github.com/GoogleCloudPlatform/terraformer@v0.8.18/providers/panos/panorama_networking.go (about) 1 // Copyright 2018 The Terraformer Authors. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package panos 16 17 import ( 18 "fmt" 19 20 "github.com/GoogleCloudPlatform/terraformer/terraformutils" 21 "github.com/PaloAltoNetworks/pango" 22 "github.com/PaloAltoNetworks/pango/netw/interface/eth" 23 "github.com/PaloAltoNetworks/pango/netw/interface/subinterface/layer2" 24 "github.com/PaloAltoNetworks/pango/netw/interface/subinterface/layer3" 25 "github.com/PaloAltoNetworks/pango/util" 26 "github.com/PaloAltoNetworks/pango/vsys" 27 ) 28 29 type PanoramaNetworkingGenerator struct { 30 PanosService 31 } 32 33 func (g *PanoramaNetworkingGenerator) createResourcesFromList( 34 o getGeneric, 35 idPrefix string, 36 useIDForResourceName bool, 37 terraformResourceName string, 38 ) (resources []terraformutils.Resource) { 39 var l []string 40 var err error 41 42 switch f := o.i.(type) { 43 case getListWithoutArg: 44 l, err = f.GetList() 45 case getListWithOneArg: 46 l, err = f.GetList(o.params[0]) 47 case getListWithTwoArgs: 48 l, err = f.GetList(o.params[0], o.params[1]) 49 case getListWithThreeArgs: 50 l, err = f.GetList(o.params[0], o.params[1], o.params[2]) 51 case getListWithFourArgs: 52 l, err = f.GetList(o.params[0], o.params[1], o.params[2], o.params[3]) 53 case getListWithFiveArgs: 54 l, err = f.GetList(o.params[0], o.params[1], o.params[2], o.params[3], o.params[4]) 55 default: 56 err = fmt.Errorf("not supported") 57 } 58 if err != nil || len(l) == 0 { 59 return []terraformutils.Resource{} 60 } 61 62 for _, r := range l { 63 id := idPrefix + r 64 resources = append(resources, terraformutils.NewSimpleResource( 65 id, 66 normalizeResourceName(func() string { 67 if useIDForResourceName { 68 return id 69 } 70 71 return r 72 }()), 73 terraformResourceName, 74 "panos", 75 []string{}, 76 )) 77 } 78 79 return resources 80 } 81 82 func (g *PanoramaNetworkingGenerator) createAggregateInterfaceResources(tmpl, ts string, v []vsys.Entry) (resources []terraformutils.Resource) { 83 l, err := g.client.(*pango.Panorama).Network.AggregateInterface.GetList(tmpl, ts) 84 if err != nil { 85 return []terraformutils.Resource{} 86 } 87 88 for _, vsys := range v { 89 for _, aggregateInterface := range l { 90 if !contains(vsys.NetworkImports.Interfaces, aggregateInterface) { 91 continue 92 } 93 94 rv, err := g.client.(*pango.Panorama).IsImported(util.InterfaceImport, tmpl, ts, vsys.Name, aggregateInterface) 95 if err != nil || !rv { 96 continue 97 } 98 99 id := tmpl + ":" + ts + ":" + vsys.Name + ":" + aggregateInterface 100 resources = append(resources, terraformutils.NewSimpleResource( 101 id, 102 normalizeResourceName(id), 103 "panos_panorama_aggregate_interface", 104 "panos", 105 []string{}, 106 )) 107 108 e, err := g.client.(*pango.Panorama).Network.AggregateInterface.Get(tmpl, ts, aggregateInterface) 109 if err != nil { 110 continue 111 } 112 113 if e.Mode == eth.ModeLayer2 || e.Mode == eth.ModeVirtualWire { 114 g.Resources = append(g.Resources, g.createLayer2SubInterfaceResources(tmpl, ts, vsys.Name, layer2.EthernetInterface, aggregateInterface, e.Mode)...) 115 } 116 117 if e.Mode == eth.ModeLayer3 { 118 g.Resources = append(g.Resources, g.createLayer3SubInterfaceResources(tmpl, ts, vsys.Name, layer3.EthernetInterface, aggregateInterface)...) 119 } 120 } 121 } 122 123 return resources 124 } 125 126 func (g *PanoramaNetworkingGenerator) createBFDProfileResources(tmpl, ts string) []terraformutils.Resource { 127 return g.createResourcesFromList( 128 getGeneric{g.client.(*pango.Panorama).Network.BfdProfile, []string{tmpl, ts}}, 129 tmpl+":"+ts+":", false, "panos_panorama_bfd_profile", 130 ) 131 } 132 133 func (g *PanoramaNetworkingGenerator) createBGPResource(tmpl, ts, virtualRouter string) terraformutils.Resource { 134 return terraformutils.NewSimpleResource( 135 tmpl+":"+ts+":"+virtualRouter, 136 normalizeResourceName(tmpl+":"+ts+":"+virtualRouter), 137 "panos_panorama_bgp", 138 "panos", 139 []string{}, 140 ) 141 } 142 143 func (g *PanoramaNetworkingGenerator) createBGPAggregateResources(tmpl, ts, virtualRouter string) (resources []terraformutils.Resource) { 144 l, err := g.client.