From 601145adbaeba3bd9c161c203567afe41961a26c Mon Sep 17 00:00:00 2001 From: Doug Byrd Date: Tue, 5 Nov 2024 10:57:31 -0500 Subject: [PATCH] Add ability to select monitoring policies M: defaults.yaml M: aci_fabric_policies.tf M: aci_tenants.tf M: aci_access_policies.tf Fabric Policies M: terraform-aci-fabric-leaf-switch-policy-group M: terraform-aci-fabric-spine-switch-policy-group Access Policies M: terraform-aci-access-leaf-switch-policy-group M: terraform-aci-access-leaf-interface-policy-group M: terraform-aci-vmware-vmm-domain Tenant Policies M: terraform-aci-tenant M: terraform-aci-vrf M: terraform-aci-bridge-domain M: terraform-aci-application-profile M: terraform-aci-endpoint-group M: terraform-aci-useg-endpoint-group --- aci_access_policies.tf | 4 +- aci_fabric_policies.tf | 3 ++ aci_tenants.tf | 47 ++++++++++++------- defaults/defaults.yaml | 20 ++++++++ .../README.md | 3 ++ .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + .../main.tf | 9 ++++ .../variables.tf | 10 ++++ .../README.md | 3 ++ .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + .../main.tf | 9 ++++ .../variables.tf | 11 +++++ .../README.md | 11 +++-- .../examples/complete/README.md | 9 ++-- .../examples/complete/main.tf | 9 ++-- .../terraform-aci-application-profile/main.tf | 10 ++++ .../variables.tf | 11 +++++ modules/terraform-aci-bridge-domain/README.md | 3 ++ .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + modules/terraform-aci-bridge-domain/main.tf | 9 ++++ .../terraform-aci-bridge-domain/variables.tf | 11 +++++ .../terraform-aci-endpoint-group/README.md | 3 ++ .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + modules/terraform-aci-endpoint-group/main.tf | 9 ++++ .../terraform-aci-endpoint-group/variables.tf | 10 ++++ .../README.md | 3 ++ .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + .../main.tf | 9 ++++ .../variables.tf | 10 ++++ .../README.md | 3 ++ .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + .../main.tf | 9 ++++ .../variables.tf | 10 ++++ modules/terraform-aci-tenant/README.md | 9 ++-- .../examples/complete/README.md | 7 +-- .../examples/complete/main.tf | 7 +-- modules/terraform-aci-tenant/main.tf | 10 ++++ modules/terraform-aci-tenant/variables.tf | 10 ++++ .../README.md | 3 ++ .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + .../terraform-aci-useg-endpoint-group/main.tf | 9 ++++ .../variables.tf | 10 ++++ .../terraform-aci-vmware-vmm-domain/README.md | 4 +- .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + .../terraform-aci-vmware-vmm-domain/main.tf | 11 ++++- .../variables.tf | 1 + modules/terraform-aci-vrf/README.md | 3 ++ .../examples/complete/README.md | 1 + .../examples/complete/main.tf | 1 + modules/terraform-aci-vrf/main.tf | 10 ++++ modules/terraform-aci-vrf/variables.tf | 10 ++++ 59 files changed, 338 insertions(+), 42 deletions(-) diff --git a/aci_access_policies.tf b/aci_access_policies.tf index 059bd4f8..b785939a 100644 --- a/aci_access_policies.tf +++ b/aci_access_policies.tf @@ -133,6 +133,7 @@ module "aci_access_leaf_switch_policy_group" { forwarding_scale_policy = try("${each.value.forwarding_scale_policy}${local.defaults.apic.access_policies.switch_policies.forwarding_scale_policies.name_suffix}", "") bfd_ipv4_policy = try("${each.value.bfd_ipv4_policy}${local.defaults.apic.access_policies.switch_policies.bfd_ipv4_policies.name_suffix}", "") bfd_ipv6_policy = try("${each.value.bfd_ipv6_policy}${local.defaults.apic.access_policies.switch_policies.bfd_ipv6_policies.name_suffix}", "") + monitoring_policy = try("${each.value.monitoring_policy}${local.defaults.apic.access_policies.switch_policies.monitoring_policies.name_suffix}", "") depends_on = [ module.aci_forwarding_scale_policy, @@ -401,7 +402,8 @@ module "aci_access_leaf_interface_policy_group" { name = "${monitor.name}${local.defaults.apic.access_policies.interface_policies.netflow_monitors.name_suffix}" ip_filter_type = try(monitor.ip_filter_type, local.defaults.apic.access_policies.leaf_interface_policy_groups.netflow_monitor_policies.ip_filter_type) }] - aaep = try("${each.value.aaep}${local.defaults.apic.access_policies.aaeps.name_suffix}", "") + aaep = try("${each.value.aaep}${local.defaults.apic.access_policies.aaeps.name_suffix}", "") + monitoring_policy = try("${each.value.monitoring_policy}${local.defaults.apic.access_policies.interface_policies.monitoring_policies.name_suffix}", "") depends_on = [ module.aci_link_level_policy, diff --git a/aci_fabric_policies.tf b/aci_fabric_policies.tf index 75edf438..3b73754e 100644 --- a/aci_fabric_policies.tf +++ b/aci_fabric_policies.tf @@ -321,6 +321,7 @@ module "aci_fabric_leaf_switch_policy_group" { name = "${each.value.name}${local.defaults.apic.fabric_policies.leaf_switch_policy_groups.name_suffix}" psu_policy = try("${each.value.psu_policy}${local.defaults.apic.fabric_policies.switch_policies.psu_policies.name_suffix}", "") node_control_policy = try("${each.value.node_control_policy}${local.defaults.apic.fabric_policies.switch_policies.node_control_policies.name_suffix}", "") + monitoring_policy = try("${each.value.monitoring_policy}${local.defaults.apic.fabric_policies.switch_policies.monitoring_policies.name_suffix}", "") depends_on = [ module.aci_psu_policy, @@ -335,6 +336,7 @@ module "aci_fabric_spine_switch_policy_group" { name = "${each.value.name}${local.defaults.apic.fabric_policies.spine_switch_policy_groups.name_suffix}" psu_policy = try("${each.value.psu_policy}${local.defaults.apic.fabric_policies.switch_policies.psu_policies.name_suffix}", "") node_control_policy = try("${each.value.node_control_policy}${local.defaults.apic.fabric_policies.switch_policies.node_control_policies.name_suffix}", "") + monitoring_policy = try("${each.value.monitoring_policy}${local.defaults.apic.fabric_policies.switch_policies.monitoring_policies.name_suffix}", "") depends_on = [ module.aci_psu_policy, @@ -560,6 +562,7 @@ module "aci_vmware_vmm_domain" { statistics = try(vc.statistics, local.defaults.apic.fabric_policies.vmware_vmm_domains.vcenters.statistics) mgmt_epg_type = try(vc.mgmt_epg, local.defaults.apic.fabric_policies.vmware_vmm_domains.vcenters.mgmt_epg) mgmt_epg_name = try(vc.mgmt_epg, local.defaults.apic.fabric_policies.vmware_vmm_domains.vcenters.mgmt_epg) == "oob" ? try(local.node_policies.oob_endpoint_group, local.defaults.apic.node_policies.oob_endpoint_group) : try(local.node_policies.inb_endpoint_group, local.defaults.apic.node_policies.inb_endpoint_group) + monitoring_policy = try("${vc.monitoring_policy}${local.defaults.apic.fabric_policies.vmware_vmm_domains.monitoring_policies.name_suffix}", "") }] vswitch_enhanced_lags = [for vel in try(each.value.vswitch.enhanced_lags, []) : { name = "${vel.name}${local.defaults.apic.fabric_policies.vmware_vmm_domains.vswitch.enhanced_lags.name_suffix}" diff --git a/aci_tenants.tf b/aci_tenants.tf index a4196c82..f6061393 100644 --- a/aci_tenants.tf +++ b/aci_tenants.tf @@ -1,12 +1,13 @@ module "aci_tenant" { source = "./modules/terraform-aci-tenant" - for_each = { for tenant in local.tenants : tenant.name => tenant if try(tenant.managed, local.defaults.apic.tenants.managed, true) && local.modules.aci_tenant && var.manage_tenants } - name = each.value.name - annotation = try(each.value.ndo_managed, local.defaults.apic.tenants.ndo_managed) ? "orchestrator:msc" : null - alias = try(each.value.alias, "") - description = try(each.value.description, "") - security_domains = try(each.value.security_domains, []) + for_each = { for tenant in local.tenants : tenant.name => tenant if try(tenant.managed, local.defaults.apic.tenants.managed, true) && local.modules.aci_tenant && var.manage_tenants } + name = each.value.name + annotation = try(each.value.ndo_managed, local.defaults.apic.tenants.ndo_managed) ? "orchestrator:msc" : null + alias = try(each.value.alias, "") + description = try(each.value.description, "") + security_domains = try(each.value.security_domains, []) + monitoring_policy = try("${each.value.monitoring_policy}${local.defaults.apic.tenants.monitoring_policies.name_suffix}", "") } locals { @@ -27,6 +28,7 @@ locals { contract_imported_consumers = try([for contract in vrf.contracts.imported_consumers : "${contract}${local.defaults.apic.tenants.imported_contracts.name_suffix}"], []) preferred_group = try(vrf.preferred_group, local.defaults.apic.tenants.vrfs.preferred_group) transit_route_tag_policy = try(vrf.transit_route_tag_policy, null) != null ? "${vrf.transit_route_tag_policy}${local.defaults.apic.tenants.policies.route_tag_policies.name_suffix}" : "" + monitoring_policy = try("${vrf.monitoring_policy}${local.defaults.apic.tenants.vrfs.monitoring_policies.name_suffix}", "") ospf_timer_policy = try("${vrf.ospf.timer_policy}${local.defaults.apic.tenants.policies.ospf_timer_policies.name_suffix}", "") ospf_ipv4_address_family_context_policy = try("${vrf.ospf.ipv4_address_family_context_policy}${local.defaults.apic.tenants.policies.ospf_timer_policies.name_suffix}", "") ospf_ipv6_address_family_context_policy = try("${vrf.ospf.ipv6_address_family_context_policy}${local.defaults.apic.tenants.policies.ospf_timer_policies.name_suffix}", "") @@ -116,6 +118,7 @@ module "aci_vrf" { contract_imported_consumers = each.value.contract_imported_consumers preferred_group = each.value.preferred_group transit_route_tag_policy = each.value.transit_route_tag_policy + monitoring_policy = each.value.monitoring_policy ospf_timer_policy = each.value.ospf_timer_policy ospf_ipv4_address_family_context_policy = each.value.ospf_ipv4_address_family_context_policy ospf_ipv6_address_family_context_policy = each.value.ospf_ipv6_address_family_context_policy @@ -191,6 +194,7 @@ locals { igmp_interface_policy = try("${bd.igmp_interface_policy}${local.defaults.apic.tenants.policies.igmp_interface_policies.name_suffix}", "") igmp_snooping_policy = try("${bd.igmp_snooping_policy}${local.defaults.apic.tenants.policies.igmp_snooping_policies.name_suffix}", "") nd_interface_policy = try("${bd.nd_interface_policy}${local.defaults.apic.tenants.policies.nd_interface_policies.name_suffix}", "") + monitoring_policy = try("${bd.monitoring_policy}${local.defaults.apic.tenants.bridge_domains.monitoring_policies.name_suffix}", "") subnets = [for subnet in try(bd.subnets, []) : { ip = subnet.ip description = try(subnet.description, "") @@ -247,6 +251,7 @@ module "aci_bridge_domain" { subnets = each.value.subnets l3outs = each.value.l3outs dhcp_labels = each.value.dhcp_labels + monitoring_policy = each.value.monitoring_policy depends_on = [ module.aci_tenant, @@ -261,12 +266,13 @@ locals { application_profiles = flatten([ for tenant in local.tenants : [ for ap in try(tenant.application_profiles, []) : { - key = format("%s/%s", tenant.name, ap.name) - tenant = tenant.name - name = "${ap.name}${local.defaults.apic.tenants.application_profiles.name_suffix}" - annotation = try(ap.ndo_managed, local.defaults.apic.tenants.application_profiles.ndo_managed) ? "orchestrator:msc-shadow:no" : null - alias = try(ap.alias, "") - description = try(ap.description, "") + key = format("%s/%s", tenant.name, ap.name) + tenant = tenant.name + name = "${ap.name}${local.defaults.apic.tenants.application_profiles.name_suffix}" + annotation = try(ap.ndo_managed, local.defaults.apic.tenants.application_profiles.ndo_managed) ? "orchestrator:msc-shadow:no" : null + alias = try(ap.alias, "") + description = try(ap.description, "") + monitoring_policy = try("${ap.monitoring_policy}${local.defaults.apic.tenants.application_profiles.monitoring_policies.name_suffix}", "") } if try(ap.managed, local.defaults.apic.tenants.application_profiles.managed, true) ] ]) @@ -275,12 +281,13 @@ locals { module "aci_application_profile" { source = "./modules/terraform-aci-application-profile" - for_each = { for ap in local.application_profiles : ap.key => ap if local.modules.aci_application_profile && var.manage_tenants } - tenant = each.value.tenant - name = each.value.name - annotation = each.value.annotation - alias = each.value.alias - description = each.value.description + for_each = { for ap in local.application_profiles : ap.key => ap if local.modules.aci_application_profile && var.manage_tenants } + tenant = each.value.tenant + name = each.value.name + annotation = each.value.annotation + alias = each.value.alias + description = each.value.description + monitoring_policy = each.value.monitoring_policy depends_on = [ module.aci_tenant @@ -314,6 +321,7 @@ locals { contract_imported_consumers = try([for contract in epg.contracts.imported_consumers : "${contract}${local.defaults.apic.tenants.imported_contracts.name_suffix}"], []) contract_intra_epgs = try([for contract in epg.contracts.intra_epgs : "${contract}${local.defaults.apic.tenants.contracts.name_suffix}"], []) physical_domains = try([for domain in epg.physical_domains : "${domain}${local.defaults.apic.access_policies.physical_domains.name_suffix}"], []) + monitoring_policy = try("${epg.monitoring_policy}${local.defaults.apic.tenants.application_profiles.endpoint_groups.monitoring_policies.name_suffix}", "") contract_masters = [for master in try(epg.contracts.masters, []) : { endpoint_group = master.endpoint_group application_profile = try(master.application_profile, "${ap.name}${local.defaults.apic.tenants.application_profiles.name_suffix}") @@ -447,6 +455,7 @@ module "aci_endpoint_group" { physical_domains = each.value.physical_domains subnets = each.value.subnets vmware_vmm_domains = each.value.vmware_vmm_domains + monitoring_policy = each.value.monitoring_policy static_ports = [for sp in try(each.value.static_ports, []) : { description = sp.description node_id = sp.node_id @@ -527,6 +536,7 @@ locals { contract_intra_epgs = try([for contract in useg_epg.contracts.intra_epgs : "${contract}${local.defaults.apic.tenants.contracts.name_suffix}"], []) physical_domains = try([for domain in useg_epg.physical_domains : "${domain}${local.defaults.apic.access_policies.physical_domains.name_suffix}"], []) useg_attributes_match_type = try(useg_epg.useg_attributes.match_type, local.defaults.apic.tenants.application_profiles.useg_endpoint_groups.useg_attributes.match_type) + monitoring_policy = try("${useg_epg.monitoring_policy}${local.defaults.apic.tenants.application_profiles.useg_endpoint_groups.monitoring_policies.name_suffix}", "") contract_masters = [for master in try(useg_epg.contracts.masters, []) : { endpoint_group = master.endpoint_group application_profile = try(master.application_profile, "${ap.name}${local.defaults.apic.tenants.application_profiles.name_suffix}") @@ -616,6 +626,7 @@ module "aci_useg_endpoint_group" { mac_statements = each.value.useg_attributes_mac_statements subnets = each.value.subnets vmware_vmm_domains = each.value.vmware_vmm_domains + monitoring_policy = each.value.monitoring_policy static_leafs = [for sl in try(each.value.static_leafs, []) : { pod_id = sl.pod_id == null ? try([for node in try(local.node_policies.nodes, []) : node.pod if node.id == sl.node_id][0], local.defaults.apic.node_policies.nodes.pod) : sl.pod_id node_id = sl.node_id diff --git a/defaults/defaults.yaml b/defaults/defaults.yaml index a79d4c9f..c5f9c130 100644 --- a/defaults/defaults.yaml +++ b/defaults/defaults.yaml @@ -167,6 +167,8 @@ defaults: dom: true psu_policies: name_suffix: "" + monitoring_policies: + name_suffix: "" leaf_switch_policy_groups: name_suffix: "" spine_switch_policy_groups: @@ -230,6 +232,8 @@ defaults: mgmt_epg: inb dvs_version: unmanaged statistics: false + monitoring_policies: + name_suffix: "" aaa: remote_user_login_policy: no-login default_fallback_check: false @@ -468,6 +472,8 @@ defaults: slow_timer_interval: 2000 echo_receive_interval: 50 echo_frame_source_address: 0.0.0.0 + monitoring_policies: + name_suffix: "" spine_switch_policy_groups: name_suffix: "" leaf_switch_policy_groups: @@ -549,6 +555,8 @@ defaults: name_suffix: "" netflow_records: name_suffix: "" + monitoring_policies: + name_suffix: "" leaf_interface_policy_groups: name_suffix: "" map: none @@ -760,6 +768,8 @@ defaults: tenants: managed: true ndo_managed: false + monitoring_policies: + name_suffix: "" vrfs: name_suffix: "" ndo_managed: false @@ -782,6 +792,8 @@ defaults: asm_traffic_registry_max_rate: 65535 asm_traffic_registry_source_ip: "0.0.0.0" preferred_group: false + monitoring_policies: + name_suffix: "" bridge_domains: name_suffix: "" ndo_managed: false @@ -808,6 +820,8 @@ defaults: igmp_querier: false nd_ra_prefix: true no_default_gateway: false + monitoring_policies: + name_suffix: "" l3outs: name_suffix: "" ndo_managed: false @@ -1009,6 +1023,8 @@ defaults: name_suffix: "" ndo_managed: false managed: true + monitoring_policies: + name_suffix: "" endpoint_groups: name_suffix: "" ndo_managed: false @@ -1055,6 +1071,8 @@ defaults: name_suffix: "" start_ip: 0.0.0.0 end_ip: 0.0.0.0 + monitoring_policies: + name_suffix: "" useg_endpoint_groups: name_suffix: "" flood_in_encap: false @@ -1083,6 +1101,8 @@ defaults: name_suffix: "" start_ip: 0.0.0.0 end_ip: 0.0.0.0 + monitoring_policies: + name_suffix: "" endpoint_security_groups: name_suffix: "" shutdown: false diff --git a/modules/terraform-aci-access-leaf-interface-policy-group/README.md b/modules/terraform-aci-access-leaf-interface-policy-group/README.md index 9518c40c..05511400 100644 --- a/modules/terraform-aci-access-leaf-interface-policy-group/README.md +++ b/modules/terraform-aci-access-leaf-interface-policy-group/README.md @@ -26,6 +26,7 @@ module "aci_access_leaf_interface_policy_group" { port_channel_policy = "LACP" port_channel_member_policy = "FAST" aaep = "AAEP1" + monitoring_policy = "MON1" } ``` @@ -61,6 +62,7 @@ module "aci_access_leaf_interface_policy_group" { | [port\_channel\_member\_policy](#input\_port\_channel\_member\_policy) | Port channel member policy name. | `string` | `""` | no | | [aaep](#input\_aaep) | Attachable access entity profile name. | `string` | `""` | no | | [netflow\_monitor\_policies](#input\_netflow\_monitor\_policies) | List of Netflow Monitor policies. Choices `ip_filter_type`: `ipv4, `ipv6`, `ce`, `unspecified`.` | 
list(object({
    name           = string
    ip_filter_type = optional(string, "ipv4")
  }))
| `[]` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | Leaf interface monitoring policy name. | `string` | n/a | yes | ## Outputs @@ -83,6 +85,7 @@ module "aci_access_leaf_interface_policy_group" { | [aci_rest_managed.infraRsLacpPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.infraRsLldpIfPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.infraRsMcpIfPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.infraRsMonIfInfraPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.infraRsNetflowMonitorPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.infraRsStormctrlIfPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.infraRsStpIfPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | diff --git a/modules/terraform-aci-access-leaf-interface-policy-group/examples/complete/README.md b/modules/terraform-aci-access-leaf-interface-policy-group/examples/complete/README.md index c1ccff1a..ed909c6d 100644 --- a/modules/terraform-aci-access-leaf-interface-policy-group/examples/complete/README.md +++ b/modules/terraform-aci-access-leaf-interface-policy-group/examples/complete/README.md @@ -29,6 +29,7 @@ module "aci_access_leaf_interface_policy_group" { port_channel_policy = "LACP" port_channel_member_policy = "FAST" aaep = "AAEP1" + monitoring_policy = "MON1" } ``` \ No newline at end of file diff --git a/modules/terraform-aci-access-leaf-interface-policy-group/examples/complete/main.tf b/modules/terraform-aci-access-leaf-interface-policy-group/examples/complete/main.tf index 7703b81f..f14c46be 100644 --- a/modules/terraform-aci-access-leaf-interface-policy-group/examples/complete/main.tf +++ b/modules/terraform-aci-access-leaf-interface-policy-group/examples/complete/main.tf @@ -15,4 +15,5 @@ module "aci_access_leaf_interface_policy_group" { port_channel_policy = "LACP" port_channel_member_policy = "FAST" aaep = "AAEP1" + monitoring_policy = "MON1" } diff --git a/modules/terraform-aci-access-leaf-interface-policy-group/main.tf b/modules/terraform-aci-access-leaf-interface-policy-group/main.tf index 8e72488e..b6652dc6 100644 --- a/modules/terraform-aci-access-leaf-interface-policy-group/main.tf +++ b/modules/terraform-aci-access-leaf-interface-policy-group/main.tf @@ -117,3 +117,12 @@ resource "aci_rest_managed" "infraRsNetflowMonitorPol" { tnNetflowMonitorPolName = each.value.name } } + +resource "aci_rest_managed" "infraRsMonIfInfraPol" { + count = (var.type == "access" || var.type == "vpc" || var.type == "pc") && var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.infraAccGrp.dn}/rsmonIfInfraPol" + class_name = "infraRsMonIfInfraPol" + content = { + tnMonInfraPolName = var.monitoring_policy + } +} diff --git a/modules/terraform-aci-access-leaf-interface-policy-group/variables.tf b/modules/terraform-aci-access-leaf-interface-policy-group/variables.tf index 856f84a2..8f21bfdf 100644 --- a/modules/terraform-aci-access-leaf-interface-policy-group/variables.tf +++ b/modules/terraform-aci-access-leaf-interface-policy-group/variables.tf @@ -165,4 +165,14 @@ variable "netflow_monitor_policies" { ]) error_message = "`ip_filter_type`: Allowed values: `ipv4, `ipv6`, `ce`, `unspecified`" } +} + +variable "monitoring_policy" { + description = "Leaf interface monitoring policy name." + type = string + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `-`, `:`. Maximum characters: 64." + } } \ No newline at end of file diff --git a/modules/terraform-aci-access-leaf-switch-policy-group/README.md b/modules/terraform-aci-access-leaf-switch-policy-group/README.md index 69a208e8..6a96c4fa 100644 --- a/modules/terraform-aci-access-leaf-switch-policy-group/README.md +++ b/modules/terraform-aci-access-leaf-switch-policy-group/README.md @@ -17,6 +17,7 @@ module "aci_access_leaf_switch_policy_group" { forwarding_scale_policy = "HIGH-DUAL-STACK" bfd_ipv4_policy = "BFD-IPV4-POLICY" bfd_ipv6_policy = "BFD-IPV6-POLICY" + monitoring_policy = "MON1" } ``` @@ -41,6 +42,7 @@ module "aci_access_leaf_switch_policy_group" { | [forwarding\_scale\_policy](#input\_forwarding\_scale\_policy) | Forwarding scale policy name. | `string` | `""` | no | | [bfd\_ipv4\_policy](#input\_bfd\_ipv4\_policy) | BFD IPv4 policy name. | `string` | `""` | no | | [bfd\_ipv6\_policy](#input\_bfd\_ipv6\_policy) | BFD IPv6 policy name. | `string` | `""` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | Leaf Switch monitoring policy name. | `string` | `null` | no | ## Outputs @@ -56,5 +58,6 @@ module "aci_access_leaf_switch_policy_group" { | [aci_rest_managed.infraAccNodePGrp](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.infraRsBfdIpv4InstPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.infraRsBfdIpv6InstPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.infraRsMonNodeInfraPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.infraRsTopoctrlFwdScaleProfPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | \ No newline at end of file diff --git a/modules/terraform-aci-access-leaf-switch-policy-group/examples/complete/README.md b/modules/terraform-aci-access-leaf-switch-policy-group/examples/complete/README.md index 3dc158d5..2c6dff2d 100644 --- a/modules/terraform-aci-access-leaf-switch-policy-group/examples/complete/README.md +++ b/modules/terraform-aci-access-leaf-switch-policy-group/examples/complete/README.md @@ -20,6 +20,7 @@ module "aci_access_leaf_switch_policy_group" { forwarding_scale_policy = "HIGH-DUAL-STACK" bfd_ipv4_policy = "BFD-IPV4-POLICY" bfd_ipv6_policy = "BFD-IPV6-POLICY" + monitoring_policy = "MON1" } ``` \ No newline at end of file diff --git a/modules/terraform-aci-access-leaf-switch-policy-group/examples/complete/main.tf b/modules/terraform-aci-access-leaf-switch-policy-group/examples/complete/main.tf index 253d30b0..7d6aa12e 100644 --- a/modules/terraform-aci-access-leaf-switch-policy-group/examples/complete/main.tf +++ b/modules/terraform-aci-access-leaf-switch-policy-group/examples/complete/main.tf @@ -6,4 +6,5 @@ module "aci_access_leaf_switch_policy_group" { forwarding_scale_policy = "HIGH-DUAL-STACK" bfd_ipv4_policy = "BFD-IPV4-POLICY" bfd_ipv6_policy = "BFD-IPV6-POLICY" + monitoring_policy = "MON1" } diff --git a/modules/terraform-aci-access-leaf-switch-policy-group/main.tf b/modules/terraform-aci-access-leaf-switch-policy-group/main.tf index 24b40c2f..3f4282ce 100644 --- a/modules/terraform-aci-access-leaf-switch-policy-group/main.tf +++ b/modules/terraform-aci-access-leaf-switch-policy-group/main.tf @@ -29,3 +29,12 @@ resource "aci_rest_managed" "infraRsBfdIpv6InstPol" { tnBfdIpv6InstPolName = var.bfd_ipv6_policy } } + +resource "aci_rest_managed" "infraRsMonNodeInfraPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.infraAccNodePGrp.dn}/rsmonNodeInfraPol" + class_name = "infraRsMonNodeInfraPol" + content = { + tnMonInfraPolName = var.monitoring_policy + } +} diff --git a/modules/terraform-aci-access-leaf-switch-policy-group/variables.tf b/modules/terraform-aci-access-leaf-switch-policy-group/variables.tf index 0cc40784..dc12c9c0 100644 --- a/modules/terraform-aci-access-leaf-switch-policy-group/variables.tf +++ b/modules/terraform-aci-access-leaf-switch-policy-group/variables.tf @@ -40,3 +40,14 @@ variable "bfd_ipv6_policy" { error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." } } + +variable "monitoring_policy" { + description = "Leaf Switch monitoring policy name." + type = string + default = null + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `-`, `:`. Maximum characters: 64." + } +} diff --git a/modules/terraform-aci-application-profile/README.md b/modules/terraform-aci-application-profile/README.md index a4ac6943..c4adad08 100644 --- a/modules/terraform-aci-application-profile/README.md +++ b/modules/terraform-aci-application-profile/README.md @@ -13,10 +13,11 @@ module "aci_application_profile" { source = "netascode/nac-aci/aci//modules/terraform-aci-application-profile" version = ">= 0.8.0" - tenant = "ABC" - name = "AP1" - alias = "AP1-ALIAS" - description = "My Description" + tenant = "ABC" + name = "AP1" + alias = "AP1-ALIAS" + description = "My Description" + monitoring_policy = "MON1" } ``` @@ -42,6 +43,7 @@ module "aci_application_profile" { | [annotation](#input\_annotation) | Annotation value. | `string` | `null` | no | | [alias](#input\_alias) | Application profile alias. | `string` | `""` | no | | [description](#input\_description) | Application profile description. | `string` | `""` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | Application profile monitoring policy name. | `string` | `""` | no | ## Outputs @@ -55,4 +57,5 @@ module "aci_application_profile" { | Name | Type | |------|------| | [aci_rest_managed.fvAp](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.fvRsApMonPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | \ No newline at end of file diff --git a/modules/terraform-aci-application-profile/examples/complete/README.md b/modules/terraform-aci-application-profile/examples/complete/README.md index 72c94398..7077c9a2 100644 --- a/modules/terraform-aci-application-profile/examples/complete/README.md +++ b/modules/terraform-aci-application-profile/examples/complete/README.md @@ -16,10 +16,11 @@ module "aci_application_profile" { source = "netascode/nac-aci/aci//modules/terraform-aci-application-profile" version = ">= 0.8.0" - tenant = "ABC" - name = "AP1" - alias = "AP1-ALIAS" - description = "My Description" + tenant = "ABC" + name = "AP1" + alias = "AP1-ALIAS" + description = "My Description" + monitoring_policy = "MON1" } ``` \ No newline at end of file diff --git a/modules/terraform-aci-application-profile/examples/complete/main.tf b/modules/terraform-aci-application-profile/examples/complete/main.tf index 49249cfa..7965ee27 100644 --- a/modules/terraform-aci-application-profile/examples/complete/main.tf +++ b/modules/terraform-aci-application-profile/examples/complete/main.tf @@ -2,8 +2,9 @@ module "aci_application_profile" { source = "netascode/nac-aci/aci//modules/terraform-aci-application-profile" version = ">= 0.8.0" - tenant = "ABC" - name = "AP1" - alias = "AP1-ALIAS" - description = "My Description" + tenant = "ABC" + name = "AP1" + alias = "AP1-ALIAS" + description = "My Description" + monitoring_policy = "MON1" } diff --git a/modules/terraform-aci-application-profile/main.tf b/modules/terraform-aci-application-profile/main.tf index 6b813c1a..4ec04eb4 100644 --- a/modules/terraform-aci-application-profile/main.tf +++ b/modules/terraform-aci-application-profile/main.tf @@ -8,3 +8,13 @@ resource "aci_rest_managed" "fvAp" { descr = var.description } } + +resource "aci_rest_managed" "fvRsApMonPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.fvAp.dn}/rsApMonPol" + class_name = "fvRsApMonPol" + + content = { + tnMonEPGPolName = var.monitoring_policy + } +} \ No newline at end of file diff --git a/modules/terraform-aci-application-profile/variables.tf b/modules/terraform-aci-application-profile/variables.tf index 53a14831..f8a71f4b 100644 --- a/modules/terraform-aci-application-profile/variables.tf +++ b/modules/terraform-aci-application-profile/variables.tf @@ -50,3 +50,14 @@ variable "description" { error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `\\`, `!`, `#`, `$`, `%`, `(`, `)`, `*`, `,`, `-`, `.`, `/`, `:`, `;`, `@`, ` `, `_`, `{`, `|`, }`, `~`, `?`, `&`, `+`. Maximum characters: 128." } } + +variable "monitoring_policy" { + description = "Application profile monitoring policy name." + type = string + default = "" + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." + } +} diff --git a/modules/terraform-aci-bridge-domain/README.md b/modules/terraform-aci-bridge-domain/README.md index 79588302..7140895c 100644 --- a/modules/terraform-aci-bridge-domain/README.md +++ b/modules/terraform-aci-bridge-domain/README.md @@ -32,6 +32,7 @@ module "aci_bridge_domain" { unknown_ipv6_multicast = "opt-flood" vrf = "VRF1" nd_interface_policy = "ND_INTF_POL1" + monitoring_policy = "MON1" subnets = [{ description = "Subnet Description" ip = "1.1.1.1/24" @@ -101,6 +102,7 @@ module "aci_bridge_domain" { | [subnets](#input\_subnets) | List of subnets. Default value `primary_ip`: `false`. Default value `public`: `false`. Default value `shared`: `false`. Default value `igmp_querier`: `false`. Default value `nd_ra_prefix`: `true`. Default value `no_default_gateway`: `false`. Default value `virtual`: `false`. | 
list(object({
    description           = optional(string, "")
    ip                    = string
    primary_ip            = optional(bool, false)
    public                = optional(bool, false)
    shared                = optional(bool, false)
    igmp_querier          = optional(bool, false)
    nd_ra_prefix          = optional(bool, true)
    no_default_gateway    = optional(bool, false)
    virtual               = optional(bool, false)
    nd_ra_prefix_policy   = optional(string, "")
    ip_dataplane_learning = optional(bool, null)
    tags = optional(list(object({
      key   = string
      value = string
    })), [])
  }))
| `[]` | no | | [l3outs](#input\_l3outs) | List of l3outs | `list(string)` | `[]` | no | | [dhcp\_labels](#input\_dhcp\_labels) | List of DHCP labels | 
list(object({
    dhcp_relay_policy  = string
    dhcp_option_policy = optional(string)
    scope              = optional(string, "tenant")
  }))
| `[]` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | Bridge domain monitoring policy name. | `string` | `""` | no | ## Outputs @@ -116,6 +118,7 @@ module "aci_bridge_domain" { | [aci_rest_managed.dhcpLbl](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.dhcpRsDhcpOptionPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvBD](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.fvRsABDPolMonPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsBDToNdP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsBDToOut](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsCtx](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | diff --git a/modules/terraform-aci-bridge-domain/examples/complete/README.md b/modules/terraform-aci-bridge-domain/examples/complete/README.md index ea10b6ab..0d591e59 100644 --- a/modules/terraform-aci-bridge-domain/examples/complete/README.md +++ b/modules/terraform-aci-bridge-domain/examples/complete/README.md @@ -35,6 +35,7 @@ module "aci_bridge_domain" { unknown_ipv6_multicast = "opt-flood" vrf = "VRF1" nd_interface_policy = "ND_INTF_POL1" + monitoring_policy = "MON1" subnets = [{ description = "Subnet Description" ip = "1.1.1.1/24" diff --git