init/updateFortiOSTerraform: 1.20.0

Signed-off-by: FTNT-HQCM <[email protected]>
fortinetdev · Jun 21, 2024 · db33c61 · db33c61
1 parent ae77e25
commit db33c61
Show file tree

Hide file tree

Showing 118 changed files with 7,622 additions and 434 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,21 @@
-## 1.20.0 (Unreleased)
+## 1.21.0 (Unreleased)
+
+
+## 1.20.0 (Jun 21, 2024)
+BUG FIXES:
+
+* Fix extra quote issue;
+* Fix issue of multiple argument conflict caused by version differences for resource system_automationstitch;
+
+IMPROVEMENTS:
+
+* Support FortiOS version 7.4.4;
+
+FEATURES:
+
+* **New Data source:** `fortios_extensioncontroller_extendervap`
+* **New Data source:** `fortios_firewall_ondemandsniffer`
+* **New Data source:** `fortios_system_sshconfig`
 
 
 ## 1.19.1 (Apr 29, 2024)

diff --git a/fortios/data_source_firewall_centralsnatmap.go b/fortios/data_source_firewall_centralsnatmap.go
@@ -140,6 +140,10 @@ func dataSourceFirewallCentralSnatMap() *schema.Resource {
 					},
 				},
 			},
+			"port_preserve": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 			"protocol": &schema.Schema{
 				Type:     schema.TypeInt,
 				Computed: true,
@@ -523,6 +527,10 @@ func dataSourceFlattenFirewallCentralSnatMapNatIppool6Name(v interface{}, d *sch
 	return v
 }
 
+func dataSourceFlattenFirewallCentralSnatMapPortPreserve(v interface{}, d *schema.ResourceData, pre string) interface{} {
+	return v
+}
+
 func dataSourceFlattenFirewallCentralSnatMapProtocol(v interface{}, d *schema.ResourceData, pre string) interface{} {
 	return v
 }
@@ -630,6 +638,12 @@ func dataSourceRefreshObjectFirewallCentralSnatMap(d *schema.ResourceData, o map
 		}
 	}
 
+	if err = d.Set("port_preserve", dataSourceFlattenFirewallCentralSnatMapPortPreserve(o["port-preserve"], d, "port_preserve")); err != nil {
+		if !fortiAPIPatch(o["port-preserve"]) {
+			return fmt.Errorf("Error reading port_preserve: %v", err)
+		}
+	}
+
 	if err = d.Set("protocol", dataSourceFlattenFirewallCentralSnatMapProtocol(o["protocol"], d, "protocol")); err != nil {
 		if !fortiAPIPatch(o["protocol"]) {
 			return fmt.Errorf("Error reading protocol: %v", err)

diff --git a/fortios/data_source_firewall_policy.go b/fortios/data_source_firewall_policy.go
@@ -828,6 +828,10 @@ func dataSourceFirewallPolicy() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"port_preserve": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 			"ippool": &schema.Schema{
 				Type:     schema.TypeString,
 				Computed: true,
@@ -2915,6 +2919,10 @@ func dataSourceFlattenFirewallPolicyFixedport(v interface{}, d *schema.ResourceD
 	return v
 }
 
+func dataSourceFlattenFirewallPolicyPortPreserve(v interface{}, d *schema.ResourceData, pre string) interface{} {
+	return v
+}
+
 func dataSourceFlattenFirewallPolicyIppool(v interface{}, d *schema.ResourceData, pre string) interface{} {
 	return v
 }
@@ -4273,6 +4281,12 @@ func dataSourceRefreshObjectFirewallPolicy(d *schema.ResourceData, o map[string]
 		}
 	}
 
+	if err = d.Set("port_preserve", dataSourceFlattenFirewallPolicyPortPreserve(o["port-preserve"], d, "port_preserve")); err != nil {
+		if !fortiAPIPatch(o["port-preserve"]) {
+			return fmt.Errorf("Error reading port_preserve: %v", err)
+		}
+	}
+
 	if err = d.Set("ippool", dataSourceFlattenFirewallPolicyIppool(o["ippool"], d, "ippool")); err != nil {
 		if !fortiAPIPatch(o["ippool"]) {
 			return fmt.Errorf("Error reading ippool: %v", err)

diff --git a/fortios/data_source_router_bgp.go b/fortios/data_source_router_bgp.go
@@ -1430,6 +1430,10 @@ func dataSourceRouterBgp() *schema.Resource {
 							Type:     schema.TypeInt,
 							Computed: true,
 						},
+						"remote_as_filter": &schema.Schema{
+							Type:     schema.TypeString,
+							Computed: true,
+						},
 						"local_as": &schema.Schema{
 							Type:     schema.TypeInt,
 							Computed: true,
@@ -4518,6 +4522,11 @@ func dataSourceFlattenRouterBgpNeighborGroup(v interface{}, d *schema.ResourceDa
 			tmp["remote_as"] = dataSourceFlattenRouterBgpNeighborGroupRemoteAs(i["remote-as"], d, pre_append)
 		}
 
