From 3ad92aedf9fa14618dbe022da5bf060aa742464e Mon Sep 17 00:00:00 2001
From: Kuba Mazurkiewicz <132581633+kuba-mazurkiewicz@users.noreply.github.com>
Date: Tue, 23 Jan 2024 00:44:02 +0100
Subject: [PATCH] Add active directory join point resource and data source
(#31)
---
.../active_directory_join_point.md | 92 ++
docs/resources/active_directory_join_point.md | 173 ++++
.../data-source.tf | 3 +
.../ise_active_directory_join_point/import.sh | 1 +
.../resource.tf | 54 ++
.../active_directory_join_point.yaml | 278 ++++++
..._source_ise_active_directory_join_point.go | 290 ++++++
...ce_ise_active_directory_join_point_test.go | 149 +++
.../model_ise_active_directory_join_point.go | 850 ++++++++++++++++++
internal/provider/provider.go | 2 +
...esource_ise_active_directory_join_point.go | 566 ++++++++++++
...ce_ise_active_directory_join_point_test.go | 160 ++++
12 files changed, 2618 insertions(+)
create mode 100644 docs/data-sources/active_directory_join_point.md
create mode 100644 docs/resources/active_directory_join_point.md
create mode 100644 examples/data-sources/ise_active_directory_join_point/data-source.tf
create mode 100644 examples/resources/ise_active_directory_join_point/import.sh
create mode 100644 examples/resources/ise_active_directory_join_point/resource.tf
create mode 100644 gen/definitions/active_directory_join_point.yaml
create mode 100644 internal/provider/data_source_ise_active_directory_join_point.go
create mode 100644 internal/provider/data_source_ise_active_directory_join_point_test.go
create mode 100644 internal/provider/model_ise_active_directory_join_point.go
create mode 100644 internal/provider/resource_ise_active_directory_join_point.go
create mode 100644 internal/provider/resource_ise_active_directory_join_point_test.go
diff --git a/docs/data-sources/active_directory_join_point.md b/docs/data-sources/active_directory_join_point.md
new file mode 100644
index 0000000..52ca1c2
--- /dev/null
+++ b/docs/data-sources/active_directory_join_point.md
@@ -0,0 +1,92 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "ise_active_directory_join_point Data Source - terraform-provider-ise"
+subcategory: "Identity Management"
+description: |-
+ This data source can read the Active Directory Join Point.
+---
+
+# ise_active_directory_join_point (Data Source)
+
+This data source can read the Active Directory Join Point.
+
+## Example Usage
+
+```terraform
+data "ise_active_directory_join_point" "example" {
+ id = "76d24097-41c4-4558-a4d0-a8c07ac08470"
+}
+```
+
+
+## Schema
+
+### Required
+
+- `id` (String) The id of the object
+
+### Read-Only
+
+- `ad_scopes_names` (String) String that contains the names of the scopes that the active directory belongs to. Names are separated by comm
+- `aging_time` (Number) Aging Time
+- `attributes` (Attributes List) List of AD Attributes (see [below for nested schema](#nestedatt--attributes))
+- `auth_protection_type` (String) Enable prevent AD account lockout for WIRELESS/WIRED/BOTH
+- `country` (String) User info attribute
+- `department` (String) User info attribute
+- `description` (String) Join point Description
+- `domain` (String) AD domain associated with the join point
+- `email` (String) User info attribute
+- `enable_callback_for_dialin_client` (Boolean) Enable Callback For Dial In Client
+- `enable_dialin_permission_check` (Boolean) Enable Dial In Permission Check
+- `enable_domain_allowed_list` (Boolean)
+- `enable_failed_auth_protection` (Boolean) Enable prevent AD account lockout due to too many bad password attempts
+- `enable_machine_access` (Boolean) Enable Machine Access
+- `enable_machine_auth` (Boolean) Enable Machin Authentication
+- `enable_pass_change` (Boolean) Enable Password Change
+- `enable_rewrites` (Boolean) Enable Rewrites
+- `failed_auth_threshold` (Number) Number of bad password attempts
+- `first_name` (String) User info attribute
+- `groups` (Attributes List) List of AD Groups (see [below for nested schema](#nestedatt--groups))
+- `identity_not_in_ad_behaviour` (String) Identity Not In AD Behaviour
+- `job_title` (String) User info attribute
+- `last_name` (String) User info attribute
+- `locality` (String) User info attribute
+- `name` (String) The name of the active directory join point
+- `organizational_unit` (String) User info attribute
+- `plaintext_auth` (Boolean) Plain Text Authentication
+- `rewrite_rules` (Attributes List) List of Rewrite rules (see [below for nested schema](#nestedatt--rewrite_rules))
+- `schema` (String) Schema
+- `state_or_province` (String) User info attribute
+- `street_address` (String) User info attribute
+- `telephone` (String) User info attribute
+- `unreachable_domains_behaviour` (String) Unreachable Domains Behaviour
+
+
+### Nested Schema for `attributes`
+
+Read-Only:
+
+- `default_value` (String) Required for each attribute in the attribute list. Can contain an empty string
+- `internal_name` (String) Required for each attribute in the attribute list
+- `name` (String) Required for each attribute in the attribute list with no duplication between attributes
+- `type` (String) Required for each group in the group list
+
+
+
+### Nested Schema for `groups`
+
+Read-Only:
+
+- `name` (String) Required for each group in the group list with no duplication between groups
+- `sid` (String) Required for each group in the group list with no duplication between groups
+- `type` (String)
+
+
+
+### Nested Schema for `rewrite_rules`
+
+Read-Only:
+
+- `rewrite_match` (String) Required for each rule in the list with no duplication between rules
+- `rewrite_result` (String) Required for each rule in the list
+- `row_id` (String) Required for each rule in the list in serial order
diff --git a/docs/resources/active_directory_join_point.md b/docs/resources/active_directory_join_point.md
new file mode 100644
index 0000000..34415fc
--- /dev/null
+++ b/docs/resources/active_directory_join_point.md
@@ -0,0 +1,173 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "ise_active_directory_join_point Resource - terraform-provider-ise"
+subcategory: "Identity Management"
+description: |-
+ This resource can manage an Active Directory Join Point.
+---
+
+# ise_active_directory_join_point (Resource)
+
+This resource can manage an Active Directory Join Point.
+
+## Example Usage
+
+```terraform
+resource "ise_active_directory_join_point" "example" {
+ name = "cisco.local"
+ description = "My AD join point"
+ domain = "cisco.local"
+ ad_scopes_names = "Default_Scope"
+ enable_domain_allowed_list = true
+ groups = [
+ {
+ name = "cisco.local/operators"
+ sid = "S-1-5-32-548"
+ type = "GLOBAL"
+ }
+ ]
+ attributes = [
+ {
+ name = "Attribute_1"
+ type = "STRING"
+ internal_name = "internal_name"
+ default_value = "default_string"
+ }
+ ]
+ rewrite_rules = [
+ {
+ row_id = "0"
+ rewrite_match = "rewrite_match"
+ rewrite_result = "rewrite_result"
+ }
+ ]
+ enable_rewrites = false
+ enable_pass_change = true
+ enable_machine_auth = true
+ enable_machine_access = true
+ enable_dialin_permission_check = false
+ plaintext_auth = false
+ aging_time = 5
+ enable_callback_for_dialin_client = false
+ identity_not_in_ad_behaviour = "SEARCH_JOINED_FOREST"
+ unreachable_domains_behaviour = "PROCEED"
+ schema = "ACTIVE_DIRECTORY"
+ first_name = "givenName"
+ department = "department"
+ last_name = "sn"
+ organizational_unit = "company"
+ job_title = "title"
+ locality = "l"
+ email = "mail"
+ state_or_province = "st"
+ telephone = "telephoneNumber"
+ country = "co"
+ street_address = "streetAddress"
+ enable_failed_auth_protection = false
+ failed_auth_threshold = 5
+ auth_protection_type = "WIRELESS"
+}
+```
+
+
+## Schema
+
+### Required
+
+- `domain` (String) AD domain associated with the join point
+- `name` (String) The name of the active directory join point
+
+### Optional
+
+- `ad_scopes_names` (String) String that contains the names of the scopes that the active directory belongs to. Names are separated by comm
+ - Default value: `Default_Scope`
+- `aging_time` (Number) Aging Time
+ - Default value: `5`
+- `attributes` (Attributes List) List of AD Attributes (see [below for nested schema](#nestedatt--attributes))
+- `auth_protection_type` (String) Enable prevent AD account lockout for WIRELESS/WIRED/BOTH
+ - Choices: `WIRELESS`, `WIRED`, `BOTH`
+- `country` (String) User info attribute
+- `department` (String) User info attribute
+- `description` (String) Join point Description
+- `email` (String) User info attribute
+- `enable_callback_for_dialin_client` (Boolean) Enable Callback For Dial In Client
+ - Default value: `false`
+- `enable_dialin_permission_check` (Boolean) Enable Dial In Permission Check
+ - Default value: `false`
+- `enable_domain_allowed_list` (Boolean) - Default value: `true`
+- `enable_failed_auth_protection` (Boolean) Enable prevent AD account lockout due to too many bad password attempts
+ - Default value: `false`
+- `enable_machine_access` (Boolean) Enable Machine Access
+ - Default value: `true`
+- `enable_machine_auth` (Boolean) Enable Machin Authentication
+ - Default value: `true`
+- `enable_pass_change` (Boolean) Enable Password Change
+ - Default value: `true`
+- `enable_rewrites` (Boolean) Enable Rewrites
+ - Default value: `false`
+- `failed_auth_threshold` (Number) Number of bad password attempts
+ - Default value: `5`
+- `first_name` (String) User info attribute
+- `groups` (Attributes List) List of AD Groups (see [below for nested schema](#nestedatt--groups))
+- `identity_not_in_ad_behaviour` (String) Identity Not In AD Behaviour
+ - Choices: `REJECT`, `SEARCH_JOINED_FOREST`, `SEARCH_ALL`
+- `job_title` (String) User info attribute
+- `last_name` (String) User info attribute
+- `locality` (String) User info attribute
+- `organizational_unit` (String) User info attribute
+- `plaintext_auth` (Boolean) Plain Text Authentication
+ - Default value: `false`
+- `rewrite_rules` (Attributes List) List of Rewrite rules (see [below for nested schema](#nestedatt--rewrite_rules))
+- `schema` (String) Schema
+ - Choices: `ACTIVE_DIRECTORY`, `CUSTOM`
+- `state_or_province` (String) User info attribute
+- `street_address` (String) User info attribute
+- `telephone` (String) User info attribute
+- `unreachable_domains_behaviour` (String) Unreachable Domains Behaviour
+ - Choices: `PROCEED`, `DROP`
+
+### Read-Only
+
+- `id` (String) The id of the object
+
+
+### Nested Schema for `attributes`
+
+Required:
+
+- `default_value` (String) Required for each attribute in the attribute list. Can contain an empty string
+- `internal_name` (String) Required for each attribute in the attribute list
+- `name` (String) Required for each attribute in the attribute list with no duplication between attributes
+- `type` (String) Required for each group in the group list
+ - Choices: `STRING`, `IP`, `BOOLEAN`, `INT`, `OCTET_STRING`
+
+
+
+### Nested Schema for `groups`
+
+Required:
+
+- `name` (String) Required for each group in the group list with no duplication between groups
+- `sid` (String) Required for each group in the group list with no duplication between groups
+
