diff --git a/.terraform-docs.yml b/.terraform-docs.yml
index fcd9606..df6a147 100644
--- a/.terraform-docs.yml
+++ b/.terraform-docs.yml
@@ -29,14 +29,14 @@ content: |-
## Recommended Module Versions
- ## Module(s) Release 4.2.11-17769 Compatibility
+ ## Module(s) Release 4.2.11-18370 Compatibility
| **Module** | **API Version** | **Provider Version** | **Appliance Version** | **Module Notes**
| :-----------: | :-------------: | :------------------: | :-------------------: | :--------------------------: |
- | organizations | >=1.0.11-17769 | 1.0.51 | Not Supported | New Module to Manage Organizations/Resource Groups. |
- | pools | >=1.0.11-17769 | 1.0.51 | Not Supported | Adds IP Pool Block Level IP Configuration. |
- | policies | >=1.0.11-17769 | 1.0.51 | Not Supported | adapter_config - Add physical_nic_mode_settings; bios - M8 AMD BIOS attributes; ethernet_network - QnQ capabilities; vnics - sriov; vnic/vhba templates |
- | profiles | >=1.0.11-17769 | 1.0.51 | Not Supported | Adds Chassis/Domain Templates. |
+ | organizations | >=1.0.11-18371 | >=1.0.47 | Not Supported | New Module to Manage Organizations/Resource Groups. |
+ | pools | >=1.0.11-18371 | 1.0.54 | Not Supported | Adds IP Pool Block Level IP Configuration. |
+ | policies | >=1.0.11-18371 | 1.0.54 | Not Supported | adapter_config - Add physical_nic_mode_settings; bios - M8 AMD BIOS attributes; ethernet_network - QnQ capabilities; vnics - sriov; vnic/vhba templates |
+ | profiles | >=1.0.11-18371 | 1.0.54 | Not Supported | Adds Chassis/Domain Templates. |
## Module(s) Release 4.2.11-16711 Compatibility
@@ -50,6 +50,7 @@ content: |-
## Updates
+ * 2024-09-13: Recommended releases are 4.2.11-18371 or 4.2.11-16711. ISSUE 287 resolved
* 2024-09-08: Rolling back SaaS recommendation to 4.2.11-17769 since provider v1.0.54 is broken again for server templates [ISSUE 287](https://github.com/CiscoDevNet/terraform-provider-intersight/issues/287) . Version v4.2.11-18369 and v4.2.11-18370 is on hold for now until provider fixed.
* 2024-09-07: Recommended releases are 4.2.11-18369 or 4.2.11-16711. This update changes the drive security policy to match the updated API of 1.0.11-18369. Make sure to update your variables.tf, locals.tf from the eas-imm repository to get the updated sensitive variables for drive_security. The variables have also been updated to do validation using the regular expression patterns from the API.
* 2024-07-23: Recommended releases are 4.2.11-17769 or 4.2.11-16711. See Notes for modules above.
diff --git a/README.md b/README.md
index 2a394a6..5cab3cc 100644
--- a/README.md
+++ b/README.md
@@ -25,14 +25,14 @@
## Recommended Module Versions
-## Module(s) Release 4.2.11-17769 Compatibility
+## Module(s) Release 4.2.11-18370 Compatibility
| **Module** | **API Version** | **Provider Version** | **Appliance Version** | **Module Notes**
| :-----------: | :-------------: | :------------------: | :-------------------: | :--------------------------: |
-| organizations | >=1.0.11-17769 | 1.0.51 | Not Supported | New Module to Manage Organizations/Resource Groups. |
-| pools | >=1.0.11-17769 | 1.0.51 | Not Supported | Adds IP Pool Block Level IP Configuration. |
-| policies | >=1.0.11-17769 | 1.0.51 | Not Supported | adapter_config - Add physical_nic_mode_settings; bios - M8 AMD BIOS attributes; ethernet_network - QnQ capabilities; vnics - sriov; vnic/vhba templates |
-| profiles | >=1.0.11-17769 | 1.0.51 | Not Supported | Adds Chassis/Domain Templates. |
+| organizations | >=1.0.11-18371 | >=1.0.47 | Not Supported | New Module to Manage Organizations/Resource Groups. |
+| pools | >=1.0.11-18371 | 1.0.54 | Not Supported | Adds IP Pool Block Level IP Configuration. |
+| policies | >=1.0.11-18371 | 1.0.54 | Not Supported | adapter_config - Add physical_nic_mode_settings; bios - M8 AMD BIOS attributes; ethernet_network - QnQ capabilities; vnics - sriov; vnic/vhba templates |
+| profiles | >=1.0.11-18371 | 1.0.54 | Not Supported | Adds Chassis/Domain Templates. |
## Module(s) Release 4.2.11-16711 Compatibility
@@ -46,6 +46,7 @@
## Updates
+* 2024-09-13: Recommended releases are 4.2.11-18371 or 4.2.11-16711. ISSUE 287 resolved
* 2024-09-08: Rolling back SaaS recommendation to 4.2.11-17769 since provider v1.0.54 is broken again for server templates [ISSUE 287](https://github.com/CiscoDevNet/terraform-provider-intersight/issues/287) . Version v4.2.11-18369 and v4.2.11-18370 is on hold for now until provider fixed.
* 2024-09-07: Recommended releases are 4.2.11-18369 or 4.2.11-16711. This update changes the drive security policy to match the updated API of 1.0.11-18369. Make sure to update your variables.tf, locals.tf from the eas-imm repository to get the updated sensitive variables for drive_security. The variables have also been updated to do validation using the regular expression patterns from the API.
* 2024-07-23: Recommended releases are 4.2.11-17769 or 4.2.11-16711. See Notes for modules above.
