Add ip http attributes to system resource

CHANGELOG.md

@@ -2,6 +2,7 @@
 
 - Add `next_hop_self` and `next_hop_self_all` attributes to `iosxe_bgp_ipv4_unicast_vrf_neighbor` resource and data source
 - Add `set_as_path_replace_any` and `set_as_path_replace_as` attributes to `iosxe_route_map` resource and data source
+- Add `ip_http` attributes to `iosxe_system` resource and data source
 
 ## 0.5.3
 

docs/data-sources/system.md

@@ -31,6 +31,18 @@ data "iosxe_system" "example" {
 - `ip_bgp_community_new_format` (Boolean) select aa:nn format for BGP community
 - `ip_domain_lookup` (Boolean) Enable IP Domain Name System hostname translation
 - `ip_domain_name` (String) Define the default domain name
+- `ip_http_access_class` (Number) Restrict http server access by access-class
+- `ip_http_authentication_aaa` (Boolean) Use AAA access control methods
+- `ip_http_authentication_aaa_command_authorization` (Attributes List) Set method list for command authorization (see [below for nested schema](#nestedatt--ip_http_authentication_aaa_command_authorization))
+- `ip_http_authentication_aaa_exec_authorization` (String) Set method list for exec authorization
+- `ip_http_authentication_aaa_login_authentication` (String) Set method list for login authentication
+- `ip_http_authentication_local` (Boolean) Use local username and passwords
+- `ip_http_client_secure_trustpoint` (String) Set http client certificate secure trustpoint
+- `ip_http_client_source_interface` (String) Specify interface for source address in all HTTP(S) client connections
+- `ip_http_secure_server` (Boolean) Enable HTTP secure server
+- `ip_http_secure_trustpoint` (String) Set http secure server certificate trustpoint
+- `ip_http_server` (Boolean) Enable http server
+- `ip_http_tls_version` (String) Set TLS version for HTTP secure server
 - `ip_multicast_routing` (Boolean) Enable IP multicast forwarding
 - `ip_multicast_routing_distributed` (Boolean) Distributed multicast switching
 - `ip_routing` (Boolean) Enable or disable IP routing
@@ -45,6 +57,15 @@ data "iosxe_system" "example" {
 - `multicast_routing_switch` (Boolean) Enable IP multicast forwarding, some XE devices use this option instead of `multicast_routing`.
 - `multicast_routing_vrfs` (Attributes List) Select VPN Routing/Forwarding instance (see [below for nested schema](#nestedatt--multicast_routing_vrfs))
 
+<a id="nestedatt--ip_http_authentication_aaa_command_authorization"></a>
+### Nested Schema for `ip_http_authentication_aaa_command_authorization`
+
+Read-Only:
+
+- `level` (Number) Enable level
+- `name` (String) Use an authorization list with this name
+
+
 <a id="nestedatt--multicast_routing_vrfs"></a>
 ### Nested Schema for `multicast_routing_vrfs`
 

docs/guides/changelog.md

@@ -11,6 +11,7 @@ description: |-
 
 - Add `next_hop_self` and `next_hop_self_all` attributes to `iosxe_bgp_ipv4_unicast_vrf_neighbor` resource and data source
 - Add `set_as_path_replace_any` and `set_as_path_replace_as` attributes to `iosxe_route_map` resource and data source
+- Add `ip_http` attributes to `iosxe_system` resource and data source
 