+Optional:
+
+- `type` (String)
+
+
+
+### Nested Schema for `rewrite_rules`
+
+Required:
+
+- `rewrite_match` (String) Required for each rule in the list with no duplication between rules
+- `rewrite_result` (String) Required for each rule in the list
+- `row_id` (String) Required for each rule in the list in serial order
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import ise_active_directory_join_point.example "76d24097-41c4-4558-a4d0-a8c07ac08470"
+```
diff --git a/examples/data-sources/ise_active_directory_join_point/data-source.tf b/examples/data-sources/ise_active_directory_join_point/data-source.tf
new file mode 100644
index 0000000..940545c
--- /dev/null
+++ b/examples/data-sources/ise_active_directory_join_point/data-source.tf
@@ -0,0 +1,3 @@
+data "ise_active_directory_join_point" "example" {
+ id = "76d24097-41c4-4558-a4d0-a8c07ac08470"
+}
diff --git a/examples/resources/ise_active_directory_join_point/import.sh b/examples/resources/ise_active_directory_join_point/import.sh
new file mode 100644
index 0000000..bd69104
--- /dev/null
+++ b/examples/resources/ise_active_directory_join_point/import.sh
@@ -0,0 +1 @@
+terraform import ise_active_directory_join_point.example "76d24097-41c4-4558-a4d0-a8c07ac08470"
diff --git a/examples/resources/ise_active_directory_join_point/resource.tf b/examples/resources/ise_active_directory_join_point/resource.tf
new file mode 100644
index 0000000..076f9bd
--- /dev/null
+++ b/examples/resources/ise_active_directory_join_point/resource.tf
@@ -0,0 +1,54 @@
+resource "ise_active_directory_join_point" "example" {
+ name = "cisco.local"
+ description = "My AD join point"
+ domain = "cisco.local"
+ ad_scopes_names = "Default_Scope"
+ enable_domain_allowed_list = true
+ groups = [
+ {
+ name = "cisco.local/operators"
+ sid = "S-1-5-32-548"
+ type = "GLOBAL"
+ }
+ ]
+ attributes = [
+ {
+ name = "Attribute_1"
+ type = "STRING"
+ internal_name = "internal_name"
+ default_value = "default_string"
+ }
+ ]
+ rewrite_rules = [
+ {
+ row_id = "0"
+ rewrite_match = "rewrite_match"
+ rewrite_result = "rewrite_result"
+ }
+ ]
+ enable_rewrites = false
+ enable_pass_change = true
+ enable_machine_auth = true
+ enable_machine_access = true
+ enable_dialin_permission_check = false
+ plaintext_auth = false
+ aging_time = 5
+ enable_callback_for_dialin_client = false
+ identity_not_in_ad_behaviour = "SEARCH_JOINED_FOREST"
+ unreachable_domains_behaviour = "PROCEED"
+ schema = "ACTIVE_DIRECTORY"
+ first_name = "givenName"
+ department = "department"
+ last_name = "sn"
+ organizational_unit = "company"
+ job_title = "title"
+ locality = "l"
+ email = "mail"
+ state_or_province = "st"
+ telephone = "telephoneNumber"
+ country = "co"
+ street_address = "streetAddress"
+ enable_failed_auth_protection = false
+ failed_auth_threshold = 5
+ auth_protection_type = "WIRELESS"
+}
diff --git a/gen/definitions/active_directory_join_point.yaml b/gen/definitions/active_directory_join_point.yaml
new file mode 100644
index 0000000..d2e1ba7
--- /dev/null
+++ b/gen/definitions/active_directory_join_point.yaml
@@ -0,0 +1,278 @@
+---
+name: Active Directory Join Point
+rest_endpoint: /ers/config/activedirectory
+doc_category: Identity Management
+skip_minimum_test: true
+attributes:
+ - model_name: name
+ data_path: [ERSActiveDirectory]
+ type: String
+ mandatory: true
+ description: The name of the active directory join point
+ example: cisco.local
+ - model_name: description
+ data_path: [ERSActiveDirectory]
+ type: String
+ requires_replace: true
+ description: Join point Description
+ example: My AD join point
+ - model_name: domain
+ data_path: [ERSActiveDirectory]
+ type: String
+ requires_replace: true
+ mandatory: true
+ description: AD domain associated with the join point
+ example: cisco.local
+ - model_name: adScopesNames
+ data_path: [ERSActiveDirectory]
+ type: String
+ requires_replace: true
+ description: String that contains the names of the scopes that the active directory belongs to. Names are separated by comm
+ default_value: Default_Scope
+ example: Default_Scope
+ - model_name: enableDomainAllowedList
+ data_path: [ERSActiveDirectory]
+ type: Bool
+ requires_replace: true
+ default_value: true
+ example: true
+ - model_name: groups
+ description: List of AD Groups
+ data_path: [ERSActiveDirectory,adgroups]
+ type: List
+ attributes:
+ - model_name: name
+ type: String
+ mandatory: true
+ requires_replace: true
+ description: Required for each group in the group list with no duplication between groups
+ example: cisco.local/operators
+ - model_name: sid
+ type: String
+ mandatory: true
+ requires_replace: true
+ id: true
+ description: Required for each group in the group list with no duplication between groups
+ example: S-1-5-32-548
+ - model_name: type
+ type: String
+ write_only: true
+ requires_replace: true
+ example: GLOBAL
+ - model_name: attributes
+ data_path: [ERSActiveDirectory,adAttributes]
+ type: List
+ description: List of AD Attributes
+ attributes:
+ - model_name: name
+ type: String
+ requires_replace: true
+ mandatory: true
+ description: Required for each attribute in the attribute list with no duplication between attributes
+ example: Attribute_1
+ - model_name: type
+ type: String
+ requires_replace: true
+ enum_values: [STRING, IP, BOOLEAN, INT, OCTET_STRING]
+ mandatory: true
+ description: Required for each group in the group list
+ example: STRING
+ - model_name: internalName
+ type: String
+ requires_replace: true
+ mandatory: true
+ description: Required for each attribute in the attribute list
+ example: internal_name
+ - model_name: defaultValue
+ type: String
+ requires_replace: true
+ mandatory: true
+ description: Required for each attribute in the attribute list. Can contain an empty string
+ example: default_string
+ - model_name: rewriteRules
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: List
+ description: List of Rewrite rules
+ attributes:
+ - model_name: rowId
+ type: String
+ requires_replace: true
+ mandatory: true
+ description: Required for each rule in the list in serial order
+ example: 0
+ - model_name: rewriteMatch
+ type: String
+ requires_replace: true
+ mandatory: true
+ description: Required for each rule in the list with no duplication between rules
+ example: rewrite_match
+ - model_name: rewriteResult
+ type: String
+ requires_replace: true
+ mandatory: true
+ description: Required for each rule in the list
+ example: rewrite_result
+ - model_name: enableRewrites
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Bool
+ requires_replace: true
+ default_value: false
+ description: Enable Rewrites
+ example: false
+ - model_name: enablePassChange
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Bool
+ requires_replace: true
+ default_value: true
+ description: Enable Password Change
+ example: true
+ - model_name: enableMachineAuth
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Bool
+ requires_replace: true
+ default_value: true
+ description: Enable Machin Authentication
+ example: true
+ - model_name: enableMachineAccess
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Bool
+ requires_replace: true
+ default_value: true
+ description: Enable Machine Access
+ example: true
+ - model_name: enableDialinPermissionCheck
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Bool
+ requires_replace: true
+ default_value: false
+ description: Enable Dial In Permission Check
+ example: false
+ - model_name: plaintextAuth
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Bool
+ requires_replace: true
+ default_value: false
+ description: Plain Text Authentication
+ example: false
+ - model_name: agingTime
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Int64
+ requires_replace: true
+ default_value: 5
+ description: Aging Time
+ example: 5
+ - model_name: enableCallbackForDialinClient
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Bool
+ requires_replace: true
+ default_value: false
+ description: Enable Callback For Dial In Client
+ example: false
+ - model_name: identityNotInAdBehaviour
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ enum_values: [REJECT, SEARCH_JOINED_FOREST, SEARCH_ALL]
+ description: Identity Not In AD Behaviour
+ example: SEARCH_JOINED_FOREST
+ - model_name: unreachableDomainsBehaviour
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ enum_values: [PROCEED, DROP]
+ description: Unreachable Domains Behaviour
+ example: PROCEED
+ - model_name: schema
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ enum_values: [ACTIVE_DIRECTORY, CUSTOM]
+ description: Schema
+ example: ACTIVE_DIRECTORY
+ - model_name: firstName
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: givenName
+ - model_name: department
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: department
+ - model_name: lastName
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: sn
+ - model_name: organizationalUnit
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: company
+ - model_name: jobTitle
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: title
+ - model_name: locality
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: l
+ - model_name: email
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: mail
+ - model_name: stateOrProvince
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: st
+ - model_name: telephone
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: telephoneNumber
+ - model_name: country
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: co
+ - model_name: streetAddress
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ description: User info attribute
+ example: streetAddress
+ - model_name: enableFailedAuthProtection
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Bool
+ requires_replace: true
+ description: Enable prevent AD account lockout due to too many bad password attempts
+ example: false
+ default_value: false
+ - model_name: failedAuthThreshold
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: Int64
+ requires_replace: true
+ default_value: 5
+ description: Number of bad password attempts
+ example: 5
+ - model_name: authProtectionType
+ data_path: [ERSActiveDirectory,advancedSettings]
+ type: String
+ requires_replace: true
+ enum_values: [WIRELESS, WIRED, BOTH]
+ description: Enable prevent AD account lockout for WIRELESS/WIRED/BOTH
+ example: WIRELESS
diff --git a/internal/provider/data_source_ise_active_directory_join_point.go b/internal/provider/data_source_ise_active_directory_join_point.go
new file mode 100644
index 0000000..2068648
--- /dev/null
+++ b/internal/provider/data_source_ise_active_directory_join_point.go
@@ -0,0 +1,290 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+//template:begin imports
+import (
+ "context"
+ "fmt"
+
+ "github.com/hashicorp/terraform-plugin-framework/datasource"
+ "github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+ "github.com/hashicorp/terraform-plugin-log/tflog"
+ "github.com/netascode/go-ise"
+)
+
+//template:end imports
+
+//template:begin model
+
+// Ensure the implementation satisfies the expected interfaces.