a/modules/terraform-aci-bridge-domain/examples/complete/main.tf b/modules/terraform-aci-bridge-domain/examples/complete/main.tf index 99d28e18..e53a7f17 100644 --- a/modules/terraform-aci-bridge-domain/examples/complete/main.tf +++ b/modules/terraform-aci-bridge-domain/examples/complete/main.tf @@ -21,6 +21,7 @@ module "aci_bridge_domain" { unknown_ipv6_multicast = "opt-flood" vrf = "VRF1" nd_interface_policy = "ND_INTF_POL1" + monitoring_policy = "MON1" subnets = [{ description = "Subnet Description" ip = "1.1.1.1/24" diff --git a/modules/terraform-aci-bridge-domain/main.tf b/modules/terraform-aci-bridge-domain/main.tf index b1786bb5..75ac1f1e 100644 --- a/modules/terraform-aci-bridge-domain/main.tf +++ b/modules/terraform-aci-bridge-domain/main.tf @@ -191,4 +191,13 @@ resource "aci_rest_managed" "fvRsBDToNdP" { content = { tnNdIfPolName = var.nd_interface_policy } +} + +resource "aci_rest_managed" "fvRsABDPolMonPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.fvBD.dn}/rsABDPolMonPol" + class_name = "fvRsABDPolMonPol" + content = { + tnMonEPGPolName = var.monitoring_policy + } } \ No newline at end of file diff --git a/modules/terraform-aci-bridge-domain/variables.tf b/modules/terraform-aci-bridge-domain/variables.tf index c6e65819..de237503 100644 --- a/modules/terraform-aci-bridge-domain/variables.tf +++ b/modules/terraform-aci-bridge-domain/variables.tf @@ -297,3 +297,14 @@ variable "dhcp_labels" { error_message = "`dhcp_option_policy`: Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." } } + +variable "monitoring_policy" { + description = "Bridge domain monitoring policy name." + type = string + default = "" + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." + } +} \ No newline at end of file diff --git a/modules/terraform-aci-endpoint-group/README.md b/modules/terraform-aci-endpoint-group/README.md index 0cf7e617..7e5c0eed 100644 --- a/modules/terraform-aci-endpoint-group/README.md +++ b/modules/terraform-aci-endpoint-group/README.md @@ -25,6 +25,7 @@ module "aci_endpoint_group" { custom_qos_policy = "CQP1" bridge_domain = "BD1" trust_control_policy = "TRUST_POL" + monitoring_policy = "MON1" contract_consumers = ["CON1"] contract_providers = ["CON1"] contract_imported_consumers = ["I_CON1"] @@ -151,6 +152,7 @@ module "aci_endpoint_group" { | [static\_endpoints](#input\_static\_endpoints) | List of static endpoints. Format `mac`: `12:34:56:78:9A:BC`. Choices `type`: `silent-host`, `tep`, `vep`. Allowed values `node_id`, `node2_id`: `1` - `4000`. Allowed values `vlan`: `1` - `4096`. Allowed values `pod_id`: `1` - `255`. Default value `pod_id`: `1`. Allowed values `port`: `1` - `127`. Allowed values `module`: `1` - `9`. Default value `module`: `1`. | 
list(object({
    name           = optional(string, "")
    alias          = optional(string, "")
    mac            = string
    ip             = optional(string, "0.0.0.0")
    type           = string
    node_id        = optional(number)
    node2_id       = optional(number)
    vlan           = optional(number)
    pod_id         = optional(number, 1)
    port           = optional(number)
    module         = optional(number, 1)
    channel        = optional(string)
    additional_ips = optional(list(string), [])
  }))
| `[]` | no | | [l4l7\_virtual\_ips](#input\_l4l7\_virtual\_ips) | List of EPG L4/L7 Virtual IPs. | 
list(object({
    ip          = string
    description = optional(string, "")
  }))
| `[]` | no | | [l4l7\_address\_pools](#input\_l4l7\_address\_pools) | List of EPG L4/L7 Address Pools. | 
list(object({
    name            = string
    gateway_address = string
    from            = optional(string, "")
    to              = optional(string, "")
  }))
| `[]` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | Endpoint group monitoring policy name. | `string` | n/a | yes | ## Outputs @@ -169,6 +171,7 @@ module "aci_endpoint_group" { | [aci_rest_managed.fvEpAnycast](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvEpNlb](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvEpReachability](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.fvRsAEPgMonPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsBd](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsCons](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsConsIf](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | diff --git a/modules/terraform-aci-endpoint-group/examples/complete/README.md b/modules/terraform-aci-endpoint-group/examples/complete/README.md index 2585e328..85676069 100644 --- a/modules/terraform-aci-endpoint-group/examples/complete/README.md +++ b/modules/terraform-aci-endpoint-group/examples/complete/README.md @@ -28,6 +28,7 @@ module "aci_endpoint_group" { custom_qos_policy = "CQP1" bridge_domain = "BD1" trust_control_policy = "TRUST_POL" + monitoring_policy = "MON1" contract_consumers = ["CON1"] contract_providers = ["CON1"] contract_imported_consumers = ["I_CON1"] diff --git a/modules/terraform-aci-endpoint-group/examples/complete/main.tf b/modules/terraform-aci-endpoint-group/examples/complete/main.tf index 09961ab5..5ac6de86 100644 --- a/modules/terraform-aci-endpoint-group/examples/complete/main.tf +++ b/modules/terraform-aci-endpoint-group/examples/complete/main.tf @@ -14,6 +14,7 @@ module "aci_endpoint_group" { custom_qos_policy = "CQP1" bridge_domain = "BD1" trust_control_policy = "TRUST_POL" + monitoring_policy = "MON1" contract_consumers = ["CON1"] contract_providers = ["CON1"] contract_imported_consumers = ["I_CON1"] diff --git a/modules/terraform-aci-endpoint-group/main.tf b/modules/terraform-aci-endpoint-group/main.tf index e98e7b60..82e2b118 100644 --- a/modules/terraform-aci-endpoint-group/main.tf +++ b/modules/terraform-aci-endpoint-group/main.tf @@ -498,3 +498,12 @@ resource "aci_rest_managed" "fvnsUcastAddrBlk" { } } +resource "aci_rest_managed" "fvRsAEPgMonPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.fvAEPg.dn}/rsAEPgMonPol" + class_name = "fvRsAEPgMonPol" + + content = { + tnMonEPGPolName = var.monitoring_policy + } +} \ No newline at end of file diff --git a/modules/terraform-aci-endpoint-group/variables.tf b/modules/terraform-aci-endpoint-group/variables.tf index 6b54c30a..af99b43a 100644 --- a/modules/terraform-aci-endpoint-group/variables.tf +++ b/modules/terraform-aci-endpoint-group/variables.tf @@ -675,3 +675,13 @@ variable "l4l7_address_pools" { error_message = "`name`: Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." } } + +variable "monitoring_policy" { + description = "Endpoint group monitoring policy name." + type = string + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." + } +} \ No newline at end of file diff --git a/modules/terraform-aci-fabric-leaf-switch-policy-group/README.md b/modules/terraform-aci-fabric-leaf-switch-policy-group/README.md index 3efcd493..db8c2e5e 100644 --- a/modules/terraform-aci-fabric-leaf-switch-policy-group/README.md +++ b/modules/terraform-aci-fabric-leaf-switch-policy-group/README.md @@ -16,6 +16,7 @@ module "aci_fabric_leaf_switch_policy_group" { name = "LEAFS" psu_policy = "PSU1" node_control_policy = "NC1" + monitoring_policy = "MON1" } ``` @@ -39,6 +40,7 @@ module "aci_fabric_leaf_switch_policy_group" { | [name](#input\_name) | Leaf switch policy group name. | `string` | n/a | yes | | [psu\_policy](#input\_psu\_policy) | PSU policy name. | `string` | `""` | no | | [node\_control\_policy](#input\_node\_control\_policy) | Node control policy name. | `string` | `""` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | Leaf switch monitoring policy name. | `string` | n/a | yes | ## Outputs @@ -52,6 +54,7 @@ module "aci_fabric_leaf_switch_policy_group" { | Name | Type | |------|------| | [aci_rest_managed.fabricLeNodePGrp](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.fabricRsMonInstFabricPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fabricRsNodeCtrl](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fabricRsPsuInstPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | \ No newline at end of file diff --git a/modules/terraform-aci-fabric-leaf-switch-policy-group/examples/complete/README.md b/modules/terraform-aci-fabric-leaf-switch-policy-group/examples/complete/README.md