adding annotations

README.md

@@ -57,7 +57,6 @@ A Terraform module to configure ACI System Settings.
 | [aci_mgmt_preference.apic_connectivity_preference](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/mgmt_preference) | resource |
 | [aci_port_tracking.port_tracking](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/port_tracking) | resource |
 | [aci_rest.bgp_instance](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest) | resource |
-| [aci_rest.endpoint_controls](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest) | resource |
 | [aci_rest_managed.bgp_autonomous_system_number](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
 | [aci_rest_managed.fabric_wide_settings](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
 | [aci_rest_managed.fabric_wide_settings_5_2_3](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |

defaults.yaml

@@ -3,10 +3,9 @@ defaults:
   system_settings:
     apic_connectivity_preference:
       interface_to_use_for_external_connections: inband
-    bgp:
+    bgp_route_reflector:
       autonomous_system_number: 65000
-    bgp_route_reflectors:
-      # Remember to Test without
+      description: ''
       pods:
         - pod_id: 1
           route_reflector_nodes: [101, 102]

locals.tf

@@ -88,7 +88,7 @@ locals {
     local.endpoints, "rouge_ep_control", {})) > 0 ? merge({ create = true }, local.endpoint.rouge_ep_control,
     lookup(local.endpoints, "rouge_ep_control", {})) : local.rss.epctrl.rouge_ep_control == false ? merge(
     { create = false }, local.endpoint.rouge_ep_control
-  ) : merge({ create = true }, local.endpoint.ip_aging)
+  ) : merge({ create = true }, local.endpoint.rouge_ep_control)
 
 
   #__________________________________________________________

outputs.tf

@@ -83,4 +83,3 @@ output "ptp_and_latency_measurement" {
   value = { for v in sort(keys(aci_rest_managed.ptp_and_latency_measurement)
   ) : v => aci_rest_managed.ptp_and_latency_measurement[v].id }
 }
-

system-settings.tf

@@ -8,6 +8,7 @@ ________________________________________________________________________________
 */
 resource "aci_mgmt_preference" "apic_connectivity_preference" {
   for_each       = { for v in lookup(var.system_settings, "apic_connectivity_preference", []) : "default" => v }
+  annotation     = "orchestrator:terraform"
   interface_pref = each.value
 }
 
@@ -24,6 +25,7 @@ resource "aci_rest_managed" "bgp_autonomous_system_number" {
   class_name = "bgpAsP"
   dn         = "uni/fabric/bgpInstP-default/as"
   content = {
+    #annotation = "orchestrator:terraform"
     asn = each.value.autonomous_system_number
   }
 }
@@ -42,17 +44,21 @@ resource "aci_rest_managed" "route_reflector_nodes" {
   class_name = "bgpRRNodePEp"
   dn         = "uni/fabric/bgpInstP-default/rr/node-${each.value.node_id}"
   content = {
+    #annotation = "orchestrator:terraform"
     id    = each.value.node_id
     podId = each.value.pod_id
   }
 }
 
 resource "aci_rest" "bgp_instance" {
-  for_each   = { for v in ["default"] : v => v if length(lookup(var.system_settings, "bgp_route_reflector", {})) > 0 }
+  for_each = { for v in ["default"] : v => merge(
+    local.defaults.bgp_route_reflector, lookup(var.system_settings, "bgp_route_reflector", {})
+  ) if length(lookup(var.system_settings, "bgp_route_reflector", {})) > 0 }
   class_name = "bgpInstPol"
   path       = "/api/mo/uni/fabric/bgpInstP-default.json"
   content = {
     annotation = "orchestrator:terraform"
+    descr      = each.value.description
   }
 }
 /*_____________________________________________________________________________________________________________________
@@ -64,7 +70,8 @@ GUI Location:
 _______________________________________________________________________________________________________________________
 */
 resource "aci_coop_policy" "coop_group" {
-  for_each    = { for v in [local.coop_group] : "default" => v if v.create == true }
+  for_each    = { for v in [local.coop_group] : "default" => v if v.create == true || v.create == "true" }
+  annotation  = "orchestrator:terraform"
   description = each.value.description
   type        = each.value.type
 }
@@ -79,8 +86,9 @@ GUI Location:
 _______________________________________________________________________________________________________________________
 */
 resource "aci_endpoint_controls" "rouge_ep_control" {
-  for_each              = { for v in [local.rouge_ep_control] : "default" => v if v.create == true }
-  admin_st              = each.value.administrative_state
+  for_each = { for v in [local.rouge_ep_control] : "default" => v if v.create == true || v.create == "true" }
+  admin_st = each.value.administrative_state
+  #description           = each.value.description
   hold_intvl            = each.value.hold_interval
   rogue_ep_detect_intvl = each.value.rouge_interval
   rogue_ep_detect_mult  = each.value.rouge_multiplier
@@ -95,7 +103,7 @@ GUI Location:
 _______________________________________________________________________________________________________________________
 */
 resource "aci_endpoint_ip_aging_profile" "ip_aging" {
-  for_each = { for v in [local.ip_aging] : "default" => v if v.create == true }
+  for_each = { for v in [local.ip_aging] : "default" => v if v.create == true || v.create == "true" }
   admin_st = lookup(local.ip_aging, "administrative_state", local.ipa.administrative_state)
 }
 