+var (
+ _ datasource.DataSource = &ActiveDirectoryJoinPointDataSource{}
+ _ datasource.DataSourceWithConfigure = &ActiveDirectoryJoinPointDataSource{}
+)
+
+func NewActiveDirectoryJoinPointDataSource() datasource.DataSource {
+ return &ActiveDirectoryJoinPointDataSource{}
+}
+
+type ActiveDirectoryJoinPointDataSource struct {
+ client *ise.Client
+}
+
+func (d *ActiveDirectoryJoinPointDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+ resp.TypeName = req.ProviderTypeName + "_active_directory_join_point"
+}
+
+func (d *ActiveDirectoryJoinPointDataSource) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ // This description is used by the documentation generator and the language server.
+ MarkdownDescription: "This data source can read the Active Directory Join Point.",
+
+ Attributes: map[string]schema.Attribute{
+ "id": schema.StringAttribute{
+ MarkdownDescription: "The id of the object",
+ Required: true,
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: "The name of the active directory join point",
+ Computed: true,
+ },
+ "description": schema.StringAttribute{
+ MarkdownDescription: "Join point Description",
+ Computed: true,
+ },
+ "domain": schema.StringAttribute{
+ MarkdownDescription: "AD domain associated with the join point",
+ Computed: true,
+ },
+ "ad_scopes_names": schema.StringAttribute{
+ MarkdownDescription: "String that contains the names of the scopes that the active directory belongs to. Names are separated by comm",
+ Computed: true,
+ },
+ "enable_domain_allowed_list": schema.BoolAttribute{
+ MarkdownDescription: "",
+ Computed: true,
+ },
+ "groups": schema.ListNestedAttribute{
+ MarkdownDescription: "List of AD Groups",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ MarkdownDescription: "Required for each group in the group list with no duplication between groups",
+ Computed: true,
+ },
+ "sid": schema.StringAttribute{
+ MarkdownDescription: "Required for each group in the group list with no duplication between groups",
+ Computed: true,
+ },
+ "type": schema.StringAttribute{
+ MarkdownDescription: "",
+ Computed: true,
+ },
+ },
+ },
+ },
+ "attributes": schema.ListNestedAttribute{
+ MarkdownDescription: "List of AD Attributes",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ MarkdownDescription: "Required for each attribute in the attribute list with no duplication between attributes",
+ Computed: true,
+ },
+ "type": schema.StringAttribute{
+ MarkdownDescription: "Required for each group in the group list",
+ Computed: true,
+ },
+ "internal_name": schema.StringAttribute{
+ MarkdownDescription: "Required for each attribute in the attribute list",
+ Computed: true,
+ },
+ "default_value": schema.StringAttribute{
+ MarkdownDescription: "Required for each attribute in the attribute list. Can contain an empty string",
+ Computed: true,
+ },
+ },
+ },
+ },
+ "rewrite_rules": schema.ListNestedAttribute{
+ MarkdownDescription: "List of Rewrite rules",
+ Computed: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "row_id": schema.StringAttribute{
+ MarkdownDescription: "Required for each rule in the list in serial order",
+ Computed: true,
+ },
+ "rewrite_match": schema.StringAttribute{
+ MarkdownDescription: "Required for each rule in the list with no duplication between rules",
+ Computed: true,
+ },
+ "rewrite_result": schema.StringAttribute{
+ MarkdownDescription: "Required for each rule in the list",
+ Computed: true,
+ },
+ },
+ },
+ },
+ "enable_rewrites": schema.BoolAttribute{
+ MarkdownDescription: "Enable Rewrites",
+ Computed: true,
+ },
+ "enable_pass_change": schema.BoolAttribute{
+ MarkdownDescription: "Enable Password Change",
+ Computed: true,
+ },
+ "enable_machine_auth": schema.BoolAttribute{
+ MarkdownDescription: "Enable Machin Authentication",
+ Computed: true,
+ },
+ "enable_machine_access": schema.BoolAttribute{
+ MarkdownDescription: "Enable Machine Access",
+ Computed: true,
+ },
+ "enable_dialin_permission_check": schema.BoolAttribute{
+ MarkdownDescription: "Enable Dial In Permission Check",
+ Computed: true,
+ },
+ "plaintext_auth": schema.BoolAttribute{
+ MarkdownDescription: "Plain Text Authentication",
+ Computed: true,
+ },
+ "aging_time": schema.Int64Attribute{
+ MarkdownDescription: "Aging Time",
+ Computed: true,
+ },
+ "enable_callback_for_dialin_client": schema.BoolAttribute{
+ MarkdownDescription: "Enable Callback For Dial In Client",
+ Computed: true,
+ },
+ "identity_not_in_ad_behaviour": schema.StringAttribute{
+ MarkdownDescription: "Identity Not In AD Behaviour",
+ Computed: true,
+ },
+ "unreachable_domains_behaviour": schema.StringAttribute{
+ MarkdownDescription: "Unreachable Domains Behaviour",
+ Computed: true,
+ },
+ "schema": schema.StringAttribute{
+ MarkdownDescription: "Schema",
+ Computed: true,
+ },
+ "first_name": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "department": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "last_name": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "organizational_unit": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "job_title": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "locality": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "email": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "state_or_province": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "telephone": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "country": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "street_address": schema.StringAttribute{
+ MarkdownDescription: "User info attribute",
+ Computed: true,
+ },
+ "enable_failed_auth_protection": schema.BoolAttribute{
+ MarkdownDescription: "Enable prevent AD account lockout due to too many bad password attempts",
+ Computed: true,
+ },
+ "failed_auth_threshold": schema.Int64Attribute{
+ MarkdownDescription: "Number of bad password attempts",
+ Computed: true,
+ },
+ "auth_protection_type": schema.StringAttribute{
+ MarkdownDescription: "Enable prevent AD account lockout for WIRELESS/WIRED/BOTH",
+ Computed: true,
+ },
+ },
+ }
+}
+
+func (d *ActiveDirectoryJoinPointDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, _ *datasource.ConfigureResponse) {
+ if req.ProviderData == nil {
+ return
+ }
+
+ d.client = req.ProviderData.(*IseProviderData).Client
+}
+
+//template:end model
+
+//template:begin read
+func (d *ActiveDirectoryJoinPointDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+ var config ActiveDirectoryJoinPoint
+
+ // Read config
+ diags := req.Config.Get(ctx, &config)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Read", config.Id.String()))
+
+ res, err := d.client.Get(config.getPath() + "/" + config.Id.ValueString())
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to retrieve object, got error: %s", err))
+ return
+ }
+
+ config.fromBody(ctx, res)
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Read finished successfully", config.Id.ValueString()))
+
+ diags = resp.State.Set(ctx, &config)
+ resp.Diagnostics.Append(diags...)
