Terraform Intersight Policies Module
A Terraform module to configure Intersight Policies.
This module is part of the Cisco Intersight as Code project. Its goal is to allow users to instantiate network fabrics in minutes using an easy to use, opinionated data model. It takes away the complexity of having to deal with references, dependencies or loops. By completely separating data (defining variables) from logic (infrastructure declaration), it allows the user to focus on describing the intended configuration while using a set of maintained and tested Terraform Modules without the need to understand the low-level Intersight object model.
A comprehensive example using this module is available here: https://github.com/terraform-cisco-modules/iac-intersight-comprehensive-example
Requirements
| Name | Version |
|---|---|
| terraform | >=1.3.0 |
| intersight | >=1.0.36 |
Providers
| Name | Version |
|---|---|
| intersight | 1.0.36 |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| moids_policies | Flag to Determine if Policies Should be associated using resource or data object. | bool |
false |
no |
| moids_pools | Flag to Determine if Pools Should be associated using data object or from var.pools. | bool |
false |
no |
| organization | Name of the default intersight Organization. | string |
"default" |
no |
| orgs | Input orgs List. | any |
n/a | yes |
| policies | Policies - YAML to HCL data. | any |
n/a | yes |
| pools | Pool Moids. | any |
n/a | yes |
| tags | List of Key/Value Pairs to Assign as Attributes to the Policy. | list(map(string)) |
[] |
no |
| cert_mgmt_certificate_1 | The Server Certificate in PEM format. | string |
"" |
no |
| cert_mgmt_certificate_2 | The Server Certificate in PEM format. | string |
"" |
no |
| cert_mgmt_certificate_3 | The Server Certificate in PEM format. | string |
"" |
no |
| cert_mgmt_certificate_4 | The Server Certificate in PEM format. | string |
"" |
no |
| cert_mgmt_certificate_5 | The Server Certificate in PEM format. | string |
"" |
no |
| cert_mgmt_private_key_1 | Private Key in PEM Format. | string |
"" |
no |
| cert_mgmt_private_key_2 | Private Key in PEM Format. | string |
"" |
no |
| cert_mgmt_private_key_3 | Private Key in PEM Format. | string |
"" |
no |
| cert_mgmt_private_key_4 | Private Key in PEM Format. | string |
"" |
no |
| cert_mgmt_private_key_5 | Private Key in PEM Format. | string |
"" |
no |
| drive_security_password | Drive Security User Password. | string |
"" |
no |
| drive_security_server_ca_certificate | Drive Security Server CA Certificate in PEM Format. | string |
"" |
no |
| cco_password | CCO User Account Password. | string |
"" |
no |
| cco_user | CCO User Account Email for Firmware Policies. | string |
"cco_user" |
no |
| model | description = <<-EOT The server family that will be impacted by this upgrade. * UCSC-C220-M4 - The upgrade on all C220-M4 servers claimed in setup. * UCSC-C240-M4 - The upgrade on all C240-M4 servers claimed in setup. * UCSC-C460-M4 - The upgrade on all C460-M4 servers claimed in setup. * UCSB-B200-M5 - The upgrade on all B200-M5 servers claimed in setup. * UCSB-B480-M5 - The upgrade on all B480-M5 servers claimed in setup. * UCSC-C220-M5 - The upgrade on all C220-M5 servers claimed in setup. * UCSC-C240-M5 - The upgrade on all C240-M5 servers claimed in setup. * UCSC-C480-M5 - The upgrade on all C480-M5 servers claimed in setup. * UCSB-B200-M6 - The upgrade on all B200-M6 servers claimed in setup. * UCSC-C220-M6 - The upgrade on all C220-M6 servers claimed in setup. * UCSC-C225-M6 - The upgrade on all C225-M6 servers claimed in setup. * UCSC-C240-M6 - The upgrade on all C240-M6 servers claimed in setup. * UCSC-C245-M6 - The upgrade on all C245-M6 servers claimed in setup. * UCSX-210C-M6 - The upgrade on all 210C-M6 servers claimed in setup. * UCSX-210C-M7 - The upgrade on all 210C-M7 servers claimed in setup. * UCSX-220-M7 - The upgrade on all C220-M7 servers claimed in setup. * UCSX-240-M7 - The upgrade on all C240-M7 servers claimed in setup. * UCSC-C125 - The upgrade on all C125 servers claimed in setup. |
string |
"UCSC-C220-M5" |
no |
| ipmi_key_1 | Encryption key 1 to use for IPMI communication. It should have an even number of hexadecimal characters and not exceed 40 characters. | string |
"" |
no |
| iscsi_boot_password | Password to Assign to the Policy if doing Authentication. | string |
"" |
no |
| binding_parameters_password | The password of the user for initial bind process. It can be any string that adheres to the following constraints. It can have character except spaces, tabs, line breaks. It cannot be more than 254 characters. | string |
"" |