index 87f2dfc9..4e4f590b 100644 --- a/modules/terraform-aci-fabric-leaf-switch-policy-group/examples/complete/README.md +++ b/modules/terraform-aci-fabric-leaf-switch-policy-group/examples/complete/README.md @@ -19,6 +19,7 @@ module "aci_fabric_leaf_switch_policy_group" { name = "LEAFS" psu_policy = "PSU1" node_control_policy = "NC1" + monitoring_policy = "MON1" } ``` \ No newline at end of file diff --git a/modules/terraform-aci-fabric-leaf-switch-policy-group/examples/complete/main.tf b/modules/terraform-aci-fabric-leaf-switch-policy-group/examples/complete/main.tf index 34e08e31..87fef9da 100644 --- a/modules/terraform-aci-fabric-leaf-switch-policy-group/examples/complete/main.tf +++ b/modules/terraform-aci-fabric-leaf-switch-policy-group/examples/complete/main.tf @@ -5,4 +5,5 @@ module "aci_fabric_leaf_switch_policy_group" { name = "LEAFS" psu_policy = "PSU1" node_control_policy = "NC1" + monitoring_policy = "MON1" } diff --git a/modules/terraform-aci-fabric-leaf-switch-policy-group/main.tf b/modules/terraform-aci-fabric-leaf-switch-policy-group/main.tf index 3a97ca05..002485be 100644 --- a/modules/terraform-aci-fabric-leaf-switch-policy-group/main.tf +++ b/modules/terraform-aci-fabric-leaf-switch-policy-group/main.tf @@ -21,3 +21,12 @@ resource "aci_rest_managed" "fabricRsNodeCtrl" { tnFabricNodeControlName = var.node_control_policy } } + +resource "aci_rest_managed" "fabricRsMonInstFabricPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.fabricLeNodePGrp.dn}/rsmonInstFabricPol" + class_name = "fabricRsMonInstFabricPol" + content = { + tnMonFabricPolName = var.monitoring_policy + } +} diff --git a/modules/terraform-aci-fabric-leaf-switch-policy-group/variables.tf b/modules/terraform-aci-fabric-leaf-switch-policy-group/variables.tf index bc558750..6031a424 100644 --- a/modules/terraform-aci-fabric-leaf-switch-policy-group/variables.tf +++ b/modules/terraform-aci-fabric-leaf-switch-policy-group/variables.tf @@ -29,3 +29,13 @@ variable "node_control_policy" { error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." } } + +variable "monitoring_policy" { + description = "Leaf switch monitoring policy name." + type = string + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." + } +} diff --git a/modules/terraform-aci-fabric-spine-switch-policy-group/README.md b/modules/terraform-aci-fabric-spine-switch-policy-group/README.md index bb8dddcf..8e9b0592 100644 --- a/modules/terraform-aci-fabric-spine-switch-policy-group/README.md +++ b/modules/terraform-aci-fabric-spine-switch-policy-group/README.md @@ -16,6 +16,7 @@ module "aci_fabric_spine_switch_policy_group" { name = "PG1" psu_policy = "PSU1" node_control_policy = "NC1" + monitoring_policy = "MON1" } ``` @@ -39,6 +40,7 @@ module "aci_fabric_spine_switch_policy_group" { | [name](#input\_name) | Spine switch policy group name. | `string` | n/a | yes | | [psu\_policy](#input\_psu\_policy) | PSU policy name. | `string` | `""` | no | | [node\_control\_policy](#input\_node\_control\_policy) | Node control policy name. | `string` | `""` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | Spine switch monitoring policy name. | `string` | n/a | yes | ## Outputs @@ -51,6 +53,7 @@ module "aci_fabric_spine_switch_policy_group" { | Name | Type | |------|------| +| [aci_rest_managed.fabricRsMonInstFabricPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fabricRsNodeCtrl](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fabricRsPsuInstPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fabricSpNodePGrp](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | diff --git a/modules/terraform-aci-fabric-spine-switch-policy-group/examples/complete/README.md b/modules/terraform-aci-fabric-spine-switch-policy-group/examples/complete/README.md index fa1e40a8..773f6eeb 100644 --- a/modules/terraform-aci-fabric-spine-switch-policy-group/examples/complete/README.md +++ b/modules/terraform-aci-fabric-spine-switch-policy-group/examples/complete/README.md @@ -19,6 +19,7 @@ module "aci_fabric_spine_switch_policy_group" { name = "PG1" psu_policy = "PSU1" node_control_policy = "NC1" + monitoring_policy = "MON1" } ``` \ No newline at end of file diff --git a/modules/terraform-aci-fabric-spine-switch-policy-group/examples/complete/main.tf b/modules/terraform-aci-fabric-spine-switch-policy-group/examples/complete/main.tf index 9d7b9dbe..65b75a10 100644 --- a/modules/terraform-aci-fabric-spine-switch-policy-group/examples/complete/main.tf +++ b/modules/terraform-aci-fabric-spine-switch-policy-group/examples/complete/main.tf @@ -5,4 +5,5 @@ module "aci_fabric_spine_switch_policy_group" { name = "PG1" psu_policy = "PSU1" node_control_policy = "NC1" + monitoring_policy = "MON1" } diff --git a/modules/terraform-aci-fabric-spine-switch-policy-group/main.tf b/modules/terraform-aci-fabric-spine-switch-policy-group/main.tf index 4d6d2da9..c713bf18 100644 --- a/modules/terraform-aci-fabric-spine-switch-policy-group/main.tf +++ b/modules/terraform-aci-fabric-spine-switch-policy-group/main.tf @@ -21,3 +21,12 @@ resource "aci_rest_managed" "fabricRsNodeCtrl" { tnFabricNodeControlName = var.node_control_policy } } + +resource "aci_rest_managed" "fabricRsMonInstFabricPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.fabricSpNodePGrp.dn}/rsmonInstFabricPol" + class_name = "fabricRsMonInstFabricPol" + content = { + tnMonFabricPolName = var.monitoring_policy + } +} diff --git a/modules/terraform-aci-fabric-spine-switch-policy-group/variables.tf b/modules/terraform-aci-fabric-spine-switch-policy-group/variables.tf index 39a221a3..1f28d5ad 100644 --- a/modules/terraform-aci-fabric-spine-switch-policy-group/variables.tf +++ b/modules/terraform-aci-fabric-spine-switch-policy-group/variables.tf @@ -29,3 +29,13 @@ variable "node_control_policy" { error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." } } + +variable "monitoring_policy" { + description = "Spine switch monitoring policy name." + type = string + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." + } +} diff --git a/modules/terraform-aci-tenant/README.md b/modules/terraform-aci-tenant/README.md index b3b128bc..b6a0a219 100644 --- a/modules/terraform-aci-tenant/README.md +++ b/modules/terraform-aci-tenant/README.md @@ -13,9 +13,10 @@ module "aci_tenant" { source = "netascode/nac-aci/aci//modules/terraform-aci-tenant" version = ">= 0.8.0" - name = "ABC" - alias = "ABC-ALIAS" - description = "My Description" + name = "ABC" + alias = "ABC-ALIAS" + description = "My Description" + monitoring_policy = "MON1" } ``` @@ -41,6 +42,7 @@ module "aci_tenant" { | [alias](#input\_alias) | Tenant alias. | `string` | `""` | no | | [description](#input\_description) | Tenant description. | `string` | `""` | no | | [security\_domains](#input\_security\_domains) | Security domains associated to tenant | `list(string)` | `[]` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | Tenant monitoring policy name. | `string` | n/a | yes | ## Outputs @@ -54,5 +56,6 @@ module "aci_tenant" { | Name | Type | |------|------| | [aci_rest_managed.aaaDomainRef](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.fvRsTenantMonPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvTenant](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | \ No newline at end of file diff --git a/modules/terraform-aci-tenant/examples/complete/README.md b/modules/terraform-aci-tenant/examples/complete/README.md index 87ff2d09..68282293 100644 --- a/modules/terraform-aci-tenant/examples/complete/README.md +++ b/modules/terraform-aci-tenant/examples/complete/README.md @@ -16,9 +16,10 @@ module "aci_tenant" { source = "netascode/nac-aci/aci//modules/terraform-aci-tenant" version = ">= 0.8.0" - name = "ABC" - alias = "ABC-ALIAS" - description = "My Description" + name = "ABC" + alias = "ABC-ALIAS" + description = "My Description" + monitoring_policy = "MON1" } ``` \ No newline at end of file diff --git a/modules/terraform-aci-tenant/examples/complete/main.tf b/modules/terraform-aci-tenant/examples/complete/main.tf index dcd7ff10..0a171e00 100644 --- a/modules/terraform-aci-tenant/examples/complete/main.tf +++ b/modules/terraform-aci-tenant/examples/complete/main.tf @@ -2,7 +2,8 @@ module "aci_tenant" { source = "netascode/nac-aci/aci//modules/terraform-aci-tenant" version = ">= 0.8.0" - name = "ABC" - alias = "ABC-ALIAS" - description = "My Description" + name = "ABC" + alias = "ABC-ALIAS" + description = "My Description" + monitoring_policy = "MON1" } diff --git a/modules/terraform-aci-tenant/main.tf b/modules/terraform-aci-tenant/main.tf index 78092b72..76caf05a 100644 --- a/modules/terraform-aci-tenant/main.tf +++ b/modules/terraform-aci-tenant/main.tf @@ -17,3 +17,13 @@ resource "aci_rest_managed" "aaaDomainRef" { name = each.value } } + +resource "aci_rest_managed" "fvRsTenantMonPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.fvTenant.dn}/rsTenantMonPol" + class_name = "fvRsTenantMonPol" + + content = { + tnMonEPGPolName = var.monitoring_policy + } +} \ No newline at end of file diff --git a/modules/terraform-aci-tenant/variables.tf b/modules/terraform-aci-tenant/variables.tf index 75226a8b..6431f05b 100644 --- a/modules/terraform-aci-tenant/variables.tf +++ b/modules/terraform-aci-tenant/variables.tf @@ -53,3 +53,13 @@ variable "security_domains" { error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." } } + +variable "monitoring_policy" { + description = "Tenant monitoring policy name." + type = string + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." + } +} \ No newline at end of file diff --git a/modules/terraform-aci-useg-endpoint-group/README.md b/modules/terraform-aci-useg-endpoint-group/README.md index 98357f05..8fb7d763 100644 --- a/modules/terraform-aci-useg-endpoint-group/README.md +++ b/modules/terraform-aci-useg-endpoint-group/README.md @@ -25,6 +25,7 @@ module "aci_useg_endpoint_group" { custom_qos_policy = "CQP1" bridge_domain = "BD1" trust_control_policy = "TRUST_POL" + monitoring_policy = "MON1" contract_consumers = ["CON1"] contract_providers = ["CON1"] contract_imported_consumers = ["I_CON1"] @@ -124,6 +125,7 @@ module "aci_useg_endpoint_group" { | [ip\_statements](#input\_ip\_statements) | IP Statements for IP type uSeg Attributes | 
list(object({
    name           = string
    use_epg_subnet = bool
    ip             = optional(string, "")
  }))
| `[]` | no | | [mac\_statements](#input\_mac\_statements) | MAC Statements for MAC type uSeg Attributes | 
list(object({
    name = string
    mac  = string
  }))
| `[]` | no | | [l4l7\_address\_pools](#input\_l4l7\_address\_pools) | List of EPG L4/L7 Address Pools. | 
list(object({
    name            = string
    gateway_address = string
    from            = optional(string, "")
    to              = optional(string, "")
  }))
| `[]` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | uSeg Endpoint group monitoring policy name. | `string` | n/a | yes | ## Outputs @@ -145,6 +147,7 @@ module "aci_useg_endpoint_group" { | [aci_rest_managed.fvEpReachability](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvIpAttr](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvMacAttr](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.fvRsAEPgMonPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsBd](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsCons](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsConsIf](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | diff --git a/modules/terraform-aci-useg-endpoint-group/examples/complete/README.md b/modules/terraform-aci-useg-endpoint-group/examples/complete/README.md index a6165b70..db0ead2e 100644 --- a/modules/terraform-aci-useg-endpoint-group/examples/complete/README.md +++ b/modules/terraform-aci-useg-endpoint-group/examples/complete/README.md @@ -28,6 +28,7 @@ module "aci_useg_endpoint_group" { custom_qos_policy = "CQP1" bridge_domain = "BD1" trust_control_policy = "TRUST_POL" + monitoring_policy = "MON1" contract_consumers = ["CON1"] contract_providers = ["CON1"] contract_imported_consumers = ["I_CON1"] diff --git a/modules/terraform-aci-useg-endpoint-group/examples/complete/main.tf b/modules/terraform-aci-useg-endpoint-group/examples/complete/main.tf index 7172434c..bf55f9d5 100644 --- a/modules/terraform-aci-useg-endpoint-group/examples/complete/main.tf +++ b/modules/terraform-aci-useg-endpoint-group/examples/complete/main.tf @@ -14,6 +14,7 @@ module "aci_useg_endpoint_group" { custom_qos_policy = "CQP1" bridge_domain = "BD1" trust_control_policy = "TRUST_POL" + monitoring_policy = "MON1" contract_consumers = ["CON1"] contract_providers = ["CON1"] contract_imported_consumers = ["I_CON1"] diff --git a/modules/terraform-aci-useg-endpoint-group/main.tf b/modules/terraform-aci-useg-endpoint-group/main.tf index 4ed931b1..d2f79dce 100644 --- a/modules/terraform-aci-useg-endpoint-group/main.tf +++ b/modules/terraform-aci-useg-endpoint-group/main.tf @@ -298,3 +298,12 @@ resource "aci_rest_managed" "fvnsUcastAddrBlk" { } } +resource "aci_rest_managed" "fvRsAEPgMonPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.fvAEPg.dn}/rsAEPgMonPol" + class_name = "fvRsAEPgMonPol" + + content = { + tnMonEPGPolName = var.monitoring_policy + } +} diff --git a/modules/terraform-aci-useg-endpoint-group/variables.tf b/modules/terraform-aci-useg-endpoint-group/variables.tf index 9183c8cc..a841bb70 100644 --- a/modules/terraform-aci-useg-endpoint-group/variables.tf +++ b/modules/terraform-aci-useg-endpoint-group/variables.tf @@ -395,3 +395,13 @@ variable "l4l7_address_pools" { error_message = "`name`: Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." } } + +variable "monitoring_policy" { + description = "uSeg Endpoint group monitoring policy name." + type = string + + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." + } +} diff --git a/modules/terraform-aci-vmware-vmm-domain/README.md b/modules/terraform-aci-vmware-vmm-domain/README.md index b4331e2b..d37854f6 100644 --- a/modules/terraform-aci-vmware-vmm-domain/README.md +++ b/modules/terraform-aci-vmware-vmm-domain/README.md @@ -42,6 +42,7 @@ module "aci_vmware_vmm_domain" { dvs_version = "6.5" statistics = true mgmt_epg_type = "oob" + monitoring_policy = "MON1" }] credential_policies = [{ name = "CP1" @@ -90,7 +91,7 @@ module "aci_vmware_vmm_domain" { | [vswitch\_mtu\_policy](#input\_vswitch\_mtu\_policy) | vSwitch MTU policy name. | `string` | `""` | no | | [vswitch\_netflow\_policy](#input\_vswitch\_netflow\_policy) | vSwitch NetFlow Exporter policy name. | `string` | `""` | no | | [vswitch\_enhanced\_lags](#input\_vswitch\_enhanced\_lags) | vSwitch enhanced lags. Allowed values for `lb_mode`: `dst-ip`, `dst-ip-l4port`, `dst-ip-vlan`, `dst-ip-l4port-vlan`, `dst-mac`, `dst-l4port`, `src-ip`, `src-ip-l4port`, `src-ip-vlan`, `src-ip-l4port-vlan`, `src-mac`, `src-l4port`, `src-dst-ip`, `src-dst-ip-l4port`, `src-dst-ip-vlan`, `src-dst-ip-l4port-vlan`, `src-dst-mac`, `src-dst-l4port`, `src-port-id` or `vlan`. Default value: `src-dst-ip`. Allowed values for `mode`: `active` or `passive`. Defautl value: `active`. Allowed range for `num_links`: 2-8. | 
list(object({
    name      = string
    lb_mode   = optional(string, "src-dst-ip")
    mode      = optional(string, "active")
    num_links = optional(number, 2)
  }))
| `[]` | no | -| [vcenters](#input\_vcenters) | List of vCenter hosts. Choices `dvs_version`: `unmanaged`, `5.1`, `5.5`, `6.0`, `6.5`, `6.6`, `7.0`. Default value `dvs_version`: `unmanaged`. Default value `statistics`: false. Allowed values `mgmt_epg_type`: `inb`, `oob`. Default value `mgmt_epg_type`: `inb`. | 
list(object({
    name              = string
    hostname_ip       = string
    datacenter        = string
    credential_policy = optional(string)
    dvs_version       = optional(string, "unmanaged")
    statistics        = optional(bool, false)
    mgmt_epg_type     = optional(string, "inb")
    mgmt_epg_name     = optional(string)
  }))
| `[]` | no | +| [vcenters](#input\_vcenters) | List of vCenter hosts. Choices `dvs_version`: `unmanaged`, `5.1`, `5.5`, `6.0`, `6.5`, `6.6`, `7.0`. Default value `dvs_version`: `unmanaged`. Default value `statistics`: false. Allowed values `mgmt_epg_type`: `inb`, `oob`. Default value `mgmt_epg_type`: `inb`. | 
list(object({
    name              = string
    hostname_ip       = string
