diff --git a/CHANGELOG.md b/CHANGELOG.md
index ca7e7c90b..b5bd4d68d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -16,6 +16,7 @@
- BREAKING CHANGE: Rename `sdwan_acl_policy_definition` resource and data source to `sdwan_ipv4_acl_policy_definition`
- BREAKING CHANGE: Rename `sdwan_device_acl_policy_definition` resource and data source to `sdwan_ipv4_device_acl_policy_definition`
- Add `sdwan_ipv6_acl_policy_definition` resource and data source
+- Add `sdwan_ipv6_device_acl_policy_definition` resource and data source
## 0.2.11
diff --git a/docs/data-sources/ipv6_device_acl_policy_definition.md b/docs/data-sources/ipv6_device_acl_policy_definition.md
new file mode 100644
index 000000000..caebd5202
--- /dev/null
+++ b/docs/data-sources/ipv6_device_acl_policy_definition.md
@@ -0,0 +1,69 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "sdwan_ipv6_device_acl_policy_definition Data Source - terraform-provider-sdwan"
+subcategory: "Localized Policies"
+description: |-
+ This data source can read the IPv6 Device ACL Policy Definition .
+---
+
+# sdwan_ipv6_device_acl_policy_definition (Data Source)
+
+This data source can read the IPv6 Device ACL Policy Definition .
+
+## Example Usage
+
+```terraform
+data "sdwan_ipv6_device_acl_policy_definition" "example" {
+ id = "f6b2c44c-693c-4763-b010-895aa3d236bd"
+}
+```
+
+
+## Schema
+
+### Required
+
+- `id` (String) The id of the object
+
+### Read-Only
+
+- `default_action` (String) Default action, either `accept` or `drop`
+- `description` (String) The description of the policy definition
+- `name` (String) The name of the policy definition
+- `sequences` (Attributes List) List of ACL sequences (see [below for nested schema](#nestedatt--sequences))
+- `version` (Number) The version of the object
+
+
+### Nested Schema for `sequences`
+
+Read-Only:
+
+- `action_entries` (Attributes List) List of action entries (see [below for nested schema](#nestedatt--sequences--action_entries))
+- `base_action` (String) Base action, either `accept` or `drop`
+- `id` (Number) Sequence ID
+- `match_entries` (Attributes List) List of match entries (see [below for nested schema](#nestedatt--sequences--match_entries))
+- `name` (String) Sequence name
+
+
+### Nested Schema for `sequences.action_entries`
+
+Read-Only:
+
+- `counter_name` (String) Counter name
+- `type` (String) Type of action entry
+
+
+
+### Nested Schema for `sequences.match_entries`
+
+Read-Only:
+
+- `destination_data_ipv6_prefix_list_id` (String) Destination data IPv6 prefix list ID
+- `destination_data_ipv6_prefix_list_version` (Number) Destination data IPv6 prefix list version
+- `destination_ip` (String) Destination IP prefix
+- `destination_port` (Number) Destination port, only `22` and `161` supported
+- `source_data_ipv6_prefix_list_id` (String) Source data IPv6 prefix list ID
+- `source_data_ipv6_prefix_list_version` (Number) Source data IPv6 prefix list version
+- `source_ip` (String) Source IP prefix
+- `source_port` (Number) Source port
+- `type` (String) Type of match entry
diff --git a/docs/guides/changelog.md b/docs/guides/changelog.md
index b7dc1fd63..ebd2bc30f 100644
--- a/docs/guides/changelog.md
+++ b/docs/guides/changelog.md
@@ -25,6 +25,7 @@ description: |-
- BREAKING CHANGE: Rename `sdwan_acl_policy_definition` resource and data source to `sdwan_ipv4_acl_policy_definition`
- BREAKING CHANGE: Rename `sdwan_device_acl_policy_definition` resource and data source to `sdwan_ipv4_device_acl_policy_definition`
- Add `sdwan_ipv6_acl_policy_definition` resource and data source
+- Add `sdwan_ipv6_device_acl_policy_definition` resource and data source
## 0.2.11
diff --git a/docs/resources/ipv6_device_acl_policy_definition.md b/docs/resources/ipv6_device_acl_policy_definition.md
new file mode 100644
index 000000000..6aa15e38c
--- /dev/null
+++ b/docs/resources/ipv6_device_acl_policy_definition.md
@@ -0,0 +1,117 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "sdwan_ipv6_device_acl_policy_definition Resource - terraform-provider-sdwan"
+subcategory: "Localized Policies"
+description: |-
+ This resource can manage a IPv6 Device ACL Policy Definition .
+---
+
+# sdwan_ipv6_device_acl_policy_definition (Resource)
+
+This resource can manage a IPv6 Device ACL Policy Definition .
