diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8d197886..596d0a7f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
- Add `next_hop_self` and `next_hop_self_all` attributes to `iosxe_bgp_ipv4_unicast_vrf_neighbor` resource and data source
- Add `set_as_path_replace_any` and `set_as_path_replace_as` attributes to `iosxe_route_map` resource and data source
+- Add `ip_http` attributes to `iosxe_system` resource and data source
## 0.5.3
diff --git a/docs/data-sources/system.md b/docs/data-sources/system.md
index e8edaa3b..4ae225ce 100644
--- a/docs/data-sources/system.md
+++ b/docs/data-sources/system.md
@@ -31,6 +31,18 @@ data "iosxe_system" "example" {
- `ip_bgp_community_new_format` (Boolean) select aa:nn format for BGP community
- `ip_domain_lookup` (Boolean) Enable IP Domain Name System hostname translation
- `ip_domain_name` (String) Define the default domain name
+- `ip_http_access_class` (Number) Restrict http server access by access-class
+- `ip_http_authentication_aaa` (Boolean) Use AAA access control methods
+- `ip_http_authentication_aaa_command_authorization` (Attributes List) Set method list for command authorization (see [below for nested schema](#nestedatt--ip_http_authentication_aaa_command_authorization))
+- `ip_http_authentication_aaa_exec_authorization` (String) Set method list for exec authorization
+- `ip_http_authentication_aaa_login_authentication` (String) Set method list for login authentication
+- `ip_http_authentication_local` (Boolean) Use local username and passwords
+- `ip_http_client_secure_trustpoint` (String) Set http client certificate secure trustpoint
+- `ip_http_client_source_interface` (String) Specify interface for source address in all HTTP(S) client connections
+- `ip_http_secure_server` (Boolean) Enable HTTP secure server
+- `ip_http_secure_trustpoint` (String) Set http secure server certificate trustpoint
+- `ip_http_server` (Boolean) Enable http server
+- `ip_http_tls_version` (String) Set TLS version for HTTP secure server
- `ip_multicast_routing` (Boolean) Enable IP multicast forwarding
- `ip_multicast_routing_distributed` (Boolean) Distributed multicast switching
- `ip_routing` (Boolean) Enable or disable IP routing
@@ -45,6 +57,15 @@ data "iosxe_system" "example" {
- `multicast_routing_switch` (Boolean) Enable IP multicast forwarding, some XE devices use this option instead of `multicast_routing`.
- `multicast_routing_vrfs` (Attributes List) Select VPN Routing/Forwarding instance (see [below for nested schema](#nestedatt--multicast_routing_vrfs))
+
+### Nested Schema for `ip_http_authentication_aaa_command_authorization`
+
+Read-Only:
+
+- `level` (Number) Enable level
+- `name` (String) Use an authorization list with this name
+
+
### Nested Schema for `multicast_routing_vrfs`
diff --git a/docs/guides/changelog.md b/docs/guides/changelog.md
index 591bc842..14a31ae6 100644
--- a/docs/guides/changelog.md
+++ b/docs/guides/changelog.md
@@ -11,6 +11,7 @@ description: |-
- Add `next_hop_self` and `next_hop_self_all` attributes to `iosxe_bgp_ipv4_unicast_vrf_neighbor` resource and data source
- Add `set_as_path_replace_any` and `set_as_path_replace_as` attributes to `iosxe_route_map` resource and data source
+- Add `ip_http` attributes to `iosxe_system` resource and data source
## 0.5.3
diff --git a/docs/resources/system.md b/docs/resources/system.md
index 248d5c88..091a0dc8 100644
--- a/docs/resources/system.md
+++ b/docs/resources/system.md
@@ -43,6 +43,20 @@ resource "iosxe_system" "example" {
- `ip_bgp_community_new_format` (Boolean) select aa:nn format for BGP community
- `ip_domain_lookup` (Boolean) Enable IP Domain Name System hostname translation
- `ip_domain_name` (String) Define the default domain name
+- `ip_http_access_class` (Number) Restrict http server access by access-class
+ - Range: `1`-`99`
+- `ip_http_authentication_aaa` (Boolean) Use AAA access control methods
+- `ip_http_authentication_aaa_command_authorization` (Attributes List) Set method list for command authorization (see [below for nested schema](#nestedatt--ip_http_authentication_aaa_command_authorization))
+- `ip_http_authentication_aaa_exec_authorization` (String) Set method list for exec authorization
+- `ip_http_authentication_aaa_login_authentication` (String) Set method list for login authentication
+- `ip_http_authentication_local` (Boolean) Use local username and passwords
+- `ip_http_client_secure_trustpoint` (String) Set http client certificate secure trustpoint
+- `ip_http_client_source_interface` (String) Specify interface for source address in all HTTP(S) client connections
+- `ip_http_secure_server` (Boolean) Enable HTTP secure server
+- `ip_http_secure_trustpoint` (String) Set http secure server certificate trustpoint
+- `ip_http_server` (Boolean) Enable http server
+- `ip_http_tls_version` (String) Set TLS version for HTTP secure server
+ - Choices: `TLSv1.0`, `TLSv1.1`, `TLSv1.2`
- `ip_multicast_routing` (Boolean) Enable IP multicast forwarding
- `ip_multicast_routing_distributed` (Boolean) Distributed multicast switching
- `ip_routing` (Boolean) Enable or disable IP routing
@@ -62,6 +76,19 @@ resource "iosxe_system" "example" {
- `id` (String) The path of the object.