+}
+
+//template:end read
diff --git a/internal/provider/data_source_ise_active_directory_join_point_test.go b/internal/provider/data_source_ise_active_directory_join_point_test.go
new file mode 100644
index 0000000..1979527
--- /dev/null
+++ b/internal/provider/data_source_ise_active_directory_join_point_test.go
@@ -0,0 +1,149 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+//template:begin imports
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+//template:end imports
+
+//template:begin testAccDataSource
+func TestAccDataSourceIseActiveDirectoryJoinPoint(t *testing.T) {
+ var checks []resource.TestCheckFunc
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "name", "cisco.local"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "description", "My AD join point"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "domain", "cisco.local"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "ad_scopes_names", "Default_Scope"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "enable_domain_allowed_list", "true"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "groups.0.name", "cisco.local/operators"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "groups.0.sid", "S-1-5-32-548"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "attributes.0.name", "Attribute_1"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "attributes.0.type", "STRING"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "attributes.0.internal_name", "internal_name"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "attributes.0.default_value", "default_string"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "rewrite_rules.0.row_id", "0"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "rewrite_rules.0.rewrite_match", "rewrite_match"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "rewrite_rules.0.rewrite_result", "rewrite_result"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "enable_rewrites", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "enable_pass_change", "true"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "enable_machine_auth", "true"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "enable_machine_access", "true"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "enable_dialin_permission_check", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "plaintext_auth", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "aging_time", "5"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "enable_callback_for_dialin_client", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "identity_not_in_ad_behaviour", "SEARCH_JOINED_FOREST"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "unreachable_domains_behaviour", "PROCEED"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "schema", "ACTIVE_DIRECTORY"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "first_name", "givenName"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "department", "department"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "last_name", "sn"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "organizational_unit", "company"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "job_title", "title"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "locality", "l"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "email", "mail"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "state_or_province", "st"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "telephone", "telephoneNumber"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "country", "co"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "street_address", "streetAddress"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "enable_failed_auth_protection", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "failed_auth_threshold", "5"))
+ checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "auth_protection_type", "WIRELESS"))
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccDataSourceIseActiveDirectoryJoinPointConfig(),
+ Check: resource.ComposeTestCheckFunc(checks...),
+ },
+ },
+ })
+}
+
+//template:end testAccDataSource
+
+//template:begin testPrerequisites
+//template:end testPrerequisites
+
+//template:begin testAccDataSourceConfig
+func testAccDataSourceIseActiveDirectoryJoinPointConfig() string {
+ config := `resource "ise_active_directory_join_point" "test" {` + "\n"
+ config += ` name = "cisco.local"` + "\n"
+ config += ` description = "My AD join point"` + "\n"
+ config += ` domain = "cisco.local"` + "\n"
+ config += ` ad_scopes_names = "Default_Scope"` + "\n"
+ config += ` enable_domain_allowed_list = true` + "\n"
+ config += ` groups = [{` + "\n"
+ config += ` name = "cisco.local/operators"` + "\n"
+ config += ` sid = "S-1-5-32-548"` + "\n"
+ config += ` type = "GLOBAL"` + "\n"
+ config += ` }]` + "\n"
+ config += ` attributes = [{` + "\n"
+ config += ` name = "Attribute_1"` + "\n"
+ config += ` type = "STRING"` + "\n"
+ config += ` internal_name = "internal_name"` + "\n"
+ config += ` default_value = "default_string"` + "\n"
+ config += ` }]` + "\n"
+ config += ` rewrite_rules = [{` + "\n"
+ config += ` row_id = "0"` + "\n"
+ config += ` rewrite_match = "rewrite_match"` + "\n"
+ config += ` rewrite_result = "rewrite_result"` + "\n"
+ config += ` }]` + "\n"
+ config += ` enable_rewrites = false` + "\n"
+ config += ` enable_pass_change = true` + "\n"
+ config += ` enable_machine_auth = true` + "\n"
+ config += ` enable_machine_access = true` + "\n"
+ config += ` enable_dialin_permission_check = false` + "\n"
+ config += ` plaintext_auth = false` + "\n"
+ config += ` aging_time = 5` + "\n"
+ config += ` enable_callback_for_dialin_client = false` + "\n"
+ config += ` identity_not_in_ad_behaviour = "SEARCH_JOINED_FOREST"` + "\n"
+ config += ` unreachable_domains_behaviour = "PROCEED"` + "\n"
+ config += ` schema = "ACTIVE_DIRECTORY"` + "\n"
+ config += ` first_name = "givenName"` + "\n"
+ config += ` department = "department"` + "\n"
+ config += ` last_name = "sn"` + "\n"
+ config += ` organizational_unit = "company"` + "\n"
+ config += ` job_title = "title"` + "\n"
+ config += ` locality = "l"` + "\n"
+ config += ` email = "mail"` + "\n"
+ config += ` state_or_province = "st"` + "\n"
+ config += ` telephone = "telephoneNumber"` + "\n"
+ config += ` country = "co"` + "\n"
+ config += ` street_address = "streetAddress"` + "\n"
+ config += ` enable_failed_auth_protection = false` + "\n"
+ config += ` failed_auth_threshold = 5` + "\n"
+ config += ` auth_protection_type = "WIRELESS"` + "\n"
+ config += `}` + "\n"
+
+ config += `
+ data "ise_active_directory_join_point" "test" {
+ id = ise_active_directory_join_point.test.id
+ }
+ `
+ return config
+}
+
+//template:end testAccDataSourceConfig
diff --git a/internal/provider/model_ise_active_directory_join_point.go b/internal/provider/model_ise_active_directory_join_point.go
new file mode 100644
index 0000000..6943c65
--- /dev/null
+++ b/internal/provider/model_ise_active_directory_join_point.go
@@ -0,0 +1,850 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+//template:begin imports
+import (
+ "context"
+
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/tidwall/gjson"
+ "github.com/tidwall/sjson"
+)
+
+//template:end imports
+
+//template:begin types
+type ActiveDirectoryJoinPoint struct {
+ Id types.String `tfsdk:"id"`
+ Name types.String `tfsdk:"name"`
+ Description types.String `tfsdk:"description"`
+ Domain types.String `tfsdk:"domain"`
+ AdScopesNames types.String `tfsdk:"ad_scopes_names"`
+ EnableDomainAllowedList types.Bool `tfsdk:"enable_domain_allowed_list"`
+ Groups []ActiveDirectoryJoinPointGroups `tfsdk:"groups"`
+ Attributes []ActiveDirectoryJoinPointAttributes `tfsdk:"attributes"`
+ RewriteRules []ActiveDirectoryJoinPointRewriteRules `tfsdk:"rewrite_rules"`
+ EnableRewrites types.Bool `tfsdk:"enable_rewrites"`
+ EnablePassChange types.Bool `tfsdk:"enable_pass_change"`
+ EnableMachineAuth types.Bool `tfsdk:"enable_machine_auth"`
+ EnableMachineAccess types.Bool `tfsdk:"enable_machine_access"`
+ EnableDialinPermissionCheck types.Bool `tfsdk:"enable_dialin_permission_check"`
+ PlaintextAuth types.Bool `tfsdk:"plaintext_auth"`
+ AgingTime types.Int64 `tfsdk:"aging_time"`
+ EnableCallbackForDialinClient types.Bool `tfsdk:"enable_callback_for_dialin_client"`
+ IdentityNotInAdBehaviour types.String `tfsdk:"identity_not_in_ad_behaviour"`
+ UnreachableDomainsBehaviour types.String `tfsdk:"unreachable_domains_behaviour"`
+ Schema types.String `tfsdk:"schema"`
+ FirstName types.String `tfsdk:"first_name"`
+ Department types.String `tfsdk:"department"`
+ LastName types.String `tfsdk:"last_name"`
+ OrganizationalUnit types.String `tfsdk:"organizational_unit"`
+ JobTitle types.String `tfsdk:"job_title"`
+ Locality types.String `tfsdk:"locality"`
+ Email types.String `tfsdk:"email"`
+ StateOrProvince types.String `tfsdk:"state_or_province"`
+ Telephone types.String `tfsdk:"telephone"`
+ Country types.String `tfsdk:"country"`
+ StreetAddress types.String `tfsdk:"street_address"`
+ EnableFailedAuthProtection types.Bool `tfsdk:"enable_failed_auth_protection"`
+ FailedAuthThreshold types.Int64 `tfsdk:"failed_auth_threshold"`
+ AuthProtectionType types.String `tfsdk:"auth_protection_type"`
+}
+
+type ActiveDirectoryJoinPointGroups struct {
+ Name types.String `tfsdk:"name"`
+ Sid types.String `tfsdk:"sid"`
+ Type types.String `tfsdk:"type"`
+}
+
+type ActiveDirectoryJoinPointAttributes struct {
+ Name types.String `tfsdk:"name"`
+ Type types.String `tfsdk:"type"`
+ InternalName types.String `tfsdk:"internal_name"`
+ DefaultValue types.String `tfsdk:"default_value"`
+}
+
+type ActiveDirectoryJoinPointRewriteRules struct {
+ RowId types.String `tfsdk:"row_id"`
+ RewriteMatch types.String `tfsdk:"rewrite_match"`
+ RewriteResult types.String `tfsdk:"rewrite_result"`
+}
+
+//template:end types
+
+//template:begin getPath
+func (data ActiveDirectoryJoinPoint) getPath() string {
+ return "/ers/config/activedirectory"
+}
+
+//template:end getPath
+
+//template:begin toBody
+func (data ActiveDirectoryJoinPoint) toBody(ctx context.Context, state ActiveDirectoryJoinPoint) string {
+ body := ""
+ if !data.Name.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.name", data.Name.ValueString())
+ }
+ if !data.Description.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.description", data.Description.ValueString())
+ }
+ if !data.Domain.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.domain", data.Domain.ValueString())
+ }
+ if !data.AdScopesNames.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.adScopesNames", data.AdScopesNames.ValueString())
+ }
+ if !data.EnableDomainAllowedList.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.enableDomainAllowedList", data.EnableDomainAllowedList.ValueBool())
+ }
+ if len(data.Groups) > 0 {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.adgroups.groups", []interface{}{})
+ for _, item := range data.Groups {
+ itemBody := ""
+ if !item.Name.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "name", item.Name.ValueString())
+ }
+ if !item.Sid.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "sid", item.Sid.ValueString())
+ }
+ if !item.Type.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "type", item.Type.ValueString())
+ }
+ body, _ = sjson.SetRaw(body, "ERSActiveDirectory.adgroups.groups.-1", itemBody)
+ }
+ }
+ if len(data.Attributes) > 0 {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.adAttributes.attributes", []interface{}{})
+ for _, item := range data.Attributes {
+ itemBody := ""
+ if !item.Name.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "name", item.Name.ValueString())
+ }
+ if !item.Type.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "type", item.Type.ValueString())
+ }
+ if !item.InternalName.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "internalName", item.InternalName.ValueString())
+ }
+ if !item.DefaultValue.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "defaultValue", item.DefaultValue.ValueString())
+ }