+
+## Example Usage
+
+```terraform
+resource "sdwan_ipv6_device_acl_policy_definition" "example" {
+ name = "Example"
+ description = "My description"
+ default_action = "drop"
+ sequences = [
+ {
+ id = 10
+ name = "Sequence 10"
+ base_action = "accept"
+ match_entries = [
+ {
+ type = "destinationPort"
+ destination_port = 22
+ }
+ ]
+ action_entries = [
+ {
+ type = "count"
+ counter_name = "count1"
+ }
+ ]
+ }
+ ]
+}
+```
+
+
+## Schema
+
+### Required
+
+- `description` (String) The description of the policy definition
+- `name` (String) The name of the policy definition
+- `sequences` (Attributes List) List of ACL sequences (see [below for nested schema](#nestedatt--sequences))
+
+### Optional
+
+- `default_action` (String) Default action, either `accept` or `drop`
+ - Choices: `accept`, `drop`
+
+### Read-Only
+
+- `id` (String) The id of the object
+- `version` (Number) The version of the object
+
+
+### Nested Schema for `sequences`
+
+Required:
+
+- `id` (Number) Sequence ID
+ - Range: `1`-`65534`
+- `name` (String) Sequence name
+
+Optional:
+
+- `action_entries` (Attributes List) List of action entries (see [below for nested schema](#nestedatt--sequences--action_entries))
+- `base_action` (String) Base action, either `accept` or `drop`
+ - Choices: `accept`, `drop`
+- `match_entries` (Attributes List) List of match entries (see [below for nested schema](#nestedatt--sequences--match_entries))
+
+
+### Nested Schema for `sequences.action_entries`
+
+Required:
+
+- `type` (String) Type of action entry
+ - Choices: `count`
+
+Optional:
+
+- `counter_name` (String) Counter name
+
+
+
+### Nested Schema for `sequences.match_entries`
+
+Required:
+
+- `type` (String) Type of match entry
+ - Choices: `sourceIpv6`, `destinationIpv6`, `sourcePort`, `destinationPort`, `sourceDataIpv6PrefixList`, `destinationDataIpv6PrefixList`
+
+Optional:
+
+- `destination_data_ipv6_prefix_list_id` (String) Destination data IPv6 prefix list ID
+- `destination_data_ipv6_prefix_list_version` (Number) Destination data IPv6 prefix list version
+- `destination_ip` (String) Destination IP prefix
+- `destination_port` (Number) Destination port, only `22` and `161` supported
+ - Range: `0`-`65535`
+- `source_data_ipv6_prefix_list_id` (String) Source data IPv6 prefix list ID
+- `source_data_ipv6_prefix_list_version` (Number) Source data IPv6 prefix list version
+- `source_ip` (String) Source IP prefix
+- `source_port` (Number) Source port
+ - Range: `0`-`65535`
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import sdwan_ipv6_device_acl_policy_definition.example "f6b2c44c-693c-4763-b010-895aa3d236bd"
+```
diff --git a/examples/data-sources/sdwan_ipv6_device_acl_policy_definition/data-source.tf b/examples/data-sources/sdwan_ipv6_device_acl_policy_definition/data-source.tf
new file mode 100644
index 000000000..02228fee7
--- /dev/null
+++ b/examples/data-sources/sdwan_ipv6_device_acl_policy_definition/data-source.tf
@@ -0,0 +1,3 @@
+data "sdwan_ipv6_device_acl_policy_definition" "example" {
+ id = "f6b2c44c-693c-4763-b010-895aa3d236bd"
+}
diff --git a/examples/resources/sdwan_ipv6_device_acl_policy_definition/import.sh b/examples/resources/sdwan_ipv6_device_acl_policy_definition/import.sh
new file mode 100644
index 000000000..fe27d6a23
--- /dev/null
+++ b/examples/resources/sdwan_ipv6_device_acl_policy_definition/import.sh
@@ -0,0 +1 @@
+terraform import sdwan_ipv6_device_acl_policy_definition.example "f6b2c44c-693c-4763-b010-895aa3d236bd"
diff --git a/examples/resources/sdwan_ipv6_device_acl_policy_definition/resource.tf b/examples/resources/sdwan_ipv6_device_acl_policy_definition/resource.tf
new file mode 100644
index 000000000..64f22211f
--- /dev/null
+++ b/examples/resources/sdwan_ipv6_device_acl_policy_definition/resource.tf
@@ -0,0 +1,24 @@
+resource "sdwan_ipv6_device_acl_policy_definition" "example" {
+ name = "Example"
+ description = "My description"
+ default_action = "drop"
+ sequences = [
+ {
+ id = 10
+ name = "Sequence 10"
+ base_action = "accept"
+ match_entries = [
+ {
+ type = "destinationPort"
+ destination_port = 22
+ }
+ ]
+ action_entries = [
+ {
+ type = "count"
+ counter_name = "count1"
+ }
+ ]
+ }
+ ]
+}
diff --git a/gen/definitions/generic/ipv6_device_acl_policy_definition.yaml b/gen/definitions/generic/ipv6_device_acl_policy_definition.yaml
new file mode 100644
index 000000000..d1460eee2
--- /dev/null
+++ b/gen/definitions/generic/ipv6_device_acl_policy_definition.yaml
@@ -0,0 +1,174 @@
+---
+name: IPv6 Device ACL Policy Definition
+rest_endpoint: /template/policy/definition/deviceaccesspolicyv6/
+has_version: true
+id_attribute: definitionId
+doc_category: Localized Policies
+attributes:
+ - model_name: type
+ type: String
+ value: deviceaccesspolicyv6
+ - model_name: name
+ tf_name: name
+ type: String
+ mandatory: true
+ description: The name of the policy definition
+ example: Example
+ - model_name: description
+ tf_name: description
+ type: String
+ mandatory: true
+ description: The description of the policy definition
+ example: My description
+ - model_name: type
+ tf_name: default_action
+ data_path: [defaultAction]
+ type: String
+ enum_values: [accept, drop]
+ description: Default action, either `accept` or `drop`
+ example: drop
+ - model_name: sequences
+ type: List
+ mandatory: true
+ description: List of ACL sequences
+ attributes:
+ - model_name: sequenceId
+ tf_name: id
+ type: Int64
+ id: true
+ mandatory: true
+ description: Sequence ID
+ min_int: 1
+ max_int: 65534
+ example: 10
+ - model_name: sequenceName
+ tf_name: name
+ type: String
+ id: true
+ mandatory: true
+ description: Sequence name
+ example: Sequence 10
+ - model_name: sequenceType
+ type: String
+ value: deviceaccesspolicyv6
+ - model_name: sequenceIpType
+ type: String
+ value: ipv6
+ - model_name: baseAction
+ tf_name: base_action
+ type: String
+ enum_values: [accept, drop]
+ description: Base action, either `accept` or `drop`
+ example: accept
+ - model_name: entries
+ data_path: [match]
+ tf_name: match_entries
+ type: List
+ description: List of match entries
+ attributes:
+ - model_name: field
+ tf_name: type
+ type: String
+ id: true
+ mandatory: true
+ enum_values:
+ [
+ sourceIpv6,
+ destinationIpv6,
+ sourcePort,
+ destinationPort,
+ sourceDataIpv6PrefixList,
+ destinationDataIpv6PrefixList,
+ ]
+ description: Type of match entry
+ example: destinationPort
+ - model_name: value
+ tf_name: source_ip
+ conditional_attribute:
+ name: type
+ value: sourceIpv6
+ type: String
+ description: Source IP prefix
+ exclude_test: true
+ example: 2001::/8
+ - model_name: value
+ tf_name: destination_ip
+ conditional_attribute:
+ name: type
+ value: destinationIpv6
+ type: String
+ description: Destination IP prefix
+ exclude_test: true
+ example: 2001::/8
+ - model_name: value
+ tf_name: source_port
+ conditional_attribute:
+ name: type
+ value: sourcePort
+ type: Int64
+ model_type_string: true