+
+### Nested Schema for `ip_http_authentication_aaa_command_authorization`
+
+Required:
+
+- `level` (Number) Enable level
+ - Range: `0`-`15`
+
+Optional:
+
+- `name` (String) Use an authorization list with this name
+
+
### Nested Schema for `multicast_routing_vrfs`
diff --git a/gen/definitions/system.yaml b/gen/definitions/system.yaml
index 6bf4a589..b8ae6ac4 100644
--- a/gen/definitions/system.yaml
+++ b/gen/definitions/system.yaml
@@ -56,6 +56,58 @@ attributes:
- yang_name: distributed
example: true
test_tags: [C8000V]
+ - yang_name: ip/Cisco-IOS-XE-http:http/access-class
+ example: 10
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/aaa/aaa
+ xpath: ip/Cisco-IOS-XE-http:http/authentication/aaa
+ tf_name: ip_http_authentication_aaa
+ example: true
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/aaa/aaa/exec-authorization
+ xpath: ip/Cisco-IOS-XE-http:http/authentication/aaa/exec-authorization
+ tf_name: ip_http_authentication_aaa_exec_authorization
+ example: group1
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/aaa/aaa/login-authentication
+ xpath: ip/Cisco-IOS-XE-http:http/authentication/aaa/login-authentication
+ tf_name: ip_http_authentication_aaa_login_authentication
+ example: group1
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/aaa/aaa/command-authorization
+ xpath: ip/Cisco-IOS-XE-http:http/authentication/aaa/command-authorization
+ tf_name: ip_http_authentication_aaa_command_authorization
+ type: List
+ exclude_test: true
+ attributes:
+ - yang_name: level
+ id: true
+ example: 15
+ - yang_name: name
+ example: group1
+ - yang_name: ip/Cisco-IOS-XE-http:http/authentication/authentication-choice/local/local
+ xpath: ip/Cisco-IOS-XE-http:http/authentication/local
+ tf_name: ip_http_authentication_local
+ example: true
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/server
+ example: true
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/secure-server
+ example: true
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/secure-trustpoint
+ example: TP1
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/tls-version
+ example: TLSv1.2
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/client/secure-trustpoint
+ example: TP1
+ exclude_test: true
+ - yang_name: ip/Cisco-IOS-XE-http:http/client/source-interface
+ example: Loopback0
+ exclude_test: true
test_prerequisites:
- path: Cisco-IOS-XE-native:native/vrf/definition=VRF1
no_delete: true
diff --git a/gen/load_models.go b/gen/load_models.go
index 5d670789..b6cafbdf 100644
--- a/gen/load_models.go
+++ b/gen/load_models.go
@@ -95,6 +95,7 @@ var models = []string{
"https://raw.githubusercontent.com/YangModels/yang/main/vendor/cisco/xe/1791/Cisco-IOS-XE-udld.yang",
"https://raw.githubusercontent.com/YangModels/yang/main/vendor/cisco/xe/1791/Cisco-IOS-XE-switch.yang",
"https://raw.githubusercontent.com/YangModels/yang/main/vendor/cisco/xe/1791/Cisco-IOS-XE-sanet.yang",
+ "https://raw.githubusercontent.com/YangModels/yang/main/vendor/cisco/xe/1791/Cisco-IOS-XE-http.yang",
}
const (
diff --git a/internal/provider/data_source_iosxe_system.go b/internal/provider/data_source_iosxe_system.go
index 90de9639..96f3a213 100644
--- a/internal/provider/data_source_iosxe_system.go
+++ b/internal/provider/data_source_iosxe_system.go
@@ -143,6 +143,66 @@ func (d *SystemDataSource) Schema(ctx context.Context, req datasource.SchemaRequ
},
},
},
+ "ip_http_access_class": schema.Int64Attribute{
+ MarkdownDescription: "Restrict http server access by access-class",
+ Computed: true,
+ },
+ "ip_http_authentication_aaa": schema.BoolAttribute{
+ MarkdownDescription: "Use AAA access control methods",
+ Computed: true,
+ },
+ "ip_http_authentication_aaa_exec_authorization": schema.StringAttribute{
+ MarkdownDescription: "Set method list for exec authorization",
+ Computed: true,
+ },
+ "ip_http_authentication_aaa_login_authentication": schema.StringAttribute{
+ MarkdownDescription: "Set method list for login authentication",
+ Computed: true,
+ },
+ "ip_http_authentication_aaa_command_authorization": schema.ListNestedAttribute{
+ MarkdownDescription: "Set method list for command authorization",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "level": schema.Int64Attribute{
+ MarkdownDescription: "Enable level",
+ Computed: true,
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: "Use an authorization list with this name",
+ Computed: true,
+ },
+ },
+ },
+ },
+ "ip_http_authentication_local": schema.BoolAttribute{
+ MarkdownDescription: "Use local username and passwords",
+ Computed: true,
+ },
+ "ip_http_server": schema.BoolAttribute{
+ MarkdownDescription: "Enable http server",
+ Computed: true,
+ },
+ "ip_http_secure_server": schema.BoolAttribute{
