Docs
Packages
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi
azure-native.network.FirewallPolicy
Explore with Pulumi AI
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi
FirewallPolicy Resource. API Version: 2020-11-01.
Example Usage
Create FirewallPolicy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var firewallPolicy = new AzureNative.Network.FirewallPolicy("firewallPolicy", new()
{
DnsSettings = new AzureNative.Network.Inputs.DnsSettingsArgs
{
EnableProxy = true,
RequireProxyForNetworkRules = false,
Servers = new[]
{
"30.3.4.5",
},
},
FirewallPolicyName = "firewallPolicy",
Insights = new AzureNative.Network.Inputs.FirewallPolicyInsightsArgs
{
IsEnabled = true,
LogAnalyticsResources = new AzureNative.Network.Inputs.FirewallPolicyLogAnalyticsResourcesArgs
{
DefaultWorkspaceId = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace",
},
Workspaces = new[]
{
new AzureNative.Network.Inputs.FirewallPolicyLogAnalyticsWorkspaceArgs
{
Region = "westus",
WorkspaceId = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1",
},
},
new AzureNative.Network.Inputs.FirewallPolicyLogAnalyticsWorkspaceArgs
{
Region = "eastus",
WorkspaceId = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2",
},
},
},
},
RetentionDays = 100,
},
IntrusionDetection = new AzureNative.Network.Inputs.FirewallPolicyIntrusionDetectionArgs
{
Configuration = new AzureNative.Network.Inputs.FirewallPolicyIntrusionDetectionConfigurationArgs
{
BypassTrafficSettings = new[]
{
new AzureNative.Network.Inputs.FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsArgs
{
Description = "Rule 1",
DestinationAddresses = new[]
{
"5.6.7.8",
},
DestinationPorts = new[]
{
"*",
},
Name = "bypassRule1",
Protocol = "TCP",
SourceAddresses = new[]
{
"1.2.3.4",
},
},
},
SignatureOverrides = new[]
{
new AzureNative.Network.Inputs.FirewallPolicyIntrusionDetectionSignatureSpecificationArgs
{
Id = "2525004",
Mode = "Deny",
},
},
},
Mode = "Alert",
},
Location = "West US",
ResourceGroupName = "rg1",
Sku = new AzureNative.Network.Inputs.FirewallPolicySkuArgs
{
Tier = "Premium",
},
Snat = new AzureNative.Network.Inputs.FirewallPolicySNATArgs
{
PrivateRanges = new[]
{
"IANAPrivateRanges",
},
},
Tags =
{
{ "key1", "value1" },
},
ThreatIntelMode = "Alert",
ThreatIntelWhitelist = new AzureNative.Network.Inputs.FirewallPolicyThreatIntelWhitelistArgs
{
Fqdns = new[]
{
"*.microsoft.com",
},
IpAddresses = new[]
{
"20.3.4.5",
},
},
TransportSecurity = new AzureNative.Network.Inputs.FirewallPolicyTransportSecurityArgs
{
CertificateAuthority = new AzureNative.Network.Inputs.FirewallPolicyCertificateAuthorityArgs
{
KeyVaultSecretId = "https://kv/secret",
Name = "clientcert",
},
},
});
});
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.network.FirewallPolicy;
import com.pulumi.azurenative.network.FirewallPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var firewallPolicy = new FirewallPolicy("firewallPolicy", FirewallPolicyArgs.builder()
.dnsSettings(Map.ofEntries(
Map.entry("enableProxy", true),
Map.entry("requireProxyForNetworkRules", false),
Map.entry("servers", "30.3.4.5")
))
.firewallPolicyName("firewallPolicy")
.insights(Map.ofEntries(
Map.entry("isEnabled", true),
Map.entry("logAnalyticsResources", Map.ofEntries(
Map.entry("defaultWorkspaceId", Map.of("id", "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace")),
Map.entry("workspaces",
Map.ofEntries(
Map.entry("region", "westus"),
Map.entry("workspaceId", Map.of("id", "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1"))
),
Map.ofEntries(
Map.entry("region", "eastus"),
Map.entry("workspaceId", Map.of("id", "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2"))
))
)),
Map.entry("retentionDays", 100)
))
.intrusionDetection(Map.ofEntries(
Map.entry("configuration", Map.ofEntries(
Map.entry("bypassTrafficSettings", Map.ofEntries(
Map.entry("description", "Rule 1"),
Map.entry("destinationAddresses", "5.6.7.8"),
Map.entry("destinationPorts", "*"),
Map.entry("name", "bypassRule1"),
Map.entry("protocol", "TCP"),
Map.entry("sourceAddresses", "1.2.3.4")
)),
Map.entry("signatureOverrides", Map.ofEntries(
Map.entry("id", "2525004"),
Map.entry("mode", "Deny")
))
)),
Map.entry("mode", "Alert")
))
.location("West US")
.resourceGroupName("rg1")
.sku(Map.of("tier", "Premium"))
.snat(Map.of("privateRanges", "IANAPrivateRanges"))
.tags(Map.of("key1", "value1"))
.threatIntelMode("Alert")
.threatIntelWhitelist(Map.ofEntries(
Map.entry("fqdns", "*.microsoft.com"),
Map.entry("ipAddresses", "20.3.4.5")
))
.transportSecurity(Map.of("certificateAuthority", Map.ofEntries(
Map.entry("keyVaultSecretId", "https://kv/secret"),
Map.entry("name", "clientcert")
)))
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
firewall_policy = azure_native.network.FirewallPolicy("firewallPolicy",
dns_settings=azure_native.network.DnsSettingsArgs(
enable_proxy=True,
require_proxy_for_network_rules=False,
servers=["30.3.4.5"],
),
firewall_policy_name="firewallPolicy",
insights=azure_native.network.FirewallPolicyInsightsResponseArgs(
is_enabled=True,
log_analytics_resources={
"defaultWorkspaceId": azure_native.network.SubResourceArgs(
id="/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace",
),
"workspaces": [
{
"region": "westus",
"workspaceId": azure_native.network.SubResourceArgs(
id="/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1",
),
},
{
"region": "eastus",
"workspaceId": azure_native.network.SubResourceArgs(
id="/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2",
),
},
],
},
retention_days=100,
),
intrusion_detection=azure_native.network.FirewallPolicyIntrusionDetectionResponseArgs(
configuration={
"bypassTrafficSettings": [azure_native.network.FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsArgs(
description="Rule 1",
destination_addresses=["5.6.7.8"],
destination_ports=["*"],
name="bypassRule1",
protocol="TCP",
source_addresses=["1.2.3.4"],
)],
"signatureOverrides": [azure_native.network.FirewallPolicyIntrusionDetectionSignatureSpecificationArgs(
id="2525004",
mode="Deny",
)],
},
mode="Alert",
),
location="West US",
resource_group_name="rg1",
sku=azure_native.network.FirewallPolicySkuArgs(
tier="Premium",
),
snat=azure_native.network.FirewallPolicySNATArgs(
private_ranges=["IANAPrivateRanges"],
),
tags={
"key1": "value1",
},
threat_intel_mode="Alert",
threat_intel_whitelist=azure_native.network.FirewallPolicyThreatIntelWhitelistArgs(
fqdns=["*.microsoft.com"],
ip_addresses=["20.3.4.5"],
),
transport_security=azure_native.network.FirewallPolicyTransportSecurityResponseArgs(
certificate_authority=azure_native.network.FirewallPolicyCertificateAuthorityArgs(
key_vault_secret_id="https://kv/secret",
