forked from netascode/terraform-sdwan-nac-sdwan
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sdwan_device_templates.tf
237 lines (235 loc) · 16 KB
/
sdwan_device_templates.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
resource "sdwan_feature_device_template" "feature_device_template" {
for_each = { for t in try(local.edge_device_templates, {}) : t.name => t }
name = each.value.name
description = each.value.description
device_type = try(local.device_type_map[each.value.device_model], "vedge-${each.value.device_model}")
device_role = "sdwan-edge"
policy_id = try(each.value.localized_policy, null) == null ? null : sdwan_localized_policy.localized_policy[each.value.localized_policy].id
policy_version = try(each.value.localized_policy, null) == null ? null : sdwan_localized_policy.localized_policy[each.value.localized_policy].version
security_policy_id = try(each.value.security_policy.name, null) == null ? null : sdwan_security_policy.security_policy[each.value.security_policy.name].id
security_policy_version = try(each.value.security_policy.name, null) == null ? null : sdwan_security_policy.security_policy[each.value.security_policy.name].version
general_templates = flatten([
try(each.value.security_policy.container_profile, null) == null ? [] : [{
id = sdwan_security_app_hosting_feature_template.security_app_hosting_feature_template[each.value.security_policy.container_profile].id
version = sdwan_security_app_hosting_feature_template.security_app_hosting_feature_template[each.value.security_policy.container_profile].version
type = "virtual-application-utd"
}],
try(each.value.system_template, null) == null ? [] : [{
id = sdwan_cisco_system_feature_template.cisco_system_feature_template[each.value.system_template].id
version = sdwan_cisco_system_feature_template.cisco_system_feature_template[each.value.system_template].version
type = "cisco_system"
sub_templates = !(can(each.value.logging_template) ||
can(each.value.ntp_template)) ? null : flatten([
try(each.value.logging_template, null) == null ? [] : [{
id = sdwan_cisco_logging_feature_template.cisco_logging_feature_template[each.value.logging_template].id
version = sdwan_cisco_logging_feature_template.cisco_logging_feature_template[each.value.logging_template].version
type = "cisco_logging"
}],
try(each.value.ntp_template, null) == null ? [] : [{
id = sdwan_cisco_ntp_feature_template.cisco_ntp_feature_template[each.value.ntp_template].id
version = sdwan_cisco_ntp_feature_template.cisco_ntp_feature_template[each.value.ntp_template].version
type = "cisco_ntp"
}]
])
}],
try(each.value.aaa_template, null) == null ? [] : [{
id = sdwan_cedge_aaa_feature_template.cedge_aaa_feature_template[each.value.aaa_template].id
version = sdwan_cedge_aaa_feature_template.cedge_aaa_feature_template[each.value.aaa_template].version
type = "cedge_aaa"
}],
try(each.value.bfd_template, null) == null ? [] : [{
id = sdwan_cisco_bfd_feature_template.cisco_bfd_feature_template[each.value.bfd_template].id
version = sdwan_cisco_bfd_feature_template.cisco_bfd_feature_template[each.value.bfd_template].version
type = "cisco_bfd"
}],
try(each.value.omp_template, null) == null ? [] : [{
id = sdwan_cisco_omp_feature_template.cisco_omp_feature_template[each.value.omp_template].id
version = sdwan_cisco_omp_feature_template.cisco_omp_feature_template[each.value.omp_template].version
type = "cisco_omp"
}],
try(each.value.security_template, null) == null ? [] : [{
id = sdwan_cisco_security_feature_template.cisco_security_feature_template[each.value.security_template].id