@@ -316,7 +317,7 @@ terraform.exe apply "main.plan"
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >=1.3.0 |
-| [intersight](#requirement\_intersight) | 1.0.54 |
+| [intersight](#requirement\_intersight) | 1.0.55 |
| [time](#requirement\_time) | 0.9.1 |
| [utils](#requirement\_utils) | >= 0.1.3 |
@@ -334,10 +335,10 @@ terraform.exe apply "main.plan"
| Name | Source | Version |
|------|--------|---------|
-| [organizations](#module\_organizations) | terraform-cisco-modules/organizations/intersight | 4.2.11-18370 |
-| [pools](#module\_pools) | terraform-cisco-modules/pools/intersight | 4.2.11-18370 |
-| [policies](#module\_policies) | terraform-cisco-modules/policies/intersight | 4.2.11-18370 |
-| [profiles](#module\_profiles) | terraform-cisco-modules/profiles/intersight | 4.2.11-18370 |
+| [organizations](#module\_organizations) | terraform-cisco-modules/organizations/intersight | 4.2.11-18371 |
+| [pools](#module\_pools) | terraform-cisco-modules/pools/intersight | 4.2.11-18371 |
+| [policies](#module\_policies) | terraform-cisco-modules/policies/intersight | 4.2.11-18371 |
+| [profiles](#module\_profiles) | terraform-cisco-modules/profiles/intersight | 4.2.11-18371 |
**NOTE: When the Data is merged from the YAML files, it will run through the modules using for_each loop(s). Sensitive Variables cannot be added to a for_each loop, instead use the variables below to add sensitive values for policies.**
@@ -363,7 +364,7 @@ terraform.exe apply "main.plan"
| [drive\_security\_new\_security\_key\_passphrase](#input\_drive\_security\_new\_security\_key\_passphrase) | Drive Security New Security Key Passphrase for Manual Key Management. It must meet the following criteria:
- One Uppercase Letter
- One LowerCase Letter
- One Number
- One Special Character: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
- Be between 8 and 32 Characters in Length. | `string` | `""` | no |
| [drive\_security\_authentication\_password](#input\_drive\_security\_authentication\_password) | Drive Security User Password. | `string` | `""` | no |
| [drive\_security\_server\_ca\_certificate](#input\_drive\_security\_server\_ca\_certificate) | Drive Security Server CA Certificate, in PEM Format, File Location. | `string` | `"blah.txt"` | no |
-| [cco\_password](#input\_cco\_password) | CCO User Account Password. It must meet the following criteria:
- One Uppercase Letter
- One Lowercase Letter
- One Number
- One Special Character: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
- Be between 12 and 60 Characters in Length. | `string` | `""` | no |
+| [cco\_password](#input\_cco\_password) | Cisco.com Authentication Password. It must meet the following criteria:
- One Uppercase Letter
- One Lowercase Letter
- One Number
- One Special Character: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
- Be between 12 and 60 Characters in Length. | `string` | `""` | no |
| [cco\_user](#input\_cco\_user) | CCO User Account Email for Firmware Policies. | `string` | `"cco_user"` | no |
| [ipmi\_encryption\_key](#input\_ipmi\_encryption\_key) | Encryption key to use for IPMI communication. It should have an even number of hexadecimal characters and not exceed 40 characters. | `string` | `""` | no |
| [iscsi\_boot\_password](#input\_iscsi\_boot\_password) | Password to Assign to the iSCSI Boot Policy if doing Authentication. It can be any string that adheres to the following constraints.
- Any non-white space character
- Be between 12 and 16 Characters in Length. | `string` | `""` | no |
diff --git a/Wakanda/global_settings.ezi.yaml b/Wakanda/global_settings.ezi.yaml
index 7c4c6a7..e687840 100644
--- a/Wakanda/global_settings.ezi.yaml
+++ b/Wakanda/global_settings.ezi.yaml
@@ -8,4 +8,4 @@ global_settings:
- key: "Module"
value: "easy-imm"
- key: "Version"
- value: "4.2.11-18370"
+ value: "4.2.11-18371"
diff --git a/Wakanda/main.tf b/Wakanda/main.tf
index bec20c5..8ee5df3 100644
--- a/Wakanda/main.tf
+++ b/Wakanda/main.tf
@@ -20,7 +20,7 @@ data "utils_yaml_merge" "model" {
module "pools" {
# source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-pools"
source = "terraform-cisco-modules/pools/intersight"
- version = "4.2.11-18370"
+ version = "4.2.11-18371"
for_each = {
for i in ["map"] : i => i if length(flatten([for org in setsubtract(keys(local.model), local.non_orgs) : [
for e in keys(lookup(local.model[org], "pools", {})) : e]])) > 0 || length(
@@ -42,7 +42,7 @@ module "pools" {
module "policies" {
# source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-policies"
source = "terraform-cisco-modules/policies/intersight"
- version = "4.2.11-18370"
+ version = "4.2.11-18371"
for_each = {
for i in ["map"] : i => i if length(flatten([for org in keys(local.model) : [
for e in keys(lookup(local.model[org], "policies", {})) : local.model[org].policies[e] if length(lookup(lookup(
@@ -64,7 +64,7 @@ module "policies" {
module "profiles" {
# source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-profiles"
source = "terraform-cisco-modules/profiles/intersight"
- version = "4.2.11-18370"
+ version = "4.2.11-18371"
for_each = {
for i in ["map"] : i => i if length(flatten([for org in keys(local.model) : [for e in ["profiles", "templates"] : [
for d in ["chassis", "domain", "server"] : lookup(lookup(local.model[org], e, {}), d, [])]]]
diff --git a/Wakanda/provider.tf b/Wakanda/provider.tf
index b78cefb..fd8c782 100644
--- a/Wakanda/provider.tf
+++ b/Wakanda/provider.tf
@@ -8,7 +8,7 @@ terraform {
