Merge pull request #239 from terraform-routeros/vaerh/issue232

Vaerh/issue232

examples/resources/routeros_snmp/import.sh

@@ -0,0 +1 @@
+terraform import routeros_snmp.test .

examples/resources/routeros_snmp/resource.tf

@@ -0,0 +1,9 @@
+resource "routeros_snmp" "test" {
+  contact          = "John D."
+  enabled          = true
+  engine_id_suffix = "8a3c"
+  location         = "Backyard"
+  trap_community   = "private"
+  trap_generators  = "start-trap"
+  trap_version     = 3
+}

examples/resources/routeros_snmp_community/import.sh

@@ -0,0 +1,3 @@
+#The ID can be found via API or the terminal
+#The command for the terminal is -> :put [/snmp/community get [print show-ids]]
+terraform import routeros_snmp_community.test "*0"

examples/resources/routeros_snmp_community/resource.tf

@@ -0,0 +1,12 @@
+resource "routeros_snmp_community" "test" {
+	authentication_password = "authpasswd"
+	authentication_protocol = "MD5"
+	comment                 = "Comment"
+	disabled                = true
+	encryption_password     = "encpassword"
+	encryption_protocol     = "DES"
+	name                    = "private"
+	read_access             = true
+	security                = "private"
+	write_access            = true
+}

routeros/provider.go

@@ -165,6 +165,10 @@ func Provider() *schema.Provider {
 			// PPP
 			"routeros_ppp_profile": ResourcePPPProfile(),
 			"routeros_ppp_secret":  ResourcePPPSecret(),
+
+			// SNMP
+			"routeros_snmp":           ResourceSNMP(),
+			"routeros_snmp_community": ResourceSNMPCommunity(),
 		},
 		DataSourcesMap: map[string]*schema.Resource{
 			"routeros_interfaces":     DatasourceInterfaces(),

routeros/provider_schema_helpers.go

@@ -37,6 +37,7 @@ const (
 	KeyName        = "name"
 	KeyPlaceBefore = "place_before"
 	KeyRunning     = "running"
+	KeyVrf         = "vrf"
 )
 
 // PropResourcePath Resource path property.
@@ -190,6 +191,12 @@ var (
 		Type:     schema.TypeBool,
 		Computed: true,
 	}
+	PropVrfRw = &schema.Schema{
+		Type:        schema.TypeString,
+		Optional:    true,
+		Default:     "main",
+		Description: "The VRF table this resource operates on.",
+	}
 )
 
 // PropMtuRw MTU value can be integer or 'auto'.

routeros/resource_bgp_connection.go

@@ -520,12 +520,7 @@ func ResourceRoutingBGPConnection() *schema.Resource {
 			Optional:    true,
 			Description: "Whether to use the BFD protocol for faster connection state detection.",
 		},
-		"vrf": {
-			Type:        schema.TypeString,
-			Optional:    true,
-			Default:     "main",
-			Description: "Name of the VRF BGP connections operates on. By default always use the 'main' routing table.",
-		},
+		KeyVrf: PropVrfRw,
 	}
 
 	return &schema.Resource{

routeros/resource_bgp_template.go

@@ -391,12 +391,7 @@ func ResourceRoutingBGPTemplate() *schema.Resource {
 			Optional:    true,
 			Description: "Whether to use the BFD protocol for faster connection state detection.",
 		},
-		"vrf": {
-			Type:        schema.TypeString,
-			Optional:    true,
-			Default:     "main",
-			Description: "Name of the VRF BGP connections operates on. By default always use the 'main' routing table.",
-		},
+		KeyVrf: PropVrfRw,
 	}
 
 	return &schema.Resource{

routeros/resource_ip_service.go

@@ -82,12 +82,7 @@ func ResourceIpService() *schema.Resource {
 			Description:  "Specifies which TLS versions to allow by a particular service.",
 			ValidateFunc: validation.StringInSlice([]string{"any", "only-1.2"}, false),
 		},
-		"vrf": {
-			Type:        schema.TypeString,
-			Optional:    true,
-			Default:     "main",
-			Description: "Specify which VRF instance to use by a particular service.",
-		},
+		KeyVrf: PropVrfRw,
 	}
 
 	resCreateUpdate := func(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {

routeros/resource_routing_ospf_instance.go

@@ -107,12 +107,7 @@ func ResourceRoutingOspfInstance() *schema.Resource {
 			Description:  "OSPF version this instance will be running (v2 for IPv4, v3 for IPv6).",
 			ValidateFunc: validation.IntBetween(2, 3),
 		},
-		"vrf": {
-			Type:        schema.TypeString,
-			Optional:    true,
-			Default:     "main",
-			Description: "The VRF table this OSPF instance operates on",
-		},
+		KeyVrf: PropVrfRw,
 	}
 