+ description: Source port
+ exclude_test: true
+ min_int: 0
+ max_int: 65535
+ example: 8000
+ - model_name: value
+ tf_name: destination_port
+ conditional_attribute:
+ name: type
+ value: destinationPort
+ type: Int64
+ model_type_string: true
+ description: Destination port, only `22` and `161` supported
+ min_int: 0
+ max_int: 65535
+ example: 22
+ - model_name: ref
+ tf_name: source_data_ipv6_prefix_list_id
+ conditional_attribute:
+ name: type
+ value: sourceDataIpv6PrefixList
+ type: String
+ description: Source data IPv6 prefix list ID
+ exclude_test: true
+ example: 2081c2f4-3f9f-4fee-8078-dcc8904e368d
+ - tf_name: source_data_ipv6_prefix_list_version
+ tf_only: true
+ type: Version
+ description: Source data IPv6 prefix list version
+ exclude_test: true
+ - model_name: ref
+ tf_name: destination_data_ipv6_prefix_list_id
+ conditional_attribute:
+ name: type
+ value: destinationDataIpv6PrefixList
+ type: String
+ description: Destination data IPv6 prefix list ID
+ exclude_test: true
+ example: 2081c2f4-3f9f-4fee-8078-dcc8904e368d
+ - tf_name: destination_data_ipv6_prefix_list_version
+ tf_only: true
+ type: Version
+ description: Destination data IPv6 prefix list version
+ exclude_test: true
+ - model_name: actions
+ tf_name: action_entries
+ type: List
+ description: List of action entries
+ attributes:
+ - model_name: type
+ tf_name: type
+ type: String
+ id: true
+ mandatory: true
+ enum_values: [count]
+ description: Type of action entry
+ example: count
+ - model_name: parameter
+ tf_name: counter_name
+ conditional_attribute:
+ name: type
+ value: count
+ type: String
+ description: Counter name
+ example: count1
diff --git a/internal/provider/data_source_sdwan_ipv6_device_acl_policy_definition.go b/internal/provider/data_source_sdwan_ipv6_device_acl_policy_definition.go
new file mode 100644
index 000000000..bbfec9165
--- /dev/null
+++ b/internal/provider/data_source_sdwan_ipv6_device_acl_policy_definition.go
@@ -0,0 +1,192 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "context"
+ "fmt"
+
+ "github.com/hashicorp/terraform-plugin-framework/datasource"
+ "github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+ "github.com/hashicorp/terraform-plugin-log/tflog"
+ "github.com/netascode/go-sdwan"
+)
+
+// Ensure the implementation satisfies the expected interfaces.
+var (
+ _ datasource.DataSource = &IPv6DeviceACLPolicyDefinitionDataSource{}
+ _ datasource.DataSourceWithConfigure = &IPv6DeviceACLPolicyDefinitionDataSource{}
+)
+
+func NewIPv6DeviceACLPolicyDefinitionDataSource() datasource.DataSource {
+ return &IPv6DeviceACLPolicyDefinitionDataSource{}
+}
+
+type IPv6DeviceACLPolicyDefinitionDataSource struct {
+ client *sdwan.Client
+}
+
+func (d *IPv6DeviceACLPolicyDefinitionDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+ resp.TypeName = req.ProviderTypeName + "_ipv6_device_acl_policy_definition"
+}
+
+func (d *IPv6DeviceACLPolicyDefinitionDataSource) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ // This description is used by the documentation generator and the language server.
+ MarkdownDescription: "This data source can read the IPv6 Device ACL Policy Definition .",
+
+ Attributes: map[string]schema.Attribute{
+ "id": schema.StringAttribute{
+ MarkdownDescription: "The id of the object",
+ Required: true,
+ },
+ "version": schema.Int64Attribute{
+ MarkdownDescription: "The version of the object",
+ Computed: true,
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: "The name of the policy definition",
+ Computed: true,
+ },
+ "description": schema.StringAttribute{
+ MarkdownDescription: "The description of the policy definition",
+ Computed: true,
+ },
+ "default_action": schema.StringAttribute{
+ MarkdownDescription: "Default action, either `accept` or `drop`",
+ Computed: true,
+ },
+ "sequences": schema.ListNestedAttribute{
+ MarkdownDescription: "List of ACL sequences",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "id": schema.Int64Attribute{
+ MarkdownDescription: "Sequence ID",
+ Computed: true,
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: "Sequence name",
+ Computed: true,
+ },
+ "base_action": schema.StringAttribute{
+ MarkdownDescription: "Base action, either `accept` or `drop`",
+ Computed: true,
+ },
+ "match_entries": schema.ListNestedAttribute{
+ MarkdownDescription: "List of match entries",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "type": schema.StringAttribute{
+ MarkdownDescription: "Type of match entry",
+ Computed: true,
+ },
+ "source_ip": schema.StringAttribute{
+ MarkdownDescription: "Source IP prefix",
+ Computed: true,
+ },
+ "destination_ip": schema.StringAttribute{
+ MarkdownDescription: "Destination IP prefix",
+ Computed: true,
+ },
+ "source_port": schema.Int64Attribute{
+ MarkdownDescription: "Source port",
+ Computed: true,
+ },
+ "destination_port": schema.Int64Attribute{
+ MarkdownDescription: "Destination port, only `22` and `161` supported",
+ Computed: true,
+ },
+ "source_data_ipv6_prefix_list_id": schema.StringAttribute{
+ MarkdownDescription: "Source data IPv6 prefix list ID",
+ Computed: true,
+ },
+ "source_data_ipv6_prefix_list_version": schema.Int64Attribute{
+ MarkdownDescription: "Source data IPv6 prefix list version",
+ Computed: true,
+ },
+ "destination_data_ipv6_prefix_list_id": schema.StringAttribute{
+ MarkdownDescription: "Destination data IPv6 prefix list ID",
+ Computed: true,
+ },
+ "destination_data_ipv6_prefix_list_version": schema.Int64Attribute{
+ MarkdownDescription: "Destination data IPv6 prefix list version",
+ Computed: true,
+ },
+ },
+ },
+ },
+ "action_entries": schema.ListNestedAttribute{
+ MarkdownDescription: "List of action entries",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "type": schema.StringAttribute{
+ MarkdownDescription: "Type of action entry",
+ Computed: true,
+ },
+ "counter_name": schema.StringAttribute{
+ MarkdownDescription: "Counter name",
+ Computed: true,
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ }
+}
+
+func (d *IPv6DeviceACLPolicyDefinitionDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, _ *datasource.ConfigureResponse) {
+ if req.ProviderData == nil {
+ return
+ }
+
+ d.client = req.ProviderData.(*SdwanProviderData).Client
+}
+
+func (d *IPv6DeviceACLPolicyDefinitionDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+ var config IPv6DeviceACLPolicyDefinition
+
+ // Read config
+ diags := req.Config.Get(ctx, &config)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Read", config.Id.String()))
+
+ res, err := d.client.Get("/template/policy/definition/deviceaccesspolicyv6/" + config.Id.ValueString())
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to retrieve object, got error: %s", err))
+ return
+ }
+
+ config.fromBody(ctx, res)
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Read finished successfully", config.Id.ValueString()))
+
+ diags = resp.State.Set(ctx, &config)
+ resp.Diagnostics.Append(diags...)
