Add sgts resource and update minimum version logic (#214)

docs/data-sources/sgts.md

@@ -0,0 +1,44 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "fmc_sgts Data Source - terraform-provider-fmc"
+subcategory: "Objects"
+description: |-
+  This data source can read the SGTs.
+---
+
+# fmc_sgts (Data Source)
+
+This data source can read the SGTs.
+
+## Example Usage
+
+```terraform
+data "fmc_sgts" "example" {
+  items = {
+    "sgt_1" = {
+    }
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Optional
+
+- `domain` (String) The name of the FMC domain
+- `items` (Attributes Map) Map of SGTs. The key of the map is the name of the individual SGT. (see [below for nested schema](#nestedatt--items))
+
+### Read-Only
+
+- `id` (String) The id of the object
+
+<a id="nestedatt--items"></a>
+### Nested Schema for `items`
+
+Read-Only:
+
+- `description` (String) Description
+- `id` (String) UUID of the managed SGT.
+- `tag` (String) Security Group Tag.
+- `type` (String) Type of the object; this value is always 'SecurityGroupTag'.

docs/resources/access_control_policy.md

@@ -171,7 +171,6 @@ resource "fmc_access_control_policy" "example" {
 - `default_action_send_events_to_fmc` (Boolean) Indicating whether the device will send events to the Firepower Management Center event viewer.
   - Default value: `false`
 - `default_action_send_syslog` (Boolean) Indicating whether the device will send events to a syslog server.
-  - Default value: `false`
 - `default_action_snmp_config_id` (String) UUID of the SNMP alert. Can be set only when either default_action_log_begin or default_action_log_end is true.
 - `default_action_syslog_config_id` (String) UUID of the syslog config. Can be set only when default_action_send_syslog is true and either default_action_log_begin or default_action_log_end is true. If not set, the default policy syslog configuration in Access Control Logging applies.
 - `default_action_syslog_severity` (String) Override the Severity of syslog alerts.

docs/resources/sgts.md

@@ -0,0 +1,63 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "fmc_sgts Resource - terraform-provider-fmc"
+subcategory: "Objects"
+description: |-
+  This resource can manage a SGTs.
+---
+
+# fmc_sgts (Resource)
+
+This resource can manage a SGTs.
+
+## Example Usage
+
+```terraform
+resource "fmc_sgts" "example" {
+  items = {
+    sgt_1 = {
+      description = "My SGT object"
+      tag         = "11"
+    }
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `items` (Attributes Map) Map of SGTs. The key of the map is the name of the individual SGT. (see [below for nested schema](#nestedatt--items))
+
+### Optional
+
+- `domain` (String) The name of the FMC domain
+
+### Read-Only
+
+- `id` (String) The id of the object
+
+<a id="nestedatt--items"></a>
+### Nested Schema for `items`
+
+Required:
+
+- `tag` (String) Security Group Tag.
+
+Optional:
+
+- `description` (String) Description
+
+Read-Only:
+
+- `id` (String) UUID of the managed SGT.
+- `type` (String) Type of the object; this value is always 'SecurityGroupTag'.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import fmc_sgts.example "<domain>,[<sgts_name>]"
+```

examples/data-sources/fmc_sgts/data-source.tf

@@ -0,0 +1,6 @@
+data "fmc_sgts" "example" {
+  items = {
+    "sgt_1" = {
+    }
+  }
+}

examples/resources/fmc_sgts/import.sh

@@ -0,0 +1 @@
+terraform import fmc_sgts.example "<domain>,[<sgts_name>]"

examples/resources/fmc_sgts/resource.tf

@@ -0,0 +1,8 @@
+resource "fmc_sgts" "example" {
+  items = {
+    sgt_1 = {
+      description = "My SGT object"
+      tag         = "11"
+    }
+  }
+}

gen/definitions/access_control_policy.yaml

@@ -53,8 +53,8 @@ attributes:
     tf_name: default_action_send_syslog
     type: Bool
     description: Indicating whether the device will send events to a syslog server.
-    default_value: "false"
     example: "true"
+    exclude_test: true
   - model_name: id
     data_path: [defaultAction, syslogConfig]
     tf_name: default_action_syslog_config_id

