From eb92947324e86bcea7a86ca303435784880323be Mon Sep 17 00:00:00 2001 From: danischm Date: Tue, 23 Jan 2024 01:01:27 +0100 Subject: [PATCH] Minor active directory join point updates --- CHANGELOG.md | 1 + .../active_directory_join_point.md | 10 +-- docs/guides/changelog.md | 1 + docs/resources/active_directory_join_point.md | 10 +-- .../active_directory_join_point.yaml | 67 ++++++++++--------- ..._source_ise_active_directory_join_point.go | 10 +-- ...ce_ise_active_directory_join_point_test.go | 4 ++ ...esource_ise_active_directory_join_point.go | 10 +-- ...ce_ise_active_directory_join_point_test.go | 4 ++ templates/guides/changelog.md.tmpl | 1 + 10 files changed, 65 insertions(+), 53 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bc3aa3f..dd34930 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ - Fix import operation of nested resources (e.g. `ise_network_access_authentication_rule`) - Fix name-based queries for `device_admin` and `network_access` data sources +- Add `ise_active_directory_join_point` resource and data source ## 0.1.10 diff --git a/docs/data-sources/active_directory_join_point.md b/docs/data-sources/active_directory_join_point.md index 52ca1c2..6d0a383 100644 --- a/docs/data-sources/active_directory_join_point.md +++ b/docs/data-sources/active_directory_join_point.md @@ -27,13 +27,13 @@ data "ise_active_directory_join_point" "example" { ### Read-Only -- `ad_scopes_names` (String) String that contains the names of the scopes that the active directory belongs to. Names are separated by comm +- `ad_scopes_names` (String) String that contains the names of the scopes that the active directory belongs to. Names are separated by comma. - `aging_time` (Number) Aging Time -- `attributes` (Attributes List) List of AD Attributes (see [below for nested schema](#nestedatt--attributes)) +- `attributes` (Attributes List) List of AD attributes (see [below for nested schema](#nestedatt--attributes)) - `auth_protection_type` (String) Enable prevent AD account lockout for WIRELESS/WIRED/BOTH - `country` (String) User info attribute - `department` (String) User info attribute -- `description` (String) Join point Description +- `description` (String) Join point description - `domain` (String) AD domain associated with the join point - `email` (String) User info attribute - `enable_callback_for_dialin_client` (Boolean) Enable Callback For Dial In Client @@ -41,7 +41,7 @@ data "ise_active_directory_join_point" "example" { - `enable_domain_allowed_list` (Boolean) - `enable_failed_auth_protection` (Boolean) Enable prevent AD account lockout due to too many bad password attempts - `enable_machine_access` (Boolean) Enable Machine Access -- `enable_machine_auth` (Boolean) Enable Machin Authentication +- `enable_machine_auth` (Boolean) Enable Machine Authentication - `enable_pass_change` (Boolean) Enable Password Change - `enable_rewrites` (Boolean) Enable Rewrites - `failed_auth_threshold` (Number) Number of bad password attempts @@ -66,7 +66,7 @@ data "ise_active_directory_join_point" "example" { Read-Only: -- `default_value` (String) Required for each attribute in the attribute list. Can contain an empty string +- `default_value` (String) Required for each attribute in the attribute list. Can contain an empty string. - `internal_name` (String) Required for each attribute in the attribute list - `name` (String) Required for each attribute in the attribute list with no duplication between attributes - `type` (String) Required for each group in the group list diff --git a/docs/guides/changelog.md b/docs/guides/changelog.md index 9b4f442..e6e5418 100644 --- a/docs/guides/changelog.md +++ b/docs/guides/changelog.md @@ -11,6 +11,7 @@ description: |- - Fix import operation of nested resources (e.g. `ise_network_access_authentication_rule`) - Fix name-based queries for `device_admin` and `network_access` data sources +- Add `ise_active_directory_join_point` resource and data source ## 0.1.10 diff --git a/docs/resources/active_directory_join_point.md b/docs/resources/active_directory_join_point.md index 34415fc..dd7b3ed 100644 --- a/docs/resources/active_directory_join_point.md +++ b/docs/resources/active_directory_join_point.md @@ -79,16 +79,16 @@ resource "ise_active_directory_join_point" "example" { ### Optional -- `ad_scopes_names` (String) String that contains the names of the scopes that the active directory belongs to. Names are separated by comm +- `ad_scopes_names` (String) String that contains the names of the scopes that the active directory belongs to. Names are separated by comma. - Default value: `Default_Scope` - `aging_time` (Number) Aging Time - Default value: `5` -- `attributes` (Attributes List) List of AD Attributes (see [below for nested schema](#nestedatt--attributes)) +- `attributes` (Attributes List) List of AD attributes (see [below for nested schema](#nestedatt--attributes)) - `auth_protection_type` (String) Enable prevent AD account