⭐ Add BGP, MLAG, ACL resources and extend existing Arista EOS resources (#6559)

New resources:
- arista.eos.bgp: BGP configuration with enabled, asNumber, routerId
- arista.eos.bgp.vrf: per-VRF BGP state with peers
- arista.eos.bgp.peer: BGP neighbor details (state, uptime, prefixes, route maps)
- arista.eos.mlag: MLAG configuration (domainId, localInterface, peerAddress, peerLink, shutdown)
- arista.eos.mlag.interface: Port-Channel to MLAG ID mappings
- arista.eos.acl: standard IP access control lists
- arista.eos.acl.entry: ACL rules (sequenceNumber, action, srcAddress, log)

New fields on existing resources:
- arista.eos.user: locked
- arista.eos.interface: enabled, duplex, autoNegotiate
- arista.eos.vlan: dynamic, interfaces
- arista.eos.route: active

BGP and MLAG fields use lazy-loaded computed methods with Internal struct
caching to avoid "cannot convert primitive with NO type information" errors
when the resource is accessed directly rather than through the parent accessor.

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: tas50

.github/actions/spelling/expect.txt

@@ -2,22 +2,22 @@ aad
 ACCOUNTADMIN
 ACTIVEMQ
 advancedthreatprotection
-artifactregistry
 alloydb
 alpn
 antispam
 appslot
 arp
+artifactregistry
 atlassian
 auditlog
 Auths
 autoaccept
 autoclose
 autoexpand
-autoreplace
-autotrim
 autoprovision
+autoreplace
 Autoscalers
+autotrim
 awsapps
 awslogs
 awsvpc
@@ -34,13 +34,13 @@ cdn
 certificatechains
 ciscocatalyst
 clcerts
-cname
 cloudflare
 Clusterwide
 cmek
 cmnd
-cooldown
+cname
 compressratio
+cooldown
 copywrite
 cpe
 cryptokey
@@ -57,12 +57,12 @@ dedupratio
 deliverychannel
 dfw
 directoryservice
-documentdb
-draid
 dlp
 dlq
 dlv
 dnskey
+documentdb
+draid
 dsse
 eas
 Ecmp
@@ -79,9 +79,9 @@ filestore
 filesz
 firefox
 firestore
-fortios
 FLEXGROUP
 FLEXVOL
+fortios
 frontmatter
 ftps
 fumadocs
@@ -114,8 +114,8 @@ ipsetforwardedipconfig
 ipsetreferencestatement
 istio
 jira
-junos
 jsonbody
+junos
 kqueue
 KSK
 labelmatchstatement
@@ -131,17 +131,18 @@ managedzone
 maxmemory
 mcp
 mcr
-memorydb
 meid
+memorydb
 messagestoragepolicy
 mfs
 mgroup
 minfree
 MINIMALUSER
 mkey
-MULTIAZ
-msk
+mlag
 Mpim
+msk
+MULTIAZ
 naflags
 natgateway
 networkfirewall
@@ -186,8 +187,8 @@ pushconfig
 Pzi
 pzs
 querypack
-raidz
 RABBITMQ
+raidz
 ratebasedstatement
 recaptcha
 regexmatchstatement
@@ -234,16 +235,15 @@ toplevel
 tpu
 transitgateway
 udid
-UNAVAIL
 uefi
+UNAVAIL
 Uocm
 usb
 Utc
 valkey
 VAULTNAME
 vdcs
 vdev
-vdevs
 VGeneration
 virtualmachine
 vlans

providers/arista/resources/arista.lr

@@ -32,6 +32,12 @@ arista.eos {
   routes() []arista.eos.route
   // Layer 2 switchport configurations
   switchports() []arista.eos.switchport
+  // BGP configuration and peers
+  bgp() arista.eos.bgp
+  // MLAG high-availability configuration
+  mlag() arista.eos.mlag
+  // Standard IP access control lists
+  acls() []arista.eos.acl
 }
 
 // Arista EOS system's operating configuration
@@ -64,6 +70,8 @@ arista.eos.user @defaults("name privilege") {
   secret string
   // User's sshkey
   sshkey string
+  // Whether the account is locked
+  locked() bool
 }
 
