Updated assets for terraform

Signed-off-by: Sagar <[email protected]>
vmware · May 14, 2024 · 441cf46 · 441cf46
1 parent 3d9988b
commit 441cf46
Show file tree

Hide file tree

Showing 10 changed files with 255 additions and 0 deletions.
diff --git a/avi/datasource_avi_systemconfiguration.go b/avi/datasource_avi_systemconfiguration.go
@@ -55,6 +55,10 @@ func dataSourceAviSystemConfiguration() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"enable_host_header_check": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 			"fips_mode": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -125,6 +129,11 @@ func dataSourceAviSystemConfiguration() *schema.Resource {
 				Computed: true,
 				Elem:     &schema.Schema{Type: schema.TypeString},
 			},
+			"trusted_host_profiles_refs": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
 			"uuid": {
 				Type:     schema.TypeString,
 				Optional: true,

diff --git a/avi/datasource_avi_trustedhostprofile.go b/avi/datasource_avi_trustedhostprofile.go
@@ -0,0 +1,38 @@
+// Copyright 2019 VMware, Inc.
+// SPDX-License-Identifier: Mozilla Public License 2.0
+
+package avi
+
+import "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+func dataSourceAviTrustedHostProfile() *schema.Resource {
+	return &schema.Resource{
+		Read: ResourceAviTrustedHostProfileRead,
+		Schema: map[string]*schema.Schema{
+			"configpb_attributes": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem:     ResourceConfigPbAttributesSchema(),
+			},
+			"host_list": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"name": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+			"tenant_ref": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+			"uuid": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+		},
+	}
+}
diff --git a/avi/provider.go b/avi/provider.go
@@ -106,6 +106,7 @@ func Provider() *schema.Provider {
 			"avi_serviceauthprofile":              dataSourceAviServiceAuthProfile(),
 			"avi_controllerproperties":            dataSourceAviControllerProperties(),
 			"avi_l4policyset":                     dataSourceAviL4PolicySet(),
+			"avi_trustedhostprofile":              dataSourceAviTrustedHostProfile(),
 			"avi_systemconfiguration":             dataSourceAviSystemConfiguration(),
 			"avi_controllersite":                  dataSourceAviControllerSite(),
 			"avi_alertsyslogconfig":               dataSourceAviAlertSyslogConfig(),
@@ -226,6 +227,7 @@ func Provider() *schema.Provider {
 			"avi_serviceauthprofile":              resourceAviServiceAuthProfile(),
 			"avi_controllerproperties":            resourceAviControllerProperties(),
 			"avi_l4policyset":                     resourceAviL4PolicySet(),
+			"avi_trustedhostprofile":              resourceAviTrustedHostProfile(),
 			"avi_systemconfiguration":             resourceAviSystemConfiguration(),
 			"avi_controllersite":                  resourceAviControllerSite(),
 			"avi_alertsyslogconfig":               resourceAviAlertSyslogConfig(),

diff --git a/avi/resource_avi_systemconfiguration.go b/avi/resource_avi_systemconfiguration.go
@@ -68,6 +68,12 @@ func ResourceSystemConfigurationSchema() map[string]*schema.Schema {
 			Default:      "false",
 			ValidateFunc: validateBool,
 		},
+		"enable_host_header_check": {
+			Type:         schema.TypeString,
+			Optional:     true,
+			Default:      "false",
+			ValidateFunc: validateBool,
+		},
 		"fips_mode": {
 			Type:         schema.TypeString,
 			Optional:     true,
@@ -152,6 +158,11 @@ func ResourceSystemConfigurationSchema() map[string]*schema.Schema {
 			Optional: true,
 			Elem:     &schema.Schema{Type: schema.TypeString},
 		},
+		"trusted_host_profiles_refs": {
+			Type:     schema.TypeList,
+			Optional: true,
+			Elem:     &schema.Schema{Type: schema.TypeString},
+		},
 		"uuid": {
 			Type:     schema.TypeString,
 			Optional: true,

