feat: Implement VRF Advanced Support in Terraform Provider

Author: Jeremy Spencer

CHANGELOG.md

@@ -7,6 +7,8 @@
 - Add `ip_ssh_bulk_mode` and `ip_ssh_bulk_mode_window_size` attributes to `iosxe_system` resource and data source
 - Add `set_ip_next_hop_unchanged` attribute to `iosxe_route_map` resource and data source
 - Enhance `set_communities` attribute documentation in `iosxe_route_map` to clarify support for well-known BGP community values (internet, local-AS, no-advertise, no-export, gshut)
+- Add `route_map` attribute with required subattributes to `iosxe_bgp_l2vpn_evpn_neighbor` resource and data source
+- Add `import_path_selection_all` and `ipv4_unicast_aggregate_addresses.summary_only` attributes to `iosxe_bgp_address_family_ipv4_vrf` resoutces and data sources
 
 ## 0.9.3
 
@@ -21,7 +23,7 @@
 - Add `passive_interface_disable_*` attributes to `iosxe_ospf` and `iosxe_ospf_vrf` resources and data sources
 - Fix issue with destroying `iosxe_interface_ethernet` resources
 - Change route target attributes of `iosxe_vrf` from type "List" to "Set"
-- Add `role_based_enforcement` attributes to `iosxe_cts` 
+- Add `role_based_enforcement` attributes to `iosxe_cts`
 - Add `tftp_source_interface_*` attributes to `iosxe_system` resource and data source
 - Add `hash` attribute to `iosxe_crypto_pki` resource and data source
 - Add `snooping_information_option`, `snooping_information_option_allow_untrusted` and `snooping_information_option_format_remote_id_string` attributes to `iosxe_dhcp` resource and data source
@@ -66,7 +68,7 @@
 - Add `level`, `list_name`, `action_type`, `broadcast`, `group_broadcast`, `group_logger`, `group1_group`, `group2_group`, `group3_group`, `group4_group`, `name`, `default`, `none`, `start_stop_broadcast`, `start_stop_logger`, `start_stop_group1`, `start_stop_group2`, `start_stop_group3`, `start_stop_group4`, `stop_only_broadcast`, `stop_only_logger`, `stop_only_group1`, `stop_only_group2`, `stop_only_group3`, `stop_only_group4`, `wait_start_broadcast`, `wait_start_logger`, `wait_start_group1`, `wait_start_group2`, `wait_start_group3`, `wait_start_group4`, `name`, `none`, `start_stop_broadcast`, `start_stop_logger`, `start_stop_group1`, `start_stop_group2`, `start_stop_group3`, `start_stop_group4`, `stop_only_broadcast`, `stop_only_logger`, `stop_only_group1`, `stop_only_group2`, `stop_only_group3`, `stop_only_group4`, `wait_start_broadcast`, `wait_start_logger`, `wait_start_group1`, `wait_start_group2`, `wait_start_group3`, and `wait_start_group4` attributes to `iosxe_aaa_accounting` resource and data source
 - Add `enable_default_group1_cache`, `enable_default_group1_enable`, `enable_default_group1_group`, `enable_default_group1_line`, `enable_default_group1_none`, `enable_default_group2_cache`, `enable_default_group2_enable`, `enable_default_group2_group`, `enable_default_group2_line`, `enable_default_group2_none`, `enable_default_group3_cache`, `enable_default_group3_enable`, `enable_default_group3_group`, `enable_default_group3_line`, `enable_default_group3_none`, `enable_default_group4_cache`, `enable_default_group4_enable`, `enable_default_group4_group`, `enable_default_group4_line`, and `enable_default_group4_none` attributes to `iosxe_aaa_authentication` resource and data source
 - Add `level`, `list_name`, `a1_group`, `a1_local`, `a1_if_authenticated`, `a1_none`, `a1_radius`, `a1_tacacs`, `a2_group`, `a2_local`, `a2_if_authenticated`, `a2_none`, `a2_radius`, `a2_tacacs`, `a3_group`, `a3_local`, `a3_if_authenticated`, `a3_none`, `a3_radius`, `a3_tacacs`, `a4_group`, `a4_local`, `a4_if_authenticated`, `a4_none`, `a4_radius`, `a4_tacacs`, `name`, `group1_cache`, `group1_group`, `group1_radius`, and `group1_tacacs` attributes to `iosxe_aaa_authorization` resource and data source
-- Add `vrf`, `local_authentication_type`, `local_authorization`, and `local_auth_max_fail_attempts` attributes to `iosxe_aaa` resrouce and data source 
+- Add `vrf`, `local_authentication_type`, `local_authorization`, and `local_auth_max_fail_attempts` attributes to `iosxe_aaa` resrouce and data source
 - Add `icmp_named_msg_type`, `destination_port_equal_2`, `destination_port_equal_3`, `destination_port_equal_4`, `destination_port_equal_5`, `destination_port_equal_6`, `destination_port_equal_7`, `destination_port_equal_8`, `destination_port_equal_9`, `destination_port_equal_10`, `icmp_msg_type`, and `icmp_msg_code` attributes to `iosxe_access_list_extended` resource and data source
 - Add `iosxe_access_list_role_based` resource and data source
 - Add `filter_lists_cdp` attribute to `iosxe_device_sensor` resource and data source