gen/definitions/extended_acl.yaml

@@ -3,6 +3,7 @@ name: Extended ACL
 rest_endpoint: /api/fmc_config/v1/domain/{DOMAIN_UUID}/object/extendedaccesslists
 data_source_name_query: true
 doc_category: Objects
+minimum_version_create: "7.2"
 attributes:
   - model_name: name
     type: String

gen/definitions/network_groups.yaml

@@ -73,6 +73,6 @@ attributes:
 
 test_prerequisites: |-
   resource "fmc_range" "test" {
-    name   = "test_fmc_network_groups"
-    value  = "2005::10-2005::12"
+    name      = "test_fmc_network_groups"
+    ip_range  = "2005::10-2005::12"
   }

gen/definitions/port_groups.yaml

@@ -10,6 +10,7 @@ data_source_name_query: true
 import_name_query: yes
 is_bulk: true
 doc_category: Objects
+minimum_version_bulk_delete: "7.4"
 attributes:
   - model_name: items
     type: Map

gen/definitions/security_zones.yaml

@@ -9,6 +9,7 @@ res_description: >-
   The FMC API supports quick bulk creation of this resource. Deletion of this resource is done one-by-one or in bulk, depending of FMC version. Modification is always done one-by-one.
   Updating/deleting `fmc_security_zones` can thus take much more time than creating it
 doc_category: Objects
+minimum_version_bulk_delete: "999"
 attributes:
   - model_name: items
     type: Map

gen/definitions/sgt.yaml

@@ -3,6 +3,7 @@ name: SGT
 rest_endpoint: /api/fmc_config/v1/domain/{DOMAIN_UUID}/object/securitygrouptags
 data_source_name_query: true
 doc_category: Objects
+minimum_version_create: "7.4"
 attributes:
   - model_name: name
     type: String

gen/definitions/sgts.yaml

@@ -0,0 +1,37 @@
+---
+name: SGTs
+rest_endpoint: /api/fmc_config/v1/domain/{DOMAIN_UUID}/object/securitygrouptags
+data_source_name_query: true
+is_bulk: true
+doc_category: Objects
+import_name_query: yes
+minimum_version_create: "7.4"
+minimum_version_bulk_create: "999"
+minimum_version_bulk_delete: "999"
+attributes:
+  - model_name: items
+    type: Map
+    description: >-
+      Map of SGTs. The key of the map is the name of the individual SGT. 
+    map_key_example: sgt_1
+    mandatory: true
+    attributes:
+      - model_name: id
+        type: String
+        resource_id: true
+        description: UUID of the managed SGT.
+        exclude_example: true
+        exclude_test: true
+      - model_name: type
+        type: String
+        description: Type of the object; this value is always 'SecurityGroupTag'.
+        computed: true
+      - model_name: description
+        type: String
+        description: Description
+        example: My SGT object
+      - model_name: tag
+        type: String
+        mandatory: true
+        description: Security Group Tag.
+        example: "11"

gen/definitions/standard_acl.yaml

@@ -3,6 +3,7 @@ name: Standard ACL
 rest_endpoint: /api/fmc_config/v1/domain/{DOMAIN_UUID}/object/standardaccesslists
 data_source_name_query: true
 doc_category: Objects
+minimum_version_create: "7.2"
 attributes:
   - model_name: name
     type: String

gen/definitions/url_groups.yaml

@@ -10,6 +10,7 @@ data_source_name_query: true
 import_name_query: yes
 is_bulk: true
 doc_category: Objects
+minimum_version_bulk_delete: "7.4"
 attributes:
   - model_name: items
     type: Map

gen/definitions/urls.yaml

@@ -9,6 +9,7 @@ res_description: >-
   The FMC API supports quick bulk creation of this resource. Deletion of this resource is done one-by-one or in bulk, depending of FMC version. Modification is always done one-by-one.
   Updating/deleting `fmc_urls` can thus take much more time than creating it
 doc_category: Objects
+minimum_version_bulk_delete: "7.4"
 attributes:
   - model_name: items
     type: Map