no |
| local_user_password_1 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
| local_user_password_2 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
| local_user_password_3 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
| local_user_password_4 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
| local_user_password_5 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
| persistent_passphrase | Secure passphrase to be applied on the Persistent Memory Modules on the server. The allowed characters are: - a-z, A-Z, 0-9 and special characters: \u0021, &, #, $, %, +, ^, @, _, *, -. |
string |
"" |
no |
| access_community_string_1 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| access_community_string_2 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| access_community_string_3 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| access_community_string_4 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| access_community_string_5 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| snmp_auth_password_1 | SNMPv3 User Authentication Password. | string |
"" |
no |
| snmp_auth_password_2 | SNMPv3 User Authentication Password. | string |
"" |
no |
| snmp_auth_password_3 | SNMPv3 User Authentication Password. | string |
"" |
no |
| snmp_auth_password_4 | SNMPv3 User Authentication Password. | string |
"" |
no |
| snmp_auth_password_5 | SNMPv3 User Authentication Password. | string |
"" |
no |
| snmp_privacy_password_1 | SNMPv3 User Privacy Password. | string |
"" |
no |
| snmp_privacy_password_2 | SNMPv3 User Privacy Password. | string |
"" |
no |
| snmp_privacy_password_3 | SNMPv3 User Privacy Password. | string |
"" |
no |
| snmp_privacy_password_4 | SNMPv3 User Privacy Password. | string |
"" |
no |
| snmp_privacy_password_5 | SNMPv3 User Privacy Password. | string |
"" |
no |
| snmp_trap_community_1 | Community for a Trap Destination. | string |
"" |
no |
| snmp_trap_community_2 | Community for a Trap Destination. | string |
"" |
no |
| snmp_trap_community_3 | Community for a Trap Destination. | string |
"" |
no |
| snmp_trap_community_4 | Community for a Trap Destination. | string |
"" |
no |
| snmp_trap_community_5 | Community for a Trap Destination. | string |
"" |
no |
| trap_community_string | SNMP community group used for sending SNMP trap to other devices. Valid only for SNMPv2c. | string |
"" |
no |
| trap_community_string_1 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| trap_community_string_2 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| trap_community_string_3 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| trap_community_string_4 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| trap_community_string_5 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
| vmedia_password_1 | Password for vMedia | string |
"" |
no |
| vmedia_password_2 | Password for vMedia | string |
"" |
no |
| vmedia_password_3 | Password for vMedia | string |
"" |
no |
| vmedia_password_4 | Password for vMedia | string |
"" |
no |
| vmedia_password_5 | Password for vMedia | string |
"" |
no |
Outputs
| Name | Description |
|---|---|
| adapter_configuration | Moid's of the Adapter Configuration Policies. |
| bios | Moid's of the BIOS Policies. |
| boot_order | Moid's of the Boot Order Policies. |
| certificate_management | Moid's of the Certificate Management Policies. |
| device_connector | Moid's of the Device Connector Policies. |
| imc_access | Moid's of the IMC Access Policies. |
| ipmi_over_lan | Moid's of the IPMI over LAN Policies. |
| lan_connectivity | Moid's of the LAN Connectivity Policies. |
| ldap | Moid's of the LDAP Policies. |
| local_user | Moid's of the Local User Policies. |
| network_connectivity | Moid's of the Network Connectivity Policies. |
| ntp | Moid's of the NTP Policies. |
| persistent_memory | Moid's of the Persistent Memory Policies. |
| port | Moid's of the Port Policies. |
| power | Moid's of the Power Policies. |
| san_connectivity | Moid's of the SAN Connectivity Policies. |
| serial_over_lan | Moid's of the Serial over LAN Policies. |
| smtp | Moid's of the SMTP Policies. |
| snmp | Moid's of the SNMP Policies. |
| ssh | Moid's of the SSH Policies. |
| storage | Moid's of the Storage Policies. |
| switch_control | Moid's of the Switch Control Policies. |
| syslog | Moid's of the Syslog Policies. |
| system_qos | Moid's of the System QoS Policies. |
| thermal | Moid's of the Thermal Policies. |
| virtual_kvm | Moid's of the Virtual KVM Policies. |
| virtual_media | Moid's of the Virtual Media Policies. |
| vlan | Moid's of the VLAN Policies. |
| vsan | Moid's of the VSAN Policies. |