(*pango.Panorama).Network.BgpAggregate.GetList(tmpl, ts, virtualRouter) 145 if err != nil { 146 return []terraformutils.Resource{} 147 } 148 149 for _, bgpAggregate := range l { 150 id := tmpl + ":" + ts + ":" + virtualRouter + ":" + bgpAggregate 151 resources = append(resources, terraformutils.NewSimpleResource( 152 id, 153 normalizeResourceName(id), 154 "panos_panorama_bgp_aggregate", 155 "panos", 156 []string{}, 157 )) 158 159 resources = append(resources, g.createBGPAggregateAdvertiseFilterResources(tmpl, ts, virtualRouter, bgpAggregate)...) 160 resources = append(resources, g.createBGPAggregateSuppressFilterResources(tmpl, ts, virtualRouter, bgpAggregate)...) 161 } 162 163 return resources 164 } 165 166 func (g *PanoramaNetworkingGenerator) createBGPAggregateAdvertiseFilterResources(tmpl, ts, virtualRouter, bgpAggregate string) []terraformutils.Resource { 167 return g.createResourcesFromList( 168 getGeneric{g.client.(*pango.Panorama).Network.BgpAggAdvertiseFilter, []string{tmpl, ts, virtualRouter, bgpAggregate}}, 169 tmpl+":"+ts+":"+virtualRouter+":"+bgpAggregate+":", true, "panos_panorama_bgp_aggregate_advertise_filter", 170 ) 171 } 172 173 func (g *PanoramaNetworkingGenerator) createBGPAggregateSuppressFilterResources(tmpl, ts, virtualRouter, bgpAggregate string) []terraformutils.Resource { 174 return g.createResourcesFromList( 175 getGeneric{g.client.(*pango.Panorama).Network.BgpAggSuppressFilter, []string{tmpl, ts, virtualRouter, bgpAggregate}}, 176 tmpl+":"+ts+":"+virtualRouter+":"+bgpAggregate+":", true, "panos_panorama_bgp_aggregate_suppress_filter", 177 ) 178 } 179 180 // The secret argument will contain "(incorrect)", not the real value 181 func (g *PanoramaNetworkingGenerator) createBGPAuthProfileResources(tmpl, ts, virtualRouter string) []terraformutils.Resource { 182 return g.createResourcesFromList( 183 getGeneric{g.client.(*pango.Panorama).Network.BgpAuthProfile, []string{tmpl, ts, virtualRouter}}, 184 tmpl+":"+ts+":"+virtualRouter+":", true, "panos_panorama_bgp_auth_profile", 185 ) 186 } 187 188 func (g *PanoramaNetworkingGenerator) createBGPConditionalAdvertisementResources(tmpl, ts, virtualRouter string) (resources []terraformutils.Resource) { 189 l, err := g.client.(*pango.Panorama).Network.BgpConditionalAdv.GetList(tmpl, ts, virtualRouter) 190 if err != nil { 191 return []terraformutils.Resource{} 192 } 193 194 for _, bgpConditionalAdv := range l { 195 id := tmpl + ":" + ts + ":" + virtualRouter + ":" + bgpConditionalAdv 196 resources = append(resources, terraformutils.NewSimpleResource( 197 id, 198 normalizeResourceName(id), 199 "panos_panorama_bgp_conditional_adv", 200 "panos", 201 []string{}, 202 )) 203 204 resources = append(resources, g.createBGPConditionalAdvertisementAdvertiseFilterResources(tmpl, ts, virtualRouter, bgpConditionalAdv)...) 205 resources = append(resources, g.createBGPConditionalAdvertisementNonExistFilterResources(tmpl, ts, virtualRouter, bgpConditionalAdv)...) 206 } 207 208 return resources 209 } 210 211 func (g *PanoramaNetworkingGenerator) createBGPConditionalAdvertisementAdvertiseFilterResources(tmpl, ts, virtualRouter, bgpConditionalAdv string) []terraformutils.Resource { 212 return g.createResourcesFromList( 213 getGeneric{g.client.(*pango.Panorama).Network.BgpConAdvAdvertiseFilter, []string{tmpl, ts, virtualRouter, bgpConditionalAdv}}, 214 tmpl+":"+ts+":"+virtualRouter+":"+bgpConditionalAdv+":", true, "panos_panorama_bgp_conditional_adv_advertise_filter", 215 ) 216 } 217 218 func (g *PanoramaNetworkingGenerator) createBGPConditionalAdvertisementNonExistFilterResources(tmpl, ts, virtualRouter, bgpConditionalAdv string) []terraformutils.Resource { 219 return g.createResourcesFromList( 220 getGeneric{g.client.(*pango.Panorama).Network.BgpConAdvNonExistFilter, []string{tmpl, ts, virtualRouter, bgpConditionalAdv}}, 221 tmpl+":"+ts+":"+virtualRouter+":"+bgpConditionalAdv+":", true, "panos_panorama_bgp_conditional_adv_non_exist_filter", 222 ) 223 } 224 225 func (g *PanoramaNetworkingGenerator) createBGPDampeningProfileResources(tmpl, ts, virtualRouter string) []terraformutils.Resource { 226 return g.createResourcesFromList( 227 getGeneric{g.client.(*pango.Panorama).Network.BgpDampeningProfile, []string{tmpl, ts, virtualRouter}}, 228 tmpl+":"+ts+":"+virtualRouter+":", true, "panos_panorama_bgp_dampening_profile", 229 ) 230 } 231 232 func (g *PanoramaNetworkingGenerator) createBGPExportRuleGroupResources(tmpl, ts, virtualRouter string) []terraformutils.Resource { 233 return g.createResourcesFromList( 234 getGeneric{g.client.