+ MarkdownDescription: "Enable HTTP secure server",
+ Computed: true,
+ },
+ "ip_http_secure_trustpoint": schema.StringAttribute{
+ MarkdownDescription: "Set http secure server certificate trustpoint",
+ Computed: true,
+ },
+ "ip_http_tls_version": schema.StringAttribute{
+ MarkdownDescription: "Set TLS version for HTTP secure server",
+ Computed: true,
+ },
+ "ip_http_client_secure_trustpoint": schema.StringAttribute{
+ MarkdownDescription: "Set http client certificate secure trustpoint",
+ Computed: true,
+ },
+ "ip_http_client_source_interface": schema.StringAttribute{
+ MarkdownDescription: "Specify interface for source address in all HTTP(S) client connections",
+ Computed: true,
+ },
},
}
}
diff --git a/internal/provider/model_iosxe_system.go b/internal/provider/model_iosxe_system.go
index c20bee3d..0273e606 100644
--- a/internal/provider/model_iosxe_system.go
+++ b/internal/provider/model_iosxe_system.go
@@ -34,52 +34,80 @@ import (
)
type System struct {
- Device types.String `tfsdk:"device"`
- Id types.String `tfsdk:"id"`
- Hostname types.String `tfsdk:"hostname"`
- IpBgpCommunityNewFormat types.Bool `tfsdk:"ip_bgp_community_new_format"`
- IpRouting types.Bool `tfsdk:"ip_routing"`
- Ipv6UnicastRouting types.Bool `tfsdk:"ipv6_unicast_routing"`
- Mtu types.Int64 `tfsdk:"mtu"`
- IpSourceRoute types.Bool `tfsdk:"ip_source_route"`
- IpDomainLookup types.Bool `tfsdk:"ip_domain_lookup"`
- IpDomainName types.String `tfsdk:"ip_domain_name"`
- LoginDelay types.Int64 `tfsdk:"login_delay"`
- LoginOnFailure types.Bool `tfsdk:"login_on_failure"`
- LoginOnFailureLog types.Bool `tfsdk:"login_on_failure_log"`
- LoginOnSuccess types.Bool `tfsdk:"login_on_success"`
- LoginOnSuccessLog types.Bool `tfsdk:"login_on_success_log"`
- IpMulticastRouting types.Bool `tfsdk:"ip_multicast_routing"`
- MulticastRoutingSwitch types.Bool `tfsdk:"multicast_routing_switch"`
- IpMulticastRoutingDistributed types.Bool `tfsdk:"ip_multicast_routing_distributed"`
- MulticastRoutingVrfs []SystemMulticastRoutingVrfs `tfsdk:"multicast_routing_vrfs"`
+ Device types.String `tfsdk:"device"`
+ Id types.String `tfsdk:"id"`
+ Hostname types.String `tfsdk:"hostname"`
+ IpBgpCommunityNewFormat types.Bool `tfsdk:"ip_bgp_community_new_format"`
+ IpRouting types.Bool `tfsdk:"ip_routing"`
+ Ipv6UnicastRouting types.Bool `tfsdk:"ipv6_unicast_routing"`
+ Mtu types.Int64 `tfsdk:"mtu"`
+ IpSourceRoute types.Bool `tfsdk:"ip_source_route"`
+ IpDomainLookup types.Bool `tfsdk:"ip_domain_lookup"`
+ IpDomainName types.String `tfsdk:"ip_domain_name"`
+ LoginDelay types.Int64 `tfsdk:"login_delay"`
+ LoginOnFailure types.Bool `tfsdk:"login_on_failure"`
+ LoginOnFailureLog types.Bool `tfsdk:"login_on_failure_log"`
+ LoginOnSuccess types.Bool `tfsdk:"login_on_success"`
+ LoginOnSuccessLog types.Bool `tfsdk:"login_on_success_log"`
+ IpMulticastRouting types.Bool `tfsdk:"ip_multicast_routing"`
+ MulticastRoutingSwitch types.Bool `tfsdk:"multicast_routing_switch"`
+ IpMulticastRoutingDistributed types.Bool `tfsdk:"ip_multicast_routing_distributed"`
+ MulticastRoutingVrfs []SystemMulticastRoutingVrfs `tfsdk:"multicast_routing_vrfs"`
+ IpHttpAccessClass types.Int64 `tfsdk:"ip_http_access_class"`
+ IpHttpAuthenticationAaa types.Bool `tfsdk:"ip_http_authentication_aaa"`
+ IpHttpAuthenticationAaaExecAuthorization types.String `tfsdk:"ip_http_authentication_aaa_exec_authorization"`
+ IpHttpAuthenticationAaaLoginAuthentication types.String `tfsdk:"ip_http_authentication_aaa_login_authentication"`
+ IpHttpAuthenticationAaaCommandAuthorization []SystemIpHttpAuthenticationAaaCommandAuthorization `tfsdk:"ip_http_authentication_aaa_command_authorization"`
+ IpHttpAuthenticationLocal types.Bool `tfsdk:"ip_http_authentication_local"`
+ IpHttpServer types.Bool `tfsdk:"ip_http_server"`
+ IpHttpSecureServer types.Bool `tfsdk:"ip_http_secure_server"`
+ IpHttpSecureTrustpoint types.String `tfsdk:"ip_http_secure_trustpoint"`
+ IpHttpTlsVersion types.String `tfsdk:"ip_http_tls_version"`
+ IpHttpClientSecureTrustpoint types.String `tfsdk:"ip_http_client_secure_trustpoint"`
+ IpHttpClientSourceInterface types.String `tfsdk:"ip_http_client_source_interface"`
}
type SystemData struct {
- Device types.String `tfsdk:"device"`
- Id types.String `tfsdk:"id"`
- Hostname types.String `tfsdk:"hostname"`
- IpBgpCommunityNewFormat types.Bool `tfsdk:"ip_bgp_community_new_format"`
- IpRouting types.Bool `tfsdk:"ip_routing"`
- Ipv6UnicastRouting types.Bool `tfsdk:"ipv6_unicast_routing"`
- Mtu types.Int64 `tfsdk:"mtu"`
- IpSourceRoute types.Bool `tfsdk:"ip_source_route"`
- IpDomainLookup types.Bool `tfsdk:"ip_domain_lookup"`
- IpDomainName types.String `tfsdk:"ip_domain_name"`
