Merge pull request #348 from appgate/suspend-gateway

Add support to suspend gateway

appgate/resource_appgate_appliance.go

@@ -639,6 +639,11 @@ func resourceAppgateAppliance() *schema.Resource {
 							Optional: true,
 							Default:  false,
 						},
+						"suspended": {
+							Type:     schema.TypeBool,
+							Optional: true,
+							Default:  false,
+						},
 						"vpn": {
 							Type:     schema.TypeList,
 							Optional: true,
@@ -1451,7 +1456,7 @@ the root of Appliance when this interface is removed.`,
 	}
 
 	if v, ok := d.GetOk("gateway"); ok {
-		gw, err := readGatewayFromConfig(v.([]interface{}))
+		gw, err := readGatewayFromConfig(v.([]interface{}), currentVersion)
 		if err != nil {
 			return diag.FromErr(err)
 		}
@@ -2120,6 +2125,12 @@ func flatttenApplianceGateway(in openapi.ApplianceAllOfGateway, currentVersion *
 		gateway["enabled"] = v
 	}
 
+	if currentVersion.GreaterThanOrEqual(Appliance61Version) {
+		if v, ok := in.GetSuspendedOk(); ok {
+			gateway["suspended"] = v
+		}
+	}
+
 	if v, ok := in.GetVpnOk(); ok {
 		vpn := make(map[string]interface{})
 		if v, ok := v.GetWeightOk(); ok {
@@ -2796,7 +2807,7 @@ func resourceAppgateApplianceUpdate(ctx context.Context, d *schema.ResourceData,
 
 	if d.HasChange("gateway") {
 		_, v := d.GetChange("gateway")
-		gw, err := readGatewayFromConfig(v.([]interface{}))
+		gw, err := readGatewayFromConfig(v.([]interface{}), currentVersion)
 		if err != nil {
 			return diag.FromErr(err)
 		}
@@ -3173,13 +3184,18 @@ func readControllerFromConfig(controllers []interface{}) (openapi.ApplianceAllOf
 	return val, nil
 }
 
-func readGatewayFromConfig(gateways []interface{}) (openapi.ApplianceAllOfGateway, error) {
+func readGatewayFromConfig(gateways []interface{}, currentVersion *version.Version) (openapi.ApplianceAllOfGateway, error) {
 	val := openapi.ApplianceAllOfGateway{}
 	for _, ctrl := range gateways {
 		r := ctrl.(map[string]interface{})
 		if v, ok := r["enabled"]; ok {
 			val.SetEnabled(v.(bool))
 		}
+		if currentVersion.GreaterThanOrEqual(Appliance61Version) {
+			if v, ok := r["suspended"]; ok {
+				val.SetSuspended(v.(bool))
+			}
+		}
 		if v := r["vpn"].([]interface{}); len(v) > 0 {
 			vpn := openapi.ApplianceAllOfGatewayVpn{}
 			for _, s := range v {

appgate/resource_appgate_appliance_test.go

@@ -4473,8 +4473,9 @@ func TestAccApplianceBasicGateway6(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "controller.0.enabled", "false"),
 					resource.TestCheckResourceAttr(resourceName, "customization", ""),
 					resource.TestCheckResourceAttr(resourceName, "gateway.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "gateway.0.%", "2"),
+					resource.TestCheckResourceAttr(resourceName, "gateway.0.%", "3"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.enabled", "true"),
+					resource.TestCheckResourceAttr(resourceName, "gateway.0.suspended", "false"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.0.%", "3"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.0.allow_destinations.#", "1"),
@@ -4640,7 +4641,7 @@ func TestAccApplianceBasicGateway6(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "controller.0.enabled", "false"),
 					resource.TestCheckResourceAttr(resourceName, "customization", ""),
 					resource.TestCheckResourceAttr(resourceName, "gateway.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "gateway.0.%", "2"),
+					resource.TestCheckResourceAttr(resourceName, "gateway.0.%", "3"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.enabled", "true"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.0.%", "3"),
@@ -5206,6 +5207,8 @@ func TestAccAppliance61(t *testing.T) {
 