+		pre_append = pre + "." + strconv.Itoa(con) + "." + "remote_as_filter"
+		if _, ok := i["remote-as-filter"]; ok {
+			tmp["remote_as_filter"] = dataSourceFlattenRouterBgpNeighborGroupRemoteAsFilter(i["remote-as-filter"], d, pre_append)
+		}
+
 		pre_append = pre + "." + strconv.Itoa(con) + "." + "local_as"
 		if _, ok := i["local-as"]; ok {
 			tmp["local_as"] = dataSourceFlattenRouterBgpNeighborGroupLocalAs(i["local-as"], d, pre_append)
@@ -5191,6 +5200,10 @@ func dataSourceFlattenRouterBgpNeighborGroupRemoteAs(v interface{}, d *schema.Re
 	return v
 }
 
+func dataSourceFlattenRouterBgpNeighborGroupRemoteAsFilter(v interface{}, d *schema.ResourceData, pre string) interface{} {
+	return v
+}
+
 func dataSourceFlattenRouterBgpNeighborGroupLocalAs(v interface{}, d *schema.ResourceData, pre string) interface{} {
 	return v
 }

diff --git a/fortios/data_source_system_accprofile.go b/fortios/data_source_system_accprofile.go
@@ -201,6 +201,10 @@ func dataSourceSystemAccprofile() *schema.Resource {
 							Type:     schema.TypeString,
 							Computed: true,
 						},
+						"dlp": &schema.Schema{
+							Type:     schema.TypeString,
+							Computed: true,
+						},
 						"data_leak_prevention": &schema.Schema{
 							Type:     schema.TypeString,
 							Computed: true,
@@ -624,6 +628,11 @@ func dataSourceFlattenSystemAccprofileUtmgrpPermission(v interface{}, d *schema.
 		result["emailfilter"] = dataSourceFlattenSystemAccprofileUtmgrpPermissionEmailfilter(i["emailfilter"], d, pre_append)
 	}
 
+	pre_append = pre + ".0." + "dlp"
+	if _, ok := i["dlp"]; ok {
+		result["dlp"] = dataSourceFlattenSystemAccprofileUtmgrpPermissionDlp(i["dlp"], d, pre_append)
+	}
+
 	pre_append = pre + ".0." + "data_leak_prevention"
 	if _, ok := i["data-leak-prevention"]; ok {
 		result["data_leak_prevention"] = dataSourceFlattenSystemAccprofileUtmgrpPermissionDataLeakPrevention(i["data-leak-prevention"], d, pre_append)
@@ -709,6 +718,10 @@ func dataSourceFlattenSystemAccprofileUtmgrpPermissionEmailfilter(v interface{},
 	return v
 }
 
+func dataSourceFlattenSystemAccprofileUtmgrpPermissionDlp(v interface{}, d *schema.ResourceData, pre string) interface{} {
+	return v
+}
+
 func dataSourceFlattenSystemAccprofileUtmgrpPermissionDataLeakPrevention(v interface{}, d *schema.ResourceData, pre string) interface{} {
 	return v
 }

diff --git a/fortios/data_source_system_global.go b/fortios/data_source_system_global.go
@@ -657,6 +657,10 @@ func dataSourceSystemGlobal() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"dhcp_lease_backup_interval": &schema.Schema{
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
 			"wifi_ca_certificate": &schema.Schema{
 				Type:     schema.TypeString,
 				Computed: true,
@@ -1851,6 +1855,10 @@ func dataSourceFlattenSystemGlobalWifiCertificate(v interface{}, d *schema.Resou
 	return v
 }
 
+func dataSourceFlattenSystemGlobalDhcpLeaseBackupInterval(v interface{}, d *schema.ResourceData, pre string) interface{} {
+	return v
+}
+
 func dataSourceFlattenSystemGlobalWifiCaCertificate(v interface{}, d *schema.ResourceData, pre string) interface{} {
 	return v
 }
@@ -3355,6 +3363,12 @@ func dataSourceRefreshObjectSystemGlobal(d *schema.ResourceData, o map[string]in
 		}
 	}
 