 	return &schema.Resource{

routeros/resource_snmp.go

@@ -0,0 +1,127 @@
+package routeros
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+)
+
+/*
+  {
+    "contact": "",
+    "enabled": "false",
+    "engine-id": "80003a8c04",
+    "engine-id-suffix": "",
+    "location": "",
+    "src-address": "::",
+    "trap-community": "public",
+    "trap-generators": "temp-exception",
+    "trap-target": "",
+    "trap-version": "1",
+    "vrf": "main"
+  }
+*/
+
+// https://help.mikrotik.com/docs/display/ROS/SNMP
+func ResourceSNMP() *schema.Resource {
+	resSchema := map[string]*schema.Schema{
+		MetaResourcePath: PropResourcePath("/snmp"),
+		MetaId:           PropId(Id),
+
+		"contact": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "Contact information.",
+		},
+		"enabled": {
+			Type:        schema.TypeBool,
+			Required:    true,
+			Description: "Used to disable/enable SNMP service",
+		},
+		"engine_id": {
+			Type:     schema.TypeString,
+			Computed: true,
+			Description: "For SNMP v3, used as part of identifier. You can configure suffix part of engine id " +
+				"using this argument. If SNMP client is not  capable to detect set engine-id value then " +
+				"this prefix hex have to be  used 0x80003a8c04",
+		},
+		"engine_id_suffix": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "Unique identifier for an SNMPv3 engine by configuring the suffix of the engine ID.",
+		},
+		"location": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "Location information.",
+		},
+		"trap_community": {
+			Type:      schema.TypeString,
+			Optional:  true,
+			Sensitive: true,
+			Description: "Which communities configured in community menu to use when sending out the trap. " +
+				"This name must be present in the community list.",
+		},
+		"trap_generators": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Description: "What action will generate traps: interfaces - interface changes; start-trap - snmp " +
+				"server starting on the router.",
+			ValidateFunc: validation.StringInSlice([]string{"interfaces", "start-trap", "temp-exception"}, false),
+		},
+		"trap_interfaces": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "List of interfaces that traps are going to be sent out.",
+		},
+		"trap_target": {
+			Type:        schema.TypeSet,
+			Optional:    true,
+			Description: "IP (IPv4 or IPv6) addresses of SNMP data collectors that have to receive the trap.",
+			Elem: &schema.Schema{
+				Type:         schema.TypeString,
+				ValidateFunc: validation.IsIPAddress,
+			},
+		},
+		"trap_version": {
+			Type:         schema.TypeInt,
+			Optional:     true,
+			Description:  "Version of SNMP protocol to use for trap.",
+			ValidateFunc: validation.IntBetween(1, 3),
+		},
+		"src_address": {
+			Type:         schema.TypeString,
+			Optional:     true,
+			Description:  "Force the router to always use the same IP source address for all of the SNMP messages.",
+			ValidateFunc: validation.IsIPAddress,
+			DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+				if old == new {
+					return true
+				}
+
+				if (old == "" && new == "::") || (old == "::" && new == "") {
+					return true
+				}
+
+				if old == "" || new == "" {
+					return false
+				}
+
+				return false
+			},
+		},
+		KeyVrf: PropVrfRw,
+	}
+
+	return &schema.Resource{
+		CreateContext: DefaultSystemCreate(resSchema),
+		ReadContext:   DefaultSystemRead(resSchema),
+		UpdateContext: DefaultSystemUpdate(resSchema),
+		DeleteContext: DefaultSystemDelete(resSchema),
+
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+
+		Schema: resSchema,
+	}
+}

routeros/resource_snmp_community.go

@@ -0,0 +1,111 @@
+package routeros
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+)
+
+/*
+  {
+    ".id": "*2",
+    "addresses": "::/0",
+    "authentication-password": "",
+    "authentication-protocol": "MD5",
+    "comment": "Comment",
+    "default": "false",
+    "disabled": "true",
+    "encryption-password": "",
+    "encryption-protocol": "DES",
+    "name": "private",
+    "read-access": "true",
+    "security": "none",
+    "write-access": "false"
+  }
+*/
+
+// https://help.mikrotik.com/docs/display/ROS/SNMP#SNMP-CommunityProperties
+func ResourceSNMPCommunity() *schema.Resource {
+	resSchema := map[string]*schema.Schema{
+		MetaResourcePath: PropResourcePath("/snmp/community"),
+		MetaId:           PropId(Id),
+
+		"addresses": {
+			Type:         schema.TypeString,
+			Optional:     true,
+			Default:      "::/0",
+			Description:  "Addresses from which connections to SNMP server is allowed.",
+			ValidateFunc: validation.IsIPAddress,
+		},
+		"authentication_password": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Sensitive:   true,
+			Description: "Password used to authenticate the connection to the server (SNMPv3).",
+		},
+		"authentication_protocol": {
+			Type:         schema.TypeString,
+			Optional:     true,
+			Default:      "MD5",
+			Description:  "The protocol used for authentication (SNMPv3).",
+			ValidateFunc: validation.StringInSlice([]string{"MD5", "SHA1"}, false),
+		},
+		KeyComment: PropCommentRw,
+		"default": {
+			Type:        schema.TypeBool,
+			Computed:    true,
+			Description: "It's a default community.",
+		},
+		KeyDisabled: PropDisabledRw,
+		"encryption_password": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Sensitive:   true,
+			Description: "The password used for encryption (SNMPv3).",
+		},
+		"encryption_protocol": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Default:  "DES",
+			Description: "encryption protocol to be used to encrypt the communication (SNMPv3). AES (see rfc3826) " +
+				"available since v6.16.",
+			ValidateFunc: validation.StringInSlice([]string{"DES", "AES"}, false),
+		},
+
+		"name": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "Community Name.",
+		},
+		"read_access": {
+			Type:        schema.TypeBool,
+			Optional:    true,
+			Default:     true,
+			Description: "Whether read access is enabled for this community.",
+		},
+		"security": {
+			Type:         schema.TypeString,
+			Optional:     true,
+			Default:      "none",
+			Description:  "Security features.",
+			ValidateFunc: validation.StringInSlice([]string{"authorized", "none", "private"}, false),
+		},
+		"write_access": {
+			Type:        schema.TypeBool,
+			Optional:    true,
+			Description: "Whether write access is enabled for this community.",
+		},
+	}
+
+	return &schema.Resource{
+		CreateContext: DefaultCreate(resSchema),
+		ReadContext:   DefaultRead(resSchema),
+		UpdateContext: DefaultUpdate(resSchema),
+		DeleteContext: DefaultDelete(resSchema),
+
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+
+		Schema: resSchema,
+	}
+}