required_providers {
intersight = {
source = "CiscoDevNet/intersight"
- version = "1.0.54"
+ version = "1.0.55"
}
time = {
source = "time"
diff --git a/bulk_issue/global_settings.ezi.yaml b/bulk_issue/global_settings.ezi.yaml
new file mode 100644
index 0000000..7c4c6a7
--- /dev/null
+++ b/bulk_issue/global_settings.ezi.yaml
@@ -0,0 +1,11 @@
+---
+#========================================
+# Global Settings
+#========================================
+global_settings:
+ intersight_fqdn: intersight.com
+ tags:
+ - key: "Module"
+ value: "easy-imm"
+ - key: "Version"
+ value: "4.2.11-18370"
diff --git a/bulk_issue/locals.tf b/bulk_issue/locals.tf
new file mode 100644
index 0000000..16aa540
--- /dev/null
+++ b/bulk_issue/locals.tf
@@ -0,0 +1,112 @@
+locals {
+ global_settings = {
+ tags = lookup(local.model.global_settings, "tags", [
+ {
+ key = "Module"
+ value = "terraform-intersight-easy-imm"
+ },
+ {
+ key = "Version"
+ value = "4.2.11-18370"
+ }
+ ])
+ }
+ intersight_fqdn = lookup(local.model.global_settings, "intersight_fqdn", "intersight.com")
+ non_orgs = ["global_settings", "intersight"]
+ model = yamldecode(data.utils_yaml_merge.model.output)
+ orgs = { for k, v in data.intersight_organization_organization.orgs.results : v.name => v.moid }
+
+ #__________________________________________________________________
+ #
+ # Sensitive Variables
+ #__________________________________________________________________
+ policies_sensitive = {
+ certificate_management = {
+ certificate = {
+ 1 = fileexists(var.cert_mgmt_certificate_1) ? file(var.cert_mgmt_certificate_1) : var.cert_mgmt_certificate_1
+ 2 = fileexists(var.cert_mgmt_certificate_2) ? file(var.cert_mgmt_certificate_2) : var.cert_mgmt_certificate_2
+ 3 = fileexists(var.cert_mgmt_certificate_3) ? file(var.cert_mgmt_certificate_3) : var.cert_mgmt_certificate_3
+ 4 = fileexists(var.cert_mgmt_certificate_4) ? file(var.cert_mgmt_certificate_4) : var.cert_mgmt_certificate_4
+ 5 = fileexists(var.cert_mgmt_certificate_5) ? file(var.cert_mgmt_certificate_5) : var.cert_mgmt_certificate_5
+ }
+ private_key = {
+ 1 = fileexists(var.cert_mgmt_private_key_1) ? file(var.cert_mgmt_private_key_1) : var.cert_mgmt_private_key_1
+ 2 = fileexists(var.cert_mgmt_private_key_2) ? file(var.cert_mgmt_private_key_2) : var.cert_mgmt_private_key_2
+ 3 = fileexists(var.cert_mgmt_private_key_3) ? file(var.cert_mgmt_private_key_3) : var.cert_mgmt_private_key_3
+ 4 = fileexists(var.cert_mgmt_private_key_4) ? file(var.cert_mgmt_private_key_4) : var.cert_mgmt_private_key_4
+ 5 = fileexists(var.cert_mgmt_private_key_5) ? file(var.cert_mgmt_private_key_5) : var.cert_mgmt_private_key_5
+ }
+ }
+ drive_security = {
+ current_security_key_passphrase = {
+ 1 = var.drive_security_current_security_key_passphrase
+ }
+ new_security_key_passphrase = {
+ 1 = var.drive_security_new_security_key_passphrase
+ }
+ password = {
+ 1 = var.drive_security_authentication_password
+ }
+ server_public_root_ca_certificate = {
+ 1 = fileexists(var.drive_security_server_ca_certificate
+ ) ? file(var.drive_security_server_ca_certificate) : var.drive_security_server_ca_certificate
+ }
+ }
+ firmware = {
+ cco_password = { 1 = var.cco_password }
+ cco_user = { 1 = var.cco_user }
+ }
+ ipmi_over_lan = { encryption_key = { 1 = var.ipmi_encryption_key } }
+ iscsi_boot = { password = { 1 = var.iscsi_boot_password } }
+ ldap = { password = { 1 = var.binding_parameters_password } }
+ local_user = {
+ password = {
+ 1 = var.local_user_password_1
+ 2 = var.local_user_password_2
+ 3 = var.local_user_password_3
+ 4 = var.local_user_password_4
+ 5 = var.local_user_password_5
+ }
+ }
+ persistent_memory = { passphrase = { 1 = var.persistent_passphrase } }
+ snmp = {
+ access_community_string = {
+ 1 = var.access_community_string_1
+ 2 = var.access_community_string_2
+ 3 = var.access_community_string_3
+ 4 = var.access_community_string_4
+ 5 = var.access_community_string_5
+ }
+ auth_password = {
+ 1 = var.snmp_auth_password_1
+ 2 = var.snmp_auth_password_2
+ 3 = var.snmp_auth_password_3
+ 4 = var.snmp_auth_password_4
+ 5 = var.snmp_auth_password_5
+ }
+ privacy_password = {
+ 1 = var.snmp_privacy_password_1
+ 2 = var.snmp_privacy_password_2
+ 3 = var.snmp_privacy_password_3
+ 4 = var.snmp_privacy_password_4
+ 5 = var.snmp_privacy_password_5
+ }
+ trap_community_string = {
+ 1 = var.snmp_trap_community_1
+ 2 = var.snmp_trap_community_2
+ 3 = var.snmp_trap_community_3
+ 4 = var.snmp_trap_community_4
+ 5 = var.snmp_trap_community_5
+ }
+ }
+ virtual_media = {
+ password = {
+ 1 = var.vmedia_password_1
+ 2 = var.vmedia_password_2
+ 3 = var.vmedia_password_3
+ 4 = var.vmedia_password_4
+ 5 = var.vmedia_password_5
+ }
+ }
+ }
+}
diff --git a/bulk_issue/main.tf b/bulk_issue/main.tf
new file mode 100644
index 0000000..a30424a
--- /dev/null
+++ b/bulk_issue/main.tf
@@ -0,0 +1,78 @@
+#_________________________________________________________________________________________
+#
+# Data Model Merge Process - Merge YAML Files into HCL Format
+#_________________________________________________________________________________________
+data "intersight_organization_organization" "orgs" {}
+data "utils_yaml_merge" "model" {
+ input = concat([
+ for file in fileset(path.module, "*.ezi.yaml") : file(file)], [
+ for file in fileset(path.module, "p*/*.ezi.yaml") : file(file)], [
+ for file in fileset(path.module, "t*/*.ezi.yaml") : file(file)]
+ )
+ merge_list_items = false
+}
+
