Handling dynamic data for sdwan_zone_based_firewall_policy_definition

[rrahimm]

under sdwan_zone_based_firewall_policy_definition, We have a field “protocol_names” when used in API should be supplemented with 2 more parameters "destinationPort" and "protocol".

when terraform encounters "protocol_name" in the input , the provider should also dynamically populate these 2 variables based on the choosen protocol_names.

see example below. When "protocolName" is chosen as DNS, the protocol and destinationPort are also sent in the API payload. with app variable being the protocolName.

The mapping of protocolName to port and protocol is available in the vManage already in the below bath and can be fetched with an API call.

https:///app/json/application_protocol.json

      {
        "sequenceId": 21,
        "sequenceName": "Telstra DNS",
        "baseAction": "inspect",
        "sequenceType": "zoneBasedFW",
        "match": {
          "entries": [
            {
              "field": "destinationDataPrefixList",
              "ref": "bc30b08e-47d3-42c8-91e0-809929fb1386"
            },
            {
              "field": "destinationPort",
              "value": "53",
              "app": "dns"
            },
            {
              "field": "protocol",
              "value": "6 17",
              "app": "dns"
            },
            {
              "field": "protocolName",
              "value": "dns"
            },
            {
              "field": "sourceIp",
              "vipVariableName": "Guest / CFW"
            }
          ]
        },
        "actions": []
      },

[rrahimm]

Just to make a note here, this requirement is associated with feature requests from a potential customer for "Services as Code".