Docs
PackagesAviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix
aviatrix.AviatrixMicrosegPolicyList
Explore with Pulumi AI
!> WARNING aviatrix_microseg_policy_list is part of the Micro-segmentation private preview feature for R2.22.0. If you wish to enable a private preview mode feature, please contact your sales representative or Aviatrix Support.
The aviatrix_microseg_policy_list resource handles the creation and management of Micro-segmentation Policies. Available as of Provider R2.22.0+.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Aviatrix = Pulumi.Aviatrix;
return await Deployment.RunAsync(() =>
{
// Create an Aviatrix Microseg Policy
var test = new Aviatrix.AviatrixMicrosegPolicyList("test", new()
{
Policies = new[]
{
new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyArgs
{
Action = "DENY",
DstAppDomains = new[]
{
"82e50c85-82bf-4b3b-b9da-aaed34a3aa53",
},
Logging = false,
Name = "microseg-policy-1",
Priority = 1,
Protocol = "ICMP",
SrcAppDomains = new[]
{
"f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30",
},
Watch = false,
},
new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyArgs
{
Action = "PERMIT",
DstAppDomains = new[]
{
"f05b0ad7-d2d7-4d16-b2f6-48492319414c",
},
Name = "microseg-policy",
PortRanges = new[]
{
new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyPortRangeArgs
{
Hi = 50000,
Lo = 49000,
},
},
Priority = 0,
Protocol = "TCP",
SrcAppDomains = new[]
{
"7e7d1573-7a7a-4a53-bcb5-1ad5041961e0",
},
},
},
});
});
package main
import (
"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := aviatrix.NewAviatrixMicrosegPolicyList(ctx, "test", &aviatrix.AviatrixMicrosegPolicyListArgs{
Policies: AviatrixMicrosegPolicyListPolicyArray{
&AviatrixMicrosegPolicyListPolicyArgs{
Action: pulumi.String("DENY"),
DstAppDomains: pulumi.StringArray{
pulumi.String("82e50c85-82bf-4b3b-b9da-aaed34a3aa53"),
},
Logging: pulumi.Bool(false),
Name: pulumi.String("microseg-policy-1"),
Priority: pulumi.Int(1),
Protocol: pulumi.String("ICMP"),
SrcAppDomains: pulumi.StringArray{
pulumi.String("f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"),
},
Watch: pulumi.Bool(false),
},
&AviatrixMicrosegPolicyListPolicyArgs{
Action: pulumi.String("PERMIT"),
DstAppDomains: pulumi.StringArray{
pulumi.String("f05b0ad7-d2d7-4d16-b2f6-48492319414c"),
},
Name: pulumi.String("microseg-policy"),
PortRanges: AviatrixMicrosegPolicyListPolicyPortRangeArray{
&AviatrixMicrosegPolicyListPolicyPortRangeArgs{
Hi: pulumi.Int(50000),
Lo: pulumi.Int(49000),
},
},
Priority: pulumi.Int(0),
Protocol: pulumi.String("TCP"),
SrcAppDomains: pulumi.StringArray{
pulumi.String("7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aviatrix.AviatrixMicrosegPolicyList;
import com.pulumi.aviatrix.AviatrixMicrosegPolicyListArgs;
import com.pulumi.aviatrix.inputs.AviatrixMicrosegPolicyListPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new AviatrixMicrosegPolicyList("test", AviatrixMicrosegPolicyListArgs.builder()
.policies(
AviatrixMicrosegPolicyListPolicyArgs.builder()
.action("DENY")
.dstAppDomains("82e50c85-82bf-4b3b-b9da-aaed34a3aa53")
.logging(false)
.name("microseg-policy-1")
.priority(1)
.protocol("ICMP")
.srcAppDomains("f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30")
.watch(false)
.build(),
AviatrixMicrosegPolicyListPolicyArgs.builder()
.action("PERMIT")
.dstAppDomains("f05b0ad7-d2d7-4d16-b2f6-48492319414c")
.name("microseg-policy")
.portRanges(AviatrixMicrosegPolicyListPolicyPortRangeArgs.builder()
.hi(50000)
.lo(49000)
.build())
.priority(0)
.protocol("TCP")
.srcAppDomains("7e7d1573-7a7a-4a53-bcb5-1ad5041961e0")
.build())
.build());
}
}
import pulumi
import pulumi_aviatrix as aviatrix
# Create an Aviatrix Microseg Policy
test = aviatrix.AviatrixMicrosegPolicyList("test", policies=[
aviatrix.AviatrixMicrosegPolicyListPolicyArgs(
action="DENY",
dst_app_domains=["82e50c85-82bf-4b3b-b9da-aaed34a3aa53"],
logging=False,
name="microseg-policy-1",
priority=1,
protocol="ICMP",