+}
diff --git a/internal/provider/data_source_sdwan_ipv6_device_acl_policy_definition_test.go b/internal/provider/data_source_sdwan_ipv6_device_acl_policy_definition_test.go
new file mode 100644
index 000000000..9755cd847
--- /dev/null
+++ b/internal/provider/data_source_sdwan_ipv6_device_acl_policy_definition_test.go
@@ -0,0 +1,76 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+func TestAccDataSourceSdwanIPv6DeviceACLPolicyDefinition(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccDataSourceSdwanIPv6DeviceACLPolicyDefinitionConfig,
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "name", "Example"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "description", "My description"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "default_action", "drop"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.id", "10"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.name", "Sequence 10"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.base_action", "accept"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.match_entries.0.type", "destinationPort"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.match_entries.0.destination_port", "22"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.action_entries.0.type", "count"),
+ resource.TestCheckResourceAttr("data.sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.action_entries.0.counter_name", "count1"),
+ ),
+ },
+ },
+ })
+}
+
+const testAccDataSourceSdwanIPv6DeviceACLPolicyDefinitionConfig = `
+
+resource "sdwan_ipv6_device_acl_policy_definition" "test" {
+ name = "Example"
+ description = "My description"
+ default_action = "drop"
+ sequences = [{
+ id = 10
+ name = "Sequence 10"
+ base_action = "accept"
+ match_entries = [{
+ type = "destinationPort"
+ destination_port = 22
+ }]
+ action_entries = [{
+ type = "count"
+ counter_name = "count1"
+ }]
+ }]
+}
+
+data "sdwan_ipv6_device_acl_policy_definition" "test" {
+ id = sdwan_ipv6_device_acl_policy_definition.test.id
+}
+`
diff --git a/internal/provider/model_sdwan_ipv6_device_acl_policy_definition.go b/internal/provider/model_sdwan_ipv6_device_acl_policy_definition.go
new file mode 100644
index 000000000..2a3487ac5
--- /dev/null
+++ b/internal/provider/model_sdwan_ipv6_device_acl_policy_definition.go
@@ -0,0 +1,345 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "context"
+ "fmt"
+
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/tidwall/gjson"
+ "github.com/tidwall/sjson"
+)
+
+type IPv6DeviceACLPolicyDefinition struct {
+ Id types.String `tfsdk:"id"`
+ Version types.Int64 `tfsdk:"version"`
+ Name types.String `tfsdk:"name"`
+ Description types.String `tfsdk:"description"`
+ DefaultAction types.String `tfsdk:"default_action"`
+ Sequences []IPv6DeviceACLPolicyDefinitionSequences `tfsdk:"sequences"`
+}
+
+type IPv6DeviceACLPolicyDefinitionSequences struct {
+ Id types.Int64 `tfsdk:"id"`
+ Name types.String `tfsdk:"name"`
+ BaseAction types.String `tfsdk:"base_action"`
+ MatchEntries []IPv6DeviceACLPolicyDefinitionSequencesMatchEntries `tfsdk:"match_entries"`
+ ActionEntries []IPv6DeviceACLPolicyDefinitionSequencesActionEntries `tfsdk:"action_entries"`
+}
+
+type IPv6DeviceACLPolicyDefinitionSequencesMatchEntries struct {
+ Type types.String `tfsdk:"type"`
+ SourceIp types.String `tfsdk:"source_ip"`
+ DestinationIp types.String `tfsdk:"destination_ip"`
+ SourcePort types.Int64 `tfsdk:"source_port"`
+ DestinationPort types.Int64 `tfsdk:"destination_port"`
+ SourceDataIpv6PrefixListId types.String `tfsdk:"source_data_ipv6_prefix_list_id"`
+ SourceDataIpv6PrefixListVersion types.Int64 `tfsdk:"source_data_ipv6_prefix_list_version"`
+ DestinationDataIpv6PrefixListId types.String `tfsdk:"destination_data_ipv6_prefix_list_id"`
+ DestinationDataIpv6PrefixListVersion types.Int64 `tfsdk:"destination_data_ipv6_prefix_list_version"`
+}
+type IPv6DeviceACLPolicyDefinitionSequencesActionEntries struct {
+ Type types.String `tfsdk:"type"`
+ CounterName types.String `tfsdk:"counter_name"`
+}
+
+func (data IPv6DeviceACLPolicyDefinition) toBody(ctx context.Context) string {
+ body := ""
+ body, _ = sjson.Set(body, "type", "deviceaccesspolicyv6")
+ if !data.Name.IsNull() {
+ body, _ = sjson.Set(body, "name", data.Name.ValueString())
+ }
+ if !data.Description.IsNull() {
+ body, _ = sjson.Set(body, "description", data.Description.ValueString())
+ }
+ if !data.DefaultAction.IsNull() {
+ body, _ = sjson.Set(body, "defaultAction.type", data.DefaultAction.ValueString())
+ }
+ if true {
+ body, _ = sjson.Set(body, "sequences", []interface{}{})
+ for _, item := range data.Sequences {
+ itemBody := ""
+ if !item.Id.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "sequenceId", item.Id.ValueInt64())
+ }
+ if !item.Name.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "sequenceName", item.Name.ValueString())
+ }
+ itemBody, _ = sjson.Set(itemBody, "sequenceType", "deviceaccesspolicyv6")
+ itemBody, _ = sjson.Set(itemBody, "sequenceIpType", "ipv6")
+ if !item.BaseAction.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "baseAction", item.BaseAction.ValueString())
+ }
+ if true {
+ itemBody, _ = sjson.Set(itemBody, "match.entries", []interface{}{})
+ for _, childItem := range item.MatchEntries {
+ itemChildBody := ""
+ if !childItem.Type.IsNull() {
+ itemChildBody, _ = sjson.Set(itemChildBody, "field", childItem.Type.ValueString())
+ }
+ if !childItem.SourceIp.IsNull() && childItem.Type.ValueString() == "sourceIpv6" {
+ itemChildBody, _ = sjson.Set(itemChildBody, "value", childItem.SourceIp.ValueString())
+ }
+ if !childItem.DestinationIp.IsNull() && childItem.Type.ValueString() == "destinationIpv6" {
+ itemChildBody, _ = sjson.Set(itemChildBody, "value", childItem.DestinationIp.ValueString())
+ }
+ if !childItem.SourcePort.IsNull() && childItem.Type.ValueString() == "sourcePort" {