    datacenter        = string
    credential_policy = optional(string)
    dvs_version       = optional(string, "unmanaged")
    statistics        = optional(bool, false)
    mgmt_epg_type     = optional(string, "inb")
    mgmt_epg_name     = optional(string)
    monitoring_policy = optional(string, "")
  }))
| `[]` | no | | [credential\_policies](#input\_credential\_policies) | List of vCenter credentials. | 
list(object({
    name     = string
    username = string
    password = string
  }))
| `[]` | no | | [uplinks](#input\_uplinks) | List of vSwitch uplinks. Allowed range for `id`: 1-32. | 
list(object({
    id   = number
    name = string
  }))
| `[]` | no | | [security\_domains](#input\_security\_domains) | Security domains associated to VMware VMM domain | `list(string)` | `[]` | no | @@ -112,6 +113,7 @@ module "aci_vmware_vmm_domain" { | [aci_rest_managed.vmmCtrlrP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.vmmDomP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.vmmRsAcc](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.vmmRsCtrlrPMonPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.vmmRsMgmtEPg](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.vmmRsVswitchExporterPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.vmmRsVswitchOverrideCdpIfPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | diff --git a/modules/terraform-aci-vmware-vmm-domain/examples/complete/README.md b/modules/terraform-aci-vmware-vmm-domain/examples/complete/README.md index d86cdff2..6934b583 100644 --- a/modules/terraform-aci-vmware-vmm-domain/examples/complete/README.md +++ b/modules/terraform-aci-vmware-vmm-domain/examples/complete/README.md @@ -45,6 +45,7 @@ module "aci_vmware_vmm_domain" { dvs_version = "6.5" statistics = true mgmt_epg_type = "oob" + monitoring_policy = "MON1" }] credential_policies = [{ name = "CP1" diff --git a/modules/terraform-aci-vmware-vmm-domain/examples/complete/main.tf b/modules/terraform-aci-vmware-vmm-domain/examples/complete/main.tf index eee247e2..e16980d4 100644 --- a/modules/terraform-aci-vmware-vmm-domain/examples/complete/main.tf +++ b/modules/terraform-aci-vmware-vmm-domain/examples/complete/main.tf @@ -31,6 +31,7 @@ module "aci_vmware_vmm_domain" { dvs_version = "6.5" statistics = true mgmt_epg_type = "oob" + monitoring_policy = "MON1" }] credential_policies = [{ name = "CP1" diff --git a/modules/terraform-aci-vmware-vmm-domain/main.tf b/modules/terraform-aci-vmware-vmm-domain/main.tf index 300ac3e9..d859641e 100644 --- a/modules/terraform-aci-vmware-vmm-domain/main.tf +++ b/modules/terraform-aci-vmware-vmm-domain/main.tf @@ -157,4 +157,13 @@ resource "aci_rest_managed" "aaaDomainRef" { content = { name = each.value } -} \ No newline at end of file +} + +resource "aci_rest_managed" "vmmRsCtrlrPMonPol" { + for_each = { for vc in var.vcenters : vc.name => vc if vc.monitoring_policy != "" } + dn = "${aci_rest_managed.vmmCtrlrP[each.value.name].dn}/rsctrlrPMonPol" + class_name = "vmmRsCtrlrPMonPol" + content = { + tDn = "uni/infra/moninfra-${each.value.monitoring_policy}" + } +} diff --git a/modules/terraform-aci-vmware-vmm-domain/variables.tf b/modules/terraform-aci-vmware-vmm-domain/variables.tf index aea1e800..86cc8f7d 100644 --- a/modules/terraform-aci-vmware-vmm-domain/variables.tf +++ b/modules/terraform-aci-vmware-vmm-domain/variables.tf @@ -162,6 +162,7 @@ variable "vcenters" { statistics = optional(bool, false) mgmt_epg_type = optional(string, "inb") mgmt_epg_name = optional(string) + monitoring_policy = optional(string, "") })) default = [] diff --git a/modules/terraform-aci-vrf/README.md b/modules/terraform-aci-vrf/README.md index f45b5e76..f5b59890 100644 --- a/modules/terraform-aci-vrf/README.md +++ b/modules/terraform-aci-vrf/README.md @@ -21,6 +21,7 @@ module "aci_vrf" { enforcement_preference = "unenforced" data_plane_learning = false preferred_group = true + monitoring_policy = "MON1" transit_route_tag_policy = "TRP1" bgp_timer_policy = "BGP1" bgp_ipv4_address_family_context_policy = "BGP_AF_IPV4" @@ -175,6 +176,7 @@ module "aci_vrf" { | [pim\_igmp\_ssm\_translate\_policies](#input\_pim\_igmp\_ssm\_translate\_policies) | VRF IGMP SSM tranlate policies. | 
list(object({
    group_prefix   = string
    source_address = string
  }))
| `[]` | no | | [leaked\_internal\_prefixes](#input\_leaked\_internal\_prefixes) | List of leaked internal prefixes. Default value `public`: false. | 
list(object({
    prefix = string
    public = optional(bool, false)
    destinations = optional(list(object({
      description = optional(string, "")
      tenant      = string
      vrf         = string
      public      = optional(bool)
    })), [])
  }))
| `[]` | no | | [leaked\_external\_prefixes](#input\_leaked\_external\_prefixes) | List of leaked external prefixes. | 
list(object({
    prefix             = string
    from_prefix_length = optional(number)
    to_prefix_length   = optional(number)
    destinations = optional(list(object({
      description = optional(string, "")
      tenant      = string
      vrf         = string
    })), [])
  }))
| `[]` | no | +| [monitoring\_policy](#input\_monitoring\_policy) | VRF monitoring policy name. | `string` | `""` | no | ## Outputs @@ -196,6 +198,7 @@ module "aci_vrf" { | [aci_rest_managed.dnsLbl](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvCtx](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsBgpCtxPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | +| [aci_rest_managed.fvRsCtxMonPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsCtxToBgpCtxAfPol_ipv4](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsCtxToBgpCtxAfPol_ipv6](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | | [aci_rest_managed.fvRsCtxToExtRouteTagPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource | diff --git a/modules/terraform-aci-vrf/examples/complete/README.md b/modules/terraform-aci-vrf/examples/complete/README.md index 56249239..cf5b9878 100644 --- a/modules/terraform-aci-vrf/examples/complete/README.md +++ b/modules/terraform-aci-vrf/examples/complete/README.md @@ -24,6 +24,7 @@ module "aci_vrf" { enforcement_preference = "unenforced" data_plane_learning = false preferred_group = true + monitoring_policy = "MON1" transit_route_tag_policy = "TRP1" bgp_timer_policy = "BGP1" bgp_ipv4_address_family_context_policy = "BGP_AF_IPV4" diff --git a/modules/terraform-aci-vrf/examples/complete/main.tf b/modules/terraform-aci-vrf/examples/complete/main.tf index 766a3267..8cb16a74 100644 --- a/modules/terraform-aci-vrf/examples/complete/main.tf +++ b/modules/terraform-aci-vrf/examples/complete/main.tf @@ -10,6 +10,7 @@ module "aci_vrf" { enforcement_preference = "unenforced" data_plane_learning = false preferred_group = true + monitoring_policy = "MON1" transit_route_tag_policy = "TRP1" bgp_timer_policy = "BGP1" bgp_ipv4_address_family_context_policy = "BGP_AF_IPV4" diff --git a/modules/terraform-aci-vrf/main.tf b/modules/terraform-aci-vrf/main.tf index 15a3c992..dfa89cbf 100644 --- a/modules/terraform-aci-vrf/main.tf +++ b/modules/terraform-aci-vrf/main.tf @@ -511,3 +511,13 @@ resource "aci_rest_managed" "leakTo_external" { descr = each.value.description } } + +resource "aci_rest_managed" "fvRsCtxMonPol" { + count = var.monitoring_policy != "" ? 1 : 0 + dn = "${aci_rest_managed.fvCtx.dn}/rsCtxMonPol" + class_name = "fvRsCtxMonPol" + + content = { + tnMonEPGPolName = var.monitoring_policy + } +} \ No newline at end of file diff --git a/modules/terraform-aci-vrf/variables.tf b/modules/terraform-aci-vrf/variables.tf index 7a97e439..934c4c25 100644 --- a/modules/terraform-aci-vrf/variables.tf +++ b/modules/terraform-aci-vrf/variables.tf @@ -592,3 +592,13 @@ variable "leaked_external_prefixes" { error_message = "`vrf`: Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." } } + +variable "monitoring_policy" { + description = "VRF monitoring policy name." + type = string + default = "" + validation { + condition = can(regex("^[a-zA-Z0-9_.:-]{0,64}$", var.monitoring_policy)) + error_message = "Allowed characters: `a`-`z`, `A`-`Z`, `0`-`9`, `_`, `.`, `:`, `-`. Maximum characters: 64." + } +} \ No newline at end of file