diff --git a/avi/resource_avi_trustedhostprofile.go b/avi/resource_avi_trustedhostprofile.go
@@ -0,0 +1,96 @@
+// Copyright 2019 VMware, Inc.
+// SPDX-License-Identifier: Mozilla Public License 2.0
+
+package avi
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"log"
+)
+
+func ResourceTrustedHostProfileSchema() map[string]*schema.Schema {
+	return map[string]*schema.Schema{
+		"configpb_attributes": {
+			Type:     schema.TypeSet,
+			Optional: true,
+			Computed: true,
+			Elem:     ResourceConfigPbAttributesSchema(),
+		},
+		"host_list": {
+			Type:     schema.TypeString,
+			Required: true,
+		},
+		"name": {
+			Type:     schema.TypeString,
+			Required: true,
+		},
+		"tenant_ref": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Computed: true,
+		},
+		"uuid": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Computed: true,
+		},
+	}
+}
+
+func resourceAviTrustedHostProfile() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAviTrustedHostProfileCreate,
+		Read:   ResourceAviTrustedHostProfileRead,
+		Update: resourceAviTrustedHostProfileUpdate,
+		Delete: resourceAviTrustedHostProfileDelete,
+		Schema: ResourceTrustedHostProfileSchema(),
+		Importer: &schema.ResourceImporter{
+			State: ResourceTrustedHostProfileImporter,
+		},
+	}
+}
+
+func ResourceTrustedHostProfileImporter(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) {
+	s := ResourceTrustedHostProfileSchema()
+	return ResourceImporter(d, m, "trustedhostprofile", s)
+}
+
+func ResourceAviTrustedHostProfileRead(d *schema.ResourceData, meta interface{}) error {
+	s := ResourceTrustedHostProfileSchema()
+	err := APIRead(d, meta, "trustedhostprofile", s)
+	if err != nil {
+		log.Printf("[ERROR] in reading object %v\n", err)
+	}
+	return err
+}
+
+func resourceAviTrustedHostProfileCreate(d *schema.ResourceData, meta interface{}) error {
+	s := ResourceTrustedHostProfileSchema()
+	err := APICreate(d, meta, "trustedhostprofile", s)
+	if err == nil {
+		err = ResourceAviTrustedHostProfileRead(d, meta)
+	}
+	return err
+}
+
+func resourceAviTrustedHostProfileUpdate(d *schema.ResourceData, meta interface{}) error {
+	s := ResourceTrustedHostProfileSchema()
+	var err error
+	err = APIUpdate(d, meta, "trustedhostprofile", s)
+	if err == nil {
+		err = ResourceAviTrustedHostProfileRead(d, meta)
+	}
+	return err
+}
+
+func resourceAviTrustedHostProfileDelete(d *schema.ResourceData, meta interface{}) error {
+	var err error
+	if APIDeleteSystemDefaultCheck(d) {
+		return nil
+	}
+	err = APIDelete(d, meta, "trustedhostprofile")
+	if err != nil {
+		log.Printf("[ERROR] in deleting object %v\n", err)
+	}
+	return err
+}
diff --git a/website/avi.erb b/website/avi.erb
@@ -121,6 +121,9 @@
             </li>
                       <li<%= sidebar_current("docs-avi-l4policyset") %>>
               <a href="/docs/providers/avi/d/avi_l4policyset.html">L4PolicySet</a>
+            </li>
+                      <li<%= sidebar_current("docs-avi-trustedhostprofile") %>>
+              <a href="/docs/providers/avi/d/avi_trustedhostprofile.html">TrustedHostProfile</a>
             </li>
                       <li<%= sidebar_current("docs-avi-systemconfiguration") %>>
               <a href="/docs/providers/avi/d/avi_systemconfiguration.html">SystemConfiguration</a>
@@ -481,6 +484,9 @@
             </li>
 		              <li<%= sidebar_current("docs-avi-l4policyset") %>>
               <a href="/docs/providers/avi/r/avi_l4policyset.html">L4PolicySet</a>
+            </li>
+		              <li<%= sidebar_current("docs-avi-trustedhostprofile") %>>
+              <a href="/docs/providers/avi/r/avi_trustedhostprofile.html">TrustedHostProfile</a>
             </li>
 		              <li<%= sidebar_current("docs-avi-systemconfiguration") %>>
               <a href="/docs/providers/avi/r/avi_systemconfiguration.html">SystemConfiguration</a>

