Add policy object unified advanced inspection profile resource and da…

…ta source
seconroy · Sep 13, 2024 · 1c66ad3 · 1c66ad3
1 parent 24d0aa8
commit 1c66ad3
Show file tree

Hide file tree

Showing 15 changed files with 1,246 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -29,6 +29,7 @@
 - Add `sdwan_policy_object_unified_url_filtering` resource and data source
 - Add `sdwan_policy_object_unified_tls_ssl_profile` resource and data source
 - Add `sdwan_policy_object_unified_intrusion_prevention` resource and data source
+- Add `sdwan_policy_object_unified_advanced_inspection_profile` resource and data source
 
 ## 0.4.1
 

diff --git a/docs/data-sources/policy_object_unified_advanced_inspection_profile.md b/docs/data-sources/policy_object_unified_advanced_inspection_profile.md
@@ -0,0 +1,39 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "sdwan_policy_object_unified_advanced_inspection_profile Data Source - terraform-provider-sdwan"
+subcategory: "Policy Objects"
+description: |-
+  This data source can read the Policy Object Unified Advanced Inspection Profile Policy_object.
+---
+
+# sdwan_policy_object_unified_advanced_inspection_profile (Data Source)
+
+This data source can read the Policy Object Unified Advanced Inspection Profile Policy_object.
+
+## Example Usage
+
+```terraform
+data "sdwan_policy_object_unified_advanced_inspection_profile" "example" {
+  id                 = "f6b2c44c-693c-4763-b010-895aa3d236bd"
+  feature_profile_id = "f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `feature_profile_id` (String) Feature Profile ID
+- `id` (String) The id of the Policy_object
+
+### Read-Only
+
+- `advanced_malware_protection_list_id` (String)
+- `description` (String) The description of the Policy_object
+- `intrusion_prevention_list_id` (String)
+- `name` (String) The name of the Policy_object
+- `tls_decryption_action` (String)
+- `tls_ssl_profile_list_id` (String)
+- `url_filtering_list_id` (String)
+- `version` (Number) The version of the Policy_object
diff --git a/docs/guides/changelog.md b/docs/guides/changelog.md
@@ -38,6 +38,7 @@ description: |-
 - Add `sdwan_policy_object_unified_url_filtering` resource and data source
 - Add `sdwan_policy_object_unified_tls_ssl_profile` resource and data source
 - Add `sdwan_policy_object_unified_intrusion_prevention` resource and data source
+- Add `sdwan_policy_object_unified_advanced_inspection_profile` resource and data source
 