name="clientcert",
),
))
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const firewallPolicy = new azure_native.network.FirewallPolicy("firewallPolicy", {
dnsSettings: {
enableProxy: true,
requireProxyForNetworkRules: false,
servers: ["30.3.4.5"],
},
firewallPolicyName: "firewallPolicy",
insights: {
isEnabled: true,
logAnalyticsResources: {
defaultWorkspaceId: {
id: "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace",
},
workspaces: [
{
region: "westus",
workspaceId: {
id: "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1",
},
},
{
region: "eastus",
workspaceId: {
id: "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2",
},
},
],
},
retentionDays: 100,
},
intrusionDetection: {
configuration: {
bypassTrafficSettings: [{
description: "Rule 1",
destinationAddresses: ["5.6.7.8"],
destinationPorts: ["*"],
name: "bypassRule1",
protocol: "TCP",
sourceAddresses: ["1.2.3.4"],
}],
signatureOverrides: [{
id: "2525004",
mode: "Deny",
}],
},
mode: "Alert",
},
location: "West US",
resourceGroupName: "rg1",
sku: {
tier: "Premium",
},
snat: {
privateRanges: ["IANAPrivateRanges"],
},
tags: {
key1: "value1",
},
threatIntelMode: "Alert",
threatIntelWhitelist: {
fqdns: ["*.microsoft.com"],
ipAddresses: ["20.3.4.5"],
},
transportSecurity: {
certificateAuthority: {
keyVaultSecretId: "https://kv/secret",
name: "clientcert",
},
},
});
resources:
firewallPolicy:
type: azure-native:network:FirewallPolicy
properties:
dnsSettings:
enableProxy: true
requireProxyForNetworkRules: false
servers:
- 30.3.4.5
firewallPolicyName: firewallPolicy
insights:
isEnabled: true
logAnalyticsResources:
defaultWorkspaceId:
id: /subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/defaultWorkspace
workspaces:
- region: westus
workspaceId:
id: /subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace1
- region: eastus
workspaceId:
id: /subscriptions/subid/resourcegroups/rg1/providers/microsoft.operationalinsights/workspaces/workspace2
retentionDays: 100
intrusionDetection:
configuration:
bypassTrafficSettings:
- description: Rule 1
destinationAddresses:
- 5.6.7.8
destinationPorts:
- '*'
name: bypassRule1
protocol: TCP
sourceAddresses:
- 1.2.3.4
signatureOverrides:
- id: '2525004'
mode: Deny
mode: Alert
location: West US
resourceGroupName: rg1
sku:
tier: Premium
snat:
privateRanges:
- IANAPrivateRanges
tags:
key1: value1
threatIntelMode: Alert
threatIntelWhitelist:
fqdns:
- '*.microsoft.com'
ipAddresses:
- 20.3.4.5
transportSecurity:
certificateAuthority:
keyVaultSecretId: https://kv/secret
name: clientcert
Create FirewallPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new FirewallPolicy(name: string, args: FirewallPolicyArgs, opts?: CustomResourceOptions);@overload
def FirewallPolicy(resource_name: str,
args: FirewallPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def FirewallPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_group_name: Optional[str] = None,
intrusion_detection: Optional[FirewallPolicyIntrusionDetectionArgs] = None,
dns_settings: Optional[DnsSettingsArgs] = None,
id: Optional[str] = None,
identity: Optional[ManagedServiceIdentityArgs] = None,
insights: Optional[FirewallPolicyInsightsArgs] = None,
base_policy: Optional[SubResourceArgs] = None,
location: Optional[str] = None,
firewall_policy_name: Optional[str] = None,
sku: Optional[FirewallPolicySkuArgs] = None,
snat: Optional[FirewallPolicySNATArgs] = None,
tags: Optional[Mapping[str, str]] = None,
threat_intel_mode: Optional[Union[str, AzureFirewallThreatIntelMode]] = None,
threat_intel_whitelist: Optional[FirewallPolicyThreatIntelWhitelistArgs] = None,
transport_security: Optional[FirewallPolicyTransportSecurityArgs] = None)func NewFirewallPolicy(ctx *Context, name string, args FirewallPolicyArgs, opts ...ResourceOption) (*FirewallPolicy, error)public FirewallPolicy(string name, FirewallPolicyArgs args, CustomResourceOptions? opts = null)
public FirewallPolicy(String name, FirewallPolicyArgs args)
public FirewallPolicy(String name, FirewallPolicyArgs args, CustomResourceOptions options)
type: azure-native:network:FirewallPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FirewallPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FirewallPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FirewallPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FirewallPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var firewallPolicyResource = new AzureNative.Network.FirewallPolicy("firewallPolicyResource", new()
{
ResourceGroupName = "string",
IntrusionDetection =
{
{ "configuration",
{
{ "bypassTrafficSettings", new[]
{
{
{ "description", "string" },
{ "destinationAddresses", new[]
{
"string",
} },
{ "destinationIpGroups", new[]
{
"string",
} },
{ "destinationPorts", new[]
{
"string",
} },
{ "name", "string" },
{ "protocol", "string" },
{ "sourceAddresses", new[]
{
"string",
} },
{ "sourceIpGroups", new[]
{
"string",
} },
},
} },
{ "signatureOverrides", new[]
{
{
{ "id", "string" },
{ "mode", "string" },
},
} },
} },
{ "mode", "string" },
},
DnsSettings =
{
{ "enableProxy", false },
{ "requireProxyForNetworkRules", false },
{ "servers", new[]
{
"string",
} },
},
Id = "string",
Identity =
{
{ "type", "SystemAssigned" },
{ "userAssignedIdentities",
{
{ "string", "any" },
} },
},
Insights =
{
{ "isEnabled", false },
{ "logAnalyticsResources",
{
{ "defaultWorkspaceId",
{
{ "id", "string" },
} },
{ "workspaces", new[]
{
{
{ "region", "string" },
{ "workspaceId",
{
{ "id", "string" },
} },
},
} },
} },
{ "retentionDays", 0 },
},
BasePolicy =
{
{ "id", "string" },
},
Location = "string",
FirewallPolicyName = "string",
Sku =
{
{ "tier", "string" },
},
Snat =
{
{ "privateRanges", new[]
{
"string",
} },
},
Tags =
{
{ "string", "string" },
},
ThreatIntelMode = "string",
ThreatIntelWhitelist =
{
{ "fqdns", new[]
{
"string",
} },
{ "ipAddresses", new[]
{
"string",
} },
},
TransportSecurity =
{
{ "certificateAuthority",
{
{ "keyVaultSecretId", "string" },
{ "name", "string" },
} },
},
});
example, err := network.NewFirewallPolicy(ctx, "firewallPolicyResource", &network.FirewallPolicyArgs{
ResourceGroupName: "string",
IntrusionDetection: map[string]interface{}{
"configuration": map[string]interface{}{
"bypassTrafficSettings": []map[string]interface{}{
map[string]interface{}{
"description": "string",
"destinationAddresses": []string{
"string",
},
"destinationIpGroups": []string{
"string",
},
"destinationPorts": []string{
"string",
},
"name": "string",
"protocol": "string",
"sourceAddresses": []string{
"string",
},
"sourceIpGroups": []string{
"string",
},
},
},
"signatureOverrides": []map[string]interface{}{
map[string]interface{}{
"id": "string",
"mode": "string",
},
},
},