+ body, _ = sjson.SetRaw(body, "ERSActiveDirectory.adAttributes.attributes.-1", itemBody)
+ }
+ }
+ if len(data.RewriteRules) > 0 {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.rewriteRules", []interface{}{})
+ for _, item := range data.RewriteRules {
+ itemBody := ""
+ if !item.RowId.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "rowId", item.RowId.ValueString())
+ }
+ if !item.RewriteMatch.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "rewriteMatch", item.RewriteMatch.ValueString())
+ }
+ if !item.RewriteResult.IsNull() {
+ itemBody, _ = sjson.Set(itemBody, "rewriteResult", item.RewriteResult.ValueString())
+ }
+ body, _ = sjson.SetRaw(body, "ERSActiveDirectory.advancedSettings.rewriteRules.-1", itemBody)
+ }
+ }
+ if !data.EnableRewrites.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.enableRewrites", data.EnableRewrites.ValueBool())
+ }
+ if !data.EnablePassChange.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.enablePassChange", data.EnablePassChange.ValueBool())
+ }
+ if !data.EnableMachineAuth.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.enableMachineAuth", data.EnableMachineAuth.ValueBool())
+ }
+ if !data.EnableMachineAccess.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.enableMachineAccess", data.EnableMachineAccess.ValueBool())
+ }
+ if !data.EnableDialinPermissionCheck.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.enableDialinPermissionCheck", data.EnableDialinPermissionCheck.ValueBool())
+ }
+ if !data.PlaintextAuth.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.plaintextAuth", data.PlaintextAuth.ValueBool())
+ }
+ if !data.AgingTime.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.agingTime", data.AgingTime.ValueInt64())
+ }
+ if !data.EnableCallbackForDialinClient.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.enableCallbackForDialinClient", data.EnableCallbackForDialinClient.ValueBool())
+ }
+ if !data.IdentityNotInAdBehaviour.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.identityNotInAdBehaviour", data.IdentityNotInAdBehaviour.ValueString())
+ }
+ if !data.UnreachableDomainsBehaviour.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.unreachableDomainsBehaviour", data.UnreachableDomainsBehaviour.ValueString())
+ }
+ if !data.Schema.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.schema", data.Schema.ValueString())
+ }
+ if !data.FirstName.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.firstName", data.FirstName.ValueString())
+ }
+ if !data.Department.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.department", data.Department.ValueString())
+ }
+ if !data.LastName.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.lastName", data.LastName.ValueString())
+ }
+ if !data.OrganizationalUnit.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.organizationalUnit", data.OrganizationalUnit.ValueString())
+ }
+ if !data.JobTitle.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.jobTitle", data.JobTitle.ValueString())
+ }
+ if !data.Locality.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.locality", data.Locality.ValueString())
+ }
+ if !data.Email.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.email", data.Email.ValueString())
+ }
+ if !data.StateOrProvince.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.stateOrProvince", data.StateOrProvince.ValueString())
+ }
+ if !data.Telephone.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.telephone", data.Telephone.ValueString())
+ }
+ if !data.Country.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.country", data.Country.ValueString())
+ }
+ if !data.StreetAddress.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.streetAddress", data.StreetAddress.ValueString())
+ }
+ if !data.EnableFailedAuthProtection.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.enableFailedAuthProtection", data.EnableFailedAuthProtection.ValueBool())
+ }
+ if !data.FailedAuthThreshold.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.failedAuthThreshold", data.FailedAuthThreshold.ValueInt64())
+ }
+ if !data.AuthProtectionType.IsNull() {
+ body, _ = sjson.Set(body, "ERSActiveDirectory.advancedSettings.authProtectionType", data.AuthProtectionType.ValueString())
+ }
+ return body
+}
+
+//template:end toBody
+
+//template:begin fromBody
+func (data *ActiveDirectoryJoinPoint) fromBody(ctx context.Context, res gjson.Result) {
+ if value := res.Get("ERSActiveDirectory.name"); value.Exists() {
+ data.Name = types.StringValue(value.String())
+ } else {
+ data.Name = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.description"); value.Exists() {
+ data.Description = types.StringValue(value.String())
+ } else {
+ data.Description = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.domain"); value.Exists() {
+ data.Domain = types.StringValue(value.String())
+ } else {
+ data.Domain = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.adScopesNames"); value.Exists() {
+ data.AdScopesNames = types.StringValue(value.String())
+ } else {
+ data.AdScopesNames = types.StringValue("Default_Scope")
+ }
+ if value := res.Get("ERSActiveDirectory.enableDomainAllowedList"); value.Exists() {
+ data.EnableDomainAllowedList = types.BoolValue(value.Bool())
+ } else {
+ data.EnableDomainAllowedList = types.BoolValue(true)
+ }
+ if value := res.Get("ERSActiveDirectory.adgroups.groups"); value.Exists() {
+ data.Groups = make([]ActiveDirectoryJoinPointGroups, 0)
+ value.ForEach(func(k, v gjson.Result) bool {
+ item := ActiveDirectoryJoinPointGroups{}
+ if cValue := v.Get("name"); cValue.Exists() {
+ item.Name = types.StringValue(cValue.String())
+ } else {
+ item.Name = types.StringNull()
+ }
+ if cValue := v.Get("sid"); cValue.Exists() {
+ item.Sid = types.StringValue(cValue.String())
+ } else {
+ item.Sid = types.StringNull()
+ }
+ data.Groups = append(data.Groups, item)
+ return true
+ })
+ }
+ if value := res.Get("ERSActiveDirectory.adAttributes.attributes"); value.Exists() {
+ data.Attributes = make([]ActiveDirectoryJoinPointAttributes, 0)
+ value.ForEach(func(k, v gjson.Result) bool {
+ item := ActiveDirectoryJoinPointAttributes{}
+ if cValue := v.Get("name"); cValue.Exists() {
+ item.Name = types.StringValue(cValue.String())
+ } else {
+ item.Name = types.StringNull()
+ }
+ if cValue := v.Get("type"); cValue.Exists() {
+ item.Type = types.StringValue(cValue.String())
+ } else {
+ item.Type = types.StringNull()
+ }
+ if cValue := v.Get("internalName"); cValue.Exists() {
+ item.InternalName = types.StringValue(cValue.String())
+ } else {
+ item.InternalName = types.StringNull()
+ }
+ if cValue := v.Get("defaultValue"); cValue.Exists() {
+ item.DefaultValue = types.StringValue(cValue.String())
+ } else {
+ item.DefaultValue = types.StringNull()
+ }
+ data.Attributes = append(data.Attributes, item)
+ return true
+ })
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.rewriteRules"); value.Exists() {
+ data.RewriteRules = make([]ActiveDirectoryJoinPointRewriteRules, 0)
+ value.ForEach(func(k, v gjson.Result) bool {
+ item := ActiveDirectoryJoinPointRewriteRules{}
+ if cValue := v.Get("rowId"); cValue.Exists() {
+ item.RowId = types.StringValue(cValue.String())
+ } else {
+ item.RowId = types.StringNull()
+ }
+ if cValue := v.Get("rewriteMatch"); cValue.Exists() {
+ item.RewriteMatch = types.StringValue(cValue.String())
+ } else {
+ item.RewriteMatch = types.StringNull()
+ }
+ if cValue := v.Get("rewriteResult"); cValue.Exists() {
+ item.RewriteResult = types.StringValue(cValue.String())
+ } else {
+ item.RewriteResult = types.StringNull()
+ }
+ data.RewriteRules = append(data.RewriteRules, item)
+ return true
+ })
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableRewrites"); value.Exists() {
+ data.EnableRewrites = types.BoolValue(value.Bool())
+ } else {
+ data.EnableRewrites = types.BoolValue(false)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enablePassChange"); value.Exists() {
+ data.EnablePassChange = types.BoolValue(value.Bool())
+ } else {
+ data.EnablePassChange = types.BoolValue(true)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableMachineAuth"); value.Exists() {
+ data.EnableMachineAuth = types.BoolValue(value.Bool())
+ } else {
+ data.EnableMachineAuth = types.BoolValue(true)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableMachineAccess"); value.Exists() {
+ data.EnableMachineAccess = types.BoolValue(value.Bool())
+ } else {
+ data.EnableMachineAccess = types.BoolValue(true)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableDialinPermissionCheck"); value.Exists() {
+ data.EnableDialinPermissionCheck = types.BoolValue(value.Bool())
+ } else {
+ data.EnableDialinPermissionCheck = types.BoolValue(false)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.plaintextAuth"); value.Exists() {
+ data.PlaintextAuth = types.BoolValue(value.Bool())
+ } else {
+ data.PlaintextAuth = types.BoolValue(false)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.agingTime"); value.Exists() {
+ data.AgingTime = types.Int64Value(value.Int())
+ } else {
+ data.AgingTime = types.Int64Value(5)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableCallbackForDialinClient"); value.Exists() {
+ data.EnableCallbackForDialinClient = types.BoolValue(value.Bool())
+ } else {
+ data.EnableCallbackForDialinClient = types.BoolValue(false)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.identityNotInAdBehaviour"); value.Exists() {
+ data.IdentityNotInAdBehaviour = types.StringValue(value.String())
+ } else {
+ data.IdentityNotInAdBehaviour = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.unreachableDomainsBehaviour"); value.Exists() {
+ data.UnreachableDomainsBehaviour = types.StringValue(value.String())
+ } else {
+ data.UnreachableDomainsBehaviour = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.schema"); value.Exists() {
+ data.Schema = types.StringValue(value.String())
+ } else {
+ data.Schema = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.firstName"); value.Exists() {
+ data.FirstName = types.StringValue(value.String())
+ } else {
+ data.FirstName = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.department"); value.Exists() {
+ data.Department = types.StringValue(value.String())
+ } else {
+ data.Department = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.lastName"); value.Exists() {
+ data.LastName = types.StringValue(value.String())
+ } else {
+ data.LastName = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.organizationalUnit"); value.Exists() {
+ data.OrganizationalUnit = types.StringValue(value.String())
+ } else {
+ data.OrganizationalUnit = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.jobTitle"); value.Exists() {
+ data.JobTitle = types.StringValue(value.String())
+ } else {
+ data.JobTitle = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.locality"); value.Exists() {
+ data.Locality = types.StringValue(value.String())
+ } else {
+ data.Locality = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.email"); value.Exists() {
+ data.Email = types.StringValue(value.String())
+ } else {
+ data.Email = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.stateOrProvince"); value.Exists() {
+ data.StateOrProvince = types.StringValue(value.String())
+ } else {
+ data.StateOrProvince = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.telephone"); value.Exists() {
+ data.Telephone = types.StringValue(value.String())
+ } else {
+ data.Telephone = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.country"); value.Exists() {
+ data.Country = types.StringValue(value.String())
+ } else {
+ data.Country = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.streetAddress"); value.Exists() {
+ data.StreetAddress = types.StringValue(value.String())
+ } else {
+ data.StreetAddress = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableFailedAuthProtection"); value.Exists() {
+ data.EnableFailedAuthProtection = types.BoolValue(value.Bool())
+ } else {
+ data.EnableFailedAuthProtection = types.BoolValue(false)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.failedAuthThreshold"); value.Exists() {