- LoginDelay types.Int64 `tfsdk:"login_delay"`
- LoginOnFailure types.Bool `tfsdk:"login_on_failure"`
- LoginOnFailureLog types.Bool `tfsdk:"login_on_failure_log"`
- LoginOnSuccess types.Bool `tfsdk:"login_on_success"`
- LoginOnSuccessLog types.Bool `tfsdk:"login_on_success_log"`
- IpMulticastRouting types.Bool `tfsdk:"ip_multicast_routing"`
- MulticastRoutingSwitch types.Bool `tfsdk:"multicast_routing_switch"`
- IpMulticastRoutingDistributed types.Bool `tfsdk:"ip_multicast_routing_distributed"`
- MulticastRoutingVrfs []SystemMulticastRoutingVrfs `tfsdk:"multicast_routing_vrfs"`
+ Device types.String `tfsdk:"device"`
+ Id types.String `tfsdk:"id"`
+ Hostname types.String `tfsdk:"hostname"`
+ IpBgpCommunityNewFormat types.Bool `tfsdk:"ip_bgp_community_new_format"`
+ IpRouting types.Bool `tfsdk:"ip_routing"`
+ Ipv6UnicastRouting types.Bool `tfsdk:"ipv6_unicast_routing"`
+ Mtu types.Int64 `tfsdk:"mtu"`
+ IpSourceRoute types.Bool `tfsdk:"ip_source_route"`
+ IpDomainLookup types.Bool `tfsdk:"ip_domain_lookup"`
+ IpDomainName types.String `tfsdk:"ip_domain_name"`
+ LoginDelay types.Int64 `tfsdk:"login_delay"`
+ LoginOnFailure types.Bool `tfsdk:"login_on_failure"`
+ LoginOnFailureLog types.Bool `tfsdk:"login_on_failure_log"`
+ LoginOnSuccess types.Bool `tfsdk:"login_on_success"`
+ LoginOnSuccessLog types.Bool `tfsdk:"login_on_success_log"`
+ IpMulticastRouting types.Bool `tfsdk:"ip_multicast_routing"`
+ MulticastRoutingSwitch types.Bool `tfsdk:"multicast_routing_switch"`
+ IpMulticastRoutingDistributed types.Bool `tfsdk:"ip_multicast_routing_distributed"`
+ MulticastRoutingVrfs []SystemMulticastRoutingVrfs `tfsdk:"multicast_routing_vrfs"`
+ IpHttpAccessClass types.Int64 `tfsdk:"ip_http_access_class"`
+ IpHttpAuthenticationAaa types.Bool `tfsdk:"ip_http_authentication_aaa"`
+ IpHttpAuthenticationAaaExecAuthorization types.String `tfsdk:"ip_http_authentication_aaa_exec_authorization"`
+ IpHttpAuthenticationAaaLoginAuthentication types.String `tfsdk:"ip_http_authentication_aaa_login_authentication"`
+ IpHttpAuthenticationAaaCommandAuthorization []SystemIpHttpAuthenticationAaaCommandAuthorization `tfsdk:"ip_http_authentication_aaa_command_authorization"`
+ IpHttpAuthenticationLocal types.Bool `tfsdk:"ip_http_authentication_local"`
+ IpHttpServer types.Bool `tfsdk:"ip_http_server"`
+ IpHttpSecureServer types.Bool `tfsdk:"ip_http_secure_server"`
+ IpHttpSecureTrustpoint types.String `tfsdk:"ip_http_secure_trustpoint"`
+ IpHttpTlsVersion types.String `tfsdk:"ip_http_tls_version"`
+ IpHttpClientSecureTrustpoint types.String `tfsdk:"ip_http_client_secure_trustpoint"`
+ IpHttpClientSourceInterface types.String `tfsdk:"ip_http_client_source_interface"`
}
type SystemMulticastRoutingVrfs struct {
Vrf types.String `tfsdk:"vrf"`
Distributed types.Bool `tfsdk:"distributed"`
}
+type SystemIpHttpAuthenticationAaaCommandAuthorization struct {
+ Level types.Int64 `tfsdk:"level"`
+ Name types.String `tfsdk:"name"`
+}
func (data System) getPath() string {
return "Cisco-IOS-XE-native:native"
@@ -168,6 +196,43 @@ func (data System) toBody(ctx context.Context) string {
body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-multicast:multicast-routing.distributed", map[string]string{})
}
}
+ if !data.IpHttpAccessClass.IsNull() && !data.IpHttpAccessClass.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.access-class", strconv.FormatInt(data.IpHttpAccessClass.ValueInt64(), 10))
+ }
+ if !data.IpHttpAuthenticationAaa.IsNull() && !data.IpHttpAuthenticationAaa.IsUnknown() {
+ if data.IpHttpAuthenticationAaa.ValueBool() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.authentication.aaa", map[string]string{})
+ }
+ }
+ if !data.IpHttpAuthenticationAaaExecAuthorization.IsNull() && !data.IpHttpAuthenticationAaaExecAuthorization.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.authentication.aaa.exec-authorization", data.IpHttpAuthenticationAaaExecAuthorization.ValueString())
+ }
+ if !data.IpHttpAuthenticationAaaLoginAuthentication.IsNull() && !data.IpHttpAuthenticationAaaLoginAuthentication.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.authentication.aaa.login-authentication", data.IpHttpAuthenticationAaaLoginAuthentication.ValueString())
+ }
+ if !data.IpHttpAuthenticationLocal.IsNull() && !data.IpHttpAuthenticationLocal.IsUnknown() {
+ if data.IpHttpAuthenticationLocal.ValueBool() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.authentication.local", map[string]string{})
+ }
+ }
+ if !data.IpHttpServer.IsNull() && !data.IpHttpServer.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.server", data.IpHttpServer.ValueBool())
+ }
+ if !data.IpHttpSecureServer.IsNull() && !data.IpHttpSecureServer.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.secure-server", data.IpHttpSecureServer.ValueBool())
