Added ACL Support to the Terraform Provider

docs/data-sources/dns_acls.md

@@ -0,0 +1,110 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "bloxone_dns_acls Data Source - terraform-provider-bloxone"
+subcategory: "DNS"
+description: |-
+  Retrieves information about existing named Access Control Lists.
+---
+
+# bloxone_dns_acls (Data Source)
+
+Retrieves information about existing named Access Control Lists.
+
+## Example Usage
+
+```terraform
+# Get DNS ACLs filtered by an attribute
+data "bloxone_dns_acls" "example_by_attribute" {
+  filters = {
+    "name" = "example_acl"
+  }
+}
+
+# Get DNS ACLs filtered by tag
+data "bloxone_dns_acls" "example_by_tag" {
+  tag_filters = {
+    site = "Site A"
+  }
+}
+
+# Get all DNS ACLs
+data "bloxone_dns_acls" "example_all" {
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Optional
+
+- `filters` (Map of String) Filter are used to return a more specific list of results. Filters can be used to match resources by specific attributes, e.g. name. If you specify multiple filters, the results returned will have only resources that match all the specified filters.
+- `tag_filters` (Map of String) Tag Filters are used to return a more specific list of results filtered by tags. If you specify multiple filters, the results returned will have only resources that match all the specified filters.
+
+### Read-Only
+
+- `results` (Attributes List) (see [below for nested schema](#nestedatt--results))
+
+<a id="nestedatt--results"></a>
+### Nested Schema for `results`
+
+Required:
+
+- `name` (String) ACL object name.
+
+Optional:
+
+- `comment` (String) Optional. Comment for ACL.
+- `list` (Attributes List) Optional. Ordered list of access control elements.  Elements are evaluated in order to determine access. If evaluation reaches the end of the list then access is denied. (see [below for nested schema](#nestedatt--results--list))
+- `tags` (Map of String) Tagging specifics.
+
+Read-Only:
+
+- `id` (String) The resource identifier.
+
+<a id="nestedatt--results--list"></a>
+### Nested Schema for `results.list`
+
+Required:
+
+- `element` (String) Type of element.
+
+  Allowed values:
+  * _any_
+  * _ip_
+  * _acl_
+  * _tsig_key_
+
+Optional:
+
+- `access` (String) Access permission for _element_.
+
+  Allowed values:
+  * _allow_
+  * _deny_
+
+  Must be empty if _element_ is _acl_.
+- `acl` (String) The resource identifier.
+- `address` (String) Optional. Data for _ip_ _element_.  Must be empty if _element_ is not _ip_.
+- `tsig_key` (Attributes) (see [below for nested schema](#nestedatt--results--list--tsig_key))
+
+<a id="nestedatt--results--list--tsig_key"></a>
+### Nested Schema for `results.list.tsig_key`
+
+Required:
+
+- `key` (String) The resource identifier.
+
+Read-Only:
+
+- `algorithm` (String) TSIG key algorithm.
+
+  Possible values:
+  * _hmac_sha256_
+  * _hmac_sha1_
+  * _hmac_sha224_
+  * _hmac_sha384_
+  * _hmac_sha512_
+- `comment` (String) Comment for TSIG key.
+- `name` (String) TSIG key name, FQDN.
+- `protocol_name` (String) TSIG key name in punycode.
+- `secret` (String, Sensitive) TSIG key secret, base64 string.

