From 629aeae24aea4c617bd4804b2513708f269375d1 Mon Sep 17 00:00:00 2001
From: Doug Byrd <dougbyrd@gmail.com>
Date: Tue, 12 Nov 2024 18:37:19 +0000
Subject: [PATCH] Expose additional variables to select policies in Fabric Pod
 Policy Group.

Fix for terraform-aci-fabric-pod-policy-group "Please add all options to edit" #175

M: defaults.yaml
M: aci_fabric_policies.tf
M: terraform-aci-fabric-pod-policy-group
---
 aci_fabric_policies.tf                        |  6 ++
 defaults/defaults.yaml                        |  8 +++
 .../README.md                                 | 15 +++++
 .../examples/complete/README.md               |  6 ++
 .../examples/complete/main.tf                 |  6 ++
 .../main.tf                                   | 35 +++++++++++-
 .../variables.tf                              | 55 +++++++++++++++++++
 7 files changed, 130 insertions(+), 1 deletion(-)

diff --git a/aci_fabric_policies.tf b/aci_fabric_policies.tf
index 1e07d5a3..6bd83191 100644
--- a/aci_fabric_policies.tf
+++ b/aci_fabric_policies.tf
@@ -245,14 +245,20 @@ module "aci_fabric_pod_policy_group" {
 
   for_each                 = { for pg in try(local.fabric_policies.pod_policy_groups, []) : pg.name => pg if local.modules.aci_fabric_pod_policy_group && var.manage_fabric_policies }
   name                     = "${each.value.name}${local.defaults.apic.fabric_policies.pod_policy_groups.name_suffix}"
+  description              = try(each.value.description, "")
   snmp_policy              = try("${each.value.snmp_policy}${local.defaults.apic.fabric_policies.pod_policies.snmp_policies.name_suffix}", "")
   date_time_policy         = try("${each.value.date_time_policy}${local.defaults.apic.fabric_policies.pod_policies.date_time_policies.name_suffix}", "")
   management_access_policy = try("${each.value.management_access_policy}${local.defaults.apic.fabric_policies.pod_policies.management_access_policies.name_suffix}", "")
+  route_reflector_policy   = try("${each.value.route_reflector_policy}${local.defaults.apic.fabric_policies.pod_policies.route_reflector_policies.name_suffix}", "")
+  coop_group_policy        = try("${each.value.coop_group_policy}${local.defaults.apic.fabric_policies.pod_policies.coop_group_policies.name_suffix}", "")
+  isis_policy              = try("${each.value.isis_policy}${local.defaults.apic.fabric_policies.pod_policies.isis_policies.name_suffix}", "")
+  macsec_policy            = try("${each.value.macsec_policy}${local.defaults.apic.fabric_policies.pod_policies.macsec_policies.name_suffix}", "")
 
   depends_on = [
     module.aci_snmp_policy,
     module.aci_date_time_policy,
     module.aci_management_access_policy,
+    module.aci_fabric_isis_policy,
   ]
 }
 
diff --git a/defaults/defaults.yaml b/defaults/defaults.yaml
index dbb264c3..da07dd28 100644
--- a/defaults/defaults.yaml
+++ b/defaults/defaults.yaml
@@ -160,6 +160,14 @@ defaults:
           http:
             admin_state: false
             port: 80
+        route_reflector_policies:
+          name_suffix: ""
+        coop_group_policies:
+          name_suffix: ""
+        isis_policies:
+          name_suffix: ""
+        macsec_policies:
+          name_suffix: ""
       switch_policies:
         node_control_policies:
           name_suffix: ""
diff --git a/modules/terraform-aci-fabric-pod-policy-group/README.md b/modules/terraform-aci-fabric-pod-policy-group/README.md
index 78945aa8..e4e0fbf3 100644
--- a/modules/terraform-aci-fabric-pod-policy-group/README.md
+++ b/modules/terraform-aci-fabric-pod-policy-group/README.md
@@ -14,9 +14,15 @@ module "aci_fabric_pod_policy_group" {
   version = ">= 0.8.0"
 