(*pango.Panorama).Network.BgpExport, []string{tmpl, ts, virtualRouter}}, 235 tmpl+":"+ts+":"+virtualRouter+":", true, "panos_panorama_bgp_export_rule_group", 236 ) 237 } 238 239 func (g *PanoramaNetworkingGenerator) createBGPImportRuleGroupResources(tmpl, ts, virtualRouter string) []terraformutils.Resource { 240 return g.createResourcesFromList( 241 getGeneric{g.client.(*pango.Panorama).Network.BgpImport, []string{tmpl, ts, virtualRouter}}, 242 tmpl+":"+ts+":"+virtualRouter+":", true, "panos_panorama_bgp_import_rule_group", 243 ) 244 } 245 246 func (g *PanoramaNetworkingGenerator) createBGPPeerGroupResources(tmpl, ts, virtualRouter string) (resources []terraformutils.Resource) { 247 l, err := g.client.(*pango.Panorama).Network.BgpPeerGroup.GetList(tmpl, ts, virtualRouter) 248 if err != nil { 249 return []terraformutils.Resource{} 250 } 251 252 for _, bgpPeerGroup := range l { 253 id := tmpl + ":" + ts + ":" + virtualRouter + ":" + bgpPeerGroup 254 resources = append(resources, terraformutils.NewSimpleResource( 255 id, 256 normalizeResourceName(id), 257 "panos_panorama_bgp_peer_group", 258 "panos", 259 []string{}, 260 )) 261 262 resources = append(resources, g.createBGPPeerResources(tmpl, ts, virtualRouter, bgpPeerGroup)...) 263 } 264 265 return resources 266 } 267 268 func (g *PanoramaNetworkingGenerator) createBGPPeerResources(tmpl, ts, virtualRouter, bgpPeerGroup string) []terraformutils.Resource { 269 return g.createResourcesFromList( 270 getGeneric{g.client.(*pango.Panorama).Network.BgpPeer, []string{tmpl, ts, virtualRouter, bgpPeerGroup}}, 271 tmpl+":"+ts+":"+virtualRouter+":"+bgpPeerGroup+":", true, "panos_panorama_bgp_peer", 272 ) 273 } 274 275 func (g *PanoramaNetworkingGenerator) createBGPRedistResources(tmpl, ts, virtualRouter string) []terraformutils.Resource { 276 return g.createResourcesFromList( 277 getGeneric{g.client.(*pango.Panorama).Network.BgpRedistRule, []string{tmpl, ts, virtualRouter}}, 278 tmpl+":"+ts+":"+virtualRouter+":", true, "panos_panorama_bgp_redist_rule", 279 ) 280 } 281 282 func (g *PanoramaNetworkingGenerator) createEthernetInterfaceResources(tmpl, ts string, v []vsys.Entry) (resources []terraformutils.Resource) { 283 l, err := g.client.(*pango.Panorama).Network.EthernetInterface.GetList(tmpl, ts) 284 if err != nil { 285 return []terraformutils.Resource{} 286 } 287 288 for _, vsys := range v { 289 for _, ethernetInterface := range l { 290 if !contains(vsys.NetworkImports.Interfaces, ethernetInterface) { 291 continue 292 } 293 294 rv, err := g.client.(*pango.Panorama).IsImported(util.InterfaceImport, tmpl, ts, vsys.Name, ethernetInterface) 295 if err != nil || !rv { 296 continue 297 } 298 299 id := tmpl + ":" + ts + ":" + vsys.Name + ":" + ethernetInterface 300 resources = append(resources, terraformutils.NewSimpleResource( 301 id, 302 normalizeResourceName(id), 303 "panos_panorama_ethernet_interface", 304 "panos", 305 []string{}, 306 )) 307 308 e, err := g.client.(*pango.Panorama).Network.EthernetInterface.Get(tmpl, ts, ethernetInterface) 309 if err != nil { 310 continue 311 } 312 313 if e.Mode == eth.ModeLayer2 || e.Mode == eth.ModeVirtualWire { 314 g.Resources = append(g.Resources, g.createLayer2SubInterfaceResources(tmpl, ts, vsys.Name, layer2.EthernetInterface, ethernetInterface, e.Mode)...) 315 } 316 317 if e.Mode == eth.ModeLayer3 { 318 g.Resources = append(g.Resources, g.createLayer3SubInterfaceResources(tmpl, ts, vsys.Name, layer3.EthernetInterface, ethernetInterface)...) 319 } 320 } 321 } 322 323 return resources 324 } 325 326 func (g *PanoramaNetworkingGenerator) createGRETunnelResources(tmpl, ts string) []terraformutils.Resource { 327 return g.createResourcesFromList( 328 getGeneric{g.client.(*pango.Panorama).Network.GreTunnel, []string{tmpl, ts}}, 329 tmpl+":"+ts+":", false, "panos_panorama_gre_tunnel", 330 ) 331 } 332 333 func (g *PanoramaNetworkingGenerator) createIKECryptoProfileResources(tmpl, ts string) (resources []terraformutils.Resource) { 334 l, err := g.client.(*pango.Panorama).Network.IkeCryptoProfile.GetList(tmpl, ts) 335 if err != nil { 336 return []terraformutils.Resource{} 337 } 338 339 idPrefix := tmpl + ":" + ts + ":" 340 for _, ikeCryptoProfile := range l { 341 id := idPrefix + ikeCryptoProfile 342 resources = append(resources, terraformutils.NewResource( 343 id, 344 normalizeResourceName(id), 345 "panos_panorama_ike_crypto_profile", 346 "panos", 347 map[string]string{ 348 "name": ikeCryptoProfile, 349 }, 350 []string{}, 351 map[string]interface{}{}, 352 )) 353 } 354 355 return resources 356 } 357 358 func (g *PanoramaNetworkingGenerator) createIKEGatewayResources(tmpl, ts string) (resources []terraformutils.Resource) { 359 l, err := g.client.