+#_________________________________________________________________________________________
+#
+# Intersight:Pools
+# GUI Location: Infrastructure Service > Configure > Pools
+#_________________________________________________________________________________________
+module "pools" {
+ # source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-pools"
+ source = "terraform-cisco-modules/pools/intersight"
+ version = "4.2.11-16711"
+ for_each = {
+ for i in ["map"] : i => i if length(flatten([for org in setsubtract(keys(local.model), local.non_orgs) : [
+ for e in keys(lookup(local.model[org], "pools", {})) : e]])) > 0 || length(
+ flatten([for org in setsubtract(keys(local.model), local.non_orgs) : [for e in lookup(lookup(local.model[org], "profiles", {}), "server", []) : [
+ for d in e["targets"] : lookup(d, "reservations", [])
+ ]]])
+ ) > 0
+ }
+ global_settings = local.global_settings
+ model = { for k, v in local.model : k => v if length(regexall("^global_settings|intersight$", k)) == 0 }
+ orgs = local.orgs
+}
+
+#_________________________________________________________________________________________
+#
+# Intersight:Policies
+# GUI Location: Infrastructure Service > Configure > Policies
+#_________________________________________________________________________________________
+module "policies" {
+ # source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-policies"
+ source = "terraform-cisco-modules/policies/intersight"
+ version = "4.2.11-16711"
+ for_each = {
+ for i in ["map"] : i => i if length(flatten([for org in keys(local.model) : [
+ for e in keys(lookup(local.model[org], "policies", {})) : local.model[org].policies[e] if length(lookup(lookup(
+ local.model[org], "policies", {}), e, [])) > 0]])
+ ) > 0
+ }
+ global_settings = local.global_settings
+ model = { for k, v in local.model : k => v if length(regexall("^global_settings|intersight$", k)) == 0 }
+ orgs = local.orgs
+ policies_sensitive = local.policies_sensitive
+ pools = module.pools
+}
+
+#_________________________________________________________________________________________
+#
+# Intersight:UCS Chassis and Server Profiles
+# GUI Location: Infrastructure Service > Configure > Profiles
+#_________________________________________________________________________________________
+module "profiles" {
+ # source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-profiles"
+ source = "terraform-cisco-modules/profiles/intersight"
+ version = "4.2.11-16711"
+ for_each = {
+ for i in ["map"] : i => i if length(flatten([for org in keys(local.model) : [for e in ["profiles", "templates"] : [
+ for d in ["chassis", "domain", "server"] : lookup(lookup(local.model[org], e, {}), d, [])]]]
+ )) > 0
+ }
+ global_settings = local.global_settings
+ model = { for k, v in local.model : k => v if length(regexall("^global_settings|intersight$", k)) == 0 }
+ orgs = local.orgs
+ policies = module.policies
+ pools = module.pools
+}
diff --git a/bulk_issue/outputs.tf b/bulk_issue/outputs.tf
new file mode 100644
index 0000000..d1a89b4
--- /dev/null
+++ b/bulk_issue/outputs.tf
@@ -0,0 +1,24 @@
+#__________________________________________________________
+#
+# Module Outputs
+#__________________________________________________________
+
+output "orgs" {
+ description = "Organization Moids"
+ value = local.orgs
+}
+
+output "policies" {
+ description = "The Name of Each Policy Created with it's respective Moid."
+ value = module.policies
+}
+
+output "pools" {
+ description = "The Name of Each Pool Created with it's respective Moid."
+ value = module.pools
+}
+
+output "profiles" {
+ description = "The Name of Each Profile Created with it's respective Moid."
+ value = module.profiles
+}
diff --git a/bulk_issue/profiles/server.ezi.yaml b/bulk_issue/profiles/server.ezi.yaml
new file mode 100644
index 0000000..fc70624
--- /dev/null
+++ b/bulk_issue/profiles/server.ezi.yaml
@@ -0,0 +1,10 @@
+common:
+ profiles:
+ server:
+ - action: No-op
+ attach_template: true
+ target_platform: FIAttached
+ targets:
+ - name: bulk_issue
+ serial_number: unknown
+ ucs_server_profile_template: aci-M5-intel-virtual-M2-pxe
diff --git a/bulk_issue/provider.tf b/bulk_issue/provider.tf
new file mode 100644
index 0000000..adfbb7c
--- /dev/null
+++ b/bulk_issue/provider.tf
@@ -0,0 +1,29 @@
+#_______________________________________________________________________
+#
+# Terraform Required Parameters - Intersight Provider
+# https://registry.terraform.io/providers/CiscoDevNet/intersight/latest
+#_______________________________________________________________________
+
+terraform {
+ required_providers {
+ intersight = {
+ source = "CiscoDevNet/intersight"
+ version = "1.0.47"
+ }
+ time = {
+ source = "time"
+ version = "0.9.1"
+ }
+ utils = {
+ source = "netascode/utils"
+ version = ">= 0.1.3"
+ }
+ }
+ required_version = ">=1.3.0"
+}
+
+provider "intersight" {
+ apikey = var.intersight_api_key_id
+ endpoint = "https://${local.intersight_fqdn}"
+ secretkey = fileexists(var.intersight_secret_key) ? file(var.intersight_secret_key) : var.intersight_secret_key
+}
diff --git a/bulk_issue/variables.tf b/bulk_issue/variables.tf
new file mode 100644
index 0000000..5eabd17
--- /dev/null
+++ b/bulk_issue/variables.tf
@@ -0,0 +1,797 @@
+#______________________________________________
+#
+# Intersight Provider Settings
+#______________________________________________
+
+variable "intersight_api_key_id" {
+ description = "Intersight API Key."