lockout for WIRELESS/WIRED/BOTH - Choices: `WIRELESS`, `WIRED`, `BOTH` - `country` (String) User info attribute - `department` (String) User info attribute -- `description` (String) Join point Description +- `description` (String) Join point description - `email` (String) User info attribute - `enable_callback_for_dialin_client` (Boolean) Enable Callback For Dial In Client - Default value: `false` @@ -99,7 +99,7 @@ resource "ise_active_directory_join_point" "example" { - Default value: `false` - `enable_machine_access` (Boolean) Enable Machine Access - Default value: `true` -- `enable_machine_auth` (Boolean) Enable Machin Authentication +- `enable_machine_auth` (Boolean) Enable Machine Authentication - Default value: `true` - `enable_pass_change` (Boolean) Enable Password Change - Default value: `true` @@ -135,7 +135,7 @@ resource "ise_active_directory_join_point" "example" { Required: -- `default_value` (String) Required for each attribute in the attribute list. Can contain an empty string +- `default_value` (String) Required for each attribute in the attribute list. Can contain an empty string. - `internal_name` (String) Required for each attribute in the attribute list - `name` (String) Required for each attribute in the attribute list with no duplication between attributes - `type` (String) Required for each group in the group list diff --git a/gen/definitions/active_directory_join_point.yaml b/gen/definitions/active_directory_join_point.yaml index d2e1ba7..ccfdbd4 100644 --- a/gen/definitions/active_directory_join_point.yaml +++ b/gen/definitions/active_directory_join_point.yaml @@ -3,6 +3,7 @@ name: Active Directory Join Point rest_endpoint: /ers/config/activedirectory doc_category: Identity Management skip_minimum_test: true +test_tags: [AD] attributes: - model_name: name data_path: [ERSActiveDirectory] @@ -14,7 +15,7 @@ attributes: data_path: [ERSActiveDirectory] type: String requires_replace: true - description: Join point Description + description: Join point description example: My AD join point - model_name: domain data_path: [ERSActiveDirectory] @@ -27,7 +28,7 @@ attributes: data_path: [ERSActiveDirectory] type: String requires_replace: true - description: String that contains the names of the scopes that the active directory belongs to. Names are separated by comm + description: String that contains the names of the scopes that the active directory belongs to. Names are separated by comma. default_value: Default_Scope example: Default_Scope - model_name: enableDomainAllowedList @@ -38,7 +39,7 @@ attributes: example: true - model_name: groups description: List of AD Groups - data_path: [ERSActiveDirectory,adgroups] + data_path: [ERSActiveDirectory, adgroups] type: List attributes: - model_name: name @@ -60,9 +61,9 @@ attributes: requires_replace: true example: GLOBAL - model_name: attributes - data_path: [ERSActiveDirectory,adAttributes] + data_path: [ERSActiveDirectory, adAttributes] type: List - description: List of AD Attributes + description: List of AD attributes attributes: - model_name: name type: String @@ -87,10 +88,10 @@ attributes: type: String requires_replace: true mandatory: true - description: Required for each attribute in the attribute list. Can contain an empty string + description: Required for each attribute in the attribute list. Can contain an empty string. example: default_string - model_name: rewriteRules - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: List description: List of Rewrite rules attributes: @@ -113,164 +114,164 @@ attributes: description: Required for each rule in the list example: rewrite_result - model_name: enableRewrites - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Bool requires_replace: true default_value: false description: Enable Rewrites example: false - model_name: enablePassChange - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Bool requires_replace: true default_value: true description: Enable Password Change example: true - model_name: enableMachineAuth - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Bool requires_replace: true default_value: true - description: Enable Machin Authentication + description: Enable Machine Authentication example: true - model_name: enableMachineAccess - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Bool requires_replace: true default_value: true description: Enable Machine Access example: true - model_name: enableDialinPermissionCheck - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Bool requires_replace: true default_value: false description: Enable Dial In Permission Check example: false - model_name: plaintextAuth - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Bool requires_replace: true default_value: false description: Plain Text Authentication example: false - model_name: agingTime - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Int64 requires_replace: true default_value: 5 description: Aging Time