(*pango.Panorama).Network.IkeGateway.GetList(tmpl, ts) 360 if err != nil { 361 return []terraformutils.Resource{} 362 } 363 364 idPrefix := tmpl + ":" + ts + ":" 365 for _, ikeGateway := range l { 366 id := idPrefix + ikeGateway 367 resources = append(resources, terraformutils.NewResource( 368 id, 369 normalizeResourceName(id), 370 "panos_panorama_ike_gateway", 371 "panos", 372 map[string]string{ 373 "name": ikeGateway, 374 }, 375 []string{}, 376 map[string]interface{}{}, 377 )) 378 } 379 380 return resources 381 } 382 383 func (g *PanoramaNetworkingGenerator) createIPSECCryptoProfileResources(tmpl, ts string) (resources []terraformutils.Resource) { 384 l, err := g.client.(*pango.Panorama).Network.IpsecCryptoProfile.GetList(tmpl, ts) 385 if err != nil { 386 return []terraformutils.Resource{} 387 } 388 389 idPrefix := tmpl + ":" + ts + ":" 390 for _, ipsecCryptoProfile := range l { 391 id := idPrefix + ipsecCryptoProfile 392 resources = append(resources, terraformutils.NewResource( 393 id, 394 normalizeResourceName(id), 395 "panos_panorama_ipsec_crypto_profile", 396 "panos", 397 map[string]string{ 398 "name": ipsecCryptoProfile, 399 }, 400 []string{}, 401 map[string]interface{}{}, 402 )) 403 } 404 405 return resources 406 } 407 408 func (g *PanoramaNetworkingGenerator) createIPSECTunnelProxyIDIPv4Resources(tmpl, ts, ipsecTunnel string) []terraformutils.Resource { 409 return g.createResourcesFromList( 410 getGeneric{g.client.(*pango.Panorama).Network.IpsecTunnelProxyId, []string{tmpl, ts, ipsecTunnel}}, 411 tmpl+":"+ts+":"+ipsecTunnel+":", true, "panos_panorama_ipsec_tunnel_proxy_id_ipv4", 412 ) 413 } 414 415 func (g *PanoramaNetworkingGenerator) createIPSECTunnelResources(tmpl, ts string) (resources []terraformutils.Resource) { 416 l, err := g.client.(*pango.Panorama).Network.IpsecTunnel.GetList(tmpl, ts) 417 if err != nil { 418 return []terraformutils.Resource{} 419 } 420 421 idPrefix := tmpl + "::" 422 for _, ipsecTunnel := range l { 423 id := idPrefix + ipsecTunnel 424 resources = append(resources, terraformutils.NewSimpleResource( 425 id, 426 normalizeResourceName(id), 427 "panos_panorama_ipsec_tunnel", 428 "panos", 429 []string{}, 430 )) 431 432 resources = append(resources, g.createIPSECTunnelProxyIDIPv4Resources(tmpl, ts, ipsecTunnel)...) 433 } 434 435 return resources 436 } 437 438 func (g *PanoramaNetworkingGenerator) createLayer2SubInterfaceResources(tmpl, ts, vsys, interfaceType, parentInterface, parentMode string) []terraformutils.Resource { 439 // TO FIX: check disabled! 440 return g.createResourcesFromList( 441 getGeneric{g.client.(*pango.Panorama).Network.Layer2Subinterface, []string{tmpl, ts, interfaceType, parentInterface, parentMode}}, 442 tmpl+":"+ts+":"+interfaceType+":"+parentInterface+":"+parentMode+":"+vsys+":", true, "panos_panorama_layer2_subinterface", 443 ) 444 } 445 446 func (g *PanoramaNetworkingGenerator) createLayer3SubInterfaceResources(tmpl, ts, vsys, interfaceType, parentInterface string) []terraformutils.Resource { 447 // TO FIX: check disabled! 448 return g.createResourcesFromList( 449 getGeneric{g.client.(*pango.Panorama).Network.Layer3Subinterface, []string{tmpl, ts, interfaceType, parentInterface}}, 450 tmpl+":"+ts+":"+interfaceType+":"+parentInterface+":"+vsys+":", true, "panos_panorama_layer3_subinterface", 451 ) 452 } 453 454 func (g *PanoramaNetworkingGenerator) createLoopbackInterfaceResources(tmpl, ts string, v []vsys.Entry) (resources []terraformutils.Resource) { 455 l, err := g.client.(*pango.Panorama).Network.LoopbackInterface.GetList(tmpl, ts) 456 if err != nil { 457 return []terraformutils.Resource{} 458 } 459 460 for _, vsys := range v { 461 for _, loopbackInterface := range l { 462 if !contains(vsys.NetworkImports.Interfaces, loopbackInterface) { 463 continue 464 } 465 466 rv, err := g.client.