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^[\\da-f]{24}/[\\da-f]{24}/[\\da-f]{24}$", var.intersight_api_key_id)) > 0
+ error_message = "Interisght API Key Should match the following: ```^[\\da-f]{24}/[\\da-f]{24}/[\\da-f]{24}$```"
+ }
+}
+
+variable "intersight_secret_key" {
+ default = "blah.txt"
+ description = "Intersight Secret Key."
+ sensitive = true
+ type = string
+}
+
+
+#__________________________________________________________________
+#
+# Certificate Management Sensitive Variables
+#__________________________________________________________________
+
+variable "cert_mgmt_certificate_1" {
+ default = "blah.txt"
+ description = "The Server Certificate, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_certificate_2" {
+ default = "blah.txt"
+ description = "The Server Certificate, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_certificate_3" {
+ default = "blah.txt"
+ description = "The Server Certificate, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_certificate_4" {
+ default = "blah.txt"
+ description = "The Server Certificate, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_certificate_5" {
+ default = "blah.txt"
+ description = "The Server Certificate, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_private_key_1" {
+ default = "blah.txt"
+ description = "The Server Private Key, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_private_key_2" {
+ default = "blah.txt"
+ description = "The Server Private Key, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_private_key_3" {
+ default = "blah.txt"
+ description = "The Server Private Key, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_private_key_4" {
+ default = "blah.txt"
+ description = "The Server Private Key, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+variable "cert_mgmt_private_key_5" {
+ default = "blah.txt"
+ description = "The Server Private Key, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+
+#__________________________________________________________________
+#
+# Drive Security Sensitive Variables
+#__________________________________________________________________
+
+variable "drive_security_current_security_key_passphrase" {
+ default = ""
+ description = <<-EOT
+ Drive Security Current Security Key Passphrase for Manual or Remote Key Management. It must meet the following criteria:
+ - One Uppercase Letter
+ - One LowerCase Letter
+ - One Number
+ - One Special Character: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|[a-z]", var.drive_security_current_security_key_passphrase)
+ ) > 0 && length(regexall("^$|[A-Z]", var.drive_security_current_security_key_passphrase)
+ ) > 0 && length(regexall("^$|[\\d]", var.drive_security_current_security_key_passphrase)
+ ) > 0 && length(regexall("^$|[=!&#$%+^@_*-]", var.drive_security_current_security_key_passphrase)
+ ) > 0 && length(regexall("^$|^[a-zA-Z0-9=!&#$%+^@_*-]{8,32}$", var.drive_security_current_security_key_passphrase)) > 0
+ error_message = "Should be at least 8 characters long and should include at least one uppercase letter, one lowercase letter, one number, and one of the following special characters: ```=!&#$%+^@_*-```."
+ }
+}
+
+
+variable "drive_security_new_security_key_passphrase" {
+ default = ""
+ description = <<-EOT
+ Drive Security New Security Key Passphrase for Manual Key Management. It must meet the following criteria:
+ - One Uppercase Letter
+ - One LowerCase Letter
+ - One Number
+ - One Special Character: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|[a-z]", var.drive_security_new_security_key_passphrase)
+ ) > 0 && length(regexall("^$|[A-Z]", var.drive_security_new_security_key_passphrase)
+ ) > 0 && length(regexall("^$|[\\d]", var.drive_security_new_security_key_passphrase)
+ ) > 0 && length(regexall("^$|[=!&#$%+^@_*-]", var.drive_security_new_security_key_passphrase)
+ ) > 0 && length(regexall("^$|^[a-zA-Z0-9=!&#$%+^@_*-]{8,32}$", var.drive_security_new_security_key_passphrase)) > 0
+ error_message = "Should be at least 8 characters long and should include at least one uppercase letter, one lowercase letter, one number, and one of the following special characters: ```=!&#$%+^@_*-```."
+ }
+}
+
+variable "drive_security_authentication_password" {
+ default = ""
+ description = "Drive Security User Password."
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[!\"#%&\\'\\(\\)\\*\\+,\\-\\./:;<>@\\[\\\\\\]\\^_`\\{\\|\\}~a-zA-Z0-9]{6,80}$", var.drive_security_authentication_password)) > 0
+ error_message = "Must match the following regular expression: ```^$|^[!\"#%&\\'\\(\\)\\*\\+,\\-\\./:;<>@\\[\\\\\\]\\^_`\\{\\|\\}~a-zA-Z0-9]{6,80}$```."
+ }
+}
+
+variable "drive_security_server_ca_certificate" {
+ default = "blah.txt"
+ description = "Drive Security Server CA Certificate, in PEM Format, File Location."
+ sensitive = true
+ type = string
+}
+
+
+#__________________________________________________________________
+#
+# Firmware Sensitive Variables
+#__________________________________________________________________
+
+variable "cco_password" {
+ default = ""
+ description = <<-EOT
+ CCO User Account Password. It must meet the following criteria:
+ - One Uppercase Letter
+ - One Lowercase Letter
+ - One Number
+ - One Special Character: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 12 and 60 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|[a-z]", var.cco_password)
+ ) > 0 && length(regexall("^$|[A-Z]", var.cco_password)
+ ) > 0 && length(regexall("^$|[\\d]", var.cco_password)
+ ) > 0 && length(regexall("^$|[=!&#$%+^@_*-]", var.cco_password)
+ ) > 0 && length(regexall("^$|^[a-zA-Z0-9=!&#$%+^@_*-]{12,60}$", var.cco_password)) > 0
+ error_message = "Should be between 12 and 60 characters long and should include at least one uppercase letter, one lowercase letter, one number, and one of the following special characters: ```=!&#$%+^@_*-```."