+ data.FailedAuthThreshold = types.Int64Value(value.Int())
+ } else {
+ data.FailedAuthThreshold = types.Int64Value(5)
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.authProtectionType"); value.Exists() {
+ data.AuthProtectionType = types.StringValue(value.String())
+ } else {
+ data.AuthProtectionType = types.StringNull()
+ }
+}
+
+//template:end fromBody
+
+//template:begin updateFromBody
+func (data *ActiveDirectoryJoinPoint) updateFromBody(ctx context.Context, res gjson.Result) {
+ if value := res.Get("ERSActiveDirectory.name"); value.Exists() && !data.Name.IsNull() {
+ data.Name = types.StringValue(value.String())
+ } else {
+ data.Name = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.description"); value.Exists() && !data.Description.IsNull() {
+ data.Description = types.StringValue(value.String())
+ } else {
+ data.Description = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.domain"); value.Exists() && !data.Domain.IsNull() {
+ data.Domain = types.StringValue(value.String())
+ } else {
+ data.Domain = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.adScopesNames"); value.Exists() && !data.AdScopesNames.IsNull() {
+ data.AdScopesNames = types.StringValue(value.String())
+ } else if data.AdScopesNames.ValueString() != "Default_Scope" {
+ data.AdScopesNames = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.enableDomainAllowedList"); value.Exists() && !data.EnableDomainAllowedList.IsNull() {
+ data.EnableDomainAllowedList = types.BoolValue(value.Bool())
+ } else if data.EnableDomainAllowedList.ValueBool() != true {
+ data.EnableDomainAllowedList = types.BoolNull()
+ }
+ for i := range data.Groups {
+ keys := [...]string{"sid"}
+ keyValues := [...]string{data.Groups[i].Sid.ValueString()}
+
+ var r gjson.Result
+ res.Get("ERSActiveDirectory.adgroups.groups").ForEach(
+ func(_, v gjson.Result) bool {
+ found := false
+ for ik := range keys {
+ if v.Get(keys[ik]).String() == keyValues[ik] {
+ found = true
+ continue
+ }
+ found = false
+ break
+ }
+ if found {
+ r = v
+ return false
+ }
+ return true
+ },
+ )
+ if value := r.Get("name"); value.Exists() && !data.Groups[i].Name.IsNull() {
+ data.Groups[i].Name = types.StringValue(value.String())
+ } else {
+ data.Groups[i].Name = types.StringNull()
+ }
+ if value := r.Get("sid"); value.Exists() && !data.Groups[i].Sid.IsNull() {
+ data.Groups[i].Sid = types.StringValue(value.String())
+ } else {
+ data.Groups[i].Sid = types.StringNull()
+ }
+ }
+ for i := range data.Attributes {
+ keys := [...]string{"name", "type", "internalName", "defaultValue"}
+ keyValues := [...]string{data.Attributes[i].Name.ValueString(), data.Attributes[i].Type.ValueString(), data.Attributes[i].InternalName.ValueString(), data.Attributes[i].DefaultValue.ValueString()}
+
+ var r gjson.Result
+ res.Get("ERSActiveDirectory.adAttributes.attributes").ForEach(
+ func(_, v gjson.Result) bool {
+ found := false
+ for ik := range keys {
+ if v.Get(keys[ik]).String() == keyValues[ik] {
+ found = true
+ continue
+ }
+ found = false
+ break
+ }
+ if found {
+ r = v
+ return false
+ }
+ return true
+ },
+ )
+ if value := r.Get("name"); value.Exists() && !data.Attributes[i].Name.IsNull() {
+ data.Attributes[i].Name = types.StringValue(value.String())
+ } else {
+ data.Attributes[i].Name = types.StringNull()
+ }
+ if value := r.Get("type"); value.Exists() && !data.Attributes[i].Type.IsNull() {
+ data.Attributes[i].Type = types.StringValue(value.String())
+ } else {
+ data.Attributes[i].Type = types.StringNull()
+ }
+ if value := r.Get("internalName"); value.Exists() && !data.Attributes[i].InternalName.IsNull() {
+ data.Attributes[i].InternalName = types.StringValue(value.String())
+ } else {
+ data.Attributes[i].InternalName = types.StringNull()
+ }
+ if value := r.Get("defaultValue"); value.Exists() && !data.Attributes[i].DefaultValue.IsNull() {
+ data.Attributes[i].DefaultValue = types.StringValue(value.String())
+ } else {
+ data.Attributes[i].DefaultValue = types.StringNull()
+ }
+ }
+ for i := range data.RewriteRules {
+ keys := [...]string{"rowId", "rewriteMatch", "rewriteResult"}
+ keyValues := [...]string{data.RewriteRules[i].RowId.ValueString(), data.RewriteRules[i].RewriteMatch.ValueString(), data.RewriteRules[i].RewriteResult.ValueString()}
+
+ var r gjson.Result
+ res.Get("ERSActiveDirectory.advancedSettings.rewriteRules").ForEach(
+ func(_, v gjson.Result) bool {
+ found := false
+ for ik := range keys {
+ if v.Get(keys[ik]).String() == keyValues[ik] {
+ found = true
+ continue
+ }
+ found = false
+ break
+ }
+ if found {
+ r = v
+ return false
+ }
+ return true
+ },
+ )
+ if value := r.Get("rowId"); value.Exists() && !data.RewriteRules[i].RowId.IsNull() {
+ data.RewriteRules[i].RowId = types.StringValue(value.String())
+ } else {
+ data.RewriteRules[i].RowId = types.StringNull()
+ }
+ if value := r.Get("rewriteMatch"); value.Exists() && !data.RewriteRules[i].RewriteMatch.IsNull() {
+ data.RewriteRules[i].RewriteMatch = types.StringValue(value.String())
+ } else {
+ data.RewriteRules[i].RewriteMatch = types.StringNull()
+ }
+ if value := r.Get("rewriteResult"); value.Exists() && !data.RewriteRules[i].RewriteResult.IsNull() {
+ data.RewriteRules[i].RewriteResult = types.StringValue(value.String())
+ } else {
+ data.RewriteRules[i].RewriteResult = types.StringNull()
+ }
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableRewrites"); value.Exists() && !data.EnableRewrites.IsNull() {
+ data.EnableRewrites = types.BoolValue(value.Bool())
+ } else if data.EnableRewrites.ValueBool() != false {
+ data.EnableRewrites = types.BoolNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enablePassChange"); value.Exists() && !data.EnablePassChange.IsNull() {
+ data.EnablePassChange = types.BoolValue(value.Bool())
+ } else if data.EnablePassChange.ValueBool() != true {
+ data.EnablePassChange = types.BoolNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableMachineAuth"); value.Exists() && !data.EnableMachineAuth.IsNull() {
+ data.EnableMachineAuth = types.BoolValue(value.Bool())
+ } else if data.EnableMachineAuth.ValueBool() != true {
+ data.EnableMachineAuth = types.BoolNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableMachineAccess"); value.Exists() && !data.EnableMachineAccess.IsNull() {
+ data.EnableMachineAccess = types.BoolValue(value.Bool())
+ } else if data.EnableMachineAccess.ValueBool() != true {
+ data.EnableMachineAccess = types.BoolNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableDialinPermissionCheck"); value.Exists() && !data.EnableDialinPermissionCheck.IsNull() {
+ data.EnableDialinPermissionCheck = types.BoolValue(value.Bool())
+ } else if data.EnableDialinPermissionCheck.ValueBool() != false {
+ data.EnableDialinPermissionCheck = types.BoolNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.plaintextAuth"); value.Exists() && !data.PlaintextAuth.IsNull() {
+ data.PlaintextAuth = types.BoolValue(value.Bool())
+ } else if data.PlaintextAuth.ValueBool() != false {
+ data.PlaintextAuth = types.BoolNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.agingTime"); value.Exists() && !data.AgingTime.IsNull() {
+ data.AgingTime = types.Int64Value(value.Int())
+ } else if data.AgingTime.ValueInt64() != 5 {
+ data.AgingTime = types.Int64Null()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableCallbackForDialinClient"); value.Exists() && !data.EnableCallbackForDialinClient.IsNull() {
+ data.EnableCallbackForDialinClient = types.BoolValue(value.Bool())
+ } else if data.EnableCallbackForDialinClient.ValueBool() != false {
+ data.EnableCallbackForDialinClient = types.BoolNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.identityNotInAdBehaviour"); value.Exists() && !data.IdentityNotInAdBehaviour.IsNull() {
+ data.IdentityNotInAdBehaviour = types.StringValue(value.String())
+ } else {
+ data.IdentityNotInAdBehaviour = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.unreachableDomainsBehaviour"); value.Exists() && !data.UnreachableDomainsBehaviour.IsNull() {
+ data.UnreachableDomainsBehaviour = types.StringValue(value.String())
+ } else {
+ data.UnreachableDomainsBehaviour = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.schema"); value.Exists() && !data.Schema.IsNull() {
+ data.Schema = types.StringValue(value.String())
+ } else {
+ data.Schema = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.firstName"); value.Exists() && !data.FirstName.IsNull() {
+ data.FirstName = types.StringValue(value.String())
+ } else {
+ data.FirstName = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.department"); value.Exists() && !data.Department.IsNull() {
+ data.Department = types.StringValue(value.String())
+ } else {
+ data.Department = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.lastName"); value.Exists() && !data.LastName.IsNull() {
+ data.LastName = types.StringValue(value.String())
+ } else {
+ data.LastName = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.organizationalUnit"); value.Exists() && !data.OrganizationalUnit.IsNull() {
+ data.OrganizationalUnit = types.StringValue(value.String())
+ } else {
+ data.OrganizationalUnit = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.jobTitle"); value.Exists() && !data.JobTitle.IsNull() {
+ data.JobTitle = types.StringValue(value.String())
+ } else {
+ data.JobTitle = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.locality"); value.Exists() && !data.Locality.IsNull() {
+ data.Locality = types.StringValue(value.String())
+ } else {
+ data.Locality = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.email"); value.Exists() && !data.Email.IsNull() {
+ data.Email = types.StringValue(value.String())
+ } else {
+ data.Email = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.stateOrProvince"); value.Exists() && !data.StateOrProvince.IsNull() {
+ data.StateOrProvince = types.StringValue(value.String())
+ } else {
+ data.StateOrProvince = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.telephone"); value.Exists() && !data.Telephone.IsNull() {
+ data.Telephone = types.StringValue(value.String())
+ } else {
+ data.Telephone = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.country"); value.Exists() && !data.Country.IsNull() {
+ data.Country = types.StringValue(value.String())
+ } else {
+ data.Country = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.streetAddress"); value.Exists() && !data.StreetAddress.IsNull() {
+ data.StreetAddress = types.StringValue(value.String())
+ } else {
+ data.StreetAddress = types.StringNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.enableFailedAuthProtection"); value.Exists() && !data.EnableFailedAuthProtection.IsNull() {
+ data.EnableFailedAuthProtection = types.BoolValue(value.Bool())
+ } else if data.EnableFailedAuthProtection.ValueBool() != false {
+ data.EnableFailedAuthProtection = types.BoolNull()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.failedAuthThreshold"); value.Exists() && !data.FailedAuthThreshold.IsNull() {
+ data.FailedAuthThreshold = types.Int64Value(value.Int())
+ } else if data.FailedAuthThreshold.ValueInt64() != 5 {
+ data.FailedAuthThreshold = types.Int64Null()
+ }
+ if value := res.Get("ERSActiveDirectory.advancedSettings.authProtectionType"); value.Exists() && !data.AuthProtectionType.IsNull() {
+ data.AuthProtectionType = types.StringValue(value.String())
+ } else {
+ data.AuthProtectionType = types.StringNull()
+ }
+}
+
+//template:end updateFromBody
+
+//template:begin isNull
+func (data *ActiveDirectoryJoinPoint) isNull(ctx context.Context, res gjson.Result) bool {
+ if !data.Name.IsNull() {
+ return false
+ }
+ if !data.Description.IsNull() {
+ return false
+ }
+ if !data.Domain.IsNull() {
+ return false
+ }
+ if !data.AdScopesNames.IsNull() {
+ return false
+ }
+ if !data.EnableDomainAllowedList.IsNull() {
+ return false
+ }
+ if len(data.Groups) > 0 {
+ return false
+ }
+ if len(data.Attributes) > 0 {
+ return false
+ }
+ if len(data.RewriteRules) > 0 {
+ return false
+ }
+ if !data.EnableRewrites.IsNull() {
