'fp.monitoring' fixed and expanded (Issue623)

.pre-commit-config.yaml

@@ -562,6 +562,10 @@ repos:
         args: ["./modules/terraform-aci-monitoring-policy"]
       - id: terraform-docs-system
         args: ["./modules/terraform-aci-monitoring-policy/examples/complete"]
+      - id: terraform-docs-system
+        args: ["./modules/terraform-aci-monitoring-policy-user-defined"]
+      - id: terraform-docs-system
+        args: ["./modules/terraform-aci-monitoring-policy-user-defined/examples/complete"]
       - id: terraform-docs-system
         args: ["./modules/terraform-aci-mpls-custom-qos-policy"]
       - id: terraform-docs-system

README.md

@@ -265,6 +265,7 @@ Additional example repositories:
 | <a name="module_aci_mcp"></a> [aci\_mcp](#module\_aci\_mcp) | ./modules/terraform-aci-mcp | n/a |
 | <a name="module_aci_mcp_policy"></a> [aci\_mcp\_policy](#module\_aci\_mcp\_policy) | ./modules/terraform-aci-mcp-policy | n/a |
 | <a name="module_aci_monitoring_policy"></a> [aci\_monitoring\_policy](#module\_aci\_monitoring\_policy) | ./modules/terraform-aci-monitoring-policy | n/a |
+| <a name="module_aci_monitoring_policy_user_defined"></a> [aci\_monitoring\_policy\_user\_defined](#module\_aci\_monitoring\_policy\_user\_defined) | ./modules/terraform-aci-monitoring-policy-user-defined | n/a |
 | <a name="module_aci_mpls_custom_qos_policy"></a> [aci\_mpls\_custom\_qos\_policy](#module\_aci\_mpls\_custom\_qos\_policy) | ./modules/terraform-aci-mpls-custom-qos-policy | n/a |
 | <a name="module_aci_mst_policy"></a> [aci\_mst\_policy](#module\_aci\_mst\_policy) | ./modules/terraform-aci-mst-policy | n/a |
 | <a name="module_aci_multicast_route_map"></a> [aci\_multicast\_route\_map](#module\_aci\_multicast\_route\_map) | ./modules/terraform-aci-multicast-route-map | n/a |

aci_fabric_policies.tf

@@ -854,15 +854,19 @@ module "aci_syslog_policy" {
 module "aci_monitoring_policy" {
   source = "./modules/terraform-aci-monitoring-policy"
 
-  count              = local.modules.aci_monitoring_policy == true && var.manage_fabric_policies ? 1 : 0
-  snmp_trap_policies = [for policy in try(local.fabric_policies.monitoring.snmp_traps, []) : "${policy.name}${local.defaults.apic.fabric_policies.monitoring.snmp_traps.name_suffix}"]
+  count = local.modules.aci_monitoring_policy == true && var.manage_fabric_policies ? 1 : 0
+  snmp_trap_policies = [for policy in try(local.fabric_policies.monitoring.snmp_traps, []) : {
+    name              = "${policy.name}${local.defaults.apic.fabric_policies.monitoring.snmp_traps.name_suffix}"
+    destination_group = try("${policy.destination_group}${local.defaults.apic.fabric_policies.monitoring.snmp_traps.destination_group_suffix}", "")
+  }]
   syslog_policies = [for policy in try(local.fabric_policies.monitoring.syslogs, []) : {
-    name             = "${policy.name}${local.defaults.apic.fabric_policies.monitoring.syslogs.name_suffix}"
-    audit            = try(policy.audit, local.defaults.apic.fabric_policies.monitoring.syslogs.audit)
-    events           = try(policy.events, local.defaults.apic.fabric_policies.monitoring.syslogs.events)
-    faults           = try(policy.faults, local.defaults.apic.fabric_policies.monitoring.syslogs.faults)
-    session          = try(policy.session, local.defaults.apic.fabric_policies.monitoring.syslogs.session)
-    minimum_severity = try(policy.minimum_severity, local.defaults.apic.fabric_policies.monitoring.syslogs.minimum_severity)
+    name              = "${policy.name}${local.defaults.apic.fabric_policies.monitoring.syslogs.name_suffix}"
+    audit             = try(policy.audit, local.defaults.apic.fabric_policies.monitoring.syslogs.audit)
+    events            = try(policy.events, local.defaults.apic.fabric_policies.monitoring.syslogs.events)
+    faults            = try(policy.faults, local.defaults.apic.fabric_policies.monitoring.syslogs.faults)
+    session           = try(policy.session, local.defaults.apic.fabric_policies.monitoring.syslogs.session)
+    minimum_severity  = try(policy.minimum_severity, local.defaults.apic.fabric_policies.monitoring.syslogs.minimum_severity)
+    destination_group = try("${policy.destination_group}${local.defaults.apic.fabric_policies.monitoring.syslogs.destination_group_suffix}", "")
   }]
 