 ## 0.4.1
 

diff --git a/docs/resources/policy_object_unified_advanced_inspection_profile.md b/docs/resources/policy_object_unified_advanced_inspection_profile.md
@@ -0,0 +1,58 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "sdwan_policy_object_unified_advanced_inspection_profile Resource - terraform-provider-sdwan"
+subcategory: "Policy Objects"
+description: |-
+  This resource can manage a Policy Object Unified Advanced Inspection Profile Policy_object.
+  Minimum SD-WAN Manager version: 20.12.0
+---
+
+# sdwan_policy_object_unified_advanced_inspection_profile (Resource)
+
+This resource can manage a Policy Object Unified Advanced Inspection Profile Policy_object.
+  - Minimum SD-WAN Manager version: `20.12.0`
+
+## Example Usage
+
+```terraform
+resource "sdwan_policy_object_unified_advanced_inspection_profile" "example" {
+  name                                = "Example"
+  description                         = "My Example"
+  feature_profile_id                  = "f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac"
+  tls_decryption_action               = "decrypt"
+  intrusion_prevention_list_id        = "2ad58d78-59ee-46d3-86dd-7b6b7ca09f38"
+  url_filtering_list_id               = "2ad58d78-59ee-46d3-86dd-7b6b7ca09f38"
+  advanced_malware_protection_list_id = "2ad58d78-59ee-46d3-86dd-7b6b7ca09f38"
+  tls_ssl_profile_list_id             = "2ad58d78-59ee-46d3-86dd-7b6b7ca09f38"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `advanced_malware_protection_list_id` (String)
+- `feature_profile_id` (String) Feature Profile ID
+- `intrusion_prevention_list_id` (String)
+- `name` (String) The name of the Policy_object
+- `tls_decryption_action` (String) - Choices: `decrypt`, `neverDecrypt`, `skipDecrypt`
+- `tls_ssl_profile_list_id` (String)
+- `url_filtering_list_id` (String)
+
+### Optional
+
+- `description` (String) The description of the Policy_object
+
+### Read-Only
+
+- `id` (String) The id of the Policy_object
+- `version` (Number) The version of the Policy_object
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import sdwan_policy_object_unified_advanced_inspection_profile.example "f6b2c44c-693c-4763-b010-895aa3d236bd"
+```
diff --git a/examples/data-sources/sdwan_policy_object_unified_advanced_inspection_profile/data-source.tf b/examples/data-sources/sdwan_policy_object_unified_advanced_inspection_profile/data-source.tf
@@ -0,0 +1,4 @@
+data "sdwan_policy_object_unified_advanced_inspection_profile" "example" {
+  id                 = "f6b2c44c-693c-4763-b010-895aa3d236bd"
+  feature_profile_id = "f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac"
+}
diff --git a/examples/resources/sdwan_policy_object_unified_advanced_inspection_profile/import.sh b/examples/resources/sdwan_policy_object_unified_advanced_inspection_profile/import.sh
@@ -0,0 +1 @@
+terraform import sdwan_policy_object_unified_advanced_inspection_profile.example "f6b2c44c-693c-4763-b010-895aa3d236bd"
diff --git a/examples/resources/sdwan_policy_object_unified_advanced_inspection_profile/resource.tf b/examples/resources/sdwan_policy_object_unified_advanced_inspection_profile/resource.tf
@@ -0,0 +1,10 @@
+resource "sdwan_policy_object_unified_advanced_inspection_profile" "example" {
+  name                                = "Example"
+  description                         = "My Example"
+  feature_profile_id                  = "f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac"
+  tls_decryption_action               = "decrypt"
+  intrusion_prevention_list_id        = "2ad58d78-59ee-46d3-86dd-7b6b7ca09f38"
+  url_filtering_list_id               = "2ad58d78-59ee-46d3-86dd-7b6b7ca09f38"
+  advanced_malware_protection_list_id = "2ad58d78-59ee-46d3-86dd-7b6b7ca09f38"
+  tls_ssl_profile_list_id             = "2ad58d78-59ee-46d3-86dd-7b6b7ca09f38"
+}
diff --git a/gen/definitions/profile_parcels/policy_object_unified_advanced_inspection_profile.yaml b/gen/definitions/profile_parcels/policy_object_unified_advanced_inspection_profile.yaml
@@ -0,0 +1,133 @@
+---
+name: Policy Object Unified Advanced Inspection Profile
+rest_endpoint: /v1/feature-profile/sdwan/policy-object/%v/unified/advanced-inspection-profile
+minimum_version: 20.12.0
+test_tags: [SDWAN_2012]
+skip_minimum_test: true
+parcel_type: policy_object
+attributes:
+  - tf_name: feature_profile_id
+    reference: true
+    type: String
+    mandatory: true
+    description: Feature Profile ID
+    example: f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac
+    test_value: sdwan_policy_object_feature_profile.test.id
+  - model_name: tlsDecryptionAction
+    example: decrypt
+  - model_name: refId
+    tf_name: intrusion_prevention_list_id
+    data_path: [intrusionPrevention]