docs/resources/dns_acl.md

@@ -0,0 +1,97 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "bloxone_dns_acl Resource - terraform-provider-bloxone"
+subcategory: "DNS"
+description: |-
+  Manages a named Access Control List (ACL).
+---
+
+# bloxone_dns_acl (Resource)
+
+Manages a named Access Control List (ACL).
+
+## Example Usage
+
+```terraform
+resource "bloxone_dns_acl" "example_acl" {
+  name = "example_dns_acl"
+
+  # Other Optional fields
+  comment = "An example acl"
+  tags = {
+    site = "Site A"
+  }
+  list = [
+    {
+      access  = "allow"
+      element = "ip"
+      address = "192.168.1.1"
+    },
+  ]
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) ACL object name.
+
+### Optional
+
+- `comment` (String) Optional. Comment for ACL.
+- `list` (Attributes List) Optional. Ordered list of access control elements.  Elements are evaluated in order to determine access. If evaluation reaches the end of the list then access is denied. (see [below for nested schema](#nestedatt--list))
+- `tags` (Map of String) Tagging specifics.
+
+### Read-Only
+
+- `id` (String) The resource identifier.
+
+<a id="nestedatt--list"></a>
+### Nested Schema for `list`
+
+Required:
+
+- `element` (String) Type of element.
+
+  Allowed values:
+  * _any_
+  * _ip_
+  * _acl_
+  * _tsig_key_
+
+Optional:
+
+- `access` (String) Access permission for _element_.
+
+  Allowed values:
+  * _allow_
+  * _deny_
+
+  Must be empty if _element_ is _acl_.
+- `acl` (String) The resource identifier.
+- `address` (String) Optional. Data for _ip_ _element_.  Must be empty if _element_ is not _ip_.
+- `tsig_key` (Attributes) (see [below for nested schema](#nestedatt--list--tsig_key))
+
+<a id="nestedatt--list--tsig_key"></a>
+### Nested Schema for `list.tsig_key`
+
+Required:
+
+- `key` (String) The resource identifier.
+
+Read-Only:
+
+- `algorithm` (String) TSIG key algorithm.
+
+  Possible values:
+  * _hmac_sha256_
+  * _hmac_sha1_
+  * _hmac_sha224_
+  * _hmac_sha384_
+  * _hmac_sha512_
+- `comment` (String) Comment for TSIG key.
+- `name` (String) TSIG key name, FQDN.
+- `protocol_name` (String) TSIG key name in punycode.
+- `secret` (String, Sensitive) TSIG key secret, base64 string.

docs/resources/dns_auth_zone.md

@@ -13,8 +13,12 @@ Manages an authoritative zone.
 ## Example Usage
 
 ```terraform
+resource "bloxone_keys_tsig" "example_tsig" {
+  name = "test-tsig."
+}
+
 resource "bloxone_dns_auth_zone" "example" {
-  fqdn         = "example.com."
+  fqdn         = "domain.com."
   primary_type = "cloud"
 
   # Other optional fields
@@ -24,36 +28,72 @@ resource "bloxone_dns_auth_zone" "example" {
   }
   transfer_acl = [
     {
-      access  = "allow"
+      access  = "deny"
       element = "ip"
       address = "192.168.1.1"
     },
+    {
+      access  = "allow"
+      element = "ip"
+      address = "10.0.0.0/24"
+    },
+    {
+      access  = "allow"
+      element = "tsig_key"
+      tsig_key = {
+        key = bloxone_keys_tsig.example_tsig.id
+      }
+    },
     {
       access  = "deny"
       element = "any"
-    }
+    },
   ]
   update_acl = [
     {
-      access  = "allow"
+      access  = "deny"
       element = "ip"
       address = "192.168.1.1"
     },
+    {
+      access  = "allow"
+      element = "ip"
+      address = "10.0.0.0/24"
+    },
+    {
+      access  = "allow"
+      element = "tsig_key"
+      tsig_key = {
+        key = bloxone_keys_tsig.example_tsig.id
+      }
+    },
     {
       access  = "deny"
       element = "any"
-    }
+    },
   ]
   query_acl = [
     {
-      access  = "allow"
+      access  = "deny"
       element = "ip"
       address = "192.168.1.1"
     },
+    {
+      access  = "allow"
+      element = "ip"
+      address = "10.0.0.0/24"
+    },
+    {
+      access  = "allow"
+      element = "tsig_key"
+      tsig_key = {
+        key = bloxone_keys_tsig.example_tsig.id
+      }
+    },
     {
       access  = "deny"
       element = "any"
-    }
+    },
   ]
 
 }

examples/data-sources/bloxone_dns_acls/data-source.tf

@@ -0,0 +1,17 @@
+# Get DNS ACLs filtered by an attribute
+data "bloxone_dns_acls" "example_by_attribute" {
+  filters = {
+    "name" = "example_acl"
+  }
+}
+
+# Get DNS ACLs filtered by tag
+data "bloxone_dns_acls" "example_by_tag" {
+  tag_filters = {
+    site = "Site A"
+  }
+}
+
+# Get all DNS ACLs
+data "bloxone_dns_acls" "example_all" {
+}

examples/resources/bloxone_dns_acl/resource.tf

@@ -0,0 +1,16 @@
+resource "bloxone_dns_acl" "example_acl" {
+  name = "example_dns_acl"
+
+  # Other Optional fields
+  comment = "An example acl"
+  tags = {
+    site = "Site A"
+  }
+  list = [
+    {
+      access  = "allow"
+      element = "ip"
+      address = "192.168.1.1"
+    },
+  ]
+}