   depends_on = [
@@ -871,6 +875,54 @@ module "aci_monitoring_policy" {
   ]
 }
 
+locals {
+  monitoring_policies = flatten([
+    for policy in try(local.fabric_policies.monitoring.policies, []) : {
+      name        = "${policy.name}${local.defaults.apic.fabric_policies.monitoring.policies.name_suffix}"
+      description = try(policy.description, "")
+      snmp_trap_policies = [for snmp_policy in try(policy.snmp_traps, []) : {
+        name              = "${snmp_policy.name}${local.defaults.apic.fabric_policies.monitoring.policies.snmp_traps.name_suffix}"
+        destination_group = try("${snmp_policy.destination_group}${local.defaults.apic.fabric_policies.monitoring.policies.snmp_traps.destination_group_suffix}", "")
+      }]
+      syslog_policies = [for syslog_policy in try(policy.syslogs, []) : {
+        name              = "${syslog_policy.name}${local.defaults.apic.fabric_policies.monitoring.policies.syslogs.name_suffix}"
+        audit             = try(syslog_policy.audit, local.defaults.apic.fabric_policies.monitoring.policies.syslogs.audit)
+        events            = try(syslog_policy.events, local.defaults.apic.fabric_policies.monitoring.policies.syslogs.events)
+        faults            = try(syslog_policy.faults, local.defaults.apic.fabric_policies.monitoring.policies.syslogs.faults)
+        session           = try(syslog_policy.session, local.defaults.apic.fabric_policies.monitoring.policies.syslogs.session)
+        minimum_severity  = try(syslog_policy.minimum_severity, local.defaults.apic.fabric_policies.monitoring.policies.syslogs.minimum_severity)
+        destination_group = try("${syslog_policy.destination_group}${local.defaults.apic.fabric_policies.monitoring.policies.syslogs.destination_group_suffix}", "")
+      }]
+      fault_severity_policies = [for policy in try(policy.fault_severity_policies, []) : {
+        class = policy.class
+        faults = [for fault in try(policy.faults, []) : {
+          fault_id         = fault.fault_id
+          initial_severity = try(fault.initial_severity, local.defaults.apic.fabric_policies.monitoring.policies.fault_severity_policies.faults.initial_severity)
+          target_severity  = try(fault.target_severity, local.defaults.apic.fabric_policies.monitoring.policies.fault_severity_policies.faults.target_severity)
+          description      = try(fault.description, "")
+        }]
+      }]
+    }
+  ])
+}
+
+module "aci_monitoring_policy_user_defined" {
+  source = "./modules/terraform-aci-monitoring-policy-user-defined"
+
+  for_each = { for pol in local.monitoring_policies : pol.name => pol if local.modules.aci_monitoring_policy_user_defined && var.manage_fabric_policies }
+
+  name                    = each.value.name
+  description             = each.value.description
+  snmp_trap_policies      = each.value.snmp_trap_policies
+  syslog_policies         = each.value.syslog_policies
+  fault_severity_policies = each.value.fault_severity_policies
+
+  depends_on = [
+    module.aci_snmp_trap_policy,
+    module.aci_syslog_policy,
+  ]
+}
+
 module "aci_management_access_policy" {
   source = "./modules/terraform-aci-management-access-policy"
 

defaults/defaults.yaml

@@ -344,6 +344,7 @@ defaults:
       monitoring:
         snmp_traps:
           name_suffix: ""
+          destination_group_suffix: ""
           destinations:
             port: 162
             version: v2c
@@ -364,12 +365,39 @@ defaults:
           local_severity: information
           console_admin_state: true
           console_severity: alerts
+          destination_group_suffix: ""
           destinations:
             port: 514
             facility: local7
             severity: warnings
             admin_state: true
             mgmt_epg: inb
+        policies:
+          name_suffix: ""
+          fault_severity_policies:
+            name_suffix: ""
+            faults:
+              initial_severity: "inherit"
+              target_severity: "inherit"
+          snmp_traps:
+            name_suffix: ""
+            destination_group_suffix: ""
+          syslogs:
+            name_suffix: ""
+            audit: true
+            events: true
+            faults: true
+            session: false
+            minimum_severity: warnings
+            format: aci
+            show_millisecond: false
+            show_timezone: false
+            admin_state: true
+            local_admin_state: true
+            local_severity: information
+            console_admin_state: true
+            console_severity: alerts
+            destination_group_suffix: ""
       span:
         destination_groups:
           name_suffix: ""