   name                     = "POD1"
+  description              = "DESCRIPTION"
   snmp_policy              = "SNMP1"
   date_time_policy         = "DATE1"
   management_access_policy = "MAP1"
+  route_reflector_policy   = "RR1"
+  coop_group_policy        = "COOP1"
+  isis_policy              = "ISIS1"
+  macsec_policy            = "MACSEC1"
+
 }
 ```
 
@@ -38,9 +44,14 @@ module "aci_fabric_pod_policy_group" {
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_name"></a> [name](#input\_name) | Pod policy group name. | `string` | n/a | yes |
+| <a name="input_description"></a> [description](#input\_description) | Pod policy description | `string` | `""` | no |
 | <a name="input_snmp_policy"></a> [snmp\_policy](#input\_snmp\_policy) | SNMP policy name. | `string` | `""` | no |
 | <a name="input_date_time_policy"></a> [date\_time\_policy](#input\_date\_time\_policy) | Date time policy name. | `string` | `""` | no |
 | <a name="input_management_access_policy"></a> [management\_access\_policy](#input\_management\_access\_policy) | Management access policy name. | `string` | `""` | no |
+| <a name="input_route_reflector_policy"></a> [route\_reflector\_policy](#input\_route\_reflector\_policy) | Pod Route Reflector Policy. | `string` | `""` | no |
+| <a name="input_coop_group_policy"></a> [coop\_group\_policy](#input\_coop\_group\_policy) | Pod COOP Group Policy. | `string` | `""` | no |
+| <a name="input_isis_policy"></a> [isis\_policy](#input\_isis\_policy) | Pod IS-IS Policy. | `string` | `""` | no |
+| <a name="input_macsec_policy"></a> [macsec\_policy](#input\_macsec\_policy) | Pod MACsec Policy. | `string` | `""` | no |
 
 ## Outputs
 
@@ -55,6 +66,10 @@ module "aci_fabric_pod_policy_group" {
 |------|------|
 | [aci_rest_managed.fabricPodPGrp](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
 | [aci_rest_managed.fabricRsCommPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.fabricRsMacsecPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.fabricRsPodPGrpBGPRRP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.fabricRsPodPGrpCoopP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.fabricRsPodPGrpIsisDomP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
 | [aci_rest_managed.fabricRsSnmpPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
 | [aci_rest_managed.fabricRsTimePol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
 <!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/modules/terraform-aci-fabric-pod-policy-group/examples/complete/README.md b/modules/terraform-aci-fabric-pod-policy-group/examples/complete/README.md
index 91ced688..5b5090c8 100644
--- a/modules/terraform-aci-fabric-pod-policy-group/examples/complete/README.md
+++ b/modules/terraform-aci-fabric-pod-policy-group/examples/complete/README.md
@@ -17,9 +17,15 @@ module "aci_fabric_pod_policy_group" {
   version = ">= 0.8.0"
 
   name                     = "POD1"
+  description              = "DESCRIPTION"
   snmp_policy              = "SNMP1"
   date_time_policy         = "DATE1"
   management_access_policy = "MAP1"
+  route_reflector_policy   = "RR1"
+  coop_group_policy        = "COOP1"
+  isis_policy              = "ISIS1"
+  macsec_policy            = "MACSEC1"
+
 }
 ```
 <!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/modules/terraform-aci-fabric-pod-policy-group/examples/complete/main.tf b/modules/terraform-aci-fabric-pod-policy-group/examples/complete/main.tf
index ae58fdb0..61af6875 100644
--- a/modules/terraform-aci-fabric-pod-policy-group/examples/complete/main.tf
+++ b/modules/terraform-aci-fabric-pod-policy-group/examples/complete/main.tf
@@ -3,7 +3,13 @@ module "aci_fabric_pod_policy_group" {
   version = ">= 0.8.0"
 