docs/data-sources/bgp_address_family_ipv4_vrf.md

@@ -47,6 +47,7 @@ Read-Only:
 - `ipv4_unicast_distance_bgp_external` (Number)
 - `ipv4_unicast_distance_bgp_internal` (Number)
 - `ipv4_unicast_distance_bgp_local` (Number)
+- `ipv4_unicast_import_path_selection_all` (Boolean) Import all available paths
 - `ipv4_unicast_networks` (Attributes List) Specify a network to announce via BGP (see [below for nested schema](#nestedatt--vrfs--ipv4_unicast_networks))
 - `ipv4_unicast_networks_mask` (Attributes List) Specify a network to announce via BGP (see [below for nested schema](#nestedatt--vrfs--ipv4_unicast_networks_mask))
 - `ipv4_unicast_redistribute_connected` (Boolean) Connected
@@ -73,6 +74,7 @@ Read-Only:
 
 - `ipv4_address` (String)
 - `ipv4_mask` (String)
+- `summary_only` (Boolean) Filter more specific routes from updates
 
 
 <a id="nestedatt--vrfs--ipv4_unicast_networks"></a>

docs/data-sources/bgp_l2vpn_evpn_neighbor.md

@@ -35,6 +35,15 @@ data "iosxe_bgp_l2vpn_evpn_neighbor" "example" {
 
 - `activate` (Boolean) Enable the address family for this neighbor
 - `id` (String) The path of the retrieved object.
+- `route_map` (Attributes List) Apply route map to neighbor (see [below for nested schema](#nestedatt--route_map))
 - `route_reflector_client` (Boolean) Configure a neighbor as Route Reflector client
 - `send_community` (String)
 - `soft_reconfiguration` (String) Per neighbor soft reconfiguration
+
+<a id="nestedatt--route_map"></a>
+### Nested Schema for `route_map`
+
+Read-Only:
+
+- `inout` (String)
+- `route_map_name` (String)

docs/resources/bgp_address_family_ipv4_vrf.md

@@ -22,11 +22,11 @@ resource "iosxe_bgp_address_family_ipv4_vrf" "example" {
       ipv4_unicast_advertise_l2vpn_evpn   = true
       ipv4_unicast_redistribute_connected = true
       ipv4_unicast_router_id_loopback     = 101
-      ipv4_unicast_router_id_ip           = "10.1.1.1"
       ipv4_unicast_aggregate_addresses = [
         {
           ipv4_address = "50.0.0.0"
           ipv4_mask    = "255.255.0.0"
+          summary_only = true
         }
       ]
       ipv4_unicast_redistribute_static = true
@@ -52,9 +52,10 @@ resource "iosxe_bgp_address_family_ipv4_vrf" "example" {
           wildcard  = "0.0.0.0"
         }
       ]
-      ipv4_unicast_distance_bgp_external = 20
-      ipv4_unicast_distance_bgp_internal = 200
-      ipv4_unicast_distance_bgp_local    = 200
+      ipv4_unicast_distance_bgp_external     = 20
+      ipv4_unicast_distance_bgp_internal     = 200
+      ipv4_unicast_distance_bgp_local        = 200
+      ipv4_unicast_import_path_selection_all = true
     }
   ]
 }
@@ -94,6 +95,7 @@ Optional:
 - `ipv4_unicast_distance_bgp_external` (Number) - Range: `1`-`255`
 - `ipv4_unicast_distance_bgp_internal` (Number) - Range: `1`-`255`
 - `ipv4_unicast_distance_bgp_local` (Number) - Range: `1`-`255`
+- `ipv4_unicast_import_path_selection_all` (Boolean) Import all available paths
 - `ipv4_unicast_networks` (Attributes List) Specify a network to announce via BGP (see [below for nested schema](#nestedatt--vrfs--ipv4_unicast_networks))
 - `ipv4_unicast_networks_mask` (Attributes List) Specify a network to announce via BGP (see [below for nested schema](#nestedatt--vrfs--ipv4_unicast_networks_mask))
 - `ipv4_unicast_redistribute_connected` (Boolean) Connected
@@ -124,6 +126,10 @@ Required:
 - `ipv4_address` (String)
 - `ipv4_mask` (String)
 
+Optional:
+
+- `summary_only` (Boolean) Filter more specific routes from updates
+
 