defaults/modules.yaml

@@ -109,6 +109,7 @@ modules:
   aci_mcp: true
   aci_mcp_policy: true
   aci_monitoring_policy: true
+  aci_monitoring_policy_user_defined: true
   aci_mpls_custom_qos_policy: true
   aci_mst_policy: true
   aci_multicast_route_map: true

modules/terraform-aci-monitoring-policy-user-defined/.terraform-docs.yml

@@ -0,0 +1,34 @@
+version: '>= 0.14.0'
+
+formatter: markdown table
+
+content: |-
+  # Terraform ACI User-Defined Monitoring Policy Module
+
+  Manages ACI User-Defined Monitoring Policy
+
+  Location in GUI:
+  `Fabric` » `Fabric Policies` » `Policies` » `Monitoring`
+
+  ## Examples
+
+  ```hcl
+  {{ include "./examples/complete/main.tf" }}
+  ```
+
+  {{ .Requirements }}
+
+  {{ .Providers }}
+
+  {{ .Inputs }}
+
+  {{ .Outputs }}
+
+  {{ .Resources }}
+
+output:
+  file: README.md
+  mode: replace
+
+sort:
+  enabled: false

modules/terraform-aci-monitoring-policy-user-defined/README.md

@@ -0,0 +1,83 @@
+<!-- BEGIN_TF_DOCS -->
+# Terraform ACI User-Defined Monitoring Policy Module
+
+Manages ACI User-Defined Monitoring Policy
+
+Location in GUI:
+`Fabric` » `Fabric Policies` » `Policies` » `Monitoring`
+
+## Examples
+
+```hcl
+module "aci_monitoring_policy_user_defined" {
+  source  = "netascode/nac-aci/aci//modules/terraform-aci-monitoring-policy-user-defined"
+  version = "> 1.0.1"
+
+  name = "MON1"
+  snmp_trap_policies = [{
+    name              = "SNMP_1"
+    destination_group = "SNMP_DEST_GROUP1"
+  }]
+  syslog_policies = [{
+    name              = "SYSLOG1"
+    audit             = false
+    events            = false
+    faults            = false
+    session           = true
+    minimum_severity  = "alerts"
+    destination_group = "SYSLOG_DEST_GROUP1"
+  }]
+  fault_severity_policies = [{
+    class = "snmpClient"
+    faults = [{
+      fault_id         = "F1368"
+      description      = "Fault 1368 nice description"
+      initial_severity = "critical"
+      target_severity  = "inherit"
+    }]
+  }]
+}
+```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
+| <a name="requirement_aci"></a> [aci](#requirement\_aci) | >= 2.15.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aci"></a> [aci](#provider\_aci) | >= 2.15.0 |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_name"></a> [name](#input\_name) | Track List name. | `string` | n/a | yes |
+| <a name="input_description"></a> [description](#input\_description) | Description. | `string` | `""` | no |
+| <a name="input_snmp_trap_policies"></a> [snmp\_trap\_policies](#input\_snmp\_trap\_policies) | List of SNMP trap policies. | <pre>list(object({<br/>    name              = string<br/>    destination_group = optional(string, "")<br/>  }))</pre> | `[]` | no |
+| <a name="input_syslog_policies"></a> [syslog\_policies](#input\_syslog\_policies) | List of syslog policies. Default value `audit`: true. Default value `events`: true. Default value `faults`: true. Default value `session`: false. Default value `minimum_severity`: `warnings`. | <pre>list(object({<br/>    name              = string<br/>    audit             = optional(bool, true)<br/>    events            = optional(bool, true)<br/>    faults            = optional(bool, true)<br/>    session           = optional(bool, false)<br/>    minimum_severity  = optional(string, "warnings")<br/>    destination_group = optional(string, "")<br/>  }))</pre> | `[]` | no |
+| <a name="input_fault_severity_policies"></a> [fault\_severity\_policies](#input\_fault\_severity\_policies) | List of Fault Severity Assignment Policies. | <pre>list(object({<br/>    class = string<br/>    faults = list(object({<br/>      fault_id         = string<br/>      initial_severity = optional(string, "inherit")<br/>      target_severity  = optional(string, "inherit")<br/>      description      = optional(string, "")<br/>    }))<br/>  }))</pre> | `[]` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_dn"></a> [dn](#output\_dn) | Distinguished name of Fabric `monFabricPol` object. |
+| <a name="output_name"></a> [name](#output\_name) | User-Defined Fabric Monitoring Policy name. |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aci_rest_managed.faultSevAsnP](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.monFabricPol](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.monFabricTarget](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.snmpRsDestGroup](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.snmpSrc](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.syslogRsDestGroup](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+| [aci_rest_managed.syslogSrc](https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/rest_managed) | resource |
+<!-- END_TF_DOCS -->