 					resource.TestCheckResourceAttr(resourceName, "gateway.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "gateway.0.enabled", "true"),
+					resource.TestCheckResourceAttr(resourceName, "gateway.0.suspended", "false"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.0.allow_destinations.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.0.allow_destinations.0.address", "0.0.0.0"),
 					resource.TestCheckResourceAttr(resourceName, "gateway.0.vpn.0.allow_destinations.0.netmask", "0"),
@@ -5277,6 +5280,7 @@ resource "appgatesdp_appliance" "appliancev61" {
 	}
 	gateway {
 		enabled = true
+		suspended = false
 		vpn {
 			weight = 100
 			allow_destinations {

website/docs/r/admin_mfa_settings.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Update Admin MFA settings.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/administrative_role.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Administrative Role.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/appliance.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new inactive Appliance.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 
@@ -484,6 +484,7 @@ Controller settings.
 Gateway settings.
 
 * `enabled`:  (Optional)  default value `false` Whether the Gateway is enabled on this appliance or not.
+* `suspended`: (Optional) default value `false` Whether the Gateway is in suspended mode or not. Suspended state will keep the existing Client connections but will reject new ones.
 * `vpn`:  (Optional) VPN configuration.
 #### vpn
 VPN configuration.

website/docs/r/appliance_customization.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Appliance Customization.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/blacklist_user.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Blacklists a User.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/client_connections.markdown

@@ -12,7 +12,7 @@ Update Client Connection settings.
 
  ~> **NOTE:** This resource has been replaced by [appgatesdp_client_profile](../r/client_profile.markdown)
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/condition.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Condition.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/connector_identity_provider.markdown

@@ -10,7 +10,7 @@ description: |-
 
 ~> **NOTE:** Connector Identity Provider is a builtin default singleton resource, that cannot be deleted. But we can modify the existing one, import the default state from the collective with terraform import.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/criteria_script.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Criteria Script.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/device_script.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Device Claim Script.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/entitlement.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Entitlement.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/entitlement_script.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Entitlement Script.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/global_settings.markdown

@@ -13,7 +13,7 @@ Update all Global Settings.
 ~> **NOTE:**  Global settings are a singleton resource to allow us to update global settings for the collective.
 
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/ip_pool.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new IP Pool.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/ldap_certificate_identity_provider.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Identity Provider.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/ldap_identity_provider.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Identity Provider.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/license.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Upload a new License.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/local_database_identity_provider.markdown

@@ -11,7 +11,7 @@ description: |-
 ~> **NOTE:** Local database Identity Provider is a builtin default singleton resource, that cannot be deleted. But we can modify the existing one, import the default state from the collective with terraform import.
 
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/local_user.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Local User.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/mfa_provider.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new MFA Provider.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/oidc_identity_provider.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Identity Provider.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/radius_identity_provider.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Identity Provider.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/ringfence_rule.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Ringfence Rule.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/saml_identity_provider.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Identity Provider.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.
 
 

website/docs/r/site.markdown

@@ -157,9 +157,10 @@ List of IP Pool mappings for this specific Site. When IPs are allocated this Sit
 
 ### default_gateway
 Default Gateway configuration.
-* `enabled_v4`:  (Optional)  default value `false` When enabled, the Client uses this Site as the Default Default for all IPV4 traffic.
-* `enabled_v6`:  (Optional)  default value `false` When enabled, the Client uses this Site as the Default Default for all IPv6 traffic.
+* `enabled_v4`:  (Required - See Note below) default value `false` When enabled, the Client uses this Site as the Default for all IPV4 traffic. At least one of enabled_v4 or enabled_v6b 
+* `enabled_v6`:  (Required - See Note below) default value `false` When enabled, the Client uses this Site as the Default for all IPv6 traffic.
 * `excluded_subnets`:  (Optional) Network subnets to exclude when Default Gateway is enabled. The traffic for these subnets will not go through the Gateway in this Site. Deprecated as of 6.0. Use action type 'exclude' in Entitlements instead.
+> Note: At least one of `enabled_v4` or `enabled_v6` must be set
 
 ### vpn
 VPN configuration for this Site.

website/docs/r/trusted_certificate.markdown

@@ -10,7 +10,7 @@ description: |-
 
 Create a new Trusted Certificate.
 
-~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.0.0
+~> **NOTE:**  The resource documentation is based on the latest available appgate sdp appliance version, which currently is 6.2
 Some attributes may not be available if you are running an older version, if you try to use an attribute block that is not permitted in your current version, you will be prompted by an error message.