Skip to content

Latest commit

 

History

History
264 lines (201 loc) · 9.77 KB

policy_set.md

File metadata and controls

264 lines (201 loc) · 9.77 KB
page_title subcategory description
citrix_policy_set Resource - citrix
CVAD
Manages a policy set and the policies within it. The order of the policies specified in this resource reflect the policy priority.

citrix_policy_set (Resource)

Manages a policy set and the policies within it. The order of the policies specified in this resource reflect the policy priority.

-> Note For detailed information about policy settings and filters, please refer to this document.

~> Disclaimer This feature is supported for On-Premises with DDC version 2402 and above and will be made available for Cloud soon.

Example Usage

resource "citrix_policy_set" "example-policy-set" {
    name = "example-policy-set"
    description = "This is an example policy set description"
    type = "DeliveryGroupPolicies"
    scopes = [ citrix_admin_scope.example-admin-scope.id ]
    policies = [
        {
            name = "test-policy-with-priority-0"
            description = "Test policy in the example policy set with priority 0"
            enabled = true
            policy_settings = [
                {
                    name = "AdvanceWarningPeriod"
                    value = "13:00:00"
                    use_default = false
                },
            ]
            access_control_filters = [
                {
                    connection = "WithAccessGateway"
                    condition  = "*"
                    gateway    = "*"
                    enabled    = true
                    allowed    = true
                },
            ]
            branch_repeater_filter = {
                enabled = true
                allowed = true
            },
            client_ip_filters = [
                {
                    ip_address = "10.0.0.1"
                    enabled    = true
                    allowed    = true
                }
            ]
            client_name_filters = [
                {
                    client_name = "Example Client Name"
                    enabled     = true
                    allowed     = true
                }
            ]
            delivery_group_filters = [
                {
                    delivery_group_id = citrix_delivery_group.example-delivery-group.id
                    enabled           = true
                    allowed           = true
                },
            ]
            delivery_group_type_filters = [
                {
                    delivery_group_type = "Private"
                    enabled             = true
                    allowed             = true
                },
            ]
            ou_filters = [
                {
                    ou     = "{Path of the oranizational unit to be filtered}"
                    enabled = true
                    allowed = true
                },
            ]
            user_filters = [
                {
                    sid     = "{SID of the user or user group to be filtered}"
                    enabled = true
                    allowed = true
                },
            ]
            tag_filters = [
                {
                    tag     = "{ID of the tag to be filtered}"
                    enabled = true
                    allowed = true
                },
            ]
        },
        {
            name = "test-policy-with-priority-1"
            description = "Test policy in the example policy set with priority 1"
            enabled = false
            policy_settings = []
        }
    ]
}

Schema

Required

  • name (String) Name of the policy set.
  • policies (Attributes List) Ordered list of policies.

-> Note The order of policies in the list determines the priority of the policies. (see below for nested schema)

Optional

  • description (String) Description of the policy set.
  • scopes (Set of String) The IDs of the scopes for the policy set to be a part of.
  • type (String) Type of the policy set. Type can be one of SitePolicies, DeliveryGroupPolicies, SiteTemplates, or CustomTemplates.

Read-Only

  • assigned (Boolean) Indicate whether the policy set is being assigned to delivery groups.
  • id (String) GUID identifier of the policy set.

Nested Schema for policies

Required:

  • enabled (Boolean) Indicate whether the policy is being enabled.
  • name (String) Name of the policy.
  • policy_settings (Attributes List) Set of policy settings. (see below for nested schema)

Optional:

Nested Schema for policies.policy_settings

Required:

  • name (String) Name of the policy setting name.
  • use_default (Boolean) Indicate whether using default value for the policy setting.

Optional:

  • enabled (Boolean) Whether of the policy setting has enabled or allowed value.
  • value (String) Value of the policy setting.

Nested Schema for policies.access_control_filters

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • condition (String) Gateway condition for the policy filter.
  • connection (String) Gateway connection for the policy filter.
  • enabled (Boolean) Indicate whether the filter is being enabled.
  • gateway (String) Gateway for the policy filter.

Nested Schema for policies.branch_repeater_filter

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • enabled (Boolean) Indicate whether the filter is being enabled.

Nested Schema for policies.client_ip_filters

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • enabled (Boolean) Indicate whether the filter is being enabled.
  • ip_address (String) IP Address of the client to be filtered.

Nested Schema for policies.client_name_filters

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • client_name (String) Name of the client to be filtered.
  • enabled (Boolean) Indicate whether the filter is being enabled.

Nested Schema for policies.delivery_group_filters

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • delivery_group_id (String) Id of the delivery group to be filtered.
  • enabled (Boolean) Indicate whether the filter is being enabled.

Nested Schema for policies.delivery_group_type_filters

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • delivery_group_type (String) Type of the delivery groups to be filtered.
  • enabled (Boolean) Indicate whether the filter is being enabled.

Nested Schema for policies.ou_filters

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • enabled (Boolean) Indicate whether the filter is being enabled.
  • ou (String) Organizational Unit to be filtered.

Nested Schema for policies.tag_filters

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • enabled (Boolean) Indicate whether the filter is being enabled.
  • tag (String) Tag to be filtered.

Nested Schema for policies.user_filters

Required:

  • allowed (Boolean) Indicate the filtered policy is allowed or denied if the filter condition is met.
  • enabled (Boolean) Indicate whether the filter is being enabled.
  • sid (String) SID of the user or user group to be filtered.

Import

Import is supported using the following syntax:

# Policy and Policy Set Association can be imported by specifying the Policy GUID
terraform import citrix_policy_set.example 00000000-0000-0000-0000-000000000000