+ itemChildBody, _ = sjson.Set(itemChildBody, "value", fmt.Sprint(childItem.SourcePort.ValueInt64()))
+ }
+ if !childItem.DestinationPort.IsNull() && childItem.Type.ValueString() == "destinationPort" {
+ itemChildBody, _ = sjson.Set(itemChildBody, "value", fmt.Sprint(childItem.DestinationPort.ValueInt64()))
+ }
+ if !childItem.SourceDataIpv6PrefixListId.IsNull() && childItem.Type.ValueString() == "sourceDataIpv6PrefixList" {
+ itemChildBody, _ = sjson.Set(itemChildBody, "ref", childItem.SourceDataIpv6PrefixListId.ValueString())
+ }
+ if !childItem.DestinationDataIpv6PrefixListId.IsNull() && childItem.Type.ValueString() == "destinationDataIpv6PrefixList" {
+ itemChildBody, _ = sjson.Set(itemChildBody, "ref", childItem.DestinationDataIpv6PrefixListId.ValueString())
+ }
+ itemBody, _ = sjson.SetRaw(itemBody, "match.entries.-1", itemChildBody)
+ }
+ }
+ if true {
+ itemBody, _ = sjson.Set(itemBody, "actions", []interface{}{})
+ for _, childItem := range item.ActionEntries {
+ itemChildBody := ""
+ if !childItem.Type.IsNull() {
+ itemChildBody, _ = sjson.Set(itemChildBody, "type", childItem.Type.ValueString())
+ }
+ if !childItem.CounterName.IsNull() && childItem.Type.ValueString() == "count" {
+ itemChildBody, _ = sjson.Set(itemChildBody, "parameter", childItem.CounterName.ValueString())
+ }
+ itemBody, _ = sjson.SetRaw(itemBody, "actions.-1", itemChildBody)
+ }
+ }
+ body, _ = sjson.SetRaw(body, "sequences.-1", itemBody)
+ }
+ }
+ return body
+}
+
+func (data *IPv6DeviceACLPolicyDefinition) fromBody(ctx context.Context, res gjson.Result) {
+ state := *data
+ if value := res.Get("name"); value.Exists() {
+ data.Name = types.StringValue(value.String())
+ } else {
+ data.Name = types.StringNull()
+ }
+ if value := res.Get("description"); value.Exists() {
+ data.Description = types.StringValue(value.String())
+ } else {
+ data.Description = types.StringNull()
+ }
+ if value := res.Get("defaultAction.type"); value.Exists() {
+ data.DefaultAction = types.StringValue(value.String())
+ } else {
+ data.DefaultAction = types.StringNull()
+ }
+ if value := res.Get("sequences"); value.Exists() && len(value.Array()) > 0 {
+ data.Sequences = make([]IPv6DeviceACLPolicyDefinitionSequences, 0)
+ value.ForEach(func(k, v gjson.Result) bool {
+ item := IPv6DeviceACLPolicyDefinitionSequences{}
+ if cValue := v.Get("sequenceId"); cValue.Exists() {
+ item.Id = types.Int64Value(cValue.Int())
+ } else {
+ item.Id = types.Int64Null()
+ }
+ if cValue := v.Get("sequenceName"); cValue.Exists() {
+ item.Name = types.StringValue(cValue.String())
+ } else {
+ item.Name = types.StringNull()
+ }
+ if cValue := v.Get("baseAction"); cValue.Exists() {
+ item.BaseAction = types.StringValue(cValue.String())
+ } else {
+ item.BaseAction = types.StringNull()
+ }
+ if cValue := v.Get("match.entries"); cValue.Exists() && len(cValue.Array()) > 0 {
+ item.MatchEntries = make([]IPv6DeviceACLPolicyDefinitionSequencesMatchEntries, 0)
+ cValue.ForEach(func(ck, cv gjson.Result) bool {
+ cItem := IPv6DeviceACLPolicyDefinitionSequencesMatchEntries{}
+ if ccValue := cv.Get("field"); ccValue.Exists() {
+ cItem.Type = types.StringValue(ccValue.String())
+ } else {
+ cItem.Type = types.StringNull()
+ }
+ if ccValue := cv.Get("value"); ccValue.Exists() && cItem.Type.ValueString() == "sourceIpv6" {
+ cItem.SourceIp = types.StringValue(ccValue.String())
+ } else {
+ cItem.SourceIp = types.StringNull()
+ }
+ if ccValue := cv.Get("value"); ccValue.Exists() && cItem.Type.ValueString() == "destinationIpv6" {
+ cItem.DestinationIp = types.StringValue(ccValue.String())
+ } else {
+ cItem.DestinationIp = types.StringNull()
+ }
+ if ccValue := cv.Get("value"); ccValue.Exists() && cItem.Type.ValueString() == "sourcePort" {
+ cItem.SourcePort = types.Int64Value(ccValue.Int())
+ } else {
+ cItem.SourcePort = types.Int64Null()
+ }
+ if ccValue := cv.Get("value"); ccValue.Exists() && cItem.Type.ValueString() == "destinationPort" {
+ cItem.DestinationPort = types.Int64Value(ccValue.Int())
+ } else {
+ cItem.DestinationPort = types.Int64Null()
+ }
+ if ccValue := cv.Get("ref"); ccValue.Exists() && cItem.Type.ValueString() == "sourceDataIpv6PrefixList" {
+ cItem.SourceDataIpv6PrefixListId = types.StringValue(ccValue.String())
+ } else {
+ cItem.SourceDataIpv6PrefixListId = types.StringNull()
+ }
+ if ccValue := cv.Get("ref"); ccValue.Exists() && cItem.Type.ValueString() == "destinationDataIpv6PrefixList" {
+ cItem.DestinationDataIpv6PrefixListId = types.StringValue(ccValue.String())
+ } else {
+ cItem.DestinationDataIpv6PrefixListId = types.StringNull()
+ }
+ item.MatchEntries = append(item.MatchEntries, cItem)
+ return true
+ })
+ }
+ if cValue := v.Get("actions"); cValue.Exists() && len(cValue.Array()) > 0 {
+ item.ActionEntries = make([]IPv6DeviceACLPolicyDefinitionSequencesActionEntries, 0)
+ cValue.ForEach(func(ck, cv gjson.Result) bool {
+ cItem := IPv6DeviceACLPolicyDefinitionSequencesActionEntries{}
+ if ccValue := cv.Get("type"); ccValue.Exists() {
+ cItem.Type = types.StringValue(ccValue.String())
+ } else {
+ cItem.Type = types.StringNull()
+ }
+ if ccValue := cv.Get("parameter"); ccValue.Exists() && cItem.Type.ValueString() == "count" {
+ cItem.CounterName = types.StringValue(ccValue.String())
+ } else {
+ cItem.CounterName = types.StringNull()
+ }
+ item.ActionEntries = append(item.ActionEntries, cItem)
+ return true
+ })
+ }
+ data.Sequences = append(data.Sequences, item)
+ return true
+ })
+ }
+ data.updateVersions(ctx, &state)
+}
+
+func (data *IPv6DeviceACLPolicyDefinition) hasChanges(ctx context.Context, state *IPv6DeviceACLPolicyDefinition) bool {
+ hasChanges := false
+ if !data.Name.Equal(state.Name) {
+ hasChanges = true
+ }
+ if !data.Description.Equal(state.Description) {
+ hasChanges = true