"mode": "string",
},
DnsSettings: map[string]interface{}{
"enableProxy": false,
"requireProxyForNetworkRules": false,
"servers": []string{
"string",
},
},
Id: "string",
Identity: map[string]interface{}{
"type": "SystemAssigned",
"userAssignedIdentities": map[string]interface{}{
"string": "any",
},
},
Insights: map[string]interface{}{
"isEnabled": false,
"logAnalyticsResources": map[string]interface{}{
"defaultWorkspaceId": map[string]interface{}{
"id": "string",
},
"workspaces": []map[string]interface{}{
map[string]interface{}{
"region": "string",
"workspaceId": map[string]interface{}{
"id": "string",
},
},
},
},
"retentionDays": 0,
},
BasePolicy: map[string]interface{}{
"id": "string",
},
Location: "string",
FirewallPolicyName: "string",
Sku: map[string]interface{}{
"tier": "string",
},
Snat: map[string]interface{}{
"privateRanges": []string{
"string",
},
},
Tags: map[string]interface{}{
"string": "string",
},
ThreatIntelMode: "string",
ThreatIntelWhitelist: map[string]interface{}{
"fqdns": []string{
"string",
},
"ipAddresses": []string{
"string",
},
},
TransportSecurity: map[string]interface{}{
"certificateAuthority": map[string]interface{}{
"keyVaultSecretId": "string",
"name": "string",
},
},
})
var firewallPolicyResource = new FirewallPolicy("firewallPolicyResource", FirewallPolicyArgs.builder()
.resourceGroupName("string")
.intrusionDetection(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.dnsSettings(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.id("string")
.identity(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.insights(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.basePolicy(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.location("string")
.firewallPolicyName("string")
.sku(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.snat(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.tags(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.threatIntelMode("string")
.threatIntelWhitelist(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.transportSecurity(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build());
firewall_policy_resource = azure_native.network.FirewallPolicy("firewallPolicyResource",
resource_group_name=string,
intrusion_detection={
configuration: {
bypassTrafficSettings: [{
description: string,
destinationAddresses: [string],
destinationIpGroups: [string],
destinationPorts: [string],
name: string,
protocol: string,
sourceAddresses: [string],
sourceIpGroups: [string],
}],
signatureOverrides: [{
id: string,
mode: string,
}],
},
mode: string,
},
dns_settings={
enableProxy: False,
requireProxyForNetworkRules: False,
servers: [string],
},
id=string,
identity={
type: SystemAssigned,
userAssignedIdentities: {
string: any,
},
},
insights={
isEnabled: False,
logAnalyticsResources: {
defaultWorkspaceId: {
id: string,
},
workspaces: [{
region: string,
workspaceId: {
id: string,
},
}],
},
retentionDays: 0,
},
base_policy={
id: string,
},
location=string,
firewall_policy_name=string,
sku={
tier: string,
},
snat={
privateRanges: [string],
},
tags={
string: string,
},
threat_intel_mode=string,
threat_intel_whitelist={
fqdns: [string],
ipAddresses: [string],
},
transport_security={
certificateAuthority: {
keyVaultSecretId: string,
name: string,
},
})
const firewallPolicyResource = new azure_native.network.FirewallPolicy("firewallPolicyResource", {
resourceGroupName: "string",
intrusionDetection: {
configuration: {
bypassTrafficSettings: [{
description: "string",
destinationAddresses: ["string"],
destinationIpGroups: ["string"],
destinationPorts: ["string"],
name: "string",
protocol: "string",
sourceAddresses: ["string"],
sourceIpGroups: ["string"],
}],
signatureOverrides: [{
id: "string",
mode: "string",
}],
},
mode: "string",
},
dnsSettings: {
enableProxy: false,
requireProxyForNetworkRules: false,
servers: ["string"],
},
id: "string",
identity: {
type: "SystemAssigned",
userAssignedIdentities: {
string: "any",
},
},
insights: {
isEnabled: false,
logAnalyticsResources: {
defaultWorkspaceId: {
id: "string",
},
workspaces: [{
region: "string",
workspaceId: {
id: "string",
},
}],
},
retentionDays: 0,
},
basePolicy: {
id: "string",
},
location: "string",
firewallPolicyName: "string",
sku: {
tier: "string",
},
snat: {
privateRanges: ["string"],
},
tags: {
string: "string",
},
threatIntelMode: "string",
threatIntelWhitelist: {
fqdns: ["string"],
ipAddresses: ["string"],
},
transportSecurity: {
certificateAuthority: {
keyVaultSecretId: "string",
name: "string",
},
},
});
type: azure-native:network:FirewallPolicy
properties:
basePolicy:
id: string
dnsSettings:
enableProxy: false
requireProxyForNetworkRules: false
servers:
- string
firewallPolicyName: string
id: string
identity:
type: SystemAssigned
userAssignedIdentities:
string: any
insights:
isEnabled: false
logAnalyticsResources:
defaultWorkspaceId:
id: string
workspaces:
- region: string
workspaceId:
id: string
retentionDays: 0
intrusionDetection:
configuration:
bypassTrafficSettings:
- description: string
destinationAddresses:
- string
destinationIpGroups:
- string
destinationPorts:
- string
name: string
protocol: string
sourceAddresses:
- string
sourceIpGroups:
- string
signatureOverrides:
- id: string
mode: string
mode: string
location: string
resourceGroupName: string
sku:
tier: string
snat:
privateRanges:
- string
tags:
string: string
threatIntelMode: string
threatIntelWhitelist:
fqdns:
- string
ipAddresses:
- string
transportSecurity:
certificateAuthority:
keyVaultSecretId: string
name: string
FirewallPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The FirewallPolicy resource accepts the following input properties:
- Resource
Group stringName - The name of the resource group.
- Base
Policy Pulumi.Azure Native. Network. Inputs. Sub Resource - The parent firewall policy from which rules are inherited.
- Dns
Settings Pulumi.Azure Native. Network. Inputs. Dns Settings - DNS Proxy Settings definition.
- Firewall
Policy stringName - The name of the Firewall Policy.
- Id string
- Resource ID.
- Identity
Pulumi.
Azure Native. Network. Inputs. Managed Service Identity - The identity of the firewall policy.
- Insights
Pulumi.
Azure Native. Network. Inputs. Firewall Policy Insights - Insights on Firewall Policy.
- Intrusion
Detection Pulumi.Azure Native. Network. Inputs. Firewall Policy Intrusion Detection - The configuration for Intrusion detection.
- Location string
- Resource location.
- Sku
Pulumi.
Azure Native. Network. Inputs. Firewall Policy Sku - The Firewall Policy SKU.
- Snat
Pulumi.
Azure Native. Network. Inputs. Firewall Policy SNAT - The private IP addresses/IP ranges to which traffic will not be SNAT.