gen/definitions/vlan_tag_groups.yaml

@@ -10,6 +10,7 @@ data_source_name_query: true
 import_name_query: yes
 is_bulk: true
 doc_category: Objects
+minimum_version_bulk_delete: "7.4"
 attributes:
   - model_name: items
     type: Map

gen/definitions/vlan_tags.yaml

@@ -9,6 +9,7 @@ res_description: >-
   The FMC API supports quick bulk creation of this resource. Deletion of this resource is done one-by-one or in bulk, depending of FMC version. Modification is always done one-by-one.
   Updating/deleting `fmc_vlan_tags` can thus take much more time than creating it
 doc_category: Objects
+minimum_version_bulk_delete: "7.4"
 attributes:
   - model_name: items
     type: Map

gen/generator.go

@@ -105,6 +105,8 @@ type YamlConfig struct {
 	NoDelete                 bool                  `yaml:"no_delete"`
 	DataSourceNameQuery      bool                  `yaml:"data_source_name_query"`
 	MinimumVersion           string                `yaml:"minimum_version"`
+	MinimumVersionCreate     string                `yaml:"minimum_version_create"`
+	MinimumVersionBulkCreate string                `yaml:"minimum_version_bulk_create"`
 	MinimumVersionBulkDelete string                `yaml:"minimum_version_bulk_delete"`
 	DsDescription            string                `yaml:"ds_description"`
 	ResDescription           string                `yaml:"res_description"`

gen/schema/schema.yaml

@@ -9,7 +9,9 @@ no_update: bool(required=False) # Set to true if the PUT request is not supporte
 no_delete: bool(required=False) # Set to true if the DELETE request is not supported
 data_source_name_query: bool(required=False) # Set to true if the data source supports name queries
 minimum_version: str(required=False) # Define a minimum supported version
-minimum_version_bulk_delete: str(required=False) # Define a minimum version that supports bulk delete
+minimum_version_create: str(required=False) # Define a minimum version that supports create (in case it's higher than `minimum_version`)
+minimum_version_bulk_create: str(required=False) # Define a minimum version that supports bulk create (in case it's higher than `minimum_version`). Please use version "999" if not supported (fallback to one-by-one create)
+minimum_version_bulk_delete: str(required=False) # Define a minimum version that supports bulk delete (in case it's higher than `minimum_version`). Please use version "999" if not supported (fallback to one-by-one delete)
 ds_description: str(required=False) # Define a data source description
 res_description: str(required=False) # Define a resource description
 doc_category: str(required=False) # Define a documentation category

gen/templates/data_source.go

@@ -184,6 +184,16 @@ func (d *{{camelCase .Name}}DataSource) Configure(_ context.Context, req datasou
 // Section below is generated&owned by "gen/generator.go". //template:begin read
 
 func (d *{{camelCase .Name}}DataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+	{{- if .MinimumVersion}}
+	// Get FMC version
+	fmcVersion, _ := version.NewVersion(strings.Split(r.client.FMCVersion, " ")[0])
+
+	// Check if FMC client is connected to supports this object
+	if fmcVersion.LessThan(minFMCVersion{{camelCase .Name}}) {
+		resp.Diagnostics.AddError("Client Error", fmt.Sprintf("UnsupportedVersion: FMC version %s does not support {{.Name}}, minimum required version is {{.MinimumVersion}}", r.client.FMCVersion))
+		return
+	}
+	{{- end}}
 	var config {{camelCase .Name}}
 
 	// Read config

gen/templates/data_source_test.go

@@ -140,6 +140,7 @@ func TestAccDataSourceFmc{{camelCase .Name}}(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck:                 func() { testAccPreCheck(t) },
 		ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+		ErrorCheck:               func(err error) error { return testAccErrorCheck(t, err) },
 		Steps: []resource.TestStep{
 			{
 				Config: {{if .TestPrerequisites}}testAccDataSourceFmc{{camelCase .Name}}PrerequisitesConfig+{{end}}testAccDataSourceFmc{{camelCase .Name}}Config(),