 // Arista EOS role resource
@@ -126,6 +134,12 @@ private arista.eos.interface @defaults("name") {
   physicalAddress string
   // Interface link status, vlan, duplex, speed, and type
   status() dict
+  // Whether the interface is enabled administratively
+  enabled() bool
+  // Duplex setting (full, half, auto)
+  duplex() string
+  // Auto-negotiation enabled
+  autoNegotiate() bool
 }
 
 // Arista EOS IP interface
@@ -205,6 +219,10 @@ arista.eos.vlan @defaults("id name") {
   state string
   // Trunk groups associated with the VLAN
   trunkGroups []string
+  // Whether this is a dynamic VLAN
+  dynamic bool
+  // Interfaces assigned to this VLAN
+  interfaces() []string
 }
 
 // Arista EOS IP route entry
@@ -227,6 +245,8 @@ arista.eos.route @defaults("destination") {
   routeAction string
   // Next-hop information (interface, nexthop address)
   nextHops []dict
+  // Whether the route is active
+  active() bool
 }
 
 // Arista EOS Layer 2 switchport configuration
@@ -244,3 +264,101 @@ arista.eos.switchport @defaults("name mode") {
   // Trunk groups
   trunkGroups []string
 }
+
+// Arista EOS BGP configuration
+arista.eos.bgp {
+  // Whether BGP is enabled on this device
+  enabled() bool
+  // BGP Autonomous System Number
+  asNumber() string
+  // BGP Router ID
+  routerId() string
+  // BGP VRFs
+  vrfs() []arista.eos.bgp.vrf
+}
+
+// Arista EOS BGP VRF
+private arista.eos.bgp.vrf @defaults("name") {
+  // VRF name
+  name string
+  // BGP Router ID for this VRF
+  routerId string
+  // BGP Autonomous System Number for this VRF
+  asNumber string
+  // BGP peers in this VRF
+  peers []arista.eos.bgp.peer
+}
+
+// Arista EOS BGP peer
+private arista.eos.bgp.peer @defaults("peerAddress") {
+  // VRF name
+  vrfName string
+  // Peer IP address
+  peerAddress string
+  // Remote Autonomous System Number
+  remoteAs string
+  // Peer state (Established, Idle, Active, etc.)
+  state string
+  // Uptime in seconds
+  uptime int
+  // Number of prefixes received from peer
+  prefixesReceived int
+  // Number of prefixes accepted from peer (after inbound filtering)
+  prefixesAccepted int
+  // Inbound route map
+  inboundRouteMap string
+  // Outbound route map
+  outboundRouteMap string
+  // Peer description
+  description string
+}
+
+// Arista EOS MLAG (Multi-Chassis Link Aggregation) configuration
+arista.eos.mlag {
+  // MLAG domain ID
+  domainId() string
+  // Local interface used for MLAG communication (typically a VLAN interface)
+  localInterface() string
+  // IP address of the MLAG peer switch
+  peerAddress() string
+  // Interface used as the peer-link (typically a Port-Channel)
+  peerLink() string
+  // Whether MLAG is administratively shutdown
+  shutdown() bool
+  // Port-Channel interfaces configured with MLAG IDs
+  interfaces() []arista.eos.mlag.interface
+}
+
+// Arista EOS MLAG interface (Port-Channel with MLAG ID)
+private arista.eos.mlag.interface @defaults("name mlagId") {
+  // Port-Channel interface name (e.g., "Port-Channel1")
+  name string
+  // MLAG ID assigned to this Port-Channel
+  mlagId string
+}
+
+// Arista EOS standard IP access control list
+arista.eos.acl @defaults("name") {
+  // ACL name
+  name string
+  // ACL type (currently only "standard" supported by SDK)
+  type string
+  // ACL entries (rules)
+  entries() []arista.eos.acl.entry
+}
+
+// Arista EOS ACL entry (rule)
+private arista.eos.acl.entry @defaults("sequenceNumber action") {
+  // ACL name this entry belongs to
+  aclName string
+  // Sequence number (determines evaluation order)
+  sequenceNumber int
+  // Action: "permit" or "deny"
+  action string
+  // Source IP address
+  srcAddress string
+  // Source prefix length (CIDR notation, e.g., 24 for /24)
+  srcPrefixLen int
+  // Whether logging is enabled for this rule
+  log bool
+}