport_wan_vpn_interface_ethernet_feature_associateX_feature resources names
netascode · Jan 27, 2025 · c0939d2 · c0939d2
1 parent 234a07a
commit c0939d2
Show file tree

Hide file tree

Showing 4 changed files with 76 additions and 49 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,10 @@
 ## 1.0.1 (unreleased)
 
 - fix vty_line_logging parameter not being set in sdwan_system_global_feature
+- add support for sdwan_policy_object_as_path_list resource
+- add support for sdwan_policy_object_standard_community_list resource
+- fix ipv4_dhcp_helpers_variable not being set when configuring sdwan_transport_management_vpn_interface_ethernet_feature and sdwan_transport_wan_vpn_interface_ethernet_feature
+- change sdwan_transport_wan_vpn_interface_ethernet_feature_associateX_feature resources names to match name logic
 
 ## 1.0.0
 

diff --git a/README.md b/README.md
@@ -130,6 +130,7 @@ module "sdwan" {
 | [sdwan_other_thousandeyes_feature.other_thousandeyes_feature](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/other_thousandeyes_feature) | resource |
 | [sdwan_other_ucse_feature.other_ucse_feature](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/other_ucse_feature) | resource |
 | [sdwan_policer_policy_object.policer_policy_object](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policer_policy_object) | resource |
+| [sdwan_policy_object_as_path_list.policy_object_as_path_list](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_as_path_list) | resource |
 | [sdwan_policy_object_class_map.policy_object_class_map](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_class_map) | resource |
 | [sdwan_policy_object_data_ipv4_prefix_list.policy_object_data_ipv4_prefix_list](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_data_ipv4_prefix_list) | resource |
 | [sdwan_policy_object_data_ipv6_prefix_list.policy_object_data_ipv6_prefix_list](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_data_ipv6_prefix_list) | resource |
@@ -140,6 +141,7 @@ module "sdwan" {
 | [sdwan_policy_object_ipv6_prefix_list.policy_object_ipv6_prefix_list](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_ipv6_prefix_list) | resource |
 | [sdwan_policy_object_mirror.policy_object_mirror](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_mirror) | resource |
 | [sdwan_policy_object_policer.policy_object_policer](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_policer) | resource |
+| [sdwan_policy_object_standard_community_list.policy_object_standard_community_list](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_standard_community_list) | resource |
 | [sdwan_policy_object_tloc_list.policy_object_tloc_list](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/policy_object_tloc_list) | resource |
 | [sdwan_preferred_color_group_policy_object.preferred_color_group_policy_object](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/preferred_color_group_policy_object) | resource |
 | [sdwan_qos_map_policy_definition.qos_map_policy_definition](https://registry.terraform.io/providers/CiscoDevNet/sdwan/latest/docs/resources/qos_map_policy_definition) | resource |