+	if err = d.Set("dhcp_lease_backup_interval", dataSourceFlattenSystemGlobalDhcpLeaseBackupInterval(o["dhcp-lease-backup-interval"], d, "dhcp_lease_backup_interval")); err != nil {
+		if !fortiAPIPatch(o["dhcp-lease-backup-interval"]) {
+			return fmt.Errorf("Error reading dhcp_lease_backup_interval: %v", err)
+		}
+	}
+
 	if err = d.Set("wifi_ca_certificate", dataSourceFlattenSystemGlobalWifiCaCertificate(o["wifi-ca-certificate"], d, "wifi_ca_certificate")); err != nil {
 		if !fortiAPIPatch(o["wifi-ca-certificate"]) {
 			return fmt.Errorf("Error reading wifi_ca_certificate: %v", err)

diff --git a/fortios/data_source_system_interface.go b/fortios/data_source_system_interface.go
@@ -128,6 +128,10 @@ func dataSourceSystemInterface() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"dhcp_relay_allow_no_end_option": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 			"dhcp_relay_type": &schema.Schema{
 				Type:     schema.TypeString,
 				Computed: true,
@@ -1696,6 +1700,10 @@ func dataSourceFlattenSystemInterfaceDhcpRelayRequestAllServer(v interface{}, d
 	return v
 }
 
+func dataSourceFlattenSystemInterfaceDhcpRelayAllowNoEndOption(v interface{}, d *schema.ResourceData, pre string) interface{} {
+	return v
+}
+
 func dataSourceFlattenSystemInterfaceDhcpRelayType(v interface{}, d *schema.ResourceData, pre string) interface{} {
 	return v
 }
@@ -4098,6 +4106,12 @@ func dataSourceRefreshObjectSystemInterface(d *schema.ResourceData, o map[string
 		}
 	}
 
+	if err = d.Set("dhcp_relay_allow_no_end_option", dataSourceFlattenSystemInterfaceDhcpRelayAllowNoEndOption(o["dhcp-relay-allow-no-end-option"], d, "dhcp_relay_allow_no_end_option")); err != nil {
+		if !fortiAPIPatch(o["dhcp-relay-allow-no-end-option"]) {
+			return fmt.Errorf("Error reading dhcp_relay_allow_no_end_option: %v", err)
+		}
+	}
+
 	if err = d.Set("dhcp_relay_type", dataSourceFlattenSystemInterfaceDhcpRelayType(o["dhcp-relay-type"], d, "dhcp_relay_type")); err != nil {
 		if !fortiAPIPatch(o["dhcp-relay-type"]) {
 			return fmt.Errorf("Error reading dhcp_relay_type: %v", err)

diff --git a/fortios/data_source_system_ntp.go b/fortios/data_source_system_ntp.go
@@ -61,6 +61,10 @@ func dataSourceSystemNtp() *schema.Resource {
 							Type:     schema.TypeString,
 							Computed: true,
 						},
+						"key_type": &schema.Schema{
+							Type:     schema.TypeString,
+							Computed: true,
+						},
 						"key": &schema.Schema{
 							Type:      schema.TypeString,
 							Sensitive: true,
@@ -215,6 +219,11 @@ func dataSourceFlattenSystemNtpNtpserver(v interface{}, d *schema.ResourceData,
 			tmp["authentication"] = dataSourceFlattenSystemNtpNtpserverAuthentication(i["authentication"], d, pre_append)
 		}
 
+		pre_append = pre + "." + strconv.Itoa(con) + "." + "key_type"
+		if _, ok := i["key-type"]; ok {
+			tmp["key_type"] = dataSourceFlattenSystemNtpNtpserverKeyType(i["key-type"], d, pre_append)
+		}
+
 		pre_append = pre + "." + strconv.Itoa(con) + "." + "key"
 		if _, ok := i["key"]; ok {
 			tmp["key"] = dataSourceFlattenSystemNtpNtpserverKey(i["key"], d, pre_append)
@@ -268,6 +277,10 @@ func dataSourceFlattenSystemNtpNtpserverAuthentication(v interface{}, d *schema.
 	return v
 }
 
+func dataSourceFlattenSystemNtpNtpserverKeyType(v interface{}, d *schema.ResourceData, pre string) interface{} {
+	return v
+}
+
 func dataSourceFlattenSystemNtpNtpserverKey(v interface{}, d *schema.ResourceData, pre string) interface{} {
 	return v
 }