+ }
+ if !data.IpHttpSecureTrustpoint.IsNull() && !data.IpHttpSecureTrustpoint.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.secure-trustpoint", data.IpHttpSecureTrustpoint.ValueString())
+ }
+ if !data.IpHttpTlsVersion.IsNull() && !data.IpHttpTlsVersion.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.tls-version", data.IpHttpTlsVersion.ValueString())
+ }
+ if !data.IpHttpClientSecureTrustpoint.IsNull() && !data.IpHttpClientSecureTrustpoint.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.client.secure-trustpoint", data.IpHttpClientSecureTrustpoint.ValueString())
+ }
+ if !data.IpHttpClientSourceInterface.IsNull() && !data.IpHttpClientSourceInterface.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.client.source-interface", data.IpHttpClientSourceInterface.ValueString())
+ }
if len(data.MulticastRoutingVrfs) > 0 {
body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-multicast:multicast-routing.vrf", []interface{}{})
for index, item := range data.MulticastRoutingVrfs {
@@ -181,6 +246,17 @@ func (data System) toBody(ctx context.Context) string {
}
}
}
+ if len(data.IpHttpAuthenticationAaaCommandAuthorization) > 0 {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.authentication.aaa.command-authorization", []interface{}{})
+ for index, item := range data.IpHttpAuthenticationAaaCommandAuthorization {
+ if !item.Level.IsNull() && !item.Level.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.authentication.aaa.command-authorization"+"."+strconv.Itoa(index)+"."+"level", strconv.FormatInt(item.Level.ValueInt64(), 10))
+ }
+ if !item.Name.IsNull() && !item.Name.IsUnknown() {
+ body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"ip.Cisco-IOS-XE-http:http.authentication.aaa.command-authorization"+"."+strconv.Itoa(index)+"."+"name", item.Name.ValueString())
+ }
+ }
+ }
return body
}
@@ -349,6 +425,107 @@ func (data *System) updateFromBody(ctx context.Context, res gjson.Result) {
data.MulticastRoutingVrfs[i].Distributed = types.BoolNull()
}
}
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.access-class"); value.Exists() && !data.IpHttpAccessClass.IsNull() {
+ data.IpHttpAccessClass = types.Int64Value(value.Int())
+ } else {
+ data.IpHttpAccessClass = types.Int64Null()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.aaa"); !data.IpHttpAuthenticationAaa.IsNull() {
+ if value.Exists() {
+ data.IpHttpAuthenticationAaa = types.BoolValue(true)
+ } else {
+ data.IpHttpAuthenticationAaa = types.BoolValue(false)
+ }
+ } else {
+ data.IpHttpAuthenticationAaa = types.BoolNull()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.aaa.exec-authorization"); value.Exists() && !data.IpHttpAuthenticationAaaExecAuthorization.IsNull() {
+ data.IpHttpAuthenticationAaaExecAuthorization = types.StringValue(value.String())
+ } else {
+ data.IpHttpAuthenticationAaaExecAuthorization = types.StringNull()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.aaa.login-authentication"); value.Exists() && !data.IpHttpAuthenticationAaaLoginAuthentication.IsNull() {
+ data.IpHttpAuthenticationAaaLoginAuthentication = types.StringValue(value.String())
+ } else {
+ data.IpHttpAuthenticationAaaLoginAuthentication = types.StringNull()
+ }
+ for i := range data.IpHttpAuthenticationAaaCommandAuthorization {
+ keys := [...]string{"level"}
+ keyValues := [...]string{strconv.FormatInt(data.IpHttpAuthenticationAaaCommandAuthorization[i].Level.ValueInt64(), 10)}
+
+ var r gjson.Result
+ res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.aaa.command-authorization").ForEach(
+ func(_, v gjson.Result) bool {
+ found := false
+ for ik := range keys {
+ if v.Get(keys[ik]).String() == keyValues[ik] {
+ found = true
+ continue
+ }
+ found = false
+ break
+ }
+ if found {
+ r = v
+ return false
+ }
+ return true
+ },
+ )
+ if value := r.Get("level"); value.Exists() && !data.IpHttpAuthenticationAaaCommandAuthorization[i].Level.IsNull() {
+ data.IpHttpAuthenticationAaaCommandAuthorization[i].Level = types.Int64Value(value.Int())
+ } else {
+ data.IpHttpAuthenticationAaaCommandAuthorization[i].Level = types.Int64Null()
+ }
+ if value := r.Get("name"); value.Exists() && !data.IpHttpAuthenticationAaaCommandAuthorization[i].Name.IsNull() {
+ data.IpHttpAuthenticationAaaCommandAuthorization[i].Name = types.StringValue(value.String())
+ } else {
+ data.IpHttpAuthenticationAaaCommandAuthorization[i].Name = types.StringNull()
+ }
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.local"); !data.IpHttpAuthenticationLocal.IsNull() {
+ if value.Exists() {
+ data.IpHttpAuthenticationLocal = types.BoolValue(true)
+ } else {
