Skip to content

Commit

Permalink
Expose additional variables to select policies in Fabric Pod Policy G…
Browse files Browse the repository at this point in the history 
…roup.

Fix for terraform-aci-fabric-pod-policy-group "Please add all options to edit" netascode#175

M: defaults.yaml
M: aci_fabric_policies.tf
M: terraform-aci-fabric-pod-policy-group
  • Loading branch information
@therealdoug
therealdoug committed Nov 12, 2024
1 parent 15bc6d0 commit 629aeae
Show file tree
Hide file tree
Showing 7 changed files with 130 additions and 1 deletion.
6 changes: 6 additions & 0 deletions aci_fabric_policies.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -245,14 +245,20 @@ module "aci_fabric_pod_policy_group" {

for_each = { for pg in try(local.fabric_policies.pod_policy_groups, []) : pg.name => pg if local.modules.aci_fabric_pod_policy_group && var.manage_fabric_policies }
name = "${each.value.name}${local.defaults.apic.fabric_policies.pod_policy_groups.name_suffix}"
description = try(each.value.description, "")
snmp_policy = try("${each.value.snmp_policy}${local.defaults.apic.fabric_policies.pod_policies.snmp_policies.name_suffix}", "")
date_time_policy = try("${each.value.date_time_policy}${local.defaults.apic.fabric_policies.pod_policies.date_time_policies.name_suffix}", "")
management_access_policy = try("${each.value.management_access_policy}${local.defaults.apic.fabric_policies.pod_policies.management_access_policies.name_suffix}", "")
route_reflector_policy = try("${each.value.route_reflector_policy}${local.defaults.apic.fabric_policies.pod_policies.route_reflector_policies.name_suffix}", "")
coop_group_policy = try("${each.value.coop_group_policy}${local.defaults.apic.fabric_policies.pod_policies.coop_group_policies.name_suffix}", "")
isis_policy = try("${each.value.isis_policy}${local.defaults.apic.fabric_policies.pod_policies.isis_policies.name_suffix}", "")
macsec_policy = try("${each.value.macsec_policy}${local.defaults.apic.fabric_policies.pod_policies.macsec_policies.name_suffix}", "")

depends_on = [
module.aci_snmp_policy,
module.aci_date_time_policy,
module.aci_management_access_policy,
module.aci_fabric_isis_policy,
]
}

Expand Down
8 changes: 8 additions & 0 deletions defaults/defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,14 @@ defaults:
http:
admin_state: false
port: 80
route_reflector_policies:
name_suffix: ""
coop_group_policies:
name_suffix: ""
isis_policies:
name_suffix: ""
macsec_policies:
name_suffix: ""
switch_policies:
node_control_policies:
name_suffix: ""
Expand Down
15 changes: 15 additions & 0 deletions modules/terraform-aci-fabric-pod-policy-group/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,15 @@ module "aci_fabric_pod_policy_group" {
version = ">= 0.8.0"
name = "POD1"
description = "DESCRIPTION"
snmp_policy = "SNMP1"
date_time_policy = "DATE1"
management_access_policy = "MAP1"
route_reflector_policy = "RR1"
coop_group_policy = "COOP1"
isis_policy = "ISIS1"
macsec_policy = "MACSEC1"
}
```

Expand All @@ -38,9 +44,14 @@ module "aci_fabric_pod_policy_group" {
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_name"></a> [name](#input\_name) | Pod policy group name. | `string` | n/a | yes |
| <a name="input_description"></a> [description](#input\_description) | Pod policy description | `string` | `""` | no |
| <a name="input_snmp_policy"></a> [snmp\_policy](#input\_snmp\_policy) | SNMP policy name. | `string` | `""` | no |
| <a name="input_date_time_policy"></a> [date\_time\_policy](#input\_date\_time\_policy) | Date time policy name. | `string` | `""` | no |
| <a name="input_management_access_policy"></a> [management\_access\_policy](#input\_management\_access\_policy) | Management access policy name. | `string` | `""` | no |
| <a name="input_route_reflector_policy"></a> [route\_reflector\_policy](#input\_route\_reflector\_policy) | Pod Route Reflector Policy. | `string` | `""` | no |
| <a name="input_coop_group_policy"></a> [coop\_group\_policy](#input\_coop\_group\_policy) | Pod COOP Group Policy. | `string` | `""` | no |
| <a name="input_isis_policy"></a> [isis\_policy](#input\_isis\_policy) | Pod IS-IS Policy. | `string` | `""` | no |
| <a name="input_macsec_policy"></a> [macsec\_policy](#input\_macsec\_policy) | Pod MACsec Policy. | `string` | `""` | no |

## Outputs

Expand All @@ -55,6 +66,10 @@ module "aci_fabric_pod_policy_group" {
|------|------|
| [aci_rest_managed.fabricPodPGrp](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
| [aci_rest_managed.fabricRsCommPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
| [aci_rest_managed.fabricRsMacsecPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
| [aci_rest_managed.fabricRsPodPGrpBGPRRP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
| [aci_rest_managed.fabricRsPodPGrpCoopP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
| [aci_rest_managed.fabricRsPodPGrpIsisDomP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
| [aci_rest_managed.fabricRsSnmpPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
| [aci_rest_managed.fabricRsTimePol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
<!-- END_TF_DOCS -->
6 changes: 6 additions & 0 deletions modules/terraform-aci-fabric-pod-policy-group/examples/complete/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,15 @@ module "aci_fabric_pod_policy_group" {
version = ">= 0.8.0"
name = "POD1"
description = "DESCRIPTION"
snmp_policy = "SNMP1"
date_time_policy = "DATE1"
management_access_policy = "MAP1"
route_reflector_policy = "RR1"
coop_group_policy = "COOP1"
isis_policy = "ISIS1"
macsec_policy = "MACSEC1"
}
```
<!-- END_TF_DOCS -->
6 changes: 6 additions & 0 deletions modules/terraform-aci-fabric-pod-policy-group/examples/complete/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,13 @@ module "aci_fabric_pod_policy_group" {
version = ">= 0.8.0"