+ }
+ if !data.DefaultAction.Equal(state.DefaultAction) {
+ hasChanges = true
+ }
+ if len(data.Sequences) != len(state.Sequences) {
+ hasChanges = true
+ } else {
+ for i := range data.Sequences {
+ if !data.Sequences[i].Id.Equal(state.Sequences[i].Id) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].Name.Equal(state.Sequences[i].Name) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].BaseAction.Equal(state.Sequences[i].BaseAction) {
+ hasChanges = true
+ }
+ if len(data.Sequences[i].MatchEntries) != len(state.Sequences[i].MatchEntries) {
+ hasChanges = true
+ } else {
+ for ii := range data.Sequences[i].MatchEntries {
+ if !data.Sequences[i].MatchEntries[ii].Type.Equal(state.Sequences[i].MatchEntries[ii].Type) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].MatchEntries[ii].SourceIp.Equal(state.Sequences[i].MatchEntries[ii].SourceIp) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].MatchEntries[ii].DestinationIp.Equal(state.Sequences[i].MatchEntries[ii].DestinationIp) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].MatchEntries[ii].SourcePort.Equal(state.Sequences[i].MatchEntries[ii].SourcePort) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].MatchEntries[ii].DestinationPort.Equal(state.Sequences[i].MatchEntries[ii].DestinationPort) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].MatchEntries[ii].SourceDataIpv6PrefixListId.Equal(state.Sequences[i].MatchEntries[ii].SourceDataIpv6PrefixListId) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].MatchEntries[ii].DestinationDataIpv6PrefixListId.Equal(state.Sequences[i].MatchEntries[ii].DestinationDataIpv6PrefixListId) {
+ hasChanges = true
+ }
+ }
+ }
+ if len(data.Sequences[i].ActionEntries) != len(state.Sequences[i].ActionEntries) {
+ hasChanges = true
+ } else {
+ for ii := range data.Sequences[i].ActionEntries {
+ if !data.Sequences[i].ActionEntries[ii].Type.Equal(state.Sequences[i].ActionEntries[ii].Type) {
+ hasChanges = true
+ }
+ if !data.Sequences[i].ActionEntries[ii].CounterName.Equal(state.Sequences[i].ActionEntries[ii].CounterName) {
+ hasChanges = true
+ }
+ }
+ }
+ }
+ }
+ return hasChanges
+}
+
+func (data *IPv6DeviceACLPolicyDefinition) updateVersions(ctx context.Context, state *IPv6DeviceACLPolicyDefinition) {
+ for i := range data.Sequences {
+ dataKeys := [...]string{fmt.Sprintf("%v", data.Sequences[i].Id.ValueInt64()), fmt.Sprintf("%v", data.Sequences[i].Name.ValueString())}
+ stateIndex := -1
+ for j := range state.Sequences {
+ stateKeys := [...]string{fmt.Sprintf("%v", state.Sequences[j].Id.ValueInt64()), fmt.Sprintf("%v", state.Sequences[j].Name.ValueString())}
+ if dataKeys == stateKeys {
+ stateIndex = j
+ break
+ }
+ }
+ for ii := range data.Sequences[i].MatchEntries {
+ cDataKeys := [...]string{fmt.Sprintf("%v", data.Sequences[i].MatchEntries[ii].Type.ValueString())}
+ cStateIndex := -1
+ if stateIndex > -1 {
+ for jj := range state.Sequences[stateIndex].MatchEntries {
+ cStateKeys := [...]string{fmt.Sprintf("%v", state.Sequences[stateIndex].MatchEntries[jj].Type.ValueString())}
+ if cDataKeys == cStateKeys {
+ cStateIndex = jj
+ break
+ }
+ }
+ }
+ if cStateIndex > -1 {
+ data.Sequences[i].MatchEntries[ii].SourceDataIpv6PrefixListVersion = state.Sequences[stateIndex].MatchEntries[cStateIndex].SourceDataIpv6PrefixListVersion
+ } else {
+ data.Sequences[i].MatchEntries[ii].SourceDataIpv6PrefixListVersion = types.Int64Null()
+ }
+ if cStateIndex > -1 {
+ data.Sequences[i].MatchEntries[ii].DestinationDataIpv6PrefixListVersion = state.Sequences[stateIndex].MatchEntries[cStateIndex].DestinationDataIpv6PrefixListVersion
+ } else {
+ data.Sequences[i].MatchEntries[ii].DestinationDataIpv6PrefixListVersion = types.Int64Null()
+ }
+ }
+ }
+}
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
index 0e22fb879..c263ea0af 100644
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -296,6 +296,7 @@ func (p *SdwanProvider) Resources(ctx context.Context) []func() resource.Resourc
NewIPv4DeviceACLPolicyDefinitionResource,
NewIPv4PrefixListPolicyObjectResource,
NewIPv6ACLPolicyDefinitionResource,
+ NewIPv6DeviceACLPolicyDefinitionResource,
NewIPv6PrefixListPolicyObjectResource,
NewLocalApplicationListPolicyObjectResource,
NewLocalizedPolicyResource,
@@ -388,6 +389,7 @@ func (p *SdwanProvider) DataSources(ctx context.Context) []func() datasource.Dat
NewIPv4DeviceACLPolicyDefinitionDataSource,
NewIPv4PrefixListPolicyObjectDataSource,
NewIPv6ACLPolicyDefinitionDataSource,
+ NewIPv6DeviceACLPolicyDefinitionDataSource,
NewIPv6PrefixListPolicyObjectDataSource,
NewLocalApplicationListPolicyObjectDataSource,
NewLocalizedPolicyDataSource,
diff --git a/internal/provider/resource_sdwan_ipv6_device_acl_policy_definition.go b/internal/provider/resource_sdwan_ipv6_device_acl_policy_definition.go
new file mode 100644
index 000000000..8ee9fb2e9
--- /dev/null
+++ b/internal/provider/resource_sdwan_ipv6_device_acl_policy_definition.go
@@ -0,0 +1,328 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "context"
+ "fmt"
+ "strings"
+ "sync"
+
+ "github.com/CiscoDevNet/terraform-provider-sdwan/internal/provider/helpers"
+ "github.com/hashicorp/terraform-plugin-framework-validators/int64validator"
+ "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
+ "github.com/hashicorp/terraform-plugin-framework/path"
+ "github.com/hashicorp/terraform-plugin-framework/resource"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/schema/validator"
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/hashicorp/terraform-plugin-log/tflog"
+ "github.com/netascode/go-sdwan"
+)
+
+// Ensure provider defined types fully satisfy framework interfaces
+var _ resource.Resource = &IPv6DeviceACLPolicyDefinitionResource{}
+var _ resource.ResourceWithImportState = &IPv6DeviceACLPolicyDefinitionResource{}
+