(*pango.Panorama).IsImported(util.InterfaceImport, tmpl, ts, vsys.Name, loopbackInterface) 467 if err != nil || !rv { 468 continue 469 } 470 471 id := tmpl + ":" + ts + ":" + vsys.Name + ":" + loopbackInterface 472 resources = append(resources, terraformutils.NewSimpleResource( 473 id, 474 normalizeResourceName(id), 475 "panos_panorama_loopback_interface", 476 "panos", 477 []string{}, 478 )) 479 } 480 } 481 482 return resources 483 } 484 485 func (g *PanoramaNetworkingGenerator) createManagementProfileResources(tmpl, ts string) (resources []terraformutils.Resource) { 486 l, err := g.client.(*pango.Panorama).Network.ManagementProfile.GetList(tmpl, ts) 487 if err != nil { 488 return []terraformutils.Resource{} 489 } 490 491 idPrefix := tmpl + ":" + ts + ":" 492 for _, managementProfile := range l { 493 id := idPrefix + managementProfile 494 resources = append(resources, terraformutils.NewResource( 495 id, 496 normalizeResourceName(id), 497 "panos_panorama_management_profile", 498 "panos", 499 map[string]string{ 500 "name": managementProfile, 501 }, 502 []string{}, 503 map[string]interface{}{}, 504 )) 505 } 506 507 return resources 508 } 509 510 func (g *PanoramaNetworkingGenerator) createMonitorProfileResources(tmpl, ts string) []terraformutils.Resource { 511 return g.createResourcesFromList( 512 getGeneric{g.client.(*pango.Panorama).Network.MonitorProfile, []string{tmpl, ts}}, 513 tmpl+":"+ts+":", true, "panos_panorama_monitor_profile", 514 ) 515 } 516 517 func (g *PanoramaNetworkingGenerator) createRedistributionProfileResources(tmpl, ts, virtualRouter string) []terraformutils.Resource { 518 return g.createResourcesFromList( 519 getGeneric{g.client.(*pango.Panorama).Network.RedistributionProfile, []string{tmpl, ts, virtualRouter}}, 520 tmpl+":"+ts+":"+virtualRouter+":", true, "panos_panorama_redistribution_profile_ipv4", 521 ) 522 } 523 524 func (g *PanoramaNetworkingGenerator) createStaticRouteIpv4Resources(tmpl, ts, virtualRouter string) []terraformutils.Resource { 525 return g.createResourcesFromList( 526 getGeneric{g.client.(*pango.Panorama).Network.StaticRoute, []string{tmpl, ts, virtualRouter}}, 527 tmpl+":"+ts+":"+virtualRouter+":", true, "panos_panorama_static_route_ipv4", 528 ) 529 } 530 531 func (g *PanoramaNetworkingGenerator) createTunnelInterfaceResources(tmpl, ts string, v []vsys.Entry) (resources []terraformutils.Resource) { 532 l, err := g.client.(*pango.Panorama).Network.TunnelInterface.GetList(tmpl, ts) 533 if err != nil { 534 return []terraformutils.Resource{} 535 } 536 537 for _, vsys := range v { 538 for _, tunnelInterface := range l { 539 if !contains(vsys.NetworkImports.Interfaces, tunnelInterface) { 540 continue 541 } 542 543 rv, err := g.client.(*pango.Panorama).IsImported(util.InterfaceImport, tmpl, ts, vsys.Name, tunnelInterface) 544 if err != nil || !rv { 545 continue 546 } 547 548 id := tmpl + ":" + ts + ":" + vsys.Name + ":" + tunnelInterface 549 resources = append(resources, terraformutils.NewSimpleResource( 550 id, 551 normalizeResourceName(id), 552 "panos_panorama_tunnel_interface", 553 "panos", 554 []string{}, 555 )) 556 } 557 } 558 559 return resources 560 } 561 562 func (g *PanoramaNetworkingGenerator) createVirtualRouterResources(tmpl, ts string, v []vsys.Entry) (resources []terraformutils.Resource) { 563 l, err := g.client.(*pango.Panorama).Network.VirtualRouter.GetList(tmpl, ts) 564 if err != nil { 565 return []terraformutils.Resource{} 566 } 567 568 for _, vsys := range v { 569 for _, virtualRouter := range l { 570 if !contains(vsys.NetworkImports.VirtualRouters, virtualRouter) { 571 continue 572 } 573 574 // TODO: doesn't work!!? 575 // rv, err := g.client.(*pango.Panorama).IsImported(util.InterfaceImport, tmpl, ts, vsys.Name, virtualRouter) 576 // if err != nil || !rv { 577 // continue 578 // } 579 580 id := tmpl + ":" + ts + ":" + vsys.Name + ":" + virtualRouter 581 resources = append(resources, terraformutils.NewSimpleResource( 582 id, 583 normalizeResourceName(id), 584 "panos_panorama_virtual_router", 585 "panos", 586 []string{}, 587 )) 588 589 resources = append(resources, g.createBGPResource(tmpl, ts, virtualRouter)) 590 resources = append(resources, g.createBGPAggregateResources(tmpl, ts, virtualRouter)...) 591 resources = append(resources, g.createBGPAuthProfileResources(tmpl, ts, virtualRouter)...) 592 resources = append(resources, g.createBGPConditionalAdvertisementResources(tmpl, ts, virtualRouter)...) 593 resources = append(resources, g.createBGPDampeningProfileResources(tmpl, ts, virtualRouter)...) 594 resources = append(resources, g.createBGPExportRuleGroupResources(tmpl, ts, virtualRouter)...) 