src_app_domains=["f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"],
watch=False,
),
aviatrix.AviatrixMicrosegPolicyListPolicyArgs(
action="PERMIT",
dst_app_domains=["f05b0ad7-d2d7-4d16-b2f6-48492319414c"],
name="microseg-policy",
port_ranges=[aviatrix.AviatrixMicrosegPolicyListPolicyPortRangeArgs(
hi=50000,
lo=49000,
)],
priority=0,
protocol="TCP",
src_app_domains=["7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"],
),
])
import * as pulumi from "@pulumi/pulumi";
import * as aviatrix from "@pulumi/aviatrix";
// Create an Aviatrix Microseg Policy
const test = new aviatrix.AviatrixMicrosegPolicyList("test", {
policies: [
{
action: "DENY",
dstAppDomains: ["82e50c85-82bf-4b3b-b9da-aaed34a3aa53"],
logging: false,
name: "microseg-policy-1",
priority: 1,
protocol: "ICMP",
srcAppDomains: ["f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"],
watch: false,
},
{
action: "PERMIT",
dstAppDomains: ["f05b0ad7-d2d7-4d16-b2f6-48492319414c"],
name: "microseg-policy",
portRanges: [{
hi: 50000,
lo: 49000,
}],
priority: 0,
protocol: "TCP",
srcAppDomains: ["7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"],
},
],
});
resources:
# Create an Aviatrix Microseg Policy
test:
type: aviatrix:AviatrixMicrosegPolicyList
properties:
policies:
- action: DENY
dstAppDomains:
- 82e50c85-82bf-4b3b-b9da-aaed34a3aa53
logging: false
name: microseg-policy-1
priority: 1
protocol: ICMP
srcAppDomains:
- f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30
watch: false
- action: PERMIT
dstAppDomains:
- f05b0ad7-d2d7-4d16-b2f6-48492319414c
name: microseg-policy
portRanges:
- hi: 50000
lo: 49000
priority: 0
protocol: TCP
srcAppDomains:
- 7e7d1573-7a7a-4a53-bcb5-1ad5041961e0
Create AviatrixMicrosegPolicyList Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AviatrixMicrosegPolicyList(name: string, args: AviatrixMicrosegPolicyListArgs, opts?: CustomResourceOptions);@overload
def AviatrixMicrosegPolicyList(resource_name: str,
args: AviatrixMicrosegPolicyListArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AviatrixMicrosegPolicyList(resource_name: str,
opts: Optional[ResourceOptions] = None,
policies: Optional[Sequence[AviatrixMicrosegPolicyListPolicyArgs]] = None)func NewAviatrixMicrosegPolicyList(ctx *Context, name string, args AviatrixMicrosegPolicyListArgs, opts ...ResourceOption) (*AviatrixMicrosegPolicyList, error)public AviatrixMicrosegPolicyList(string name, AviatrixMicrosegPolicyListArgs args, CustomResourceOptions? opts = null)
public AviatrixMicrosegPolicyList(String name, AviatrixMicrosegPolicyListArgs args)
public AviatrixMicrosegPolicyList(String name, AviatrixMicrosegPolicyListArgs args, CustomResourceOptions options)
type: aviatrix:AviatrixMicrosegPolicyList
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AviatrixMicrosegPolicyListArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AviatrixMicrosegPolicyListArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AviatrixMicrosegPolicyListArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AviatrixMicrosegPolicyListArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AviatrixMicrosegPolicyListArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var aviatrixMicrosegPolicyListResource = new Aviatrix.AviatrixMicrosegPolicyList("aviatrixMicrosegPolicyListResource", new()
{
Policies = new[]
{
new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyArgs
{
Action = "string",
DstAppDomains = new[]
{
"string",
},
Name = "string",
Protocol = "string",
SrcAppDomains = new[]
{
"string",
},
Logging = false,
PortRanges = new[]
{
new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyPortRangeArgs
{
Lo = 0,
Hi = 0,
},
},
Priority = 0,
Uuid = "string",
Watch = false,
},
},
});
example, err := aviatrix.NewAviatrixMicrosegPolicyList(ctx, "aviatrixMicrosegPolicyListResource", &aviatrix.AviatrixMicrosegPolicyListArgs{
Policies: aviatrix.AviatrixMicrosegPolicyListPolicyArray{
&aviatrix.AviatrixMicrosegPolicyListPolicyArgs{
Action: pulumi.String("string"),