+func NewIPv6DeviceACLPolicyDefinitionResource() resource.Resource {
+ return &IPv6DeviceACLPolicyDefinitionResource{}
+}
+
+type IPv6DeviceACLPolicyDefinitionResource struct {
+ client *sdwan.Client
+ updateMutex *sync.Mutex
+}
+
+func (r *IPv6DeviceACLPolicyDefinitionResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+ resp.TypeName = req.ProviderTypeName + "_ipv6_device_acl_policy_definition"
+}
+
+func (r *IPv6DeviceACLPolicyDefinitionResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ // This description is used by the documentation generator and the language server.
+ MarkdownDescription: helpers.NewAttributeDescription("This resource can manage a IPv6 Device ACL Policy Definition .").String,
+
+ Attributes: map[string]schema.Attribute{
+ "id": schema.StringAttribute{
+ MarkdownDescription: "The id of the object",
+ Computed: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.UseStateForUnknown(),
+ },
+ },
+ "version": schema.Int64Attribute{
+ MarkdownDescription: "The version of the object",
+ Computed: true,
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("The name of the policy definition").String,
+ Required: true,
+ },
+ "description": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("The description of the policy definition").String,
+ Required: true,
+ },
+ "default_action": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Default action, either `accept` or `drop`").AddStringEnumDescription("accept", "drop").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("accept", "drop"),
+ },
+ },
+ "sequences": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("List of ACL sequences").String,
+ Required: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "id": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Sequence ID").AddIntegerRangeDescription(1, 65534).String,
+ Required: true,
+ Validators: []validator.Int64{
+ int64validator.Between(1, 65534),
+ },
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Sequence name").String,
+ Required: true,
+ },
+ "base_action": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Base action, either `accept` or `drop`").AddStringEnumDescription("accept", "drop").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("accept", "drop"),
+ },
+ },
+ "match_entries": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("List of match entries").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "type": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Type of match entry").AddStringEnumDescription("sourceIpv6", "destinationIpv6", "sourcePort", "destinationPort", "sourceDataIpv6PrefixList", "destinationDataIpv6PrefixList").String,
+ Required: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("sourceIpv6", "destinationIpv6", "sourcePort", "destinationPort", "sourceDataIpv6PrefixList", "destinationDataIpv6PrefixList"),
+ },
+ },
+ "source_ip": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Source IP prefix").String,
+ Optional: true,
+ },
+ "destination_ip": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Destination IP prefix").String,
+ Optional: true,
+ },
+ "source_port": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Source port").AddIntegerRangeDescription(0, 65535).String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(0, 65535),
+ },
+ },
+ "destination_port": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Destination port, only `22` and `161` supported").AddIntegerRangeDescription(0, 65535).String,
+ Optional: true,
+ Validators: []validator.Int64{
+ int64validator.Between(0, 65535),
+ },
+ },
+ "source_data_ipv6_prefix_list_id": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Source data IPv6 prefix list ID").String,
+ Optional: true,
+ },
+ "source_data_ipv6_prefix_list_version": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Source data IPv6 prefix list version").String,
+ Optional: true,
+ },
+ "destination_data_ipv6_prefix_list_id": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Destination data IPv6 prefix list ID").String,
+ Optional: true,
+ },
+ "destination_data_ipv6_prefix_list_version": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Destination data IPv6 prefix list version").String,
+ Optional: true,
+ },
+ },
+ },
+ },
+ "action_entries": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("List of action entries").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "type": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Type of action entry").AddStringEnumDescription("count").String,
+ Required: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("count"),
+ },
+ },
+ "counter_name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Counter name").String,
+ Optional: true,
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ }
+}
+
+func (r *IPv6DeviceACLPolicyDefinitionResource) Configure(_ context.Context, req resource.ConfigureRequest, _ *resource.ConfigureResponse) {
+ if req.ProviderData == nil {
+ return
+ }
+
+ r.client = req.ProviderData.(*SdwanProviderData).Client
+ r.updateMutex = req.ProviderData.(*SdwanProviderData).UpdateMutex
+}
+
+func (r *IPv6DeviceACLPolicyDefinitionResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+ var plan IPv6DeviceACLPolicyDefinition
+
+ // Read plan
+ diags := req.Plan.Get(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Create", plan.Name.ValueString()))
+
+ // Create object
+ body := plan.toBody(ctx)
+
+ res, err := r.client.Post("/template/policy/definition/deviceaccesspolicyv6/", body)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to configure object (POST), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ plan.Id = types.StringValue(res.Get("definitionId").String())
+ plan.Version = types.Int64Value(0)
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Create finished successfully", plan.Name.ValueString()))