   name                     = "POD1"
+  description              = "DESCRIPTION"
   snmp_policy              = "SNMP1"
   date_time_policy         = "DATE1"
   management_access_policy = "MAP1"
+  route_reflector_policy   = "RR1"
+  coop_group_policy        = "COOP1"
+  isis_policy              = "ISIS1"
+  macsec_policy            = "MACSEC1"
+
 }
diff --git a/modules/terraform-aci-fabric-pod-policy-group/main.tf b/modules/terraform-aci-fabric-pod-policy-group/main.tf
index 6160abb5..d62dd043 100644
--- a/modules/terraform-aci-fabric-pod-policy-group/main.tf
+++ b/modules/terraform-aci-fabric-pod-policy-group/main.tf
@@ -2,7 +2,8 @@ resource "aci_rest_managed" "fabricPodPGrp" {
   dn         = "uni/fabric/funcprof/podpgrp-${var.name}"
   class_name = "fabricPodPGrp"
   content = {
-    name = var.name
+    name  = var.name
+    descr = var.description
   }
 }
 
@@ -29,3 +30,35 @@ resource "aci_rest_managed" "fabricRsCommPol" {
     tnCommPolName = var.management_access_policy
   }
 }
+
+resource "aci_rest_managed" "fabricRsPodPGrpBGPRRP" {
+  dn         = "${aci_rest_managed.fabricPodPGrp.dn}/rspodPGrpBGPRRP"
+  class_name = "fabricRsPodPGrpBGPRRP"
+  content = {
+    tnBgpInstPolName = var.route_reflector_policy
+  }
+}
+
+resource "aci_rest_managed" "fabricRsPodPGrpCoopP" {
+  dn         = "${aci_rest_managed.fabricPodPGrp.dn}/rspodPGrpCoopP"
+  class_name = "fabricRsPodPGrpCoopP"
+  content = {
+    tnCoopPolName = var.coop_group_policy
+  }
+}
+
+resource "aci_rest_managed" "fabricRsPodPGrpIsisDomP" {
+  dn         = "${aci_rest_managed.fabricPodPGrp.dn}/rspodPGrpIsisDomP"
+  class_name = "fabricRsPodPGrpIsisDomP"
+  content = {
+    tnIsisDomPolName = var.isis_policy
+  }
+}
+
+resource "aci_rest_managed" "fabricRsMacsecPol" {
+  dn         = "${aci_rest_managed.fabricPodPGrp.dn}/rsmacsecPol"
+  class_name = "fabricRsMacsecPol"
+  content = {
+    tnMacsecFabIfPolName = var.macsec_policy
+  }
+}
diff --git a/modules/terraform-aci-fabric-pod-policy-group/variables.tf b/modules/terraform-aci-fabric-pod-policy-group/variables.tf
index 3d8137b1..b1850a67 100644
--- a/modules/terraform-aci-fabric-pod-policy-group/variables.tf
+++ b/modules/terraform-aci-fabric-pod-policy-group/variables.tf
@@ -8,6 +8,17 @@ variable "name" {
   }
 }
 
+variable "description" {
+  description = "Pod policy description"
+  type        = string
+  default     = ""
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9\\\\!#$%()*,-./:;@ _{|}~?&+]{0,128}$", var.description))
+    error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `\\`, `!`, `#`, `$`, `%`, `(`, `)`, `*`, `,`, `-`, `.`, `/`, `:`, `;`, `@`, ` `, `_`, `{`, `|`, }`, `~`, `?`, `&`, `+`. Maximum characters: 128."
+  }
+}
+
 variable "snmp_policy" {
   description = "SNMP policy name."
   type        = string
@@ -40,3 +51,47 @@ variable "management_access_policy" {
     error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
   }
 }
+
+variable "route_reflector_policy" {
+  description = "Pod Route Reflector Policy."
+  type        = string
+  default     = ""
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.route_reflector_policy))
+    error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
+  }
+}
+
+variable "coop_group_policy" {
+  description = "Pod COOP Group Policy."
+  type        = string
+  default     = ""
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.coop_group_policy))
+    error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
+  }
+}
+
+variable "isis_policy" {
+  description = "Pod IS-IS Policy."
+  type        = string
+  default     = ""
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.isis_policy))
+    error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
+  }
+}
+
+variable "macsec_policy" {
+  description = "Pod MACsec Policy."
+  type        = string
+  default     = ""
+
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.macsec_policy))
+    error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64."
+  }
+}