- Dictionary<string, string>
- Resource tags.
- Threat
Intel string | Pulumi.Mode Azure Native. Network. Azure Firewall Threat Intel Mode - The operation mode for Threat Intelligence.
- Threat
Intel Pulumi.Whitelist Azure Native. Network. Inputs. Firewall Policy Threat Intel Whitelist - ThreatIntel Whitelist for Firewall Policy.
- Transport
Security Pulumi.Azure Native. Network. Inputs. Firewall Policy Transport Security - TLS Configuration definition.
- Resource
Group stringName - The name of the resource group.
- Base
Policy SubResource Args - The parent firewall policy from which rules are inherited.
- Dns
Settings DnsSettings Args - DNS Proxy Settings definition.
- Firewall
Policy stringName - The name of the Firewall Policy.
- Id string
- Resource ID.
- Identity
Managed
Service Identity Args - The identity of the firewall policy.
- Insights
Firewall
Policy Insights Args - Insights on Firewall Policy.
- Intrusion
Detection FirewallPolicy Intrusion Detection Args - The configuration for Intrusion detection.
- Location string
- Resource location.
- Sku
Firewall
Policy Sku Args - The Firewall Policy SKU.
- Snat
Firewall
Policy SNATArgs - The private IP addresses/IP ranges to which traffic will not be SNAT.
- map[string]string
- Resource tags.
- Threat
Intel string | AzureMode Firewall Threat Intel Mode - The operation mode for Threat Intelligence.
- Threat
Intel FirewallWhitelist Policy Threat Intel Whitelist Args - ThreatIntel Whitelist for Firewall Policy.
- Transport
Security FirewallPolicy Transport Security Args - TLS Configuration definition.
- resource
Group StringName - The name of the resource group.
- base
Policy SubResource - The parent firewall policy from which rules are inherited.
- dns
Settings DnsSettings - DNS Proxy Settings definition.
- firewall
Policy StringName - The name of the Firewall Policy.
- id String
- Resource ID.
- identity
Managed
Service Identity - The identity of the firewall policy.
- insights
Firewall
Policy Insights - Insights on Firewall Policy.
- intrusion
Detection FirewallPolicy Intrusion Detection - The configuration for Intrusion detection.
- location String
- Resource location.
- sku
Firewall
Policy Sku - The Firewall Policy SKU.
- snat
Firewall
Policy SNAT - The private IP addresses/IP ranges to which traffic will not be SNAT.
- Map<String,String>
- Resource tags.
- threat
Intel String | AzureMode Firewall Threat Intel Mode - The operation mode for Threat Intelligence.
- threat
Intel FirewallWhitelist Policy Threat Intel Whitelist - ThreatIntel Whitelist for Firewall Policy.
- transport
Security FirewallPolicy Transport Security - TLS Configuration definition.
- resource
Group stringName - The name of the resource group.
- base
Policy SubResource - The parent firewall policy from which rules are inherited.
- dns
Settings DnsSettings - DNS Proxy Settings definition.
- firewall
Policy stringName - The name of the Firewall Policy.
- id string
- Resource ID.
- identity
Managed
Service Identity - The identity of the firewall policy.
- insights
Firewall
Policy Insights - Insights on Firewall Policy.
- intrusion
Detection FirewallPolicy Intrusion Detection - The configuration for Intrusion detection.
- location string
- Resource location.
- sku
Firewall
Policy Sku - The Firewall Policy SKU.
- snat
Firewall
Policy SNAT - The private IP addresses/IP ranges to which traffic will not be SNAT.
- {[key: string]: string}
- Resource tags.
- threat
Intel string | AzureMode Firewall Threat Intel Mode - The operation mode for Threat Intelligence.
- threat
Intel FirewallWhitelist Policy Threat Intel Whitelist - ThreatIntel Whitelist for Firewall Policy.
- transport
Security FirewallPolicy Transport Security - TLS Configuration definition.
- resource_
group_ strname - The name of the resource group.
- base_
policy SubResource Args - The parent firewall policy from which rules are inherited.
- dns_
settings DnsSettings Args - DNS Proxy Settings definition.
- firewall_
policy_ strname - The name of the Firewall Policy.
- id str
- Resource ID.
- identity
Managed
Service Identity Args - The identity of the firewall policy.
- insights
Firewall
Policy Insights Args - Insights on Firewall Policy.
- intrusion_
detection FirewallPolicy Intrusion Detection Args - The configuration for Intrusion detection.
- location str
- Resource location.
- sku
Firewall
Policy Sku Args - The Firewall Policy SKU.
- snat
Firewall
Policy SNATArgs - The private IP addresses/IP ranges to which traffic will not be SNAT.
- Mapping[str, str]
- Resource tags.
- threat_
intel_ str | Azuremode Firewall Threat Intel Mode - The operation mode for Threat Intelligence.
- threat_
intel_ Firewallwhitelist Policy Threat Intel Whitelist Args - ThreatIntel Whitelist for Firewall Policy.
- transport_
security FirewallPolicy Transport Security Args - TLS Configuration definition.
- resource
Group StringName - The name of the resource group.
- base
Policy Property Map - The parent firewall policy from which rules are inherited.
- dns
Settings Property Map - DNS Proxy Settings definition.
- firewall
Policy StringName - The name of the Firewall Policy.
- id String
- Resource ID.
- identity Property Map
- The identity of the firewall policy.
- insights Property Map
- Insights on Firewall Policy.
- intrusion
Detection Property Map - The configuration for Intrusion detection.
- location String
- Resource location.
- sku Property Map
- The Firewall Policy SKU.
- snat Property Map
- The private IP addresses/IP ranges to which traffic will not be SNAT.
- Map<String>
- Resource tags.
- threat
Intel String | "Alert" | "Deny" | "Off"Mode - The operation mode for Threat Intelligence.
- threat
Intel Property MapWhitelist - ThreatIntel Whitelist for Firewall Policy.
- transport
Security Property Map - TLS Configuration definition.
Outputs
All input properties are implicitly available as output properties. Additionally, the FirewallPolicy resource produces the following output properties:
- Child
Policies List<Pulumi.Azure Native. Network. Outputs. Sub Resource Response> - List of references to Child Firewall Policies.
- Etag string
- A unique read-only string that changes whenever the resource is updated.
- Firewalls
List<Pulumi.
Azure Native. Network. Outputs. Sub Resource Response> - List of references to Azure Firewalls that this Firewall Policy is associated with.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Resource name.
- Provisioning
State string - The provisioning state of the firewall policy resource.
- Rule
Collection List<Pulumi.Groups Azure Native. Network. Outputs. Sub Resource Response> - List of references to FirewallPolicyRuleCollectionGroups.
- Type string
- Resource type.
- Child
Policies []SubResource Response - List of references to Child Firewall Policies.
- Etag string
- A unique read-only string that changes whenever the resource is updated.
- Firewalls
[]Sub
Resource Response - List of references to Azure Firewalls that this Firewall Policy is associated with.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Resource name.
- Provisioning
State string - The provisioning state of the firewall policy resource.
- Rule
Collection []SubGroups Resource Response - List of references to FirewallPolicyRuleCollectionGroups.