example: 5 - model_name: enableCallbackForDialinClient - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Bool requires_replace: true default_value: false description: Enable Callback For Dial In Client example: false - model_name: identityNotInAdBehaviour - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true enum_values: [REJECT, SEARCH_JOINED_FOREST, SEARCH_ALL] description: Identity Not In AD Behaviour example: SEARCH_JOINED_FOREST - model_name: unreachableDomainsBehaviour - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true enum_values: [PROCEED, DROP] description: Unreachable Domains Behaviour example: PROCEED - model_name: schema - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true enum_values: [ACTIVE_DIRECTORY, CUSTOM] description: Schema example: ACTIVE_DIRECTORY - model_name: firstName - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: givenName - model_name: department - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: department - model_name: lastName - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: sn - model_name: organizationalUnit - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: company - model_name: jobTitle - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: title - model_name: locality - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: l - model_name: email - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: mail - model_name: stateOrProvince - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: st - model_name: telephone - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: telephoneNumber - model_name: country - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: co - model_name: streetAddress - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true description: User info attribute example: streetAddress - model_name: enableFailedAuthProtection - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Bool requires_replace: true description: Enable prevent AD account lockout due to too many bad password attempts example: false default_value: false - model_name: failedAuthThreshold - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: Int64 requires_replace: true default_value: 5 description: Number of bad password attempts example: 5 - model_name: authProtectionType - data_path: [ERSActiveDirectory,advancedSettings] + data_path: [ERSActiveDirectory, advancedSettings] type: String requires_replace: true enum_values: [WIRELESS, WIRED, BOTH] diff --git a/internal/provider/data_source_ise_active_directory_join_point.go b/internal/provider/data_source_ise_active_directory_join_point.go index 2068648..4832f13 100644 --- a/internal/provider/data_source_ise_active_directory_join_point.go +++ b/internal/provider/data_source_ise_active_directory_join_point.go @@ -67,7 +67,7 @@ func (d *ActiveDirectoryJoinPointDataSource) Schema(ctx context.Context, req dat Computed: true, }, "description": schema.StringAttribute{ - MarkdownDescription: "Join point Description", + MarkdownDescription: "Join point description", Computed: true, }, "domain": schema.StringAttribute{ @@ -75,7 +75,7 @@ func (d *ActiveDirectoryJoinPointDataSource) Schema(ctx context.Context, req dat Computed: true, }, "ad_scopes_names": schema.StringAttribute{ - MarkdownDescription: "String that contains the names of the scopes that the active directory belongs to. Names are separated by comm", + MarkdownDescription: "String that contains the names of the scopes that the active directory belongs to. Names are separated by comma.", Computed: true, }, "enable_domain_allowed_list": schema.BoolAttribute{ @@ -103,7 +103,7 @@ func (d *ActiveDirectoryJoinPointDataSource) Schema(ctx context.Context, req dat }, }, "attributes": schema.ListNestedAttribute{ - MarkdownDescription: "List of AD Attributes", + MarkdownDescription: "List of AD attributes", Computed: true, NestedObject: schema.NestedAttributeObject{ Attributes: map[string]schema.Attribute{ @@ -120,7 +120,7 @@ func (d *ActiveDirectoryJoinPointDataSource) Schema(ctx context.Context, req dat Computed: true, }, "default_value": schema.StringAttribute{ - MarkdownDescription: "Required for each attribute in the attribute list. Can contain an empty string", + MarkdownDescription: "Required for each attribute in the attribute list. Can contain an empty string.", Computed: true, }, }, @@ -155,7 +155,7 @@ func (d *ActiveDirectoryJoinPointDataSource) Schema(ctx context.Context, req dat Computed: true, }, "enable_machine_auth": schema.BoolAttribute{ - MarkdownDescription: "Enable Machin Authentication", + MarkdownDescription: "Enable Machine Authentication", Computed: true, }, "enable_machine_access": schema.BoolAttribute{ diff --git a/internal/provider/data_source_ise_active_directory_join_point_test.go b/internal/provider/data_source_ise_active_directory_join_point_test.go index 1979527..6b9f9d9 100644 --- a/internal/provider/data_source_ise_active_directory_join_point_test.go +++ b/internal/provider/data_source_ise_active_directory_join_point_test.go @@ -21,6 +21,7 @@ package provider //template:begin imports import ( + "os" "testing" "github.com/hashicorp/terraform-plugin-testing/helper/resource" @@ -30,6 +31,9 @@ import ( //template:begin testAccDataSource func TestAccDataSourceIseActiveDirectoryJoinPoint(t *testing.T) { + if os.Getenv("AD") == "" { + t.Skip("skipping test, set environment variable AD") + } var checks []resource.TestCheckFunc checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "name", "cisco.local")) checks = append(checks, resource.TestCheckResourceAttr("data.ise_active_directory_join_point.test", "description", "My AD join point")) diff --git a/internal/provider/resource_ise_active_directory_join_point.go b/internal/provider/resource_ise_active_directory_join_point.go index da10c64..d66df49 100644 --- a/internal/provider/resource_ise_active_directory_join_point.go +++ b/internal/provider/resource_ise_active_directory_join_point.go @@ -81,7 +81,7 @@ func (r *ActiveDirectoryJoinPointResource) Schema(ctx context.Context, req resou Required: true, }, "description": schema.StringAttribute{ - MarkdownDescription: helpers.NewAttributeDescription("Join point Description").String, + MarkdownDescription: helpers.NewAttributeDescription("Join point description").String, Optional: true, PlanModifiers: []planmodifier.String{ stringplanmodifier.RequiresReplace(), @@ -95,7 +95,7 @@ func (r *ActiveDirectoryJoinPointResource) Schema(ctx context.Context, req resou }, }, "ad_scopes_names": schema.StringAttribute{ - MarkdownDescription: helpers.NewAttributeDescription("String that contains the names of the scopes that the active directory belongs to. Names are separated by comm").AddDefaultValueDescription("Default_Scope").String, + MarkdownDescription: helpers.NewAttributeDescription("String that contains the names of the scopes that the active directory belongs to. Names are separated by comma.").AddDefaultValueDescription("Default_Scope").String, Optional: true, Computed: true, Default: stringdefault.StaticString("Default_Scope"), @@ -142,7 +142,7 @@ func (r *ActiveDirectoryJoinPointResource) Schema(ctx context.Context, req resou }, }, "attributes": schema.ListNestedAttribute{ - MarkdownDescription: helpers.NewAttributeDescription("List of AD Attributes").String, + MarkdownDescription: helpers.NewAttributeDescription("List of AD attributes").String, Optional: true, NestedObject: schema.NestedAttributeObject{ Attributes: map[string]schema.Attribute{ @@ -171,7 +171,7 @@ func (r *ActiveDirectoryJoinPointResource) Schema(ctx context.Context, req resou }, }, "default_value": schema.StringAttribute{ - MarkdownDescription: helpers.NewAttributeDescription("Required for each attribute in the attribute list. Can contain an empty string").String, + MarkdownDescription: helpers.NewAttributeDescription("Required for each attribute in the attribute list. Can contain an empty string.").String, Required: true, PlanModifiers: []planmodifier.String{ stringplanmodifier.RequiresReplace(), @@ -228,7 +228,7 @@ func (r *ActiveDirectoryJoinPointResource) Schema(ctx context.Context, req resou }, }, "enable_machine_auth": schema.BoolAttribute{ - MarkdownDescription: helpers.NewAttributeDescription("Enable Machin Authentication").AddDefaultValueDescription("true").String, + MarkdownDescription: helpers.NewAttributeDescription("Enable Machine Authentication").AddDefaultValueDescription("true").String, Optional: true, Computed: true, Default: booldefault.StaticBool(true), diff --git a/internal/provider/resource_ise_active_directory_join_point_test.go b/internal/provider/resource_ise_active_directory_join_point_test.go index 295a8e8..7a94000 100644 --- a/internal/provider/resource_ise_active_directory_join_point_test.go +++ b/internal/provider/resource_ise_active_directory_join_point_test.go @@ -21,6 +21,7 @@ package provider //template:begin imports import ( + "os" "testing" "github.com/hashicorp/terraform-plugin-testing/helper/resource" @@ -30,6 +31,9 @@ import ( //template:begin testAcc func TestAccIseActiveDirectoryJoinPoint(t *testing.T) { + if os.Getenv("AD") == "" { + t.Skip("skipping test, set environment variable AD") + } var checks []resource.TestCheckFunc checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "name", "cisco.local")) checks = append(checks, resource.TestCheckResourceAttr("ise_active_directory_join_point.test", "description", "My AD join point")) diff --git a/templates/guides/changelog.md.tmpl b/templates/guides/changelog.md.tmpl index 9b4f442..e6e5418 100644 --- a/templates/guides/changelog.md.tmpl +++ b/templates/guides/changelog.md.tmpl @@ -11,6 +11,7 @@ description: |- - Fix import operation of nested resources (e.g. `ise_network_access_authentication_rule`) - Fix name-based queries for `device_admin` and `network_access` data sources +- Add `ise_active_directory_join_point` resource and data source ## 0.1.10