diff --git a/fortios/provider.go b/fortios/provider.go
@@ -494,6 +494,7 @@ func Provider() *schema.Provider {
 			"fortios_extendercontroller_extenderprofile":                 resourceExtenderControllerExtenderProfile(),
 			"fortios_extendercontroller_extender1":                       resourceExtenderControllerExtender1(),
 			"fortios_extensioncontroller_dataplan":                       resourceExtensionControllerDataplan(),
+			"fortios_extensioncontroller_extendervap":                    resourceExtensionControllerExtenderVap(),
 			"fortios_extensioncontroller_extender":                       resourceExtensionControllerExtender(),
 			"fortios_extensioncontroller_extenderprofile":                resourceExtensionControllerExtenderProfile(),
 			"fortios_extensioncontroller_fortigate":                      resourceExtensionControllerFortigate(),
@@ -546,6 +547,7 @@ func Provider() *schema.Provider {
 			"fortios_firewall_multicastaddress":                          resourceFirewallMulticastAddress(),
 			"fortios_firewall_multicastaddress6":                         resourceFirewallMulticastAddress6(),
 			"fortios_firewall_multicastpolicy":                           resourceFirewallMulticastPolicy(),
+			"fortios_firewall_ondemandsniffer":                           resourceFirewallOnDemandSniffer(),
 			"fortios_firewall_multicastpolicy6":                          resourceFirewallMulticastPolicy6(),
 			"fortios_firewall_networkservicedynamic":                     resourceFirewallNetworkServiceDynamic(),
 			"fortios_firewall_policy":                                    resourceFirewallPolicy(),
@@ -857,6 +859,7 @@ func Provider() *schema.Provider {
 			"fortios_system_sittunnel":                                   resourceSystemSitTunnel(),
 			"fortios_system_smsserver":                                   resourceSystemSmsServer(),
 			"fortios_system_speedtestschedule":                           resourceSystemSpeedTestSchedule(),
+			"fortios_system_sshconfig":                                   resourceSystemSshConfig(),
 			"fortios_system_speedtestserver":                             resourceSystemSpeedTestServer(),
 			"fortios_system_speedtestsetting":                            resourceSystemSpeedTestSetting(),
 			"fortios_system_ssoadmin":                                    resourceSystemSsoAdmin(),

diff --git a/fortios/resource_authentication_rule.go b/fortios/resource_authentication_rule.go
@@ -156,6 +156,11 @@ func resourceAuthenticationRule() *schema.Resource {
 				Optional:     true,
 				Computed:     true,
 			},
+			"cert_auth_cookie": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
 			"transaction_based": &schema.Schema{
 				Type:     schema.TypeString,
 				Optional: true,
@@ -582,6 +587,10 @@ func flattenAuthenticationRuleCorsDepth(v interface{}, d *schema.ResourceData, p
 	return v
 }
 
+func flattenAuthenticationRuleCertAuthCookie(v interface{}, d *schema.ResourceData, pre string, sv string) interface{} {
+	return v
+}
+
 func flattenAuthenticationRuleTransactionBased(v interface{}, d *schema.ResourceData, pre string, sv string) interface{} {
 	return v
 }
@@ -737,6 +746,12 @@ func refreshObjectAuthenticationRule(d *schema.ResourceData, o map[string]interf
 		}
 	}
 
+	if err = d.Set("cert_auth_cookie", flattenAuthenticationRuleCertAuthCookie(o["cert-auth-cookie"], d, "cert_auth_cookie", sv)); err != nil {
+		if !fortiAPIPatch(o["cert-auth-cookie"]) {
+			return fmt.Errorf("Error reading cert_auth_cookie: %v", err)
+		}
+	}
+
 	if err = d.Set("transaction_based", flattenAuthenticationRuleTransactionBased(o["transaction-based"], d, "transaction_based", sv)); err != nil {
 		if !fortiAPIPatch(o["transaction-based"]) {
 			return fmt.Errorf("Error reading transaction_based: %v", err)
@@ -940,6 +955,10 @@ func expandAuthenticationRuleCorsDepth(d *schema.ResourceData, v interface{}, pr
 	return v, nil
 }
 
+func expandAuthenticationRuleCertAuthCookie(d *schema.ResourceData, v interface{}, pre string, sv string) (interface{}, error) {
+	return v, nil
+}
+
 func expandAuthenticationRuleTransactionBased(d *schema.ResourceData, v interface{}, pre string, sv string) (interface{}, error) {
 	return v, nil
 }
@@ -1081,6 +1100,15 @@ func getObjectAuthenticationRule(d *schema.ResourceData, sv string) (*map[string
 		}
 	}
 
+	if v, ok := d.GetOk("cert_auth_cookie"); ok {
+		t, err := expandAuthenticationRuleCertAuthCookie(d, v, "cert_auth_cookie", sv)
+		if err != nil {
+			return &obj, err
+		} else if t != nil {
+			obj["cert-auth-cookie"] = t
+		}
+	}
+
 	if v, ok := d.GetOk("transaction_based"); ok {
 		t, err := expandAuthenticationRuleTransactionBased(d, v, "transaction_based", sv)
 		if err != nil {