+
+ diags = resp.State.Set(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+}
+
+func (r *IPv6DeviceACLPolicyDefinitionResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+ var state IPv6DeviceACLPolicyDefinition
+
+ // Read state
+ diags := req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Read", state.Name.String()))
+
+ res, err := r.client.Get("/template/policy/definition/deviceaccesspolicyv6/" + state.Id.ValueString())
+ if strings.Contains(res.Get("error.message").String(), "Failed to find specified resource") || strings.Contains(res.Get("error.message").String(), "Invalid template type") || strings.Contains(res.Get("error.message").String(), "Template definition not found") {
+ resp.State.RemoveResource(ctx)
+ return
+ } else if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to retrieve object (GET), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ state.fromBody(ctx, res)
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Read finished successfully", state.Name.ValueString()))
+
+ diags = resp.State.Set(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+}
+
+func (r *IPv6DeviceACLPolicyDefinitionResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+ var plan, state IPv6DeviceACLPolicyDefinition
+
+ // Read plan
+ diags := req.Plan.Get(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+ // Read state
+ diags = req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Update", plan.Name.ValueString()))
+
+ if plan.hasChanges(ctx, &state) {
+ body := plan.toBody(ctx)
+ r.updateMutex.Lock()
+ res, err := r.client.Put("/template/policy/definition/deviceaccesspolicyv6/"+plan.Id.ValueString(), body)
+ r.updateMutex.Unlock()
+ if err != nil {
+ if strings.Contains(res.Get("error.message").String(), "Failed to acquire lock") {
+ resp.Diagnostics.AddWarning("Client Warning", "Failed to modify policy due to policy being locked by another change. Policy changes will not be applied. Re-run 'terraform apply' to try again.")
+ } else {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to configure object (PUT), got error: %s, %s", err, res.String()))
+ return
+ }
+ }
+ } else {
+ tflog.Debug(ctx, fmt.Sprintf("%s: No changes detected", plan.Name.ValueString()))
+ }
+ plan.Version = types.Int64Value(state.Version.ValueInt64() + 1)
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Update finished successfully", plan.Name.ValueString()))
+
+ diags = resp.State.Set(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+}
+
+func (r *IPv6DeviceACLPolicyDefinitionResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+ var state IPv6DeviceACLPolicyDefinition
+
+ // Read state
+ diags := req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Delete", state.Name.ValueString()))
+
+ res, err := r.client.Delete("/template/policy/definition/deviceaccesspolicyv6/" + state.Id.ValueString())
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to delete object (DELETE), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Delete finished successfully", state.Name.ValueString()))
+
+ resp.State.RemoveResource(ctx)
+}
+
+func (r *IPv6DeviceACLPolicyDefinitionResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
+ resource.ImportStatePassthroughID(ctx, path.Root("id"), req, resp)
+}
diff --git a/internal/provider/resource_sdwan_ipv6_device_acl_policy_definition_test.go b/internal/provider/resource_sdwan_ipv6_device_acl_policy_definition_test.go
new file mode 100644
index 000000000..2bf7754d2
--- /dev/null
+++ b/internal/provider/resource_sdwan_ipv6_device_acl_policy_definition_test.go
@@ -0,0 +1,73 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+func TestAccSdwanIPv6DeviceACLPolicyDefinition(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccSdwanIPv6DeviceACLPolicyDefinitionConfig,
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "name", "Example"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "description", "My description"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "default_action", "drop"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.id", "10"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.name", "Sequence 10"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.base_action", "accept"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.match_entries.0.type", "destinationPort"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.match_entries.0.destination_port", "22"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.action_entries.0.type", "count"),
+ resource.TestCheckResourceAttr("sdwan_ipv6_device_acl_policy_definition.test", "sequences.0.action_entries.0.counter_name", "count1"),
+ ),
+ },
+ },
+ })
+}
+
+const testAccSdwanIPv6DeviceACLPolicyDefinitionConfig = `
+
+
+resource "sdwan_ipv6_device_acl_policy_definition" "test" {
+ name = "Example"
+ description = "My description"
+ default_action = "drop"
+ sequences = [{
+ id = 10
+ name = "Sequence 10"
+ base_action = "accept"
+ match_entries = [{
+ type = "destinationPort"
+ destination_port = 22
+ }]
+ action_entries = [{
+ type = "count"
+ counter_name = "count1"
+ }]
+ }]
+}
+`
diff --git a/templates/guides/changelog.md.tmpl b/templates/guides/changelog.md.tmpl
index b7dc1fd63..ebd2bc30f 100644
--- a/templates/guides/changelog.md.tmpl
+++ b/templates/guides/changelog.md.tmpl
@@ -25,6 +25,7 @@ description: |-
- BREAKING CHANGE: Rename `sdwan_acl_policy_definition` resource and data source to `sdwan_ipv4_acl_policy_definition`
- BREAKING CHANGE: Rename `sdwan_device_acl_policy_definition` resource and data source to `sdwan_ipv4_device_acl_policy_definition`
- Add `sdwan_ipv6_acl_policy_definition` resource and data source
+- Add `sdwan_ipv6_device_acl_policy_definition` resource and data source
## 0.2.11