+ }
+}
+
+variable "cco_user" {
+ default = "cco_user"
+ description = "CCO User Account Email for Firmware Policies."
+ sensitive = true
+ type = string
+}
+
+
+#__________________________________________________________________
+#
+# IPMI Sensitive Variables
+#__________________________________________________________________
+
+variable "ipmi_encryption_key" {
+ default = ""
+ description = "Encryption key to use for IPMI communication. It should have an even number of hexadecimal characters and not exceed 40 characters."
+ sensitive = true
+ type = string
+ validation {
+ condition = length(var.ipmi_encryption_key) % 2 == 0 && length(regexall("^$|^[a-fA-F\\d]{2,40}$", var.ipmi_encryption_key)) > 0
+ error_message = "The encryption key to use for IPMI communication. It should have an even number of hexadecimal characters and not exceed 40 characters. Use “00” to disable encryption key use. This configuration is supported by all Standalone C-Series servers. FI-attached C-Series servers with firmware at minimum of 4.2.3a support this configuration. B/X-Series servers with firmware at minimum of 5.1.0.x support this configuration. IPMI commands using this key should append zeroes to the key to achieve a length of 40 characters."
+ }
+}
+
+#__________________________________________________________________
+#
+# iSCSI Boot Sensitive Variable
+#__________________________________________________________________
+
+variable "iscsi_boot_password" {
+ default = ""
+ description = <<-EOT
+ Password to Assign to the iSCSI Boot Policy if doing Authentication. It can be any string that adheres to the following constraints.
+ - Any non-white space character
+ - Be between 12 and 16 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[\\S]{12,16}$", var.iscsi_boot_password)) > 0
+ error_message = "Must match the following regular expression: ```^[\\S]{12,16}$```."
+ }
+}
+
+#__________________________________________________________________
+#
+# LDAP Sensitive Variable
+#__________________________________________________________________
+
+variable "binding_parameters_password" {
+ default = ""
+ description = <<-EOT
+ The password of the user for initial bind process with an LDAP Policy. It can be any string that adheres to the following constraints.
+ - Any non-white space character
+ - Be between 8 and 254 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[\\S]{8,254}$", var.binding_parameters_password)) > 0
+ error_message = "Must match the following regular expression: ```^[\\S]{8,254}$```."
+ }
+}
+
+#__________________________________________________________________
+#
+# Local User Sensitive Variables
+#__________________________________________________________________
+
+variable "local_user_password_1" {
+ default = ""
+ description = <<-EOT
+ Password to assign to a Local User Policy -> User.
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 8 and 127 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$", var.local_user_password_1)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$```."
+ }
+}
+
+variable "local_user_password_2" {
+ default = ""
+ description = <<-EOT
+ Password to assign to a Local User Policy -> User.
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 8 and 127 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$", var.local_user_password_2)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$```."
+ }
+}
+
+variable "local_user_password_3" {
+ default = ""
+ description = <<-EOT
+ Password to assign to a Local User Policy -> User.
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 8 and 127 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$", var.local_user_password_3)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$```."
+ }
+}
+
+variable "local_user_password_4" {
+ default = ""
+ description = <<-EOT
+ Password to assign to a Local User Policy -> User.
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 8 and 127 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$", var.local_user_password_4)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$```."
+ }
+}
+
+variable "local_user_password_5" {
+ default = ""
+ description = <<-EOT
+ Password to assign to a Local User Policy -> User.
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 8 and 127 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$", var.local_user_password_5)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z0-9!@#$%^&\\*+_=-]{8,127}$```."
+ }
+}
+
+#__________________________________________________________________
+#
+# Persistent Memory Sensitive Variable
+#__________________________________________________________________
+
+variable "persistent_passphrase" {
+ default = ""
+ description = <<-EOT
+ Secure passphrase to be applied on the Persistent Memory Modules on the server. The allowed characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `+`, `_`, `=`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ #- Special Characters: `\u0021`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z0-9=!&#$%+^@_*-]{8,32}$", var.persistent_passphrase)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z0-9=!&#$%+^@_*-]{8,32}$```."
+ }
+}
+
+#__________________________________________________________________
+#
+# SNMP Sensitive Variables
+#__________________________________________________________________
+
+variable "access_community_string_1" {
+ default = ""
+ description = <<-EOT
+ The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.access_community_string_1)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "access_community_string_2" {
+ default = ""
+ description = <<-EOT
+ The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.access_community_string_2)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "access_community_string_3" {
+ default = ""
+ description = <<-EOT
+ The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.access_community_string_3)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "access_community_string_4" {
+ default = ""
+ description = <<-EOT
+ The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.access_community_string_4)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "access_community_string_5" {
+ default = ""
+ description = <<-EOT
+ The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.access_community_string_5)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "snmp_auth_password_1" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Authorization password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_auth_password_1)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_auth_password_2" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Authorization password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_auth_password_2)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_auth_password_3" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Authorization password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_auth_password_3)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_auth_password_4" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Authorization password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_auth_password_4)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_auth_password_5" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Authorization password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_auth_password_5)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_privacy_password_1" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Privacy password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_privacy_password_1)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_privacy_password_2" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Privacy password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_privacy_password_2)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_privacy_password_3" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Privacy password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_privacy_password_3)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_privacy_password_4" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Privacy password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_privacy_password_4)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_privacy_password_5" {
+ default = ""
+ description = <<-EOT
+ The SNMPv3 User Privacy password. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `@`, `_`, `*`, `-`
+ - Be between 8 and 64 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$", var.snmp_privacy_password_5)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^@_*-]{8,64}$```."