- Type string
- Resource type.
- child
Policies List<SubResource Response> - List of references to Child Firewall Policies.
- etag String
- A unique read-only string that changes whenever the resource is updated.
- firewalls
List<Sub
Resource Response> - List of references to Azure Firewalls that this Firewall Policy is associated with.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Resource name.
- provisioning
State String - The provisioning state of the firewall policy resource.
- rule
Collection List<SubGroups Resource Response> - List of references to FirewallPolicyRuleCollectionGroups.
- type String
- Resource type.
- child
Policies SubResource Response[] - List of references to Child Firewall Policies.
- etag string
- A unique read-only string that changes whenever the resource is updated.
- firewalls
Sub
Resource Response[] - List of references to Azure Firewalls that this Firewall Policy is associated with.
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- Resource name.
- provisioning
State string - The provisioning state of the firewall policy resource.
- rule
Collection SubGroups Resource Response[] - List of references to FirewallPolicyRuleCollectionGroups.
- type string
- Resource type.
- child_
policies Sequence[SubResource Response] - List of references to Child Firewall Policies.
- etag str
- A unique read-only string that changes whenever the resource is updated.
- firewalls
Sequence[Sub
Resource Response] - List of references to Azure Firewalls that this Firewall Policy is associated with.
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- Resource name.
- provisioning_
state str - The provisioning state of the firewall policy resource.
- rule_
collection_ Sequence[Subgroups Resource Response] - List of references to FirewallPolicyRuleCollectionGroups.
- type str
- Resource type.
- child
Policies List<Property Map> - List of references to Child Firewall Policies.
- etag String
- A unique read-only string that changes whenever the resource is updated.
- firewalls List<Property Map>
- List of references to Azure Firewalls that this Firewall Policy is associated with.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Resource name.
- provisioning
State String - The provisioning state of the firewall policy resource.
- rule
Collection List<Property Map>Groups - List of references to FirewallPolicyRuleCollectionGroups.
- type String
- Resource type.
Supporting Types
AzureFirewallThreatIntelMode, AzureFirewallThreatIntelModeArgs
- Alert
- Alert
- Deny
- Deny
- Off
- Off
- Azure
Firewall Threat Intel Mode Alert - Alert
- Azure
Firewall Threat Intel Mode Deny - Deny
- Azure
Firewall Threat Intel Mode Off - Off
- Alert
- Alert
- Deny
- Deny
- Off
- Off
- Alert
- Alert
- Deny
- Deny
- Off
- Off
- ALERT
- Alert
- DENY
- Deny
- OFF
- Off
- "Alert"
- Alert
- "Deny"
- Deny
- "Off"
- Off
DnsSettings, DnsSettingsArgs
- Enable
Proxy bool - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- Require
Proxy boolFor Network Rules - FQDNs in Network Rules are supported when set to true.
- Servers List<string>
- List of Custom DNS Servers.
- Enable
Proxy bool - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- Require
Proxy boolFor Network Rules - FQDNs in Network Rules are supported when set to true.
- Servers []string
- List of Custom DNS Servers.
- enable
Proxy Boolean - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require
Proxy BooleanFor Network Rules - FQDNs in Network Rules are supported when set to true.
- servers List<String>
- List of Custom DNS Servers.
- enable
Proxy boolean - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require
Proxy booleanFor Network Rules - FQDNs in Network Rules are supported when set to true.
- servers string[]
- List of Custom DNS Servers.
- enable_
proxy bool - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require_
proxy_ boolfor_ network_ rules - FQDNs in Network Rules are supported when set to true.
- servers Sequence[str]
- List of Custom DNS Servers.
- enable
Proxy Boolean - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require
Proxy BooleanFor Network Rules - FQDNs in Network Rules are supported when set to true.
- servers List<String>
- List of Custom DNS Servers.
DnsSettingsResponse, DnsSettingsResponseArgs
- Enable
Proxy bool - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- Require
Proxy boolFor Network Rules - FQDNs in Network Rules are supported when set to true.
- Servers List<string>
- List of Custom DNS Servers.
- Enable
Proxy bool - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- Require
Proxy boolFor Network Rules - FQDNs in Network Rules are supported when set to true.
- Servers []string
- List of Custom DNS Servers.
- enable
Proxy Boolean - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require
Proxy BooleanFor Network Rules - FQDNs in Network Rules are supported when set to true.
- servers List<String>
- List of Custom DNS Servers.
- enable
Proxy boolean - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require
Proxy booleanFor Network Rules - FQDNs in Network Rules are supported when set to true.
- servers string[]
- List of Custom DNS Servers.
- enable_
proxy bool - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require_
proxy_ boolfor_ network_ rules - FQDNs in Network Rules are supported when set to true.
- servers Sequence[str]
- List of Custom DNS Servers.
- enable
Proxy Boolean - Enable DNS Proxy on Firewalls attached to the Firewall Policy.
- require
Proxy BooleanFor Network Rules - FQDNs in Network Rules are supported when set to true.
- servers List<String>
- List of Custom DNS Servers.
FirewallPolicyCertificateAuthority, FirewallPolicyCertificateAuthorityArgs
- Key
Vault stringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- Name string
- Name of the CA certificate.
- Key
Vault stringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- Name string
- Name of the CA certificate.
- key
Vault StringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name String
- Name of the CA certificate.
- key
Vault stringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name string
- Name of the CA certificate.
- key_
vault_ strsecret_ id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name str
- Name of the CA certificate.
- key
Vault StringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name String
- Name of the CA certificate.
FirewallPolicyCertificateAuthorityResponse, FirewallPolicyCertificateAuthorityResponseArgs
- Key
Vault stringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- Name string
- Name of the CA certificate.
- Key
Vault stringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- Name string
- Name of the CA certificate.
- key
Vault StringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name String
- Name of the CA certificate.
- key
Vault stringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name string
- Name of the CA certificate.
- key_
vault_ strsecret_ id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name str
- Name of the CA certificate.
- key
Vault StringSecret Id - Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
- name String
- Name of the CA certificate.
FirewallPolicyInsights, FirewallPolicyInsightsArgs
- Is
Enabled bool - A flag to indicate if the insights are enabled on the policy.
- Log
Analytics Pulumi.Resources Azure Native. Network. Inputs. Firewall Policy Log Analytics Resources - Workspaces needed to configure the Firewall Policy Insights.
- Retention
Days int - Number of days the insights should be enabled on the policy.
- Is
Enabled bool - A flag to indicate if the insights are enabled on the policy.
- Log
Analytics FirewallResources Policy Log Analytics Resources - Workspaces needed to configure the Firewall Policy Insights.
- Retention
Days int - Number of days the insights should be enabled on the policy.
- is
Enabled Boolean - A flag to indicate if the insights are enabled on the policy.
- log
Analytics FirewallResources Policy Log Analytics Resources - Workspaces needed to configure the Firewall Policy Insights.
- retention
Days Integer - Number of days the insights should be enabled on the policy.
- is
Enabled boolean - A flag to indicate if the insights are enabled on the policy.
- log
Analytics FirewallResources Policy Log Analytics Resources - Workspaces needed to configure the Firewall Policy Insights.
- retention
Days number - Number of days the insights should be enabled on the policy.