DstAppDomains: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
Protocol: pulumi.String("string"),
SrcAppDomains: pulumi.StringArray{
pulumi.String("string"),
},
Logging: pulumi.Bool(false),
PortRanges: aviatrix.AviatrixMicrosegPolicyListPolicyPortRangeArray{
&aviatrix.AviatrixMicrosegPolicyListPolicyPortRangeArgs{
Lo: pulumi.Int(0),
Hi: pulumi.Int(0),
},
},
Priority: pulumi.Int(0),
Uuid: pulumi.String("string"),
Watch: pulumi.Bool(false),
},
},
})
var aviatrixMicrosegPolicyListResource = new AviatrixMicrosegPolicyList("aviatrixMicrosegPolicyListResource", AviatrixMicrosegPolicyListArgs.builder()
.policies(AviatrixMicrosegPolicyListPolicyArgs.builder()
.action("string")
.dstAppDomains("string")
.name("string")
.protocol("string")
.srcAppDomains("string")
.logging(false)
.portRanges(AviatrixMicrosegPolicyListPolicyPortRangeArgs.builder()
.lo(0)
.hi(0)
.build())
.priority(0)
.uuid("string")
.watch(false)
.build())
.build());
aviatrix_microseg_policy_list_resource = aviatrix.AviatrixMicrosegPolicyList("aviatrixMicrosegPolicyListResource", policies=[aviatrix.AviatrixMicrosegPolicyListPolicyArgs(
action="string",
dst_app_domains=["string"],
name="string",
protocol="string",
src_app_domains=["string"],
logging=False,
port_ranges=[aviatrix.AviatrixMicrosegPolicyListPolicyPortRangeArgs(
lo=0,
hi=0,
)],
priority=0,
uuid="string",
watch=False,
)])
const aviatrixMicrosegPolicyListResource = new aviatrix.AviatrixMicrosegPolicyList("aviatrixMicrosegPolicyListResource", {policies: [{
action: "string",
dstAppDomains: ["string"],
name: "string",
protocol: "string",
srcAppDomains: ["string"],
logging: false,
portRanges: [{
lo: 0,
hi: 0,
}],
priority: 0,
uuid: "string",
watch: false,
}]});
type: aviatrix:AviatrixMicrosegPolicyList
properties:
policies:
- action: string
dstAppDomains:
- string
logging: false
name: string
portRanges:
- hi: 0
lo: 0
priority: 0
protocol: string
srcAppDomains:
- string
uuid: string
watch: false
AviatrixMicrosegPolicyList Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AviatrixMicrosegPolicyList resource accepts the following input properties:
- Policies
List<Aviatrix
Microseg Policy List Policy> - List of policies.
- Policies
[]Aviatrix
Microseg Policy List Policy Args - List of policies.
- policies
List<Aviatrix
Microseg Policy List Policy> - List of policies.
- policies
Aviatrix
Microseg Policy List Policy[] - List of policies.
- policies
Sequence[Aviatrix
Microseg Policy List Policy Args] - List of policies.
- policies List<Property Map>
- List of policies.
Outputs
All input properties are implicitly available as output properties. Additionally, the AviatrixMicrosegPolicyList resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AviatrixMicrosegPolicyList Resource
Get an existing AviatrixMicrosegPolicyList resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AviatrixMicrosegPolicyListState, opts?: CustomResourceOptions): AviatrixMicrosegPolicyList@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
policies: Optional[Sequence[AviatrixMicrosegPolicyListPolicyArgs]] = None) -> AviatrixMicrosegPolicyListfunc GetAviatrixMicrosegPolicyList(ctx *Context, name string, id IDInput, state *AviatrixMicrosegPolicyListState, opts ...ResourceOption) (*AviatrixMicrosegPolicyList, error)public static AviatrixMicrosegPolicyList Get(string name, Input<string> id, AviatrixMicrosegPolicyListState? state, CustomResourceOptions? opts = null)public static AviatrixMicrosegPolicyList get(String name, Output<String> id, AviatrixMicrosegPolicyListState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Policies
List<Aviatrix
Microseg Policy List Policy> - List of policies.
- Policies
[]Aviatrix
Microseg Policy List Policy Args - List of policies.
- policies
List<Aviatrix
Microseg Policy List Policy> - List of policies.
- policies
Aviatrix
Microseg Policy List Policy[] - List of policies.
- policies
Sequence[Aviatrix
Microseg Policy List Policy Args] - List of policies.
- policies List<Property Map>
- List of policies.