+ }
+}
+
+variable "snmp_trap_community_1" {
+ default = ""
+ description = <<-EOT
+ The SNMPv1, SNMPv2c community name to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.snmp_trap_community_1)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "snmp_trap_community_2" {
+ default = ""
+ description = <<-EOT
+ The SNMPv1, SNMPv2c community name to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.snmp_trap_community_2)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "snmp_trap_community_3" {
+ default = ""
+ description = <<-EOT
+ The SNMPv1, SNMPv2c community name to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.snmp_trap_community_3)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "snmp_trap_community_4" {
+ default = ""
+ description = <<-EOT
+ The SNMPv1, SNMPv2c community name to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.snmp_trap_community_4)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+variable "snmp_trap_community_5" {
+ default = ""
+ description = <<-EOT
+ The SNMPv1, SNMPv2c community name to include on any trap messages sent to the SNMP host. The name can be 32 characters long. Allowed Characters are:
+ - Lower or Upper Case Letters
+ - Numbers
+ - Special Characters: `.`, `=`, `!`, `&`, `#`, `$`, `%`, `+`, `^`, `_`, `*`, `-`
+ - Be between 8 and 32 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$", var.snmp_trap_community_5)) > 0
+ error_message = "Must match the following regular expression: ```^[a-zA-Z\\d\\.=!&#$%+^_*-]{8,32}$```."
+ }
+}
+
+
+#__________________________________________________________________
+#
+# Virtual Media Sensitive Variable
+#__________________________________________________________________
+
+variable "vmedia_password_1" {
+ default = ""
+ description = <<-EOT
+ Virtual Media Policy -> Mapping Target Password when authentication is enabled. Allowed Characters are:
+ - Any non-white space character
+ - Be between 6 and 255 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[\\S]{6,255}$", var.vmedia_password_1)) > 0
+ error_message = "Must match the following regular expression: ```^[\\S]{6,255}$```."
+ }
+}
+
+variable "vmedia_password_2" {
+ default = ""
+ description = <<-EOT
+ Virtual Media Policy -> Mapping Target Password when authentication is enabled. Allowed Characters are:
+ - Any non-white space character
+ - Be between 6 and 255 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[\\S]{6,255}$", var.vmedia_password_2)) > 0
+ error_message = "Must match the following regular expression: ```^[\\S]{6,255}$```."
+ }
+}
+
+variable "vmedia_password_3" {
+ default = ""
+ description = <<-EOT
+ Virtual Media Policy -> Mapping Target Password when authentication is enabled. Allowed Characters are:
+ - Any non-white space character
+ - Be between 6 and 255 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[\\S]{6,255}$", var.vmedia_password_3)) > 0
+ error_message = "Must match the following regular expression: ```^[\\S]{6,255}$```."
+ }
+}
+
+variable "vmedia_password_4" {
+ default = ""
+ description = <<-EOT
+ Virtual Media Policy -> Mapping Target Password when authentication is enabled. Allowed Characters are:
+ - Any non-white space character
+ - Be between 6 and 255 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[\\S]{6,255}$", var.vmedia_password_4)) > 0
+ error_message = "Must match the following regular expression: ```^[\\S]{6,255}$```."
+ }
+}
+
+variable "vmedia_password_5" {
+ default = ""
+ description = <<-EOT
+ Virtual Media Policy -> Mapping Target Password when authentication is enabled. Allowed Characters are:
+ - Any non-white space character
+ - Be between 6 and 255 Characters in Length.
+ EOT
+ sensitive = true
+ type = string
+ validation {
+ condition = length(regexall("^$|^[\\S]{6,255}$", var.vmedia_password_5)) > 0
+ error_message = "Must match the following regular expression: ```^[\\S]{6,255}$```."
+ }
+}
diff --git a/global_settings.ezi.yaml b/global_settings.ezi.yaml
index 7c4c6a7..e687840 100644
--- a/global_settings.ezi.yaml
+++ b/global_settings.ezi.yaml
@@ -8,4 +8,4 @@ global_settings:
- key: "Module"
value: "easy-imm"
- key: "Version"
- value: "4.2.11-18370"
+ value: "4.2.11-18371"
diff --git a/main.tf b/main.tf
index 7e30fe5..82ebdd9 100644
--- a/main.tf
+++ b/main.tf
@@ -20,7 +20,7 @@ data "utils_yaml_merge" "model" {
module "organizations" {
# source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-organizations"
source = "terraform-cisco-modules/organizations/intersight"
- version = "4.2.11-18370"
+ version = "4.2.11-18371"
for_each = { for i in ["map"] : i => i if length([setsubtract(keys(local.model), local.non_orgs)]) > 0 }
global_settings = local.global_settings
model = { for k, v in local.model : k => v if length(regexall("^global_settings|intersight$", k)) == 0 }
@@ -34,7 +34,7 @@ module "organizations" {
module "pools" {
# source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-pools"
source = "terraform-cisco-modules/pools/intersight"
- version = "4.2.11-18370"
+ version = "4.2.11-18371"
for_each = {
for i in ["map"] : i => i if length(flatten([for org in setsubtract(keys(local.model), local.non_orgs) : [
for e in keys(lookup(local.model[org], "pools", {})) : e]])) > 0 || length(
@@ -56,7 +56,7 @@ module "pools" {
module "policies" {
# source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-policies"
source = "terraform-cisco-modules/policies/intersight"
- version = "4.2.11-18370"
+ version = "4.2.11-18371"
for_each = {
for i in ["map"] : i => i if length(flatten([for org in keys(local.model) : [
for e in keys(lookup(local.model[org], "policies", {})) : local.model[org].policies[e] if length(lookup(lookup(
@@ -79,7 +79,7 @@ module "policies" {