@@ -107,31 +115,6 @@ GUI Location:
  - System > System Settings > Endpoint Controls > Ep Loop Protection
 _______________________________________________________________________________________________________________________
 */
-#resource "aci_rest_managed" "ep_loop_protection" {
-#  for_each = {
-#    for v in toset(
-#      ["default"]
-#    ) : "default" => v if local.recommended_settings.endpoint_controls == true
-#  }
-#  dn         = "uni/infra/epLoopProtectP-default"
-#  class_name = "epLoopProtectP"
-#  content = {
-#    action = anytrue(
-#      [
-#        local.loop.action.bd_learn_disable,
-#        local.loop.action.port_disable
-#      ]
-#      ) ? trim(join(",", compact(concat(
-#        [length(regexall(true, local.loop.action.bd_learn_disable)
-#          ) > 0 ? "bd-learn-disable" : ""
-#          ], [length(regexall(true, local.loop.action.port_disable)
-#        ) > 0 ? "port-disable" : ""]
-#    ))), ",") : ""
-#    adminSt = local.loop.administrative_state
-#    loopDetectIntvl = local.loop.loop_detection_interval
-#    loopDetectMult  = local.loop.loop_detection_multiplier
-#  }
-#}
 resource "aci_endpoint_loop_protection" "ep_loop_protection" {
   for_each = { for v in [local.ep_loop_protection] : "default" => v if v.create == true }
   action = anytrue(
@@ -148,14 +131,6 @@ resource "aci_endpoint_loop_protection" "ep_loop_protection" {
   loop_detect_mult  = each.value.loop_detection_multiplier
 }
 
-resource "aci_rest" "endpoint_controls" {
-  for_each   = { for v in ["default"] : v => v if length(lookup(var.system_settings, "endpoint_controls", {})) > 0 }
-  class_name = "bgpInstPol"
-  path       = "/api/mo/uni/fabric/bgpInstP-default.json"
-  content = {
-    annotation = "orchestrator:terraform"
-  }
-}
 /*_____________________________________________________________________________________________________________________
 API Information:
  - Class: "infraSetPol"
@@ -167,10 +142,11 @@ ________________________________________________________________________________
 resource "aci_rest_managed" "fabric_wide_settings" {
   for_each = { for v in [local.fabric_wide_settings] : "default" => v if v.create == true && length(
     regexall("(^[3-4]\\..*|^5.[0-1].*|^5.2\\([0-2].*\\))", var.apic_version)
-  ) > 0 }
+  ) > 0 || v.create == "true" && length(regexall("(^[3-4]\\..*|^5.[0-1].*|^5.2\\([0-2].*\\))", var.apic_version)) > 0 }
   class_name = "infraSetPol"
   dn         = "uni/infra/settings"
   content = {
+    #annotation                 = "orchestrator:terraform"
     domainValidation           = each.value.enforce_domain_validation == true ? "yes" : "no"
     enforceSubnetCheck         = each.value.enforce_subnet_check == true ? "yes" : "no"
     opflexpAuthenticateClients = each.value.spine_opflex_client_authentication == true ? "yes" : "no"
@@ -185,6 +161,8 @@ resource "aci_rest_managed" "fabric_wide_settings" {
 resource "aci_rest_managed" "fabric_wide_settings_5_2_3" {
   for_each = { for v in [local.fabric_wide_settings] : "default" => v if v.create == true && length(
     regexall("(^5\\.2\\(3[a-z]\\)|^5\\.2\\([4-9][a-z]\\)|^[6-9]\\.)", var.apic_version)
+    ) > 0 || v.create == "true" && length(
+    regexall("(^5\\.2\\(3[a-z]\\)|^5\\.2\\([4-9][a-z]\\)|^[6-9]\\.)", var.apic_version)
   ) > 0 }
   class_name = "infraSetPol"
   dn         = "uni/infra/settings"
@@ -193,6 +171,7 @@ resource "aci_rest_managed" "fabric_wide_settings_5_2_3" {
     # enableMoStreaming      = 	each.value.
     # enableRemoteLeafDirect = 	each.value.
     # policySyncNodeBringup  = 	each.value.
+    #annotation                     = "orchestrator:terraform"
     domainValidation               = each.value.enforce_domain_validation == true ? "yes" : "no"
     enforceSubnetCheck             = each.value.enforce_subnet_check == true ? "yes" : "no"
     leafOpflexpAuthenticateClients = each.value.leaf_opflex_client_authentication == true ? "yes" : "no"
@@ -293,6 +272,7 @@ resource "aci_rest_managed" "ptp_and_latency_measurement" {
   class_name = "latencyPtpMode"
   dn         = "uni/fabric/ptpmode"
   content = {
+    #annotation         = "orchestrator:terraform"
     fabAnnounceIntvl   = lookup(local.ptp_and_latency_measurement, "announce_interval", local.ptp.announce_interval)
     fabAnnounceTimeout = lookup(local.ptp_and_latency_measurement, "announce_timeout", local.ptp.announce_timeout)
     fabDelayIntvl      = lookup(local.ptp_and_latency_measurement, "delay_request_interval", local.ptp.delay_request_interval)