- is_
enabled bool - A flag to indicate if the insights are enabled on the policy.
- log_
analytics_ Firewallresources Policy Log Analytics Resources - Workspaces needed to configure the Firewall Policy Insights.
- retention_
days int - Number of days the insights should be enabled on the policy.
- is
Enabled Boolean - A flag to indicate if the insights are enabled on the policy.
- log
Analytics Property MapResources - Workspaces needed to configure the Firewall Policy Insights.
- retention
Days Number - Number of days the insights should be enabled on the policy.
FirewallPolicyInsightsResponse, FirewallPolicyInsightsResponseArgs
- Is
Enabled bool - A flag to indicate if the insights are enabled on the policy.
- Log
Analytics Pulumi.Resources Azure Native. Network. Inputs. Firewall Policy Log Analytics Resources Response - Workspaces needed to configure the Firewall Policy Insights.
- Retention
Days int - Number of days the insights should be enabled on the policy.
- Is
Enabled bool - A flag to indicate if the insights are enabled on the policy.
- Log
Analytics FirewallResources Policy Log Analytics Resources Response - Workspaces needed to configure the Firewall Policy Insights.
- Retention
Days int - Number of days the insights should be enabled on the policy.
- is
Enabled Boolean - A flag to indicate if the insights are enabled on the policy.
- log
Analytics FirewallResources Policy Log Analytics Resources Response - Workspaces needed to configure the Firewall Policy Insights.
- retention
Days Integer - Number of days the insights should be enabled on the policy.
- is
Enabled boolean - A flag to indicate if the insights are enabled on the policy.
- log
Analytics FirewallResources Policy Log Analytics Resources Response - Workspaces needed to configure the Firewall Policy Insights.
- retention
Days number - Number of days the insights should be enabled on the policy.
- is_
enabled bool - A flag to indicate if the insights are enabled on the policy.
- log_
analytics_ Firewallresources Policy Log Analytics Resources Response - Workspaces needed to configure the Firewall Policy Insights.
- retention_
days int - Number of days the insights should be enabled on the policy.
- is
Enabled Boolean - A flag to indicate if the insights are enabled on the policy.
- log
Analytics Property MapResources - Workspaces needed to configure the Firewall Policy Insights.
- retention
Days Number - Number of days the insights should be enabled on the policy.
FirewallPolicyIntrusionDetection, FirewallPolicyIntrusionDetectionArgs
- Configuration
Pulumi.
Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Configuration - Intrusion detection configuration properties.
- Mode
string | Pulumi.
Azure Native. Network. Firewall Policy Intrusion Detection State Type - Intrusion detection general state.
- Configuration
Firewall
Policy Intrusion Detection Configuration - Intrusion detection configuration properties.
- Mode
string | Firewall
Policy Intrusion Detection State Type - Intrusion detection general state.
- configuration
Firewall
Policy Intrusion Detection Configuration - Intrusion detection configuration properties.
- mode
String | Firewall
Policy Intrusion Detection State Type - Intrusion detection general state.
- configuration
Firewall
Policy Intrusion Detection Configuration - Intrusion detection configuration properties.
- mode
string | Firewall
Policy Intrusion Detection State Type - Intrusion detection general state.
- configuration
Firewall
Policy Intrusion Detection Configuration - Intrusion detection configuration properties.
- mode
str | Firewall
Policy Intrusion Detection State Type - Intrusion detection general state.
- configuration Property Map
- Intrusion detection configuration properties.
- mode String | "Off" | "Alert" | "Deny"
- Intrusion detection general state.
FirewallPolicyIntrusionDetectionBypassTrafficSpecifications, FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsArgs
- Description string
- Description of the bypass traffic rule.
- Destination
Addresses List<string> - List of destination IP addresses or ranges for this rule.
- Destination
Ip List<string>Groups - List of destination IpGroups for this rule.
- Destination
Ports List<string> - List of destination ports or ranges.
- Name string
- Name of the bypass traffic rule.
- Protocol
string | Pulumi.
Azure Native. Network. Firewall Policy Intrusion Detection Protocol - The rule bypass protocol.
- Source
Addresses List<string> - List of source IP addresses or ranges for this rule.
- Source
Ip List<string>Groups - List of source IpGroups for this rule.
- Description string
- Description of the bypass traffic rule.
- Destination
Addresses []string - List of destination IP addresses or ranges for this rule.
- Destination
Ip []stringGroups - List of destination IpGroups for this rule.
- Destination
Ports []string - List of destination ports or ranges.
- Name string
- Name of the bypass traffic rule.
- Protocol
string | Firewall
Policy Intrusion Detection Protocol - The rule bypass protocol.
- Source
Addresses []string - List of source IP addresses or ranges for this rule.
- Source
Ip []stringGroups - List of source IpGroups for this rule.
- description String
- Description of the bypass traffic rule.
- destination
Addresses List<String> - List of destination IP addresses or ranges for this rule.
- destination
Ip List<String>Groups - List of destination IpGroups for this rule.
- destination
Ports List<String> - List of destination ports or ranges.
- name String
- Name of the bypass traffic rule.
- protocol
String | Firewall
Policy Intrusion Detection Protocol - The rule bypass protocol.
- source
Addresses List<String> - List of source IP addresses or ranges for this rule.
- source
Ip List<String>Groups - List of source IpGroups for this rule.
- description string
- Description of the bypass traffic rule.
- destination
Addresses string[] - List of destination IP addresses or ranges for this rule.
- destination
Ip string[]Groups - List of destination IpGroups for this rule.
- destination
Ports string[] - List of destination ports or ranges.
- name string
- Name of the bypass traffic rule.
- protocol
string | Firewall
Policy Intrusion Detection Protocol - The rule bypass protocol.
- source
Addresses string[] - List of source IP addresses or ranges for this rule.
- source
Ip string[]Groups - List of source IpGroups for this rule.
- description str
- Description of the bypass traffic rule.
- destination_
addresses Sequence[str] - List of destination IP addresses or ranges for this rule.
- destination_
ip_ Sequence[str]groups - List of destination IpGroups for this rule.
- destination_
ports Sequence[str] - List of destination ports or ranges.
- name str
- Name of the bypass traffic rule.
- protocol
str | Firewall
Policy Intrusion Detection Protocol - The rule bypass protocol.
- source_
addresses Sequence[str] - List of source IP addresses or ranges for this rule.
- source_
ip_ Sequence[str]groups - List of source IpGroups for this rule.
- description String
- Description of the bypass traffic rule.
- destination
Addresses List<String> - List of destination IP addresses or ranges for this rule.
- destination
Ip List<String>Groups - List of destination IpGroups for this rule.
- destination
Ports List<String> - List of destination ports or ranges.
- name String
- Name of the bypass traffic rule.
- protocol String | "TCP" | "UDP" | "ICMP" | "ANY"
- The rule bypass protocol.
- source
Addresses List<String> - List of source IP addresses or ranges for this rule.
- source
Ip List<String>Groups - List of source IpGroups for this rule.
FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponse, FirewallPolicyIntrusionDetectionBypassTrafficSpecificationsResponseArgs
- Description string
- Description of the bypass traffic rule.
- Destination
Addresses List<string> - List of destination IP addresses or ranges for this rule.