modules/terraform-aci-monitoring-policy-user-defined/examples/complete/.terraform-docs.yml

@@ -0,0 +1,24 @@
+version: '>= 0.14.0'
+
+formatter: markdown table
+
+content: |-
+  # Monitoring Policy Example
+
+  To run this example you need to execute:
+
+  ```bash
+  $ terraform init
+  $ terraform plan
+  $ terraform apply
+  ```
+
+  Note that this example will create resources. Resources can be destroyed with `terraform destroy`.
+
+  ```hcl
+  {{ include "./main.tf" }}
+  ```
+
+output:
+  file: README.md
+  mode: replace

modules/terraform-aci-monitoring-policy-user-defined/examples/complete/README.md

@@ -0,0 +1,44 @@
+<!-- BEGIN_TF_DOCS -->
+# Monitoring Policy Example
+
+To run this example you need to execute:
+
+```bash
+$ terraform init
+$ terraform plan
+$ terraform apply
+```
+
+Note that this example will create resources. Resources can be destroyed with `terraform destroy`.
+
+```hcl
+module "aci_monitoring_policy_user_defined" {
+  source  = "netascode/nac-aci/aci//modules/terraform-aci-monitoring-policy-user-defined"
+  version = "> 1.0.1"
+
+  name = "MON1"
+  snmp_trap_policies = [{
+    name              = "SNMP_1"
+    destination_group = "SNMP_DEST_GROUP1"
+  }]
+  syslog_policies = [{
+    name              = "SYSLOG1"
+    audit             = false
+    events            = false
+    faults            = false
+    session           = true
+    minimum_severity  = "alerts"
+    destination_group = "SYSLOG_DEST_GROUP1"
+  }]
+  fault_severity_policies = [{
+    class = "snmpClient"
+    faults = [{
+      fault_id         = "F1368"
+      description      = "Fault 1368 nice description"
+      initial_severity = "critical"
+      target_severity  = "inherit"
+    }]
+  }]
+}
+```
+<!-- END_TF_DOCS -->

modules/terraform-aci-monitoring-policy-user-defined/examples/complete/main.tf

@@ -0,0 +1,28 @@
+module "aci_monitoring_policy_user_defined" {
+  source  = "netascode/nac-aci/aci//modules/terraform-aci-monitoring-policy-user-defined"
+  version = "> 1.0.1"
+
+  name = "MON1"
+  snmp_trap_policies = [{
+    name              = "SNMP_1"
+    destination_group = "SNMP_DEST_GROUP1"
+  }]
+  syslog_policies = [{
+    name              = "SYSLOG1"
+    audit             = false
+    events            = false
+    faults            = false
+    session           = true
+    minimum_severity  = "alerts"
+    destination_group = "SYSLOG_DEST_GROUP1"
+  }]
+  fault_severity_policies = [{
+    class = "snmpClient"
+    faults = [{
+      fault_id         = "F1368"
+      description      = "Fault 1368 nice description"
+      initial_severity = "critical"
+      target_severity  = "inherit"
+    }]
+  }]
+}

modules/terraform-aci-monitoring-policy-user-defined/examples/complete/versions.tf

@@ -0,0 +1,11 @@
+
+terraform {
+  required_version = ">= 1.3.0"
+
+  required_providers {
+    aci = {
+      source  = "CiscoDevNet/aci"
+      version = ">= 2.15.0"
+    }
+  }
+}