diff --git a/sdwan_features_transport.tf b/sdwan_features_transport.tf
@@ -222,7 +222,7 @@ resource "sdwan_transport_management_vpn_interface_ethernet_feature" "transport_
   ipv4_dhcp_distance                  = try(each.value.interface.ipv4_dhcp_distance, null)
   ipv4_dhcp_distance_variable         = try("{{${each.value.interface.ipv4_dhcp_distance_variable}}}", null)
   ipv4_dhcp_helper                    = try(each.value.interface.ipv4_dhcp_helpers, null)
-  ipv4_dhcp_helper_variable           = try("{{${each.value.interface.ipv4_dhcp_helper_variable}}}", null)
+  ipv4_dhcp_helper_variable           = try("{{${each.value.interface.ipv4_dhcp_helpers_variable}}}", null)
   ipv4_iperf_server                   = try(each.value.interface.iperf_server, null)
   ipv4_iperf_server_variable          = try("{{${each.value.interface.iperf_server_variable}}}", null)
   ipv4_secondary_addresses = try(length(each.value.interface.ipv4_secondary_addresses) == 0, true) ? null : [for a in each.value.interface.ipv4_secondary_addresses : {
@@ -385,7 +385,7 @@ resource "sdwan_transport_wan_vpn_interface_ethernet_feature" "transport_wan_vpn
   ipv4_dhcp_distance             = try(each.value.interface.ipv4_dhcp_distance, null)
   ipv4_dhcp_distance_variable    = try("{{${each.value.interface.ipv4_dhcp_distance_variable}}}", null)
   ipv4_dhcp_helper               = try(each.value.interface.ipv4_dhcp_helpers, null)
-  ipv4_dhcp_helper_variable      = try("{{${each.value.interface.ipv4_dhcp_helper_variable}}}", null)
+  ipv4_dhcp_helper_variable      = try("{{${each.value.interface.ipv4_dhcp_helpers_variable}}}", null)
   ipv4_secondary_addresses = try(length(each.value.interface.ipv4_secondary_addresses) == 0, true) ? null : [for a in each.value.interface.ipv4_secondary_addresses : {
     address              = try(a.address, null)
     address_variable     = try("{{${a.address_variable}}}", null)
@@ -587,7 +587,7 @@ resource "sdwan_transport_wan_vpn_interface_ethernet_feature_associate_tracker_f
         ]
       ]
     ])
-    : "${interface_item.profile.name}-wan_vpn-${interface_item.interface.name}-associate_tracker" => interface_item
+    : "${interface_item.profile.name}-wan_vpn-${interface_item.interface.name}-tracker" => interface_item
     if try(interface_item.interface.ipv4_tracker, null) != null
   }
   feature_profile_id                              = sdwan_transport_feature_profile.transport_feature_profile[each.value.profile.name].id
@@ -609,7 +609,7 @@ resource "sdwan_transport_wan_vpn_interface_ethernet_feature_associate_tracker_g
         ]
       ]
     ])
-    : "${interface_item.profile.name}-wan_vpn-${interface_item.interface.name}-associate_tracker_group" => interface_item
+    : "${interface_item.profile.name}-wan_vpn-${interface_item.interface.name}-trackergroup" => interface_item
     if try(interface_item.interface.ipv4_tracker_group, null) != null
   }
   feature_profile_id                              = sdwan_transport_feature_profile.transport_feature_profile[each.value.profile.name].id
@@ -631,7 +631,7 @@ resource "sdwan_transport_wan_vpn_interface_ethernet_feature_associate_ipv6_trac
         ]
       ]
     ])
-    : "${interface_item.profile.name}-wan_vpn-${interface_item.interface.name}-associate_ipv6_tracker" => interface_item
+    : "${interface_item.profile.name}-wan_vpn-${interface_item.interface.name}-ipv6_tracker" => interface_item
     if try(interface_item.interface.ipv6_tracker, null) != null
   }
   feature_profile_id                              = sdwan_transport_feature_profile.transport_feature_profile[each.value.profile.name].id
@@ -653,7 +653,7 @@ resource "sdwan_transport_wan_vpn_interface_ethernet_feature_associate_ipv6_trac
         ]
       ]
     ])
-    : "${interface_item.profile.name}-wan_vpn-${interface_item.interface.name}-associate_ipv6_tracker_group" => interface_item
+    : "${interface_item.profile.name}-wan_vpn-${interface_item.interface.name}-ipv6_trackergroup" => interface_item
     if try(interface_item.interface.ipv6_tracker_group, null) != null
   }
   feature_profile_id                              = sdwan_transport_feature_profile.transport_feature_profile[each.value.profile.name].id

diff --git a/sdwan_policy_objects.tf b/sdwan_policy_objects.tf
@@ -1,36 +1,61 @@
-resource "sdwan_policy_object_tloc_list" "policy_object_tloc_list" {
-  for_each           = { for p in try(local.feature_profiles.policy_object_profile.tloc_lists, {}) : p.name => p }
+resource "sdwan_policy_object_as_path_list" "policy_object_as_path_list" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.as_path_lists, {}) : p.name => p }
   name               = each.value.name
   description        = try(each.value.description, null)
   feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
-  entries = [for e in try(each.value.tlocs, []) : {
-    color         = e.color
-    encapsulation = e.encapsulation
-    tloc_ip       = e.tloc_ip
-    preference    = try(e.preference, null)
+  as_path_list_id    = each.value.id
+  entries = [for a in each.value.as_paths : {
+    as_path_list = a
   }]
 }
 
-resource "sdwan_policy_object_policer" "policy_object_policer" {
-  for_each           = { for p in try(local.feature_profiles.policy_object_profile.policers, {}) : p.name => p }
+resource "sdwan_policy_object_class_map" "policy_object_class_map" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.class_maps, {}) : p.name => p }
   name               = each.value.name
   description        = try(each.value.description, null)
   feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
   entries = [{
-    burst_bytes   = each.value.burst_bytes
-    exceed_action = each.value.exceed_action
-    rate_bps      = each.value.rate_bps
+    queue = each.value.queue
   }]
 }
 