- Destination
Ip List<string>Groups - List of destination IpGroups for this rule.
- Destination
Ports List<string> - List of destination ports or ranges.
- Name string
- Name of the bypass traffic rule.
- Protocol string
- The rule bypass protocol.
- Source
Addresses List<string> - List of source IP addresses or ranges for this rule.
- Source
Ip List<string>Groups - List of source IpGroups for this rule.
- Description string
- Description of the bypass traffic rule.
- Destination
Addresses []string - List of destination IP addresses or ranges for this rule.
- Destination
Ip []stringGroups - List of destination IpGroups for this rule.
- Destination
Ports []string - List of destination ports or ranges.
- Name string
- Name of the bypass traffic rule.
- Protocol string
- The rule bypass protocol.
- Source
Addresses []string - List of source IP addresses or ranges for this rule.
- Source
Ip []stringGroups - List of source IpGroups for this rule.
- description String
- Description of the bypass traffic rule.
- destination
Addresses List<String> - List of destination IP addresses or ranges for this rule.
- destination
Ip List<String>Groups - List of destination IpGroups for this rule.
- destination
Ports List<String> - List of destination ports or ranges.
- name String
- Name of the bypass traffic rule.
- protocol String
- The rule bypass protocol.
- source
Addresses List<String> - List of source IP addresses or ranges for this rule.
- source
Ip List<String>Groups - List of source IpGroups for this rule.
- description string
- Description of the bypass traffic rule.
- destination
Addresses string[] - List of destination IP addresses or ranges for this rule.
- destination
Ip string[]Groups - List of destination IpGroups for this rule.
- destination
Ports string[] - List of destination ports or ranges.
- name string
- Name of the bypass traffic rule.
- protocol string
- The rule bypass protocol.
- source
Addresses string[] - List of source IP addresses or ranges for this rule.
- source
Ip string[]Groups - List of source IpGroups for this rule.
- description str
- Description of the bypass traffic rule.
- destination_
addresses Sequence[str] - List of destination IP addresses or ranges for this rule.
- destination_
ip_ Sequence[str]groups - List of destination IpGroups for this rule.
- destination_
ports Sequence[str] - List of destination ports or ranges.
- name str
- Name of the bypass traffic rule.
- protocol str
- The rule bypass protocol.
- source_
addresses Sequence[str] - List of source IP addresses or ranges for this rule.
- source_
ip_ Sequence[str]groups - List of source IpGroups for this rule.
- description String
- Description of the bypass traffic rule.
- destination
Addresses List<String> - List of destination IP addresses or ranges for this rule.
- destination
Ip List<String>Groups - List of destination IpGroups for this rule.
- destination
Ports List<String> - List of destination ports or ranges.
- name String
- Name of the bypass traffic rule.
- protocol String
- The rule bypass protocol.
- source
Addresses List<String> - List of source IP addresses or ranges for this rule.
- source
Ip List<String>Groups - List of source IpGroups for this rule.
FirewallPolicyIntrusionDetectionConfiguration, FirewallPolicyIntrusionDetectionConfigurationArgs
- Bypass
Traffic List<Pulumi.Settings Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Bypass Traffic Specifications> - List of rules for traffic to bypass.
- Signature
Overrides List<Pulumi.Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Signature Specification> - List of specific signatures states.
- Bypass
Traffic []FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications - List of rules for traffic to bypass.
- Signature
Overrides []FirewallPolicy Intrusion Detection Signature Specification - List of specific signatures states.
- bypass
Traffic List<FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications> - List of rules for traffic to bypass.
- signature
Overrides List<FirewallPolicy Intrusion Detection Signature Specification> - List of specific signatures states.
- bypass
Traffic FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications[] - List of rules for traffic to bypass.
- signature
Overrides FirewallPolicy Intrusion Detection Signature Specification[] - List of specific signatures states.
- bypass_
traffic_ Sequence[Firewallsettings Policy Intrusion Detection Bypass Traffic Specifications] - List of rules for traffic to bypass.
- signature_
overrides Sequence[FirewallPolicy Intrusion Detection Signature Specification] - List of specific signatures states.
- bypass
Traffic List<Property Map>Settings - List of rules for traffic to bypass.
- signature
Overrides List<Property Map> - List of specific signatures states.
FirewallPolicyIntrusionDetectionConfigurationResponse, FirewallPolicyIntrusionDetectionConfigurationResponseArgs
- Bypass
Traffic List<Pulumi.Settings Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Bypass Traffic Specifications Response> - List of rules for traffic to bypass.
- Signature
Overrides List<Pulumi.Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Signature Specification Response> - List of specific signatures states.
- Bypass
Traffic []FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications Response - List of rules for traffic to bypass.
- Signature
Overrides []FirewallPolicy Intrusion Detection Signature Specification Response - List of specific signatures states.
- bypass
Traffic List<FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications Response> - List of rules for traffic to bypass.
- signature
Overrides List<FirewallPolicy Intrusion Detection Signature Specification Response> - List of specific signatures states.
- bypass
Traffic FirewallSettings Policy Intrusion Detection Bypass Traffic Specifications Response[] - List of rules for traffic to bypass.
- signature
Overrides FirewallPolicy Intrusion Detection Signature Specification Response[] - List of specific signatures states.
- bypass_
traffic_ Sequence[Firewallsettings Policy Intrusion Detection Bypass Traffic Specifications Response] - List of rules for traffic to bypass.
- signature_
overrides Sequence[FirewallPolicy Intrusion Detection Signature Specification Response] - List of specific signatures states.
- bypass
Traffic List<Property Map>Settings - List of rules for traffic to bypass.
- signature
Overrides List<Property Map> - List of specific signatures states.
FirewallPolicyIntrusionDetectionProtocol, FirewallPolicyIntrusionDetectionProtocolArgs
- TCP
- TCP
- UDP
- UDP
- ICMP
- ICMP
- ANY
- ANY
- Firewall
Policy Intrusion Detection Protocol TCP - TCP
- Firewall
Policy Intrusion Detection Protocol UDP - UDP
- Firewall
Policy Intrusion Detection Protocol ICMP - ICMP
- Firewall
Policy Intrusion Detection Protocol ANY - ANY
- TCP
- TCP
- UDP
- UDP
- ICMP
- ICMP
- ANY
- ANY
- TCP
- TCP
- UDP
- UDP
- ICMP
- ICMP
- ANY
- ANY
- TCP
- TCP
- UDP
- UDP
- ICMP
- ICMP
- ANY
- ANY
- "TCP"
- TCP
- "UDP"
- UDP
- "ICMP"
- ICMP
- "ANY"
- ANY
FirewallPolicyIntrusionDetectionResponse, FirewallPolicyIntrusionDetectionResponseArgs
- Configuration
Pulumi.
Azure Native. Network. Inputs. Firewall Policy Intrusion Detection Configuration Response - Intrusion detection configuration properties.
- Mode string
- Intrusion detection general state.
- Configuration
Firewall
Policy Intrusion Detection Configuration Response - Intrusion detection configuration properties.
- Mode string
- Intrusion detection general state.
- configuration
Firewall
Policy Intrusion Detection Configuration Response - Intrusion detection configuration properties.