version = sdwan_cisco_security_feature_template.cisco_security_feature_template[each.value.security_template].version
type = "cisco_security"
}],
try(each.value.banner_template, null) == null ? [] : [{
id = sdwan_cisco_banner_feature_template.cisco_banner_feature_template[each.value.banner_template].id
version = sdwan_cisco_banner_feature_template.cisco_banner_feature_template[each.value.banner_template].version
type = "cisco_banner"
}],
try(each.value.snmp_template, null) == null ? [] : [{
id = sdwan_cisco_snmp_feature_template.cisco_snmp_feature_template[each.value.snmp_template].id
version = sdwan_cisco_snmp_feature_template.cisco_snmp_feature_template[each.value.snmp_template].version
type = "cisco_snmp"
}],
try(each.value.global_settings_template, null) == null ? [] : [{
id = sdwan_cedge_global_feature_template.cedge_global_feature_template[each.value.global_settings_template].id
version = sdwan_cedge_global_feature_template.cedge_global_feature_template[each.value.global_settings_template].version
type = "cedge_global"
}],
try(each.value.cli_template, null) == null ? [] : [{
id = sdwan_cli_template_feature_template.cli_template_feature_template[each.value.cli_template].id
version = sdwan_cli_template_feature_template.cli_template_feature_template[each.value.cli_template].version
type = "cli-template"
}],
try(each.value.vpn_0_template.sig_credentials_template, null) == null ? [] : [{
id = sdwan_cisco_sig_credentials_feature_template.cisco_sig_credentials_feature_template[each.value.vpn_0_template.sig_credentials_template].id
version = sdwan_cisco_sig_credentials_feature_template.cisco_sig_credentials_feature_template[each.value.vpn_0_template.sig_credentials_template].version
type = "cisco_sig_credentials"
}],
try(each.value.switchport_templates, null) == null ? [] : [for spt in try(each.value.switchport_templates, []) : {
id = sdwan_switchport_feature_template.switchport_feature_template[spt.name].id
version = sdwan_switchport_feature_template.switchport_feature_template[spt.name].version
type = "switchport"
}],
try(each.value.thousandeyes_template, null) == null ? [] : [{
id = sdwan_cisco_thousandeyes_feature_template.cisco_thousandeyes_feature_template[each.value.thousandeyes_template].id
version = sdwan_cisco_thousandeyes_feature_template.cisco_thousandeyes_feature_template[each.value.thousandeyes_template].version
type = "cisco_thousandeyes"
}],
try(each.value.vpn_0_template, null) == null ? [] : [{
id = sdwan_cisco_vpn_feature_template.cisco_vpn_feature_template[each.value.vpn_0_template.name].id
version = sdwan_cisco_vpn_feature_template.cisco_vpn_feature_template[each.value.vpn_0_template.name].version
type = "cisco_vpn"
sub_templates = !(can(each.value.vpn_0_template.ospf_template) ||
can(each.value.vpn_0_template.bgp_template) ||
can(each.value.vpn_0_template.ethernet_interface_templates) ||
can(each.value.vpn_0_template.ipsec_interface_templates) ||
can(each.value.vpn_0_template.svi_interface_templates) ||
can(each.value.vpn_0_template.secure_internet_gateway_template)) ? null : flatten([
try(each.value.vpn_0_template.ospf_template, null) == null ? [] : [{
id = sdwan_cisco_ospf_feature_template.cisco_ospf_feature_template[each.value.vpn_0_template.ospf_template].id
version = sdwan_cisco_ospf_feature_template.cisco_ospf_feature_template[each.value.vpn_0_template.ospf_template].version
type = "cisco_ospf"
}],
try(each.value.vpn_0_template.bgp_template, null) == null ? [] : [{
id = sdwan_cisco_bgp_feature_template.cisco_bgp_feature_template[each.value.vpn_0_template.bgp_template].id
version = sdwan_cisco_bgp_feature_template.cisco_bgp_feature_template[each.value.vpn_0_template.bgp_template].version