module "profiles" {
# source = "/home/tyscott/terraform-cisco-modules/terraform-intersight-profiles"
source = "terraform-cisco-modules/profiles/intersight"
- version = "4.2.11-18370"
+ version = "4.2.11-18371"
for_each = {
for i in ["map"] : i => i if length(flatten([for org in keys(local.model) : [for e in ["profiles", "templates"] : [
for d in ["chassis", "domain", "server"] : lookup(lookup(local.model[org], e, {}), d, [])]]]
diff --git a/policies/ethernet.ezi.yaml b/policies/ethernet.ezi.yaml
index aff1db1..0d6b4e7 100644
--- a/policies/ethernet.ezi.yaml
+++ b/policies/ethernet.ezi.yaml
@@ -71,6 +71,7 @@ default:
dce_interface_4_fec_mode: cl91
enable_fip: true
enable_lldp: true
+ enable_physical_nic_mode: false
enable_port_channel: true
pci_slot: MLOM
description: adapter Adapter Configuration Policy
diff --git a/provider.tf b/provider.tf
index b78cefb..fd8c782 100644
--- a/provider.tf
+++ b/provider.tf
@@ -8,7 +8,7 @@ terraform {
required_providers {
intersight = {
source = "CiscoDevNet/intersight"
- version = "1.0.54"
+ version = "1.0.55"
}
time = {
source = "time"
diff --git a/variables.tf b/variables.tf
index 5eabd17..f0a0415 100644
--- a/variables.tf
+++ b/variables.tf
@@ -174,7 +174,7 @@ variable "drive_security_server_ca_certificate" {
variable "cco_password" {
default = ""
description = <<-EOT
- CCO User Account Password. It must meet the following criteria:
+ Cisco.com Authentication Password. It must meet the following criteria:
- One Uppercase Letter
- One Lowercase Letter
- One Number
diff --git a/yaml_schema/easy-imm.json b/yaml_schema/easy-imm.json
index 807a195..adb3714 100644
--- a/yaml_schema/easy-imm.json
+++ b/yaml_schema/easy-imm.json
@@ -178,6 +178,7 @@
"properties": {
"dce_interface_1_fec_mode": {
"type": "string",
+ "default": "cl91",
"description": "Default is 'cl91'. Forward Error Correction (FEC) mode setting for the DCE interface of the adapter. FEC mode setting is supported only for Cisco VIC 14xx adapters. FEC mode 'cl74' is unsupported for Cisco VIC 1495/1497. This setting will be ignored for unsupported adapters and for unavailable DCE interfaces.\n * `cl74` - Use cl74 standard as FEC mode setting. 'Clause 74' aka FC-FEC ('FireCode' FEC) offers simple, low-latency protection against 1 burst/sparse bit error, but it is not good for random errors.\n * `cl91` - Use cl91 standard as FEC mode setting. 'Clause 91' aka RS-FEC ('ReedSolomon' FEC) offers better error protection against bursty and random errors but adds latency.\n * `Off` - Disable FEC mode on the DCE Interface.",
"intersight_api": "FecMode",
"enum": [
@@ -190,6 +191,7 @@
},
"dce_interface_2_fec_mode": {
"type": "string",
+ "default": "cl91",
"description": "Default is 'cl91'. Forward Error Correction (FEC) mode setting for the DCE interface of the adapter. FEC mode setting is supported only for Cisco VIC 14xx adapters. FEC mode 'cl74' is unsupported for Cisco VIC 1495/1497. This setting will be ignored for unsupported adapters and for unavailable DCE interfaces.\n * `cl74` - Use cl74 standard as FEC mode setting. 'Clause 74' aka FC-FEC ('FireCode' FEC) offers simple, low-latency protection against 1 burst/sparse bit error, but it is not good for random errors.\n * `cl91` - Use cl91 standard as FEC mode setting. 'Clause 91' aka RS-FEC ('ReedSolomon' FEC) offers better error protection against bursty and random errors but adds latency.\n * `Off` - Disable FEC mode on the DCE Interface.",
"intersight_api": "FecMode",
"enum": [
@@ -202,6 +204,7 @@
},
"dce_interface_3_fec_mode": {
"type": "string",
+ "default": "cl91",
"description": "Default is 'cl91'. Forward Error Correction (FEC) mode setting for the DCE interface of the adapter. FEC mode setting is supported only for Cisco VIC 14xx adapters. FEC mode 'cl74' is unsupported for Cisco VIC 1495/1497. This setting will be ignored for unsupported adapters and for unavailable DCE interfaces.\n * `cl74` - Use cl74 standard as FEC mode setting. 'Clause 74' aka FC-FEC ('FireCode' FEC) offers simple, low-latency protection against 1 burst/sparse bit error, but it is not good for random errors.\n * `cl91` - Use cl91 standard as FEC mode setting. 'Clause 91' aka RS-FEC ('ReedSolomon' FEC) offers better error protection against bursty and random errors but adds latency.\n * `Off` - Disable FEC mode on the DCE Interface.",
"intersight_api": "FecMode",
"enum": [
@@ -214,6 +217,7 @@
},
"dce_interface_4_fec_mode": {
"type": "string",
+ "default": "cl91",
"description": "Default is 'cl91'. Forward Error Correction (FEC) mode setting for the DCE interface of the adapter. FEC mode setting is supported only for Cisco VIC 14xx adapters. FEC mode 'cl74' is unsupported for Cisco VIC 1495/1497. This setting will be ignored for unsupported adapters and for unavailable DCE interfaces.\n * `cl74` - Use cl74 standard as FEC mode setting. 'Clause 74' aka FC-FEC ('FireCode' FEC) offers simple, low-latency protection against 1 burst/sparse bit error, but it is not good for random errors.\n * `cl91` - Use cl91 standard as FEC mode setting. 'Clause 91' aka RS-FEC ('ReedSolomon' FEC) offers better error protection against bursty and random errors but adds latency.\n * `Off` - Disable FEC mode on the DCE Interface.",
"intersight_api": "FecMode",
"enum": [
@@ -15142,7 +15146,7 @@
"type": "object",
"additionalProperties": false,
"description": "Models the remote key configuration required for the drive security.\n\nRequired Attributes:\n * new_security_key_passphrase.\n\nOptional Attributes:\n * current_security_key_passphrase",
- "intersight_uri": "RemoteKey",
+ "intersight_api": "RemoteKey",
"ObjectType": "storage.RemoteKeySettings",
"properties": {
"assigned_sensitive_data": {