 <a id="nestedatt--vrfs--ipv4_unicast_networks"></a>
 ### Nested Schema for `vrfs.ipv4_unicast_networks`

docs/resources/bgp_l2vpn_evpn_neighbor.md

@@ -20,6 +20,12 @@ resource "iosxe_bgp_l2vpn_evpn_neighbor" "example" {
   send_community         = "both"
   route_reflector_client = false
   soft_reconfiguration   = "inbound"
+  route_map = [
+    {
+      inout          = "in"
+      route_map_name = "RM1"
+    }
+  ]
 }
 ```
 
@@ -38,6 +44,7 @@ resource "iosxe_bgp_l2vpn_evpn_neighbor" "example" {
 - `delete_mode` (String) Configure behavior when deleting/destroying the resource. Either delete the entire object (YANG container) being managed, or only delete the individual resource attributes configured explicitly and leave everything else as-is. Default value is `all`.
   - Choices: `all`, `attributes`
 - `device` (String) A device name from the provider configuration.
+- `route_map` (Attributes List) Apply route map to neighbor (see [below for nested schema](#nestedatt--route_map))
 - `route_reflector_client` (Boolean) Configure a neighbor as Route Reflector client
 - `send_community` (String) - Choices: `both`, `extended`, `standard`
 - `soft_reconfiguration` (String) Per neighbor soft reconfiguration
@@ -47,6 +54,14 @@ resource "iosxe_bgp_l2vpn_evpn_neighbor" "example" {
 
 - `id` (String) The path of the object.
 
+<a id="nestedatt--route_map"></a>
+### Nested Schema for `route_map`
+
+Required:
+
+- `inout` (String) - Choices: `in`, `out`
+- `route_map_name` (String)
+
 ## Import
 
 Import is supported using the following syntax:

examples/resources/iosxe_bgp_address_family_ipv4_vrf/resource.tf

@@ -7,11 +7,11 @@ resource "iosxe_bgp_address_family_ipv4_vrf" "example" {
       ipv4_unicast_advertise_l2vpn_evpn   = true
       ipv4_unicast_redistribute_connected = true
       ipv4_unicast_router_id_loopback     = 101
-      ipv4_unicast_router_id_ip           = "10.1.1.1"
       ipv4_unicast_aggregate_addresses = [
         {
           ipv4_address = "50.0.0.0"
           ipv4_mask    = "255.255.0.0"
+          summary_only = true
         }
       ]
       ipv4_unicast_redistribute_static = true
@@ -37,9 +37,10 @@ resource "iosxe_bgp_address_family_ipv4_vrf" "example" {
           wildcard  = "0.0.0.0"
         }
       ]
-      ipv4_unicast_distance_bgp_external = 20
-      ipv4_unicast_distance_bgp_internal = 200
-      ipv4_unicast_distance_bgp_local    = 200
+      ipv4_unicast_distance_bgp_external     = 20
+      ipv4_unicast_distance_bgp_internal     = 200
+      ipv4_unicast_distance_bgp_local        = 200
+      ipv4_unicast_import_path_selection_all = true
     }
   ]
 }

examples/resources/iosxe_bgp_l2vpn_evpn_neighbor/resource.tf

@@ -5,4 +5,10 @@ resource "iosxe_bgp_l2vpn_evpn_neighbor" "example" {
   send_community         = "both"
   route_reflector_client = false
   soft_reconfiguration   = "inbound"
+  route_map = [
+    {
+      inout          = "in"
+      route_map_name = "RM1"
+    }
+  ]
 }

gen/definitions/bgp_address_family_ipv4_vrf.yaml

@@ -30,6 +30,7 @@ attributes:
         xpath: ipv4-unicast/bgp/router-id/ip-id
         tf_name: ipv4_unicast_router_id_ip
         example: 10.1.1.1
+        exclude_test: true
       - yang_name: ipv4-unicast/aggregate-address
         tf_name: ipv4_unicast_aggregate_addresses
         type: List
@@ -40,6 +41,8 @@ attributes:
           - yang_name: ipv4-mask
             id: true
             example: 255.255.0.0
+          - yang_name: summary-only
+            example: true
       - yang_name: ipv4-unicast/redistribute-vrf/static
         tf_name: ipv4_unicast_redistribute_static
         example: true
@@ -109,7 +112,9 @@ attributes:
         tf_name: ipv4_unicast_distance_bgp_internal
         example: 200
       - yang_name: ipv4-unicast/distance/bgp/local
-        example: 200
+        example: 200          
+      - yang_name: ipv4-unicast/import/path/selection/all
+        example: true
 
 test_prerequisites:
   - path: Cisco-IOS-XE-native:native/vrf/definition=VRF1

gen/definitions/bgp_l2vpn_evpn_neighbor.yaml

@@ -23,6 +23,14 @@ attributes:
     example: false
   - yang_name: soft-reconfiguration
     example: inbound
+  - yang_name: route-map
+    type: List
+    attributes:
+      - yang_name: inout
+        id: true
+        example: in
+      - yang_name: route-map-name
+        example: RM1
 test_prerequisites:
   - path: Cisco-IOS-XE-native:native/router/Cisco-IOS-XE-bgp:bgp=65000
     attributes:
@@ -40,3 +48,8 @@ test_prerequisites:
       - name: remote-as
         value: 65000
     dependencies: [0]
+  - path: Cisco-IOS-XE-native:native/route-map=RM1
+    attributes:
+      - name: name
+        value: RM1
+