name = "POD1"
description = "DESCRIPTION"
snmp_policy = "SNMP1"
date_time_policy = "DATE1"
management_access_policy = "MAP1"
route_reflector_policy = "RR1"
coop_group_policy = "COOP1"
isis_policy = "ISIS1"
macsec_policy = "MACSEC1"

}
35 changes: 34 additions & 1 deletion modules/terraform-aci-fabric-pod-policy-group/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@ resource "aci_rest_managed" "fabricPodPGrp" {
dn = "uni/fabric/funcprof/podpgrp-${var.name}"
class_name = "fabricPodPGrp"
content = {
name = var.name
name = var.name
descr = var.description
}
}

Expand All @@ -29,3 +30,35 @@ resource "aci_rest_managed" "fabricRsCommPol" {
tnCommPolName = var.management_access_policy
}
}

resource "aci_rest_managed" "fabricRsPodPGrpBGPRRP" {
dn = "${aci_rest_managed.fabricPodPGrp.dn}/rspodPGrpBGPRRP"
class_name = "fabricRsPodPGrpBGPRRP"
content = {
tnBgpInstPolName = var.route_reflector_policy
}
}

resource "aci_rest_managed" "fabricRsPodPGrpCoopP" {
dn = "${aci_rest_managed.fabricPodPGrp.dn}/rspodPGrpCoopP"
class_name = "fabricRsPodPGrpCoopP"
content = {
tnCoopPolName = var.coop_group_policy
}
}

resource "aci_rest_managed" "fabricRsPodPGrpIsisDomP" {
dn = "${aci_rest_managed.fabricPodPGrp.dn}/rspodPGrpIsisDomP"
class_name = "fabricRsPodPGrpIsisDomP"
content = {
tnIsisDomPolName = var.isis_policy
}
}

resource "aci_rest_managed" "fabricRsMacsecPol" {
dn = "${aci_rest_managed.fabricPodPGrp.dn}/rsmacsecPol"
class_name = "fabricRsMacsecPol"
content = {
tnMacsecFabIfPolName = var.macsec_policy
}
}
55 changes: 55 additions & 0 deletions modules/terraform-aci-fabric-pod-policy-group/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,17 @@ variable "name" {
}
}

variable "description" {
description = "Pod policy description"
type = string
default = ""

validation {
condition = can(regex("^[a-zA-Z0-9\\\\!#$%()*,-./:;@ _{|}~?&+]{0,128}$", var.description))
error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `\\`, `!`, `#`, `$`, `%`, `(`, `)`, `*`, `,`, `-`, `.`, `/`, `:`, `;`, `@`, ` `, `_`, `{`, `|`, }`, `~`, `?`, `&`, `+`. Maximum characters: 128."
}
}

variable "snmp_policy" {
description = "SNMP policy name."
type = string
Expand Down Expand Up @@ -40,3 +51,47 @@ variable "management_access_policy" {
error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
}
}

variable "route_reflector_policy" {
description = "Pod Route Reflector Policy."
type = string
default = ""

validation {
condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.route_reflector_policy))
error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
}
}

variable "coop_group_policy" {
description = "Pod COOP Group Policy."
type = string
default = ""

validation {
condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.coop_group_policy))
error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
}
}

variable "isis_policy" {
description = "Pod IS-IS Policy."
type = string
default = ""

validation {
condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.isis_policy))
error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
}
}

variable "macsec_policy" {
description = "Pod MACsec Policy."
type = string
default = ""

validation {
condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.macsec_policy))
error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
}
}

0 comments on commit 629aeae

Please sign in to comment.