-resource "sdwan_policy_object_mirror" "policy_object_mirror" {
-  for_each           = { for p in try(local.feature_profiles.policy_object_profile.mirror_lists, {}) : p.name => p }
+resource "sdwan_policy_object_data_ipv4_prefix_list" "policy_object_data_ipv4_prefix_list" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.ipv4_data_prefix_lists, {}) : p.name => p }
   name               = each.value.name
   description        = try(each.value.description, null)
   feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
-  entries = [{
-    remote_destination_ip = each.value.remote_destination_ip
-    source_ip             = each.value.source_ip
+  entries = [for e in try(each.value.prefixes, []) : {
+    ipv4_address       = split("/", e)[0]
+    ipv4_prefix_length = split("/", e)[1]
+  }]
+}
+
+resource "sdwan_policy_object_data_ipv6_prefix_list" "policy_object_data_ipv6_prefix_list" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.ipv6_data_prefix_lists, {}) : p.name => p }
+  name               = each.value.name
+  description        = try(each.value.description, null)
+  feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
+  entries = [for e in try(each.value.prefixes, []) : {
+    ipv6_address       = split("/", e)[0]
+    ipv6_prefix_length = split("/", e)[1]
+  }]
+}
+
+resource "sdwan_policy_object_expanded_community_list" "policy_object_expanded_community_list" {
+  for_each                 = { for p in try(local.feature_profiles.policy_object_profile.expanded_community_lists, {}) : p.name => p }
+  name                     = each.value.name
+  description              = try(each.value.description, null)
+  feature_profile_id       = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
+  expanded_community_lists = each.value.expanded_communities
+}
+
+resource "sdwan_policy_object_extended_community_list" "policy_object_extended_community_list" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.extended_community_lists, {}) : p.name => p }
+  name               = each.value.name
+  description        = try(each.value.description, null)
+  feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
+  entries = [for e in try(each.value.extended_communities, []) : {
+    extended_community = e
   }]
 }
 
@@ -60,52 +85,48 @@ resource "sdwan_policy_object_ipv6_prefix_list" "policy_object_ipv6_prefix_list"
   }]
 }
 
-resource "sdwan_policy_object_extended_community_list" "policy_object_extended_community_list" {
-  for_each           = { for p in try(local.feature_profiles.policy_object_profile.extended_community_lists, {}) : p.name => p }
+resource "sdwan_policy_object_mirror" "policy_object_mirror" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.mirror_lists, {}) : p.name => p }
   name               = each.value.name
   description        = try(each.value.description, null)
   feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
-  entries = [for e in try(each.value.extended_communities, []) : {
-    extended_community = e
+  entries = [{
+    remote_destination_ip = each.value.remote_destination_ip
+    source_ip             = each.value.source_ip
   }]
 }
 
-resource "sdwan_policy_object_expanded_community_list" "policy_object_expanded_community_list" {
-  for_each                 = { for p in try(local.feature_profiles.policy_object_profile.expanded_community_lists, {}) : p.name => p }
-  name                     = each.value.name
-  description              = try(each.value.description, null)
-  feature_profile_id       = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
-  expanded_community_lists = each.value.expanded_communities
-}
-
-resource "sdwan_policy_object_data_ipv4_prefix_list" "policy_object_data_ipv4_prefix_list" {
-  for_each           = { for p in try(local.feature_profiles.policy_object_profile.ipv4_data_prefix_lists, {}) : p.name => p }
+resource "sdwan_policy_object_policer" "policy_object_policer" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.policers, {}) : p.name => p }
   name               = each.value.name
   description        = try(each.value.description, null)
   feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
-  entries = [for e in try(each.value.prefixes, []) : {
-    ipv4_address       = split("/", e)[0]
-    ipv4_prefix_length = split("/", e)[1]
+  entries = [{
+    burst_bytes   = each.value.burst_bytes
+    exceed_action = each.value.exceed_action
+    rate_bps      = each.value.rate_bps
   }]
 }
 
-resource "sdwan_policy_object_data_ipv6_prefix_list" "policy_object_data_ipv6_prefix_list" {
-  for_each           = { for p in try(local.feature_profiles.policy_object_profile.ipv6_data_prefix_lists, {}) : p.name => p }
+resource "sdwan_policy_object_standard_community_list" "policy_object_standard_community_list" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.standard_community_lists, {}) : p.name => p }
   name               = each.value.name
   description        = try(each.value.description, null)
   feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
-  entries = [for e in try(each.value.prefixes, []) : {
-    ipv6_address       = split("/", e)[0]
-    ipv6_prefix_length = split("/", e)[1]
+  entries = [for e in try(each.value.standard_communities, []) : {
+    standard_community = e
   }]
 }
 
-resource "sdwan_policy_object_class_map" "policy_object_class_map" {
-  for_each           = { for p in try(local.feature_profiles.policy_object_profile.class_maps, {}) : p.name => p }
+resource "sdwan_policy_object_tloc_list" "policy_object_tloc_list" {
+  for_each           = { for p in try(local.feature_profiles.policy_object_profile.tloc_lists, {}) : p.name => p }
   name               = each.value.name
   description        = try(each.value.description, null)
   feature_profile_id = sdwan_policy_object_feature_profile.policy_object_feature_profile[0].id
-  entries = [{
-    queue = each.value.queue
+  entries = [for e in try(each.value.tlocs, []) : {
+    color         = e.color
+    encapsulation = e.encapsulation
+    tloc_ip       = e.tloc_ip
+    preference    = try(e.preference, null)
   }]
 }