type = "cisco_bgp"
}],
try(each.value.vpn_0_template.ethernet_interface_templates, null) == null ? [] : [for eit in try(each.value.vpn_0_template.ethernet_interface_templates, []) : {
id = sdwan_cisco_vpn_interface_feature_template.cisco_vpn_interface_feature_template[eit.name].id
version = sdwan_cisco_vpn_interface_feature_template.cisco_vpn_interface_feature_template[eit.name].version
type = "cisco_vpn_interface"
}],
try(each.value.vpn_0_template.ipsec_interface_templates, null) == null ? [] : [for iit in try(each.value.vpn_0_template.ipsec_interface_templates, []) : {
id = sdwan_cisco_vpn_interface_ipsec_feature_template.cisco_vpn_interface_ipsec_feature_template[iit.name].id
version = sdwan_cisco_vpn_interface_ipsec_feature_template.cisco_vpn_interface_ipsec_feature_template[iit.name].version
type = "cisco_vpn_interface_ipsec"
sub_templates = !can(iit.dhcp_server_template) ? null : flatten([
try(iit.dhcp_server_template, null) == null ? [] : [{
id = sdwan_cisco_dhcp_server_feature_template.cisco_dhcp_server_feature_template[iit.dhcp_server_template].id
version = sdwan_cisco_dhcp_server_feature_template.cisco_dhcp_server_feature_template[iit.dhcp_server_template].version
type = "cisco_dhcp_server"
}],
])
}],
try(each.value.vpn_0_template.svi_interface_templates, null) == null ? [] : [for sit in try(each.value.vpn_0_template.svi_interface_templates, []) : {
id = sdwan_vpn_interface_svi_feature_template.vpn_interface_svi_feature_template[sit.name].id
version = sdwan_vpn_interface_svi_feature_template.vpn_interface_svi_feature_template[sit.name].version
type = "vpn-interface-svi"
}],
try(each.value.vpn_0_template.secure_internet_gateway_template, null) == null ? [] : [{
id = sdwan_cisco_secure_internet_gateway_feature_template.cisco_secure_internet_gateway_feature_template[each.value.vpn_0_template.secure_internet_gateway_template].id
version = sdwan_cisco_secure_internet_gateway_feature_template.cisco_secure_internet_gateway_feature_template[each.value.vpn_0_template.secure_internet_gateway_template].version
type = "cisco_secure_internet_gateway"
}],
])
}],
try(each.value.vpn_512_template, null) == null ? [] : [{
id = sdwan_cisco_vpn_feature_template.cisco_vpn_feature_template[each.value.vpn_512_template.name].id
version = sdwan_cisco_vpn_feature_template.cisco_vpn_feature_template[each.value.vpn_512_template.name].version
type = "cisco_vpn"
sub_templates = !(can(each.value.vpn_512_template.ethernet_interface_templates) ||
can(each.value.vpn_512_template.svi_interface_templates)) ? null : flatten([
try(each.value.vpn_512_template.ethernet_interface_templates, null) == null ? [] : [for eit in try(each.value.vpn_512_template.ethernet_interface_templates, []) : {
id = sdwan_cisco_vpn_interface_feature_template.cisco_vpn_interface_feature_template[eit.name].id
version = sdwan_cisco_vpn_interface_feature_template.cisco_vpn_interface_feature_template[eit.name].version
type = "cisco_vpn_interface"
}],
try(each.value.vpn_512_template.svi_interface_templates, null) == null ? [] : [for sit in try(each.value.vpn_512_template.svi_interface_templates, []) : {
id = sdwan_vpn_interface_svi_feature_template.vpn_interface_svi_feature_template[sit.name].id
version = sdwan_vpn_interface_svi_feature_template.vpn_interface_svi_feature_template[sit.name].version
type = "vpn-interface-svi"
}],
])
}],
try(each.value.vpn_service_templates, null) == null ? try([for ss in try(each.value.vpn_service_templates, []) : null], []) : [for st in try(each.value.vpn_service_templates, []) : {
id = sdwan_cisco_vpn_feature_template.cisco_vpn_feature_template[st.name].id