+    example: 2ad58d78-59ee-46d3-86dd-7b6b7ca09f38
+    test_value: sdwan_policy_object_unified_intrusion_prevention.test.id
+  - model_name: refId
+    tf_name: url_filtering_list_id
+    data_path: [urlFiltering]
+    example: 2ad58d78-59ee-46d3-86dd-7b6b7ca09f38
+    test_value: sdwan_policy_object_security_url_allow_list.test.id
+  - model_name: refId
+    tf_name: advanced_malware_protection_list_id
+    data_path: [advancedMalwareProtection]
+    example: 2ad58d78-59ee-46d3-86dd-7b6b7ca09f38
+    test_value: sdwan_policy_object_unified_advanced_malware_protection.test.id
+  - model_name: refId
+    tf_name: tls_ssl_profile_list_id
+    data_path: [sslDecryptionProfile]
+    example: 2ad58d78-59ee-46d3-86dd-7b6b7ca09f38
+    test_value: sdwan_policy_object_unified_tls_ssl_profile.test.id
+
+test_prerequisites: |
+  resource "sdwan_policy_object_feature_profile" "test" {
+    name = "POLICY_OBJECT_FP_1"
+    description = "My policy object feature profile 1"
+  }
+
+  resource "sdwan_policy_object_security_url_allow_list" "test" {
+    name               = "TF_TEST_ALLOW"
+    description        = "My Example"
+    feature_profile_id = sdwan_policy_object_feature_profile.test.id
+    entries = [
+      {
+        pattern = "www.cisco.com"
+      }
+    ]
+  }
+
+  resource "sdwan_policy_object_security_url_block_list" "test" {
+    name               = "TF_TEST_BLOCK"
+    description        = "My Example"
+    feature_profile_id = sdwan_policy_object_feature_profile.test.id
+    entries = [
+      {
+        pattern = "www.cisco.com"
+      }
+    ]
+  }
+
+  resource "sdwan_policy_object_unified_url_filtering" "test" {
+    name                  = "TF_TEST_URL_FILTERING"
+    description           = "My Example"
+    feature_profile_id    = sdwan_policy_object_feature_profile.test.id
+    web_categories_action = "block"
+    web_categories        = ["confirmed-spam-sources"]
+    web_reputation        = "suspicious"
+    url_allow_list_id     = sdwan_policy_object_security_url_allow_list.test.id
+    url_block_list_id     = sdwan_policy_object_security_url_block_list.test.id
+    block_page_action     = "text"
+    block_page_contents   = "Access to the requested page has been denied. Please contact your Network Administrator"
+    redirect_url          = "www.example.com"
+    enable_alerts         = true
+    alerts                = ["blacklist"]
+  }
+
+  resource "sdwan_policy_object_security_ips_signature" "test" {
+    name               = "Example"
+    description        = "My Example"
+    feature_profile_id = sdwan_policy_object_feature_profile.test.id
+    entries = [
+      {
+        generator_id = "1234"
+        signature_id = "5678"
+      }
+    ]
+  }
+
+  resource "sdwan_policy_object_unified_intrusion_prevention" "test" {
+    name                  = "TF_TEST_INTRUSION"
+    description           = "My Example"
+    feature_profile_id    = sdwan_policy_object_feature_profile.test.id
+    signature_set         = "balanced"
+    inspection_mode       = "detection"
+    ips_signature_list_id = sdwan_policy_object_security_ips_signature.test.id
+    log_level             = "error"
+    custom_signature      = false
+  }
+
+  resource "sdwan_policy_object_unified_advanced_malware_protection" "test" {
+    name                          = "TF_TEST_ADVANCED_MALWARE"
+    description                   = "My Example"
+    feature_profile_id            = sdwan_policy_object_feature_profile.test.id
+    match_all_vpn                 = true
+    amp_cloud_region              = "nam"
+    amp_cloud_region_est_server   = "nam"
+    alert_log_level               = "critical"
+    file_analysis                 = true
+    file_analysis_cloud_region    = "nam"
+    file_analysis_file_types      = ["pdf"]
+    file_analysis_alert_log_level = "critical"
+  }
+
+  resource "sdwan_policy_object_unified_tls_ssl_profile" "test" {
+    name                    = "TF_TEST_TLS_SSL_PROFILE"
+    description             = "My Example"
+    feature_profile_id      = sdwan_policy_object_feature_profile.test.id
+    decrypt_categories      = ["alcohol-and-tobacco"]
+    no_decrypt_categories   = ["abortion"]
+    pass_through_categories = ["auctions"]
+    reputation              = true
+    decrypt_threshold       = "moderate-risk"
+    threshold_categories    = "moderate-risk"
+    fail_decrypt            = true
+    url_allow_list_id       = sdwan_policy_object_security_url_allow_list.test.id
+    url_block_list_id       = sdwan_policy_object_security_url_block_list.test.id
+  }
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		terraform import sdwan_policy_object_unified_advanced_inspection_profile.example "f6b2c44c-693c-4763-b010-895aa3d236bd"