+ data.IpHttpAuthenticationLocal = types.BoolValue(false)
+ }
+ } else {
+ data.IpHttpAuthenticationLocal = types.BoolNull()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.server"); !data.IpHttpServer.IsNull() {
+ if value.Exists() {
+ data.IpHttpServer = types.BoolValue(value.Bool())
+ }
+ } else {
+ data.IpHttpServer = types.BoolNull()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.secure-server"); !data.IpHttpSecureServer.IsNull() {
+ if value.Exists() {
+ data.IpHttpSecureServer = types.BoolValue(value.Bool())
+ }
+ } else {
+ data.IpHttpSecureServer = types.BoolNull()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.secure-trustpoint"); value.Exists() && !data.IpHttpSecureTrustpoint.IsNull() {
+ data.IpHttpSecureTrustpoint = types.StringValue(value.String())
+ } else {
+ data.IpHttpSecureTrustpoint = types.StringNull()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.tls-version"); value.Exists() && !data.IpHttpTlsVersion.IsNull() {
+ data.IpHttpTlsVersion = types.StringValue(value.String())
+ } else {
+ data.IpHttpTlsVersion = types.StringNull()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.client.secure-trustpoint"); value.Exists() && !data.IpHttpClientSecureTrustpoint.IsNull() {
+ data.IpHttpClientSecureTrustpoint = types.StringValue(value.String())
+ } else {
+ data.IpHttpClientSecureTrustpoint = types.StringNull()
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.client.source-interface"); value.Exists() && !data.IpHttpClientSourceInterface.IsNull() {
+ data.IpHttpClientSourceInterface = types.StringValue(value.String())
+ } else {
+ data.IpHttpClientSourceInterface = types.StringNull()
+ }
}
func (data *SystemData) fromBody(ctx context.Context, res gjson.Result) {
@@ -444,6 +621,61 @@ func (data *SystemData) fromBody(ctx context.Context, res gjson.Result) {
return true
})
}
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.access-class"); value.Exists() {
+ data.IpHttpAccessClass = types.Int64Value(value.Int())
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.aaa"); value.Exists() {
+ data.IpHttpAuthenticationAaa = types.BoolValue(true)
+ } else {
+ data.IpHttpAuthenticationAaa = types.BoolValue(false)
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.aaa.exec-authorization"); value.Exists() {
+ data.IpHttpAuthenticationAaaExecAuthorization = types.StringValue(value.String())
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.aaa.login-authentication"); value.Exists() {
+ data.IpHttpAuthenticationAaaLoginAuthentication = types.StringValue(value.String())
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.aaa.command-authorization"); value.Exists() {
+ data.IpHttpAuthenticationAaaCommandAuthorization = make([]SystemIpHttpAuthenticationAaaCommandAuthorization, 0)
+ value.ForEach(func(k, v gjson.Result) bool {
+ item := SystemIpHttpAuthenticationAaaCommandAuthorization{}
+ if cValue := v.Get("level"); cValue.Exists() {
+ item.Level = types.Int64Value(cValue.Int())
+ }
+ if cValue := v.Get("name"); cValue.Exists() {
+ item.Name = types.StringValue(cValue.String())
+ }
+ data.IpHttpAuthenticationAaaCommandAuthorization = append(data.IpHttpAuthenticationAaaCommandAuthorization, item)
+ return true
+ })
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.authentication.local"); value.Exists() {
+ data.IpHttpAuthenticationLocal = types.BoolValue(true)
+ } else {
+ data.IpHttpAuthenticationLocal = types.BoolValue(false)
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.server"); value.Exists() {
+ data.IpHttpServer = types.BoolValue(value.Bool())
+ } else {
+ data.IpHttpServer = types.BoolValue(false)
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.secure-server"); value.Exists() {
+ data.IpHttpSecureServer = types.BoolValue(value.Bool())
+ } else {
+ data.IpHttpSecureServer = types.BoolValue(false)
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.secure-trustpoint"); value.Exists() {
+ data.IpHttpSecureTrustpoint = types.StringValue(value.String())
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.tls-version"); value.Exists() {
+ data.IpHttpTlsVersion = types.StringValue(value.String())
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.client.secure-trustpoint"); value.Exists() {
+ data.IpHttpClientSecureTrustpoint = types.StringValue(value.String())
+ }
+ if value := res.Get(prefix + "ip.Cisco-IOS-XE-http:http.client.source-interface"); value.Exists() {
+ data.IpHttpClientSourceInterface = types.StringValue(value.String())
+ }
}
func (data *System) getDeletedItems(ctx context.Context, state System) []string {
@@ -524,6 +756,67 @@ func (data *System) getDeletedItems(ctx context.Context, state System) []string
deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-multicast:multicast-routing/vrf=%v", state.getPath(), strings.Join(stateKeyValues[:], ",")))
}
}
+ if !state.IpHttpAccessClass.IsNull() && data.IpHttpAccessClass.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/access-class", state.getPath()))
+ }
+ if !state.IpHttpAuthenticationAaa.IsNull() && data.IpHttpAuthenticationAaa.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa", state.getPath()))
+ }
+ if !state.IpHttpAuthenticationAaaExecAuthorization.IsNull() && data.IpHttpAuthenticationAaaExecAuthorization.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa/exec-authorization", state.getPath()))
+ }
+ if !state.IpHttpAuthenticationAaaLoginAuthentication.IsNull() && data.IpHttpAuthenticationAaaLoginAuthentication.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa/login-authentication", state.getPath()))
+ }
+ for i := range state.IpHttpAuthenticationAaaCommandAuthorization {
+ stateKeyValues := [...]string{strconv.FormatInt(state.IpHttpAuthenticationAaaCommandAuthorization[i].Level.ValueInt64(), 10)}
+
+ emptyKeys := true
+ if !reflect.ValueOf(state.IpHttpAuthenticationAaaCommandAuthorization[i].Level.ValueInt64()).IsZero() {
+ emptyKeys = false
+ }
+ if emptyKeys {
+ continue
+ }
+
+ found := false
+ for j := range data.IpHttpAuthenticationAaaCommandAuthorization {
+ found = true
+ if state.IpHttpAuthenticationAaaCommandAuthorization[i].Level.ValueInt64() != data.IpHttpAuthenticationAaaCommandAuthorization[j].Level.ValueInt64() {
+ found = false
+ }
+ if found {
+ if !state.IpHttpAuthenticationAaaCommandAuthorization[i].Name.IsNull() && data.IpHttpAuthenticationAaaCommandAuthorization[j].Name.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa/command-authorization=%v/name", state.getPath(), strings.Join(stateKeyValues[:], ",")))
+ }
+ break
+ }
+ }
+ if !found {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa/command-authorization=%v", state.getPath(), strings.Join(stateKeyValues[:], ",")))
+ }
+ }
+ if !state.IpHttpAuthenticationLocal.IsNull() && data.IpHttpAuthenticationLocal.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/local", state.getPath()))
+ }
+ if !state.IpHttpServer.IsNull() && data.IpHttpServer.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/server", state.getPath()))
+ }
+ if !state.IpHttpSecureServer.IsNull() && data.IpHttpSecureServer.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/secure-server", state.getPath()))
+ }
+ if !state.IpHttpSecureTrustpoint.IsNull() && data.IpHttpSecureTrustpoint.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/secure-trustpoint", state.getPath()))
+ }
+ if !state.IpHttpTlsVersion.IsNull() && data.IpHttpTlsVersion.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/tls-version", state.getPath()))
+ }
+ if !state.IpHttpClientSecureTrustpoint.IsNull() && data.IpHttpClientSecureTrustpoint.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/client/secure-trustpoint", state.getPath()))
+ }
+ if !state.IpHttpClientSourceInterface.IsNull() && data.IpHttpClientSourceInterface.IsNull() {
+ deletedItems = append(deletedItems, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/client/source-interface", state.getPath()))
+ }
return deletedItems
}
@@ -563,6 +856,13 @@ func (data *System) getEmptyLeafsDelete(ctx context.Context) []string {
emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/ip/Cisco-IOS-XE-multicast:multicast-routing/vrf=%v/distributed", data.getPath(), strings.Join(keyValues[:], ",")))
}
}
+ if !data.IpHttpAuthenticationAaa.IsNull() && !data.IpHttpAuthenticationAaa.ValueBool() {
+ emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa", data.getPath()))
+ }
+
+ if !data.IpHttpAuthenticationLocal.IsNull() && !data.IpHttpAuthenticationLocal.ValueBool() {
+ emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/local", data.getPath()))
+ }
return emptyLeafsDelete
}
@@ -621,5 +921,43 @@ func (data *System) getDeletePaths(ctx context.Context) []string {
deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-multicast:multicast-routing/vrf=%v", data.getPath(), strings.Join(keyValues[:], ",")))
}
+ if !data.IpHttpAccessClass.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/access-class", data.getPath()))
+ }
+ if !data.IpHttpAuthenticationAaa.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa", data.getPath()))
+ }
+ if !data.IpHttpAuthenticationAaaExecAuthorization.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa/exec-authorization", data.getPath()))
+ }
+ if !data.IpHttpAuthenticationAaaLoginAuthentication.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa/login-authentication", data.getPath()))
+ }
+ for i := range data.IpHttpAuthenticationAaaCommandAuthorization {