diff --git a/website/docs/d/avi_systemconfiguration.html.markdown b/website/docs/d/avi_systemconfiguration.html.markdown
@@ -42,6 +42,7 @@ In addition to all arguments above, the following attributes are exported:
 * `docker_mode` - Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `email_configuration` - Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `enable_cors` - Enable cors header. Field introduced in 20.1.3. Allowed in enterprise edition with any value, essentials edition with any value, basic edition with any value, enterprise with cloud services edition.
+* `enable_host_header_check` - Host header check. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
 * `fips_mode` - Fips mode current state. Field introduced in 20.1.1. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `global_tenant_config` - Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `host_key_algorithm_exclude` - Users can specify comma separated list of deprecated host key algorithm.if nothing is specified, all known algorithms provided by openssh will be supported.this change could only apply on the controller node. Field introduced in 22.1.3. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
@@ -57,6 +58,7 @@ In addition to all arguments above, the following attributes are exported:
 * `snmp_configuration` - Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `ssh_ciphers` - Allowed ciphers list for ssh to the management interface on the controller and service engines. If this is not specified, all the default ciphers are allowed. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `ssh_hmacs` - Allowed hmac list for ssh to the management interface on the controller and service engines. If this is not specified, all the default hmacs are allowed. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
+* `trusted_host_profiles_refs` - Trusted host profiles for host header validation. Only function when enable_host_header_check is set to true. It is a reference to an object of type trustedhostprofile. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
 * `uuid` - Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `welcome_workflow_complete` - This flag is set once the initial controller setup workflow is complete. Field introduced in 18.2.3. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 
diff --git a/website/docs/d/avi_trustedhostprofile.html.markdown b/website/docs/d/avi_trustedhostprofile.html.markdown
@@ -0,0 +1,40 @@
+<!--
+    Copyright 2021 VMware, Inc.
+    SPDX-License-Identifier: Mozilla Public License 2.0
+-->
+---
+layout: "avi"
+page_title: "AVI: avi_trustedhostprofile"
+sidebar_current: "docs-avi-datasource-trustedhostprofile"
+description: |-
+  Get information of Avi TrustedHostProfile.
+---
+
+# avi_trustedhostprofile
+
+This data source is used to to get avi_trustedhostprofile objects.
+
+## Example Usage
+
+```hcl
+data "avi_trustedhostprofile" "foo_trustedhostprofile" {
+    uuid = "trustedhostprofile-f9cf6b3e-a411-436f-95e2-2982ba2b217b"
+    name = "foo"
+}
+```
+
+## Argument Reference
+
+* `name` - (Optional) Search TrustedHostProfile by name.
+* `uuid` - (Optional) Search TrustedHostProfile by uuid.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `configpb_attributes` - Protobuf versioning for config pbs. Field introduced in 31.1.1. Allowed in enterprise edition with any value, essentials edition with any value, basic edition with any value, enterprise with cloud services edition.
+* `host_list` - List of host ip(v4/v6) addresses or fqdns. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
+* `name` - Trustedhostprofile name. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
+* `tenant_ref` - Tenant ref for trusted host profile. It is a reference to an object of type tenant. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
+* `uuid` - Trustedhostprofile uuid. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
+
diff --git a/website/docs/r/avi_systemconfiguration.html.markdown b/website/docs/r/avi_systemconfiguration.html.markdown
@@ -36,6 +36,7 @@ The following arguments are supported:
 * `docker_mode` - (Optional) Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `email_configuration` - (Optional) Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `enable_cors` - (Optional) Enable cors header. Field introduced in 20.1.3. Allowed in enterprise edition with any value, essentials edition with any value, basic edition with any value, enterprise with cloud services edition.
+* `enable_host_header_check` - (Optional) Host header check. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
 * `fips_mode` - (Optional) Fips mode current state. Field introduced in 20.1.1. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `global_tenant_config` - (Optional) Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `host_key_algorithm_exclude` - (Optional) Users can specify comma separated list of deprecated host key algorithm.if nothing is specified, all known algorithms provided by openssh will be supported.this change could only apply on the controller node. Field introduced in 22.1.3. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
@@ -51,6 +52,7 @@ The following arguments are supported:
 * `snmp_configuration` - (Optional) Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `ssh_ciphers` - (Optional) Allowed ciphers list for ssh to the management interface on the controller and service engines. If this is not specified, all the default ciphers are allowed. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 * `ssh_hmacs` - (Optional) Allowed hmac list for ssh to the management interface on the controller and service engines. If this is not specified, all the default hmacs are allowed. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
+* `trusted_host_profiles_refs` - (Optional) Trusted host profiles for host header validation. Only function when enable_host_header_check is set to true. It is a reference to an object of type trustedhostprofile. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
 * `welcome_workflow_complete` - (Optional) This flag is set once the initial controller setup workflow is complete. Field introduced in 18.2.3. Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
 
 

diff --git a/website/docs/r/avi_trustedhostprofile.html.markdown b/website/docs/r/avi_trustedhostprofile.html.markdown
@@ -0,0 +1,49 @@
+<!--
+    Copyright 2021 VMware, Inc.
+    SPDX-License-Identifier: Mozilla Public License 2.0
+-->
+---
+layout: "avi"
+page_title: "Avi: avi_trustedhostprofile"
+sidebar_current: "docs-avi-resource-trustedhostprofile"
+description: |-
+  Creates and manages Avi TrustedHostProfile.
+---
+
+# avi_trustedhostprofile
+
+The TrustedHostProfile resource allows the creation and management of Avi TrustedHostProfile
+
+## Example Usage
+
+```hcl
+resource "avi_trustedhostprofile" "foo" {
+    name = "terraform-example-foo"
+    tenant_ref = "/api/tenant/?name=admin"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `host_list` - (Required) List of host ip(v4/v6) addresses or fqdns. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
+* `name` - (Required) Trustedhostprofile name. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
+* `configpb_attributes` - (Optional) Protobuf versioning for config pbs. Field introduced in 31.1.1. Allowed in enterprise edition with any value, essentials edition with any value, basic edition with any value, enterprise with cloud services edition.
+* `tenant_ref` - (Optional) Tenant ref for trusted host profile. It is a reference to an object of type tenant. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
+
+
+### Timeouts
+
+The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
+
+* `create` - (Defaults to 40 mins) Used when creating the AMI
+* `update` - (Defaults to 40 mins) Used when updating the AMI
+* `delete` - (Defaults to 90 mins) Used when deregistering the AMI
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `uuid` -  Trustedhostprofile uuid. Field introduced in 31.1.1. Allowed in enterprise edition with any value, enterprise with cloud services edition.
+