595 resources = append(resources, g.createBGPImportRuleGroupResources(tmpl, ts, virtualRouter)...) 596 resources = append(resources, g.createBGPPeerGroupResources(tmpl, ts, virtualRouter)...) 597 resources = append(resources, g.createBGPRedistResources(tmpl, ts, virtualRouter)...) 598 resources = append(resources, g.createRedistributionProfileResources(tmpl, ts, virtualRouter)...) 599 resources = append(resources, g.createStaticRouteIpv4Resources(tmpl, ts, virtualRouter)...) 600 } 601 } 602 603 return resources 604 } 605 606 // FIX: get VLANs in Vsys = None 607 func (g *PanoramaNetworkingGenerator) createVlanResources(tmpl, ts string, v []vsys.Entry) (resources []terraformutils.Resource) { 608 l, err := g.client.(*pango.Panorama).Network.Vlan.GetList(tmpl, ts) 609 if err != nil { 610 return []terraformutils.Resource{} 611 } 612 613 for _, vsys := range v { 614 for _, vlan := range l { 615 if !contains(vsys.NetworkImports.Vlans, vlan) { 616 continue 617 } 618 619 rv, err := g.client.(*pango.Panorama).IsImported(util.VlanImport, tmpl, ts, vsys.Name, vlan) 620 if err != nil || !rv { 621 continue 622 } 623 624 id := tmpl + ":" + ts + ":" + vsys.Name + ":" + vlan 625 resources = append(resources, terraformutils.NewSimpleResource( 626 id, 627 normalizeResourceName(id), 628 "panos_panorama_vlan", 629 "panos", 630 []string{}, 631 )) 632 } 633 } 634 635 return resources 636 } 637 638 func (g *PanoramaNetworkingGenerator) createVlanInterfaceResources(tmpl, ts string, v []vsys.Entry) (resources []terraformutils.Resource) { 639 l, err := g.client.(*pango.Panorama).Network.VlanInterface.GetList(tmpl, ts) 640 if err != nil { 641 return []terraformutils.Resource{} 642 } 643 644 for _, vsys := range v { 645 for _, vlanInterface := range l { 646 if !contains(vsys.NetworkImports.Interfaces, vlanInterface) { 647 continue 648 } 649 650 rv, err := g.client.(*pango.Panorama).IsImported(util.InterfaceImport, tmpl, ts, vsys.Name, vlanInterface) 651 if err != nil || !rv { 652 continue 653 } 654 655 id := tmpl + ":" + ts + ":" + vsys.Name + ":" + vlanInterface 656 resources = append(resources, terraformutils.NewSimpleResource( 657 id, 658 normalizeResourceName(id), 659 "panos_panorama_vlan_interface", 660 "panos", 661 []string{}, 662 )) 663 } 664 } 665 666 return resources 667 } 668 669 func (g *PanoramaNetworkingGenerator) createZoneResources(tmpl, ts string, v []vsys.Entry) (resources []terraformutils.Resource) { 670 for _, vsys := range v { 671 l, err := g.client.(*pango.Panorama).Network.Zone.GetList(tmpl, ts, vsys.Name) 672 if err != nil { 673 return []terraformutils.Resource{} 674 } 675 676 for _, zone := range l { 677 id := tmpl + ":" + ts + ":" + vsys.Name + ":" + zone 678 resources = append(resources, terraformutils.NewSimpleResource( 679 id, 680 normalizeResourceName(id), 681 "panos_panorama_zone", 682 "panos", 683 []string{}, 684 )) 685 } 686 } 687 688 return resources 689 } 690 691 func (g *PanoramaNetworkingGenerator) InitResources() error { 692 if err := g.Initialize(); err != nil { 693 return err 694 } 695 696 ts, err := g.client.(*pango.Panorama).Panorama.TemplateStack.GetList() 697 if err != nil { 698 return err 699 } 700 701 for _, v := range ts { 702 g.Resources = append(g.Resources, g.createBFDProfileResources("", v)...) 703 g.Resources = append(g.Resources, g.createIKECryptoProfileResources("", v)...) 704 g.Resources = append(g.Resources, g.createIKEGatewayResources("", v)...) 705 g.Resources = append(g.Resources, g.createIPSECCryptoProfileResources("", v)...) 706 g.Resources = append(g.Resources, g.createManagementProfileResources("", v)...) 707 g.Resources = append(g.Resources, g.createMonitorProfileResources("", v)...) 708 } 709 710 tmpl, err := g.client.(*pango.Panorama).Panorama.Template.GetList() 711 if err != nil { 712 return err 713 } 714 715 for _, v := range tmpl { 716 vsysAll, err := g.client.(*pango.Panorama).Vsys.GetAll(v, "") 717 if err != nil { 718 return err 719 } 720 721 g.Resources = append(g.Resources, g.createAggregateInterfaceResources(v, "", vsysAll)...) 722 g.Resources = append(g.Resources, g.createBFDProfileResources(v, "")...) 723 g.Resources = append(g.Resources, g.createEthernetInterfaceResources(v, "", vsysAll)...) 724 g.Resources = append(g.Resources, g.createGRETunnelResources(v, "")...) 725 g.Resources = append(g.Resources, g.createIKECryptoProfileResources(v, "")...) 726 g.Resources = append(g.Resources, g.createIKEGatewayResources(v, "")...) 