Recently I’ve been challenged with managing network domains via TF code. It was never easy from the beginning. Dennis H. module made it much easier but still in case when you have 20-30 network domains and policy around that number it becomes cumbersome.
I’ve decided to rewrite the module and make it first of all “shorter” in syntax to define.
Feel free to contact me if you have any idea to make it better.
Example 1 - strict_mode = true
In strict mode if you want to allow traffic between domainX and domainY you need to list domainX under domainY and vice versa. DomainY needs to be listed under domainX.
Policy between domain1 and domain9 or 7 will not be created as 7,9 don’t have 1 listed
All 9 domains will be created with 7 and 9 not allowed to talk to any other.
Example 2 - strict_mode = false
Here policy will be built if there is just one pair defined.
There will be connection policy between 1-2, 1-3, 1-4, 2-3, 2-4