version = sdwan_cisco_vpn_feature_template.cisco_vpn_feature_template[st.name].version
type = "cisco_vpn"
sub_templates = !(can(st.ospf_template) ||
can(st.bgp_template) ||
can(st.ethernet_interface_templates) ||
can(st.ipsec_interface_templates) ||
can(st.svi_interface_templates)) ? null : flatten([
try(st.ospf_template, null) == null ? [] : [{
id = sdwan_cisco_ospf_feature_template.cisco_ospf_feature_template[st.ospf_template].id
version = sdwan_cisco_ospf_feature_template.cisco_ospf_feature_template[st.ospf_template].version
type = "cisco_ospf"
}],
try(st.bgp_template, null) == null ? [] : [{
id = sdwan_cisco_bgp_feature_template.cisco_bgp_feature_template[st.bgp_template].id
version = sdwan_cisco_bgp_feature_template.cisco_bgp_feature_template[st.bgp_template].version
type = "cisco_bgp"
}],
try(st.ethernet_interface_templates, null) == null ? [] : [for eit in try(st.ethernet_interface_templates, []) : {
id = sdwan_cisco_vpn_interface_feature_template.cisco_vpn_interface_feature_template[eit.name].id
version = sdwan_cisco_vpn_interface_feature_template.cisco_vpn_interface_feature_template[eit.name].version
type = "cisco_vpn_interface"
sub_templates = try(eit.dhcp_server_template, null) == null ? null : [{
id = sdwan_cisco_dhcp_server_feature_template.cisco_dhcp_server_feature_template[eit.dhcp_server_template].id
version = sdwan_cisco_dhcp_server_feature_template.cisco_dhcp_server_feature_template[eit.dhcp_server_template].version
type = "cisco_dhcp_server"
}]
}],
try(st.ipsec_interface_templates, null) == null ? [] : [for iit in try(st.ipsec_interface_templates, []) : {
id = sdwan_cisco_vpn_interface_ipsec_feature_template.cisco_vpn_interface_ipsec_feature_template[iit.name].id
version = sdwan_cisco_vpn_interface_ipsec_feature_template.cisco_vpn_interface_ipsec_feature_template[iit.name].version
type = "cisco_vpn_interface_ipsec"
sub_templates = try(iit.dhcp_server_template, null) == null ? null : [{
id = sdwan_cisco_dhcp_server_feature_template.cisco_dhcp_server_feature_template[iit.dhcp_server_template].id
version = sdwan_cisco_dhcp_server_feature_template.cisco_dhcp_server_feature_template[iit.dhcp_server_template].version
type = "cisco_dhcp_server"
}]
}],
try(st.svi_interface_templates, null) == null ? [] : [for sit in try(st.svi_interface_templates, []) : {
id = sdwan_vpn_interface_svi_feature_template.vpn_interface_svi_feature_template[sit.name].id
version = sdwan_vpn_interface_svi_feature_template.vpn_interface_svi_feature_template[sit.name].version
type = "vpn-interface-svi"
sub_templates = try(sit.dhcp_server_template, null) == null ? null : [{
id = sdwan_cisco_dhcp_server_feature_template.cisco_dhcp_server_feature_template[sit.dhcp_server_template].id
version = sdwan_cisco_dhcp_server_feature_template.cisco_dhcp_server_feature_template[sit.dhcp_server_template].version
type = "cisco_dhcp_server"
}],
}],
])
}],
])
lifecycle {
create_before_destroy = true
}
}
locals {
routers = flatten([
for site in try(local.sites, []) : [
for router in try(site.routers, []) : {
chassis_id = router.chassis_id
model = router.model
device_template = router.device_template
device_variables = router.device_variables
}
]
])
}
resource "sdwan_attach_feature_device_template" "attach_feature_device_template" {
for_each = { for r in local.routers : r.chassis_id => r }
id = sdwan_feature_device_template.feature_device_template[each.value.device_template].id
version = sdwan_feature_device_template.feature_device_template[each.value.device_template].version
devices = [
{
id = each.value.chassis_id
variables = each.value.device_variables
}
]
}