727 g.Resources = append(g.Resources, g.createIPSECCryptoProfileResources(v, "")...) 728 g.Resources = append(g.Resources, g.createIPSECTunnelResources(v, "")...) 729 g.Resources = append(g.Resources, g.createLoopbackInterfaceResources(v, "", vsysAll)...) 730 g.Resources = append(g.Resources, g.createManagementProfileResources(v, "")...) 731 g.Resources = append(g.Resources, g.createMonitorProfileResources(v, "")...) 732 g.Resources = append(g.Resources, g.createTunnelInterfaceResources(v, "", vsysAll)...) 733 g.Resources = append(g.Resources, g.createVirtualRouterResources(v, "", vsysAll)...) 734 g.Resources = append(g.Resources, g.createVlanResources(v, "", vsysAll)...) 735 g.Resources = append(g.Resources, g.createVlanInterfaceResources(v, "", vsysAll)...) 736 g.Resources = append(g.Resources, g.createZoneResources(v, "", vsysAll)...) 737 } 738 739 return nil 740 } 741 742 func (g *PanoramaNetworkingGenerator) PostConvertHook() error { 743 mapInterfaceNames := map[string]string{} 744 mapInterfaceModes := map[string]string{} 745 mapIKECryptoProfileNames := map[string]string{} 746 mapIKEGatewayNames := map[string]string{} 747 mapIPSECCryptoProfileNames := map[string]string{} 748 749 for _, r := range g.Resources { 750 if r.InstanceInfo.Type == "panos_panorama_aggregate_interface" { 751 mapInterfaceNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 752 mapInterfaceModes[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".mode}" 753 } 754 755 if r.InstanceInfo.Type == "panos_panorama_ethernet_interface" { 756 mapInterfaceNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 757 mapInterfaceModes[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".mode}" 758 } 759 760 if r.InstanceInfo.Type == "panos_panorama_layer2_subinterface" { 761 mapInterfaceNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 762 } 763 764 if r.InstanceInfo.Type == "panos_panorama_layer3_subinterface" { 765 mapInterfaceNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 766 } 767 768 if r.InstanceInfo.Type == "panos_panorama_loopback_interface" { 769 mapInterfaceNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 770 } 771 772 if r.InstanceInfo.Type == "panos_panorama_tunnel_interface" { 773 mapInterfaceNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 774 } 775 776 if r.InstanceInfo.Type == "panos_panorama_vlan_interface" { 777 mapInterfaceNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 778 } 779 780 if r.InstanceInfo.Type == "panos_panorama_ike_crypto_profile" { 781 mapIKECryptoProfileNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 782 } 783 784 if r.InstanceInfo.Type == "panos_panorama_ike_gateway" { 785 mapIKEGatewayNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 786 } 787 788 if r.InstanceInfo.Type == "panos_panorama_ipsec_crypto_profile" { 789 mapIPSECCryptoProfileNames[r.Item["name"].(string)] = "${" + r.InstanceInfo.Type + "." + r.ResourceName + ".name}" 790 } 791 } 792 793 for _, r := range g.Resources { 794 if r.InstanceInfo.Type == "panos_panorama_bgp" || 795 r.InstanceInfo.Type == "panos_panorama_redistribution_profile_ipv4" || 796 r.InstanceInfo.Type == "panos_panorama_static_route_ipv4" { 797 if r.Item["virtual_router"].(string) != "default" { 798 r.Item["virtual_router"] = "${panos_panorama_virtual_router." + normalizeResourceName(r.Item["virtual_router"].(string)) + ".name}" 799 } 800 } 801 802 if r.InstanceInfo.Type == "panos_panorama_bgp_aggregate" || 803 r.InstanceInfo.Type == "panos_panorama_bgp_auth_profile" || 804 r.InstanceInfo.Type == "panos_panorama_bgp_conditional_adv" || 805 r.InstanceInfo.Type == "panos_panorama_bgp_dampening_profile" || 806 r.InstanceInfo.Type == "panos_panorama_bgp_export_rule_group" || 807 r.InstanceInfo.Type == "panos_panorama_bgp_import_rule_group" || 808 r.InstanceInfo.Type == "panos_panorama_bgp_peer_group" || 809 r.InstanceInfo.Type == "panos_panorama_bgp_redist_rule" { 810 if r.Item["virtual_router"].(string) != "default" { 811 r.Item["virtual_router"] = "${panos_panorama_bgp." + normalizeResourceName(r.Item["virtual_router"].(string)) + ".virtual_router}" 812 } 813 } 814 815 if r.InstanceInfo.Type == "panos_panorama_bgp_aggregate_advertise_filter" || 816 r.InstanceInfo.Type == "panos_panorama_bgp_aggregate_suppress_filter" { 817 if r.Item["virtual_router"].(string) != "default" { 818 r.Item["virtual_router"] = "${panos_panorama_bgp_aggregate." + normalizeResourceName(r.Item["virtual_router"].