Add group_type attribue to policy group

Fixes: #855 Signed-off-by: Kobi Samoray <ksamoray@vmware.com>
vmware · Mar 21, 2023 · c5b2541 · c5b2541
1 parent d65c3a3
commit c5b2541
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/nsxt/resource_nsxt_policy_group.go b/nsxt/resource_nsxt_policy_group.go
@@ -51,6 +51,11 @@ var externalMemberTypeValues = []string{
 	model.ExternalIDExpression_MEMBER_TYPE_PHYSICALSERVER,
 }
 
+var groupTypeValues = []string{
+	model.Group_GROUP_TYPE_IPADDRESS,
+	model.Group_GROUP_TYPE_ANTREA,
+}
+
 func resourceNsxtPolicyGroup() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceNsxtPolicyGroupCreate,
@@ -69,6 +74,12 @@ func resourceNsxtPolicyGroup() *schema.Resource {
 			"revision":     getRevisionSchema(),
 			"tag":          getTagsSchema(),
 			"domain":       getDomainNameSchema(),
+			"group_type": {
+				Type:         schema.TypeString,
+				Description:  "Indicates the group type",
+				ValidateFunc: validation.StringInSlice(groupTypeValues, false),
+				Optional:     true,
+			},
 			"criteria": {
 				Type:        schema.TypeList,
 				Description: "Criteria to determine Group membership",
@@ -844,12 +855,18 @@ func resourceNsxtPolicyGroupCreate(d *schema.ResourceData, m interface{}) error
 	description := d.Get("description").(string)
 	tags := getPolicyTagsFromSchema(d)
 
+	var groupTypes []string
+	groupType := d.Get("group_type").(string)
+	if groupType != "" {
+		groupTypes = append(groupTypes, groupType)
+	}
 	obj := model.Group{
 		DisplayName:        &displayName,
 		Description:        &description,
 		Tags:               tags,
 		Expression:         expressionData,
 		ExtendedExpression: extendedExpressionList,
+		GroupType:          groupTypes,
 	}
 
 	if isPolicyGlobalManager(m) {
@@ -909,6 +926,11 @@ func resourceNsxtPolicyGroupRead(d *schema.ResourceData, m interface{}) error {
 	d.Set("path", obj.Path)
 	d.Set("domain", getDomainFromResourcePath(*obj.Path))
 	d.Set("revision", obj.Revision)
+	groupType := ""
+	if len(obj.GroupType) > 0 {
+		groupType = obj.GroupType[0]
+	}
+	d.Set("group_type", groupType)
 	criteria, conditions, err := fromGroupExpressionData(obj.Expression)
 	log.Printf("[INFO] Found %d criteria, %d conjunctions for group %s", len(criteria), len(conditions), id)
 	if err != nil {

diff --git a/website/docs/r/policy_group.html.markdown b/website/docs/r/policy_group.html.markdown
@@ -184,6 +184,7 @@ The following arguments are supported:
     * `distinguished_name` (Required for an `identity_group`) LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
     * `domain_base_distinguished_name` (Required for an `identity_group`) Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
     * `sid` (Optional) Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.
+* `group_type` - (Optional) Group type can be specified during create and update of a group. Empty group type indicates a 'generic' group, ie group can be one of IPAddress, ANTERA.
 
 
 ## Attributes Reference