Add cidr_list attribute to nsxt_policy_ip_block

This attribute is added for NSX v9.1.0.

Signed-off-by: Kobi Samoray <[email protected]>

Author: ksamoray

nsxt/resource_nsxt_policy_ip_block.go

@@ -46,7 +46,7 @@ func resourceNsxtPolicyIPBlock() *schema.Resource {
 			"cidr": {
 				Type:         schema.TypeString,
 				Description:  "Network address and the prefix length which will be associated with a layer-2 broadcast domain",
-				Required:     true,
+				Optional:     true,
 				ValidateFunc: validateCidr(),
 			},
 			"visibility": {
@@ -55,6 +55,15 @@ func resourceNsxtPolicyIPBlock() *schema.Resource {
 				Optional:     true,
 				ValidateFunc: validation.StringInSlice(visibilityTypes, false),
 			},
+			"cidr_list": {
+				Type:        schema.TypeList,
+				Optional:    true,
+				Description: "Array of contiguous IP address spaces represented by network address and prefix length",
+				Elem: &schema.Schema{
+					Type:         schema.TypeString,
+					ValidateFunc: validateCidr(),
+				},
+			},
 		},
 	}
 }
@@ -104,6 +113,9 @@ func resourceNsxtPolicyIPBlockRead(d *schema.ResourceData, m interface{}) error
 	if util.NsxVersionHigherOrEqual("4.2.0") {
 		d.Set("visibility", block.Visibility)
 	}
+	if util.NsxVersionHigherOrEqual("9.1.0") {
+		d.Set("cidr_list", block.CidrList)
+	}
 
 	return nil
 }
@@ -125,6 +137,7 @@ func resourceNsxtPolicyIPBlockCreate(d *schema.ResourceData, m interface{}) erro
 	cidr := d.Get("cidr").(string)
 	visibility := d.Get("visibility").(string)
 	tags := getPolicyTagsFromSchema(d)
+	cidrList := getStringListFromSchemaList(d, "cidr_list")
 
 	obj := model.IpAddressBlock{
 		DisplayName: &displayName,
@@ -135,6 +148,10 @@ func resourceNsxtPolicyIPBlockCreate(d *schema.ResourceData, m interface{}) erro
 	if util.NsxVersionHigherOrEqual("4.2.0") && len(visibility) > 0 {
 		obj.Visibility = &visibility
 	}
+	if util.NsxVersionHigherOrEqual("9.1.0") && len(cidrList) > 0 {
+		obj.CidrList = cidrList
+	}
+
 	// Create the resource using PATCH
 	log.Printf("[INFO] Creating IP Block with ID %s", id)
 	err = client.Patch(id, obj)

nsxt/resource_nsxt_policy_ip_block_test.go

@@ -42,6 +42,39 @@ func TestAccResourceNsxtPolicyIPBlock_minimal(t *testing.T) {
 	})
 }
 
+func TestAccResourceNsxtPolicyIPBlock_cidrList(t *testing.T) {
+	name := getAccTestResourceName()
+	testResourceName := "nsxt_policy_ip_block.test"
+	cidr := "192.168.1.0/24"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			testAccOnlyLocalManager(t)
+			testAccPreCheck(t)
+			testAccNSXVersion(t, "9.1.0")
+		},
+		Providers: testAccProviders,
+		CheckDestroy: func(state *terraform.State) error {
+			return testAccNSXPolicyIPBlockCheckDestroy(state)
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: testAccNSXPolicyIPBlockCreateCidrListTemplate(name, cidr, false, false),
+				Check: resource.ComposeTestCheckFunc(
+					testAccNSXPolicyIPBlockCheckExists(testResourceName),
+					resource.TestCheckResourceAttr(testResourceName, "display_name", name),
+					resource.TestCheckResourceAttr(testResourceName, "cidr_list.#", "1"),
+					resource.TestCheckResourceAttr(testResourceName, "cidr_list.0", cidr),
+					resource.TestCheckResourceAttr(testResourceName, "tag.#", "0"),
+					resource.TestCheckResourceAttrSet(testResourceName, "revision"),
+					resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"),
+					resource.TestCheckResourceAttrSet(testResourceName, "path"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccResourceNsxtPolicyIPBlock_basic(t *testing.T) {
 	testAccResourceNsxtPolicyIPBlockBasic(t, false, false, func() {
 		testAccPreCheck(t)
@@ -254,6 +287,26 @@ resource "nsxt_policy_ip_block" "test" {
 }`, context, displayName, cidr, visibility)
 }
 
+func testAccNSXPolicyIPBlockCreateCidrListTemplate(displayName string, cidr string, withContext, withVisibility bool) string {
+	context := ""
+	if withContext {
+		context = testAccNsxtPolicyMultitenancyContext()
+	}
+
+	visibility := ""
+	if withVisibility {
+		visibility = "  visibility   = \"EXTERNAL\""
+	}
+
+	return fmt.Sprintf(`
+resource "nsxt_policy_ip_block" "test" {
+%s
+  display_name = "%s"
+  cidr_list    = ["%s"]
+%s
+}`, context, displayName, cidr, visibility)
+}
+
 func testAccNSXPolicyIPBlockUpdateTemplate(displayName string, cidr string, withContext, withVisibility bool) string {
 	context := ""
 	if withContext {

website/docs/r/policy_ip_block.html.markdown

@@ -64,7 +64,8 @@ The following arguments are supported:
 
 * `display_name` - (Required) The display name for the IP Block.
 * `description` - (Optional) Description of the resource.
-* `cidr` - (Required) Network address and the prefix length which will be associated with a layer-2 broadcast domain.
+* `cidr` - (Optional) Network address and the prefix length which will be associated with a layer-2 broadcast domain.
+* `cidr_list` - (Optional) Array of contiguous IP address spaces represented by network address and prefix length. This attribute is supported with NSX 9.1.0 onwards.
 * `visibility` - (Optional) Visibility of the IP Block. Valid options are `PRIVATE`, `EXTERNAL` or unset. Visibility cannot be changed once the block is associated with other resources.
 * `nsx_id` - (Optional) The NSX ID of this resource. If set, this ID will be used to create the resource.
 * `tag` - (Optional) A list of scope + tag pairs to associate with this IP Block.