 ## 0.5.3
 

docs/resources/system.md

@@ -43,6 +43,20 @@ resource "iosxe_system" "example" {
 - `ip_bgp_community_new_format` (Boolean) select aa:nn format for BGP community
 - `ip_domain_lookup` (Boolean) Enable IP Domain Name System hostname translation
 - `ip_domain_name` (String) Define the default domain name
+- `ip_http_access_class` (Number) Restrict http server access by access-class
+  - Range: `1`-`99`
+- `ip_http_authentication_aaa` (Boolean) Use AAA access control methods
+- `ip_http_authentication_aaa_command_authorization` (Attributes List) Set method list for command authorization (see [below for nested schema](#nestedatt--ip_http_authentication_aaa_command_authorization))
+- `ip_http_authentication_aaa_exec_authorization` (String) Set method list for exec authorization
+- `ip_http_authentication_aaa_login_authentication` (String) Set method list for login authentication
+- `ip_http_authentication_local` (Boolean) Use local username and passwords
+- `ip_http_client_secure_trustpoint` (String) Set http client certificate secure trustpoint
+- `ip_http_client_source_interface` (String) Specify interface for source address in all HTTP(S) client connections
+- `ip_http_secure_server` (Boolean) Enable HTTP secure server
+- `ip_http_secure_trustpoint` (String) Set http secure server certificate trustpoint
+- `ip_http_server` (Boolean) Enable http server
+- `ip_http_tls_version` (String) Set TLS version for HTTP secure server
+  - Choices: `TLSv1.0`, `TLSv1.1`, `TLSv1.2`
 - `ip_multicast_routing` (Boolean) Enable IP multicast forwarding
 - `ip_multicast_routing_distributed` (Boolean) Distributed multicast switching
 - `ip_routing` (Boolean) Enable or disable IP routing
@@ -62,6 +76,19 @@ resource "iosxe_system" "example" {
 
 - `id` (String) The path of the object.
 
+<a id="nestedatt--ip_http_authentication_aaa_command_authorization"></a>
+### Nested Schema for `ip_http_authentication_aaa_command_authorization`
+
+Required:
+
+- `level` (Number) Enable level
+  - Range: `0`-`15`
+
+Optional:
+
+- `name` (String) Use an authorization list with this name
+
+
 <a id="nestedatt--multicast_routing_vrfs"></a>
 ### Nested Schema for `multicast_routing_vrfs`
 

gen/definitions/system.yaml

@@ -56,6 +56,58 @@ attributes:
       - yang_name: distributed
         example: true
         test_tags: [C8000V]
+  - yang_name: ip/Cisco-IOS-XE-http:http/access-class
+    example: 10
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/aaa/aaa
+    xpath: ip/Cisco-IOS-XE-http:http/authentication/aaa
+    tf_name: ip_http_authentication_aaa
+    example: true
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/aaa/aaa/exec-authorization
+    xpath: ip/Cisco-IOS-XE-http:http/authentication/aaa/exec-authorization
+    tf_name: ip_http_authentication_aaa_exec_authorization
+    example: group1
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/aaa/aaa/login-authentication
+    xpath: ip/Cisco-IOS-XE-http:http/authentication/aaa/login-authentication
+    tf_name: ip_http_authentication_aaa_login_authentication
+    example: group1
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/aaa/aaa/command-authorization
+    xpath: ip/Cisco-IOS-XE-http:http/authentication/aaa/command-authorization
+    tf_name: ip_http_authentication_aaa_command_authorization
+    type: List
+    exclude_test: true
+    attributes:
+      - yang_name: level
+        id: true
+        example: 15
+      - yang_name: name
+        example: group1
+  - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/local/local
+    xpath: ip/Cisco-IOS-XE-http:http/authentication/local
+    tf_name: ip_http_authentication_local
+    example: true
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/server
+    example: true
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/secure-server
+    example: true
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/secure-trustpoint
+    example: TP1
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/tls-version
+    example: TLSv1.2
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/client/secure-trustpoint
+    example: TP1
+    exclude_test: true
+  - yang_name: ip/Cisco-IOS-XE-http:http/client/source-interface
+    example: Loopback0
+    exclude_test: true
 test_prerequisites:
   - path: Cisco-IOS-XE-native:native/vrf/definition=VRF1
     no_delete: true

gen/load_models.go

@@ -95,6 +95,7 @@ var models = []string{
 	"https://raw.githubusercontent.com/YangModels/yang/main/vendor/cisco/xe/1791/Cisco-IOS-XE-udld.yang",
 	"https://raw.githubusercontent.com/YangModels/yang/main/vendor/cisco/xe/1791/Cisco-IOS-XE-switch.yang",
 	"https://raw.githubusercontent.com/YangModels/yang/main/vendor/cisco/xe/1791/Cisco-IOS-XE-sanet.yang",
+	"https://raw.githubusercontent.com/YangModels/yang/main/vendor/cisco/xe/1791/Cisco-IOS-XE-http.yang",
 }
 
 const (