+ return false
+ }
+ if !data.EnablePassChange.IsNull() {
+ return false
+ }
+ if !data.EnableMachineAuth.IsNull() {
+ return false
+ }
+ if !data.EnableMachineAccess.IsNull() {
+ return false
+ }
+ if !data.EnableDialinPermissionCheck.IsNull() {
+ return false
+ }
+ if !data.PlaintextAuth.IsNull() {
+ return false
+ }
+ if !data.AgingTime.IsNull() {
+ return false
+ }
+ if !data.EnableCallbackForDialinClient.IsNull() {
+ return false
+ }
+ if !data.IdentityNotInAdBehaviour.IsNull() {
+ return false
+ }
+ if !data.UnreachableDomainsBehaviour.IsNull() {
+ return false
+ }
+ if !data.Schema.IsNull() {
+ return false
+ }
+ if !data.FirstName.IsNull() {
+ return false
+ }
+ if !data.Department.IsNull() {
+ return false
+ }
+ if !data.LastName.IsNull() {
+ return false
+ }
+ if !data.OrganizationalUnit.IsNull() {
+ return false
+ }
+ if !data.JobTitle.IsNull() {
+ return false
+ }
+ if !data.Locality.IsNull() {
+ return false
+ }
+ if !data.Email.IsNull() {
+ return false
+ }
+ if !data.StateOrProvince.IsNull() {
+ return false
+ }
+ if !data.Telephone.IsNull() {
+ return false
+ }
+ if !data.Country.IsNull() {
+ return false
+ }
+ if !data.StreetAddress.IsNull() {
+ return false
+ }
+ if !data.EnableFailedAuthProtection.IsNull() {
+ return false
+ }
+ if !data.FailedAuthThreshold.IsNull() {
+ return false
+ }
+ if !data.AuthProtectionType.IsNull() {
+ return false
+ }
+ return true
+}
+
+//template:end isNull
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
index 9432faa..e8b02fd 100644
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -242,6 +242,7 @@ func (p *IseProvider) Configure(ctx context.Context, req provider.ConfigureReque
func (p *IseProvider) Resources(ctx context.Context) []func() resource.Resource {
return []func() resource.Resource{
+ NewActiveDirectoryJoinPointResource,
NewAllowedProtocolsResource,
NewAllowedProtocolsTACACSResource,
NewAuthorizationProfileResource,
@@ -282,6 +283,7 @@ func (p *IseProvider) Resources(ctx context.Context) []func() resource.Resource
func (p *IseProvider) DataSources(ctx context.Context) []func() datasource.DataSource {
return []func() datasource.DataSource{
+ NewActiveDirectoryJoinPointDataSource,
NewAllowedProtocolsDataSource,
NewAllowedProtocolsTACACSDataSource,
NewAuthorizationProfileDataSource,
diff --git a/internal/provider/resource_ise_active_directory_join_point.go b/internal/provider/resource_ise_active_directory_join_point.go
new file mode 100644
index 0000000..da10c64
--- /dev/null
+++ b/internal/provider/resource_ise_active_directory_join_point.go
@@ -0,0 +1,566 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+//template:begin imports
+import (
+ "context"
+ "fmt"
+ "strings"
+
+ "github.com/CiscoDevNet/terraform-provider-ise/internal/provider/helpers"
+ "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
+ "github.com/hashicorp/terraform-plugin-framework/path"
+ "github.com/hashicorp/terraform-plugin-framework/resource"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/booldefault"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/boolplanmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/int64default"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/int64planmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/schema/validator"
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/hashicorp/terraform-plugin-log/tflog"
+ "github.com/netascode/go-ise"
+)
+
+//template:end imports
+
+//template:begin model
+
+// Ensure provider defined types fully satisfy framework interfaces
+var _ resource.Resource = &ActiveDirectoryJoinPointResource{}
+var _ resource.ResourceWithImportState = &ActiveDirectoryJoinPointResource{}
+
+func NewActiveDirectoryJoinPointResource() resource.Resource {
+ return &ActiveDirectoryJoinPointResource{}
+}
+
+type ActiveDirectoryJoinPointResource struct {
+ client *ise.Client
+}
+
+func (r *ActiveDirectoryJoinPointResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+ resp.TypeName = req.ProviderTypeName + "_active_directory_join_point"
+}
+
+func (r *ActiveDirectoryJoinPointResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ // This description is used by the documentation generator and the language server.
+ MarkdownDescription: helpers.NewAttributeDescription("This resource can manage an Active Directory Join Point.").String,
+
+ Attributes: map[string]schema.Attribute{
+ "id": schema.StringAttribute{
+ MarkdownDescription: "The id of the object",
+ Computed: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.UseStateForUnknown(),
+ },
+ },
+ "name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("The name of the active directory join point").String,
+ Required: true,
+ },
+ "description": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Join point Description").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "domain": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("AD domain associated with the join point").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "ad_scopes_names": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("String that contains the names of the scopes that the active directory belongs to. Names are separated by comm").AddDefaultValueDescription("Default_Scope").String,
+ Optional: true,
+ Computed: true,
+ Default: stringdefault.StaticString("Default_Scope"),
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "enable_domain_allowed_list": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("").AddDefaultValueDescription("true").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(true),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "groups": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("List of AD Groups").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each group in the group list with no duplication between groups").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "sid": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each group in the group list with no duplication between groups").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "type": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ },
+ },
+ },
+ "attributes": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("List of AD Attributes").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each attribute in the attribute list with no duplication between attributes").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "type": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each group in the group list").AddStringEnumDescription("STRING", "IP", "BOOLEAN", "INT", "OCTET_STRING").String,
+ Required: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("STRING", "IP", "BOOLEAN", "INT", "OCTET_STRING"),
+ },
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "internal_name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each attribute in the attribute list").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "default_value": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each attribute in the attribute list. Can contain an empty string").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ },
+ },
+ },
+ "rewrite_rules": schema.ListNestedAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("List of Rewrite rules").String,
+ Optional: true,
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "row_id": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each rule in the list in serial order").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "rewrite_match": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each rule in the list with no duplication between rules").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "rewrite_result": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Required for each rule in the list").String,
+ Required: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ },
+ },
+ },
+ "enable_rewrites": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Rewrites").AddDefaultValueDescription("false").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(false),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "enable_pass_change": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Password Change").AddDefaultValueDescription("true").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(true),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "enable_machine_auth": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Machin Authentication").AddDefaultValueDescription("true").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(true),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "enable_machine_access": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Machine Access").AddDefaultValueDescription("true").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(true),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "enable_dialin_permission_check": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Dial In Permission Check").AddDefaultValueDescription("false").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(false),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "plaintext_auth": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Plain Text Authentication").AddDefaultValueDescription("false").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(false),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "aging_time": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Aging Time").AddDefaultValueDescription("5").String,
+ Optional: true,
+ Computed: true,
+ Default: int64default.StaticInt64(5),
+ PlanModifiers: []planmodifier.Int64{
+ int64planmodifier.RequiresReplace(),
+ },
+ },
+ "enable_callback_for_dialin_client": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable Callback For Dial In Client").AddDefaultValueDescription("false").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(false),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "identity_not_in_ad_behaviour": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Identity Not In AD Behaviour").AddStringEnumDescription("REJECT", "SEARCH_JOINED_FOREST", "SEARCH_ALL").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("REJECT", "SEARCH_JOINED_FOREST", "SEARCH_ALL"),
+ },
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "unreachable_domains_behaviour": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Unreachable Domains Behaviour").AddStringEnumDescription("PROCEED", "DROP").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("PROCEED", "DROP"),
+ },
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "schema": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Schema").AddStringEnumDescription("ACTIVE_DIRECTORY", "CUSTOM").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("ACTIVE_DIRECTORY", "CUSTOM"),
+ },
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "first_name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "department": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "last_name": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "organizational_unit": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "job_title": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "locality": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "email": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "state_or_province": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "telephone": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "country": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "street_address": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("User info attribute").String,
+ Optional: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ "enable_failed_auth_protection": schema.BoolAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable prevent AD account lockout due to too many bad password attempts").AddDefaultValueDescription("false").String,
+ Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(false),
+ PlanModifiers: []planmodifier.Bool{
+ boolplanmodifier.RequiresReplace(),
+ },
+ },