- mode String
- Intrusion detection general state.
- configuration
Firewall
Policy Intrusion Detection Configuration Response - Intrusion detection configuration properties.
- mode string
- Intrusion detection general state.
- configuration
Firewall
Policy Intrusion Detection Configuration Response - Intrusion detection configuration properties.
- mode str
- Intrusion detection general state.
- configuration Property Map
- Intrusion detection configuration properties.
- mode String
- Intrusion detection general state.
FirewallPolicyIntrusionDetectionSignatureSpecification, FirewallPolicyIntrusionDetectionSignatureSpecificationArgs
- Id string
- Signature id.
- Mode
string | Pulumi.
Azure Native. Network. Firewall Policy Intrusion Detection State Type - The signature state.
- Id string
- Signature id.
- Mode
string | Firewall
Policy Intrusion Detection State Type - The signature state.
- id String
- Signature id.
- mode
String | Firewall
Policy Intrusion Detection State Type - The signature state.
- id string
- Signature id.
- mode
string | Firewall
Policy Intrusion Detection State Type - The signature state.
- id str
- Signature id.
- mode
str | Firewall
Policy Intrusion Detection State Type - The signature state.
- id String
- Signature id.
- mode String | "Off" | "Alert" | "Deny"
- The signature state.
FirewallPolicyIntrusionDetectionSignatureSpecificationResponse, FirewallPolicyIntrusionDetectionSignatureSpecificationResponseArgs
FirewallPolicyIntrusionDetectionStateType, FirewallPolicyIntrusionDetectionStateTypeArgs
- Off
- Off
- Alert
- Alert
- Deny
- Deny
- Firewall
Policy Intrusion Detection State Type Off - Off
- Firewall
Policy Intrusion Detection State Type Alert - Alert
- Firewall
Policy Intrusion Detection State Type Deny - Deny
- Off
- Off
- Alert
- Alert
- Deny
- Deny
- Off
- Off
- Alert
- Alert
- Deny
- Deny
- OFF
- Off
- ALERT
- Alert
- DENY
- Deny
- "Off"
- Off
- "Alert"
- Alert
- "Deny"
- Deny
FirewallPolicyLogAnalyticsResources, FirewallPolicyLogAnalyticsResourcesArgs
- Default
Workspace Pulumi.Id Azure Native. Network. Inputs. Sub Resource - The default workspace Id for Firewall Policy Insights.
- Workspaces
List<Pulumi.
Azure Native. Network. Inputs. Firewall Policy Log Analytics Workspace> - List of workspaces for Firewall Policy Insights.
- Default
Workspace SubId Resource - The default workspace Id for Firewall Policy Insights.
- Workspaces
[]Firewall
Policy Log Analytics Workspace - List of workspaces for Firewall Policy Insights.
- default
Workspace SubId Resource - The default workspace Id for Firewall Policy Insights.
- workspaces
List<Firewall
Policy Log Analytics Workspace> - List of workspaces for Firewall Policy Insights.
- default
Workspace SubId Resource - The default workspace Id for Firewall Policy Insights.
- workspaces
Firewall
Policy Log Analytics Workspace[] - List of workspaces for Firewall Policy Insights.
- default_
workspace_ Subid Resource - The default workspace Id for Firewall Policy Insights.
- workspaces
Sequence[Firewall
Policy Log Analytics Workspace] - List of workspaces for Firewall Policy Insights.
- default
Workspace Property MapId - The default workspace Id for Firewall Policy Insights.
- workspaces List<Property Map>
- List of workspaces for Firewall Policy Insights.
FirewallPolicyLogAnalyticsResourcesResponse, FirewallPolicyLogAnalyticsResourcesResponseArgs
- Default
Workspace Pulumi.Id Azure Native. Network. Inputs. Sub Resource Response - The default workspace Id for Firewall Policy Insights.
- Workspaces
List<Pulumi.
Azure Native. Network. Inputs. Firewall Policy Log Analytics Workspace Response> - List of workspaces for Firewall Policy Insights.
- Default
Workspace SubId Resource Response - The default workspace Id for Firewall Policy Insights.
- Workspaces
[]Firewall
Policy Log Analytics Workspace Response - List of workspaces for Firewall Policy Insights.
- default
Workspace SubId Resource Response - The default workspace Id for Firewall Policy Insights.
- workspaces
List<Firewall
Policy Log Analytics Workspace Response> - List of workspaces for Firewall Policy Insights.
- default
Workspace SubId Resource Response - The default workspace Id for Firewall Policy Insights.
- workspaces
Firewall
Policy Log Analytics Workspace Response[] - List of workspaces for Firewall Policy Insights.
- default_
workspace_ Subid Resource Response - The default workspace Id for Firewall Policy Insights.
- workspaces
Sequence[Firewall
Policy Log Analytics Workspace Response] - List of workspaces for Firewall Policy Insights.
- default
Workspace Property MapId - The default workspace Id for Firewall Policy Insights.
- workspaces List<Property Map>
- List of workspaces for Firewall Policy Insights.
FirewallPolicyLogAnalyticsWorkspace, FirewallPolicyLogAnalyticsWorkspaceArgs
- Region string
- Region to configure the Workspace.
- Workspace
Id Pulumi.Azure Native. Network. Inputs. Sub Resource - The workspace Id for Firewall Policy Insights.
- Region string
- Region to configure the Workspace.
- Workspace
Id SubResource - The workspace Id for Firewall Policy Insights.
- region String
- Region to configure the Workspace.
- workspace
Id SubResource - The workspace Id for Firewall Policy Insights.
- region string
- Region to configure the Workspace.
- workspace
Id SubResource - The workspace Id for Firewall Policy Insights.
- region str
- Region to configure the Workspace.
- workspace_
id SubResource - The workspace Id for Firewall Policy Insights.
- region String
- Region to configure the Workspace.
- workspace
Id Property Map - The workspace Id for Firewall Policy Insights.
FirewallPolicyLogAnalyticsWorkspaceResponse, FirewallPolicyLogAnalyticsWorkspaceResponseArgs
- Region string
- Region to configure the Workspace.
- Workspace
Id Pulumi.Azure Native. Network. Inputs. Sub Resource Response - The workspace Id for Firewall Policy Insights.
- Region string
- Region to configure the Workspace.
- Workspace
Id SubResource Response - The workspace Id for Firewall Policy Insights.
- region String
- Region to configure the Workspace.
- workspace
Id SubResource Response - The workspace Id for Firewall Policy Insights.
- region string
- Region to configure the Workspace.
- workspace
Id SubResource Response - The workspace Id for Firewall Policy Insights.
- region str
- Region to configure the Workspace.
- workspace_
id SubResource Response - The workspace Id for Firewall Policy Insights.
- region String
- Region to configure the Workspace.
- workspace
Id Property Map - The workspace Id for Firewall Policy Insights.
FirewallPolicySNAT, FirewallPolicySNATArgs
- Private
Ranges List<string> - List of private IP addresses/IP address ranges to not be SNAT.
- Private
Ranges []string - List of private IP addresses/IP address ranges to not be SNAT.
- private
Ranges List<String> - List of private IP addresses/IP address ranges to not be SNAT.
- private
Ranges string[] - List of private IP addresses/