+ keyValues := [...]string{strconv.FormatInt(data.IpHttpAuthenticationAaaCommandAuthorization[i].Level.ValueInt64(), 10)}
+
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/aaa/command-authorization=%v", data.getPath(), strings.Join(keyValues[:], ",")))
+ }
+ if !data.IpHttpAuthenticationLocal.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/authentication/local", data.getPath()))
+ }
+ if !data.IpHttpServer.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/server", data.getPath()))
+ }
+ if !data.IpHttpSecureServer.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/secure-server", data.getPath()))
+ }
+ if !data.IpHttpSecureTrustpoint.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/secure-trustpoint", data.getPath()))
+ }
+ if !data.IpHttpTlsVersion.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/tls-version", data.getPath()))
+ }
+ if !data.IpHttpClientSecureTrustpoint.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/client/secure-trustpoint", data.getPath()))
+ }
+ if !data.IpHttpClientSourceInterface.IsNull() {
+ deletePaths = append(deletePaths, fmt.Sprintf("%v/ip/Cisco-IOS-XE-http:http/client/source-interface", data.getPath()))
+ }
return deletePaths
}
diff --git a/internal/provider/resource_iosxe_system.go b/internal/provider/resource_iosxe_system.go
index 2b2f99dd..7854175b 100644
--- a/internal/provider/resource_iosxe_system.go
+++ b/internal/provider/resource_iosxe_system.go
@@ -160,6 +160,81 @@ func (r *SystemResource) Schema(ctx context.Context, req resource.SchemaRequest,
},
},
},
+ "ip_http_access_class": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Restrict http server access by access-class").AddIntegerRangeDescription(1, 99).String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(1, 99),
+ },
+ },
+ "ip_http_authentication_aaa": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Use AAA access control methods").String,
+ Optional: true,
+ },
+ "ip_http_authentication_aaa_exec_authorization": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Set method list for exec authorization").String,
+ Optional: true,
+ },
+ "ip_http_authentication_aaa_login_authentication": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Set method list for login authentication").String,
+ Optional: true,
+ },
+ "ip_http_authentication_aaa_command_authorization": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Set method list for command authorization").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "level": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable level").AddIntegerRangeDescription(0, 15).String,
+ Required: true,
+ Validators: []validator.Int64{
+ int64validator.Between(0, 15),
+ },
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Use an authorization list with this name").String,
+ Optional: true,
+ },
+ },
+ },
+ },
+ "ip_http_authentication_local": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Use local username and passwords").String,
+ Optional: true,
+ },
+ "ip_http_server": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable http server").String,
+ Optional: true,
+ },
+ "ip_http_secure_server": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable HTTP secure server").String,
+ Optional: true,
+ },
+ "ip_http_secure_trustpoint": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Set http secure server certificate trustpoint").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(1, 229),
+ },
+ },
+ "ip_http_tls_version": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Set TLS version for HTTP secure server").AddStringEnumDescription("TLSv1.0", "TLSv1.1", "TLSv1.2").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("TLSv1.0", "TLSv1.1", "TLSv1.2"),
+ },
+ },
+ "ip_http_client_secure_trustpoint": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Set http client certificate secure trustpoint").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.LengthBetween(1, 222),
+ },
+ },
+ "ip_http_client_source_interface": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Specify interface for source address in all HTTP(S) client connections").String,
+ Optional: true,
+ },
},
}
}
diff --git a/templates/guides/changelog.md.tmpl b/templates/guides/changelog.md.tmpl
index 591bc842..14a31ae6 100644
--- a/templates/guides/changelog.md.tmpl
+++ b/templates/guides/changelog.md.tmpl
@@ -11,6 +11,7 @@ description: |-
- Add `next_hop_self` and `next_hop_self_all` attributes to `iosxe_bgp_ipv4_unicast_vrf_neighbor` resource and data source
- Add `set_as_path_replace_any` and `set_as_path_replace_as` attributes to `iosxe_route_map` resource and data source
+- Add `ip_http` attributes to `iosxe_system` resource and data source
## 0.5.3