(string)) + ".virtual_router}" 819 } 820 r.Item["bgp_aggregate"] = "${panos_panorama_bgp_aggregate." + normalizeResourceName(r.Item["bgp_aggregate"].(string)) + ".name}" 821 } 822 823 if r.InstanceInfo.Type == "panos_panorama_bgp_peer" { 824 if r.Item["virtual_router"].(string) != "default" { 825 r.Item["virtual_router"] = "${panos_panorama_bgp." + normalizeResourceName(r.Item["virtual_router"].(string)) + ".virtual_router}" 826 r.Item["peer_as"] = "${panos_panorama_bgp." + normalizeResourceName(r.Item["virtual_router"].(string)) + ".as_number}" 827 } 828 r.Item["bgp_peer_group"] = "${panos_panorama_bgp_peer_group." + normalizeResourceName(r.Item["panos_bgp_peer_group"].(string)) + ".name}" 829 } 830 831 if r.InstanceInfo.Type == "panos_panorama_bgp_conditional_adv_advertise_filter" || 832 r.InstanceInfo.Type == "panos_panorama_bgp_conditional_adv_non_exist_filter" { 833 if r.Item["virtual_router"].(string) != "default" { 834 r.Item["virtual_router"] = "${panos_panorama_bgp." + normalizeResourceName(r.Item["virtual_router"].(string)) + ".virtual_router}" 835 } 836 r.Item["bgp_conditional_adv"] = "${panos_panorama_bgp_conditional_adv." + normalizeResourceName(r.Item["panos_bgp_conditional_adv"].(string)) + ".name}" 837 } 838 839 if r.InstanceInfo.Type == "panos_panorama_gre_tunnel" { 840 r.Item["interface"] = mapInterfaceNames[r.Item["interface"].(string)] 841 r.Item["tunnel_interface"] = mapInterfaceNames[r.Item["tunnel_interface"].(string)] 842 } 843 844 if r.InstanceInfo.Type == "panos_panorama_ike_gateway" { 845 if _, ok := r.Item["ikev1_crypto_profile"]; ok { 846 r.Item["ikev1_crypto_profile"] = mapIKECryptoProfileNames[r.Item["ikev1_crypto_profile"].(string)] 847 } 848 } 849 850 if r.InstanceInfo.Type == "panos_panorama_ipsec_tunnel" { 851 r.Item["tunnel_interface"] = mapInterfaceNames[r.Item["tunnel_interface"].(string)] 852 r.Item["ak_ike_gateway"] = mapIKEGatewayNames[r.Item["ak_ike_gateway"].(string)] 853 r.Item["ak_ipsec_crypto_profile"] = mapIPSECCryptoProfileNames[r.Item["ak_ipsec_crypto_profile"].(string)] 854 } 855 856 if r.InstanceInfo.Type == "panos_panorama_ipsec_tunnel_proxy_id_ipv4" { 857 r.Item["tunnel_interface"] = mapInterfaceNames[r.Item["tunnel_interface"].(string)] 858 } 859 860 if r.InstanceInfo.Type == "panos_panorama_layer2_subinterface" { 861 if _, ok := mapInterfaceModes[r.Item["parent_interface"].(string)]; ok { 862 r.Item["parent_mode"] = mapInterfaceModes[r.Item["parent_interface"].(string)] 863 } 864 } 865 866 if r.InstanceInfo.Type == "panos_panorama_layer2_subinterface" || 867 r.InstanceInfo.Type == "panos_panorama_layer3_subinterface" { 868 if _, ok := mapInterfaceNames[r.Item["parent_interface"].(string)]; ok { 869 r.Item["parent_interface"] = mapInterfaceNames[r.Item["parent_interface"].(string)] 870 } 871 } 872 873 if r.InstanceInfo.Type == "panos_panorama_virtual_router" { 874 if r.Item["ospfv3_ext_dist"].(string) == "0" { 875 r.Item["ospfv3_ext_dist"] = "110" 876 } 877 878 if r.Item["ebgp_dist"].(string) == "0" { 879 r.Item["ebgp_dist"] = "20" 880 } 881 882 if r.Item["rip_dist"].(string) == "0" { 883 r.Item["rip_dist"] = "120" 884 } 885 886 if r.Item["ibgp_dist"].(string) == "0" { 887 r.Item["ibgp_dist"] = "200" 888 } 889 890 if r.Item["static_dist"].(string) == "0" { 891 r.Item["static_dist"] = "10" 892 } 893 894 if r.Item["ospf_int_dist"].(string) == "0" { 895 r.Item["ospf_int_dist"] = "30" 896 } 897 898 if r.Item["static_ipv6_dist"].(string) == "0" { 899 r.Item["static_ipv6_dist"] = "10" 900 } 901 902 if r.Item["ospf_ext_dist"].(string) == "0" { 903 r.Item["ospf_ext_dist"] = "110" 904 } 905 906 if r.Item["ospfv3_int_dist"].(string) == "0" { 907 r.Item["ospfv3_int_dist"] = "30" 908 } 909 } 910 911 if r.InstanceInfo.Type == "panos_panorama_virtual_router" || 912 r.InstanceInfo.Type == "panos_panorama_zone" { 913 if _, ok := r.Item["interfaces"]; ok { 914 interfaces := make([]string, len(r.Item["interfaces"].([]interface{}))) 915 for k, eth := range r.Item["interfaces"].([]interface{}) { 916 if name, ok := mapInterfaceNames[eth.(string)]; ok { 917 interfaces[k] = name 918 } 919 } 920 921 r.Item["interfaces"] = interfaces 922 } 923 } 924 925 if r.InstanceInfo.Type == "panos_panorama_vlan" { 926 r.Item["vlan_interface"] = mapInterfaceNames[r.Item["vlan_interface"].(string)] 927 } 928 } 929 930 return nil 931 }