+ "failed_auth_threshold": schema.Int64Attribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Number of bad password attempts").AddDefaultValueDescription("5").String,
+ Optional: true,
+ Computed: true,
+ Default: int64default.StaticInt64(5),
+ PlanModifiers: []planmodifier.Int64{
+ int64planmodifier.RequiresReplace(),
+ },
+ },
+ "auth_protection_type": schema.StringAttribute{
+ MarkdownDescription: helpers.NewAttributeDescription("Enable prevent AD account lockout for WIRELESS/WIRED/BOTH").AddStringEnumDescription("WIRELESS", "WIRED", "BOTH").String,
+ Optional: true,
+ Validators: []validator.String{
+ stringvalidator.OneOf("WIRELESS", "WIRED", "BOTH"),
+ },
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.RequiresReplace(),
+ },
+ },
+ },
+ }
+}
+
+func (r *ActiveDirectoryJoinPointResource) Configure(_ context.Context, req resource.ConfigureRequest, _ *resource.ConfigureResponse) {
+ if req.ProviderData == nil {
+ return
+ }
+
+ r.client = req.ProviderData.(*IseProviderData).Client
+}
+
+//template:end model
+
+//template:begin create
+func (r *ActiveDirectoryJoinPointResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+ var plan ActiveDirectoryJoinPoint
+
+ // Read plan
+ diags := req.Plan.Get(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Create", plan.Id.ValueString()))
+
+ // Create object
+ body := plan.toBody(ctx, ActiveDirectoryJoinPoint{})
+ res, location, err := r.client.Post(plan.getPath(), body)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to configure object (POST), got error: %s, %s", err, res.String()))
+ return
+ }
+ locationElements := strings.Split(location, "/")
+ plan.Id = types.StringValue(locationElements[len(locationElements)-1])
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Create finished successfully", plan.Id.ValueString()))
+
+ diags = resp.State.Set(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+}
+
+//template:end create
+
+//template:begin read
+func (r *ActiveDirectoryJoinPointResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+ var state ActiveDirectoryJoinPoint
+
+ // Read state
+ diags := req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Read", state.Id.String()))
+
+ res, err := r.client.Get(state.getPath() + "/" + state.Id.ValueString())
+ if err != nil && strings.Contains(err.Error(), "StatusCode 404") {
+ resp.State.RemoveResource(ctx)
+ return
+ } else if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to retrieve object (GET), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ // If every attribute is set to null we are dealing with an import operation and therefore reading all attributes
+ if state.isNull(ctx, res) {
+ state.fromBody(ctx, res)
+ } else {
+ state.updateFromBody(ctx, res)
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Read finished successfully", state.Id.ValueString()))
+
+ diags = resp.State.Set(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+}
+
+//template:end read
+
+//template:begin update
+func (r *ActiveDirectoryJoinPointResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+ var plan, state ActiveDirectoryJoinPoint
+
+ // Read plan
+ diags := req.Plan.Get(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+ // Read state
+ diags = req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Update", plan.Id.ValueString()))
+
+ body := plan.toBody(ctx, state)
+
+ res, err := r.client.Put(plan.getPath()+"/"+plan.Id.ValueString(), body)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to configure object (PUT), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Update finished successfully", plan.Id.ValueString()))
+
+ diags = resp.State.Set(ctx, &plan)
+ resp.Diagnostics.Append(diags...)
+}
+
+//template:end update
+
+//template:begin delete
+func (r *ActiveDirectoryJoinPointResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+ var state ActiveDirectoryJoinPoint
+
+ // Read state
+ diags := req.State.Get(ctx, &state)
+ resp.Diagnostics.Append(diags...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Beginning Delete", state.Id.ValueString()))
+ res, err := r.client.Delete(state.getPath() + "/" + state.Id.ValueString())
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Failed to delete object (DELETE), got error: %s, %s", err, res.String()))
+ return
+ }
+
+ tflog.Debug(ctx, fmt.Sprintf("%s: Delete finished successfully", state.Id.ValueString()))
+
+ resp.State.RemoveResource(ctx)
+}
+
+//template:end delete
+
+//template:begin import
+func (r *ActiveDirectoryJoinPointResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
+ resource.ImportStatePassthroughID(ctx, path.Root("id"), req, resp)
+}
+
+//template:end import
diff --git a/internal/provider/resource_ise_active_directory_join_point_test.go b/internal/provider/resource_ise_active_directory_join_point_test.go
new file mode 100644
index 0000000..295a8e8
--- /dev/null
+++ b/internal/provider/resource_ise_active_directory_join_point_test.go
@@ -0,0 +1,160 @@
+// Copyright © 2023 Cisco Systems, Inc. and its affiliates.
+// All rights reserved.
+//
+// Licensed under the Mozilla Public License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://mozilla.org/MPL/2.0/
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: MPL-2.0
+
+// Code generated by "gen/generator.go"; DO NOT EDIT.
+
+package provider
+
+//template:begin imports
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+//template:end imports
+
+//template:begin testAcc
+func TestAccIseActiveDirectoryJoinPoint(t *testing.T) {
+ var checks []resource.TestCheckFunc
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "name", "cisco.local"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "description", "My AD join point"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "domain", "cisco.local"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "ad_scopes_names", "Default_Scope"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "enable_domain_allowed_list", "true"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "groups.0.name", "cisco.local/operators"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "groups.0.sid", "S-1-5-32-548"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "attributes.0.name", "Attribute_1"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "attributes.0.type", "STRING"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "attributes.0.internal_name", "internal_name"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "attributes.0.default_value", "default_string"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "rewrite_rules.0.row_id", "0"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "rewrite_rules.0.rewrite_match", "rewrite_match"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "rewrite_rules.0.rewrite_result", "rewrite_result"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "enable_rewrites", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "enable_pass_change", "true"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "enable_machine_auth", "true"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "enable_machine_access", "true"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "enable_dialin_permission_check", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "plaintext_auth", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "aging_time", "5"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "enable_callback_for_dialin_client", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "identity_not_in_ad_behaviour", "SEARCH_JOINED_FOREST"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "unreachable_domains_behaviour", "PROCEED"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "schema", "ACTIVE_DIRECTORY"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "first_name", "givenName"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "department", "department"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "last_name", "sn"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "organizational_unit", "company"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "job_title", "title"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "locality", "l"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "email", "mail"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "state_or_province", "st"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "telephone", "telephoneNumber"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "country", "co"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "street_address", "streetAddress"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "enable_failed_auth_protection", "false"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "failed_auth_threshold", "5"))
+ checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "auth_protection_type", "WIRELESS"))
+
+ var steps []resource.TestStep
+ steps = append(steps, resource.TestStep{
+ Config: testAccIseActiveDirectoryJoinPointConfig_all(),
+ Check: resource.ComposeTestCheckFunc(checks...),
+ })
+ steps = append(steps, resource.TestStep{
+ ResourceName: "ise_active_directory_join_point.test",
+ ImportState: true,
+ })
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+ Steps: steps,
+ })
+}
+
+//template:end testAcc
+
+//template:begin testPrerequisites
+//template:end testPrerequisites
+
+//template:begin testAccConfigMinimal
+func testAccIseActiveDirectoryJoinPointConfig_minimum() string {
+ config := `resource "ise_active_directory_join_point" "test" {` + "\n"
+ config += ` name = "cisco.local"` + "\n"
+ config += ` domain = "cisco.local"` + "\n"
+ config += `}` + "\n"
+ return config
+}
+
+//template:end testAccConfigMinimal
+
+//template:begin testAccConfigAll
+func testAccIseActiveDirectoryJoinPointConfig_all() string {
+ config := `resource "ise_active_directory_join_point" "test" {` + "\n"
+ config += ` name = "cisco.local"` + "\n"
+ config += ` description = "My AD join point"` + "\n"
+ config += ` domain = "cisco.local"` + "\n"
+ config += ` ad_scopes_names = "Default_Scope"` + "\n"
+ config += ` enable_domain_allowed_list = true` + "\n"
+ config += ` groups = [{` + "\n"
+ config += ` name = "cisco.local/operators"` + "\n"
+ config += ` sid = "S-1-5-32-548"` + "\n"
+ config += ` type = "GLOBAL"` + "\n"
+ config += ` }]` + "\n"
+ config += ` attributes = [{` + "\n"
+ config += ` name = "Attribute_1"` + "\n"
+ config += ` type = "STRING"` + "\n"
+ config += ` internal_name = "internal_name"` + "\n"
+ config += ` default_value = "default_string"` + "\n"
+ config += ` }]` + "\n"
+ config += ` rewrite_rules = [{` + "\n"
+ config += ` row_id = "0"` + "\n"
+ config += ` rewrite_match = "rewrite_match"` + "\n"
+ config += ` rewrite_result = "rewrite_result"` + "\n"
+ config += ` }]` + "\n"
+ config += ` enable_rewrites = false` + "\n"
+ config += ` enable_pass_change = true` + "\n"
+ config += ` enable_machine_auth = true` + "\n"
+ config += ` enable_machine_access = true` + "\n"
+ config += ` enable_dialin_permission_check = false` + "\n"
+ config += ` plaintext_auth = false` + "\n"
+ config += ` aging_time = 5` + "\n"
+ config += ` enable_callback_for_dialin_client = false` + "\n"
+ config += ` identity_not_in_ad_behaviour = "SEARCH_JOINED_FOREST"` + "\n"
+ config += ` unreachable_domains_behaviour = "PROCEED"` + "\n"
+ config += ` schema = "ACTIVE_DIRECTORY"` + "\n"
+ config += ` first_name = "givenName"` + "\n"
+ config += ` department = "department"` + "\n"
+ config += ` last_name = "sn"` + "\n"
+ config += ` organizational_unit = "company"` + "\n"
+ config += ` job_title = "title"` + "\n"
+ config += ` locality = "l"` + "\n"
+ config += ` email = "mail"` + "\n"
+ config += ` state_or_province = "st"` + "\n"
+ config += ` telephone = "telephoneNumber"` + "\n"
+ config += ` country = "co"` + "\n"
+ config += ` street_address = "streetAddress"` + "\n"
+ config += ` enable_failed_auth_protection = false` + "\n"
+ config += ` failed_auth_threshold = 5` + "\n"
+ config += ` auth_protection_type = "WIRELESS"` + "\n"
+ config += `}` + "\n"
+ return config
+}
+
+//template:end testAccConfigAll