Supporting Types
AviatrixMicrosegPolicyListPolicy, AviatrixMicrosegPolicyListPolicyArgs
- Action string
- Action for the policy. Must be one of PERMIT or DENY.
- Dst
App List<string>Domains - List of App Domain UUIDs for the destination for the policy.
- Name string
- Name of the policy.
- Protocol string
- Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
- Src
App List<string>Domains - List of App Domain UUIDs for the source for the policy.
- Logging bool
- Whether to enable logging for packets that match the policy. Type: Boolean.
- Port
Ranges List<AviatrixMicroseg Policy List Policy Port Range> - List of port ranges for the policy. Cannot be used when
protocolis "ICMP". - Priority int
- Priority for the policy. Default: 0. Type: Integer.
- Uuid string
- UUID for the Policy.
- Watch bool
- Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
- Action string
- Action for the policy. Must be one of PERMIT or DENY.
- Dst
App []stringDomains - List of App Domain UUIDs for the destination for the policy.
- Name string
- Name of the policy.
- Protocol string
- Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
- Src
App []stringDomains - List of App Domain UUIDs for the source for the policy.
- Logging bool
- Whether to enable logging for packets that match the policy. Type: Boolean.
- Port
Ranges []AviatrixMicroseg Policy List Policy Port Range - List of port ranges for the policy. Cannot be used when
protocolis "ICMP". - Priority int
- Priority for the policy. Default: 0. Type: Integer.
- Uuid string
- UUID for the Policy.
- Watch bool
- Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
- action String
- Action for the policy. Must be one of PERMIT or DENY.
- dst
App List<String>Domains - List of App Domain UUIDs for the destination for the policy.
- name String
- Name of the policy.
- protocol String
- Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
- src
App List<String>Domains - List of App Domain UUIDs for the source for the policy.
- logging Boolean
- Whether to enable logging for packets that match the policy. Type: Boolean.
- port
Ranges List<AviatrixMicroseg Policy List Policy Port Range> - List of port ranges for the policy. Cannot be used when
protocolis "ICMP". - priority Integer
- Priority for the policy. Default: 0. Type: Integer.
- uuid String
- UUID for the Policy.
- watch Boolean
- Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
- action string
- Action for the policy. Must be one of PERMIT or DENY.
- dst
App string[]Domains - List of App Domain UUIDs for the destination for the policy.
- name string
- Name of the policy.
- protocol string
- Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
- src
App string[]Domains - List of App Domain UUIDs for the source for the policy.
- logging boolean
- Whether to enable logging for packets that match the policy. Type: Boolean.
- port
Ranges AviatrixMicroseg Policy List Policy Port Range[] - List of port ranges for the policy. Cannot be used when
protocolis "ICMP". - priority number
- Priority for the policy. Default: 0. Type: Integer.
- uuid string
- UUID for the Policy.
- watch boolean
- Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
- action str
- Action for the policy. Must be one of PERMIT or DENY.
- dst_
app_ Sequence[str]domains - List of App Domain UUIDs for the destination for the policy.
- name str
- Name of the policy.
- protocol str
- Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
- src_
app_ Sequence[str]domains - List of App Domain UUIDs for the source for the policy.
- logging bool
- Whether to enable logging for packets that match the policy. Type: Boolean.
- port_
ranges Sequence[AviatrixMicroseg Policy List Policy Port Range] - List of port ranges for the policy. Cannot be used when
protocolis "ICMP". - priority int
- Priority for the policy. Default: 0. Type: Integer.
- uuid str
- UUID for the Policy.
- watch bool
- Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
- action String
- Action for the policy. Must be one of PERMIT or DENY.
- dst
App List<String>Domains - List of App Domain UUIDs for the destination for the policy.
- name String
- Name of the policy.
- protocol String
- Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
- src
App List<String>Domains - List of App Domain UUIDs for the source for the policy.
- logging Boolean
- Whether to enable logging for packets that match the policy. Type: Boolean.
- port
Ranges List<Property Map> - List of port ranges for the policy. Cannot be used when
protocolis "ICMP". - priority Number
- Priority for the policy. Default: 0. Type: Integer.
- uuid String
- UUID for the Policy.
- watch Boolean
- Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
AviatrixMicrosegPolicyListPolicyPortRange, AviatrixMicrosegPolicyListPolicyPortRangeArgs
Import
aviatrix_microseg_policy_list can be imported using the controller IP, e.g. controller IP is 10.11.12.13
$ pulumi import aviatrix:index/aviatrixMicrosegPolicyList:AviatrixMicrosegPolicyList test 10-11-12-13
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- aviatrix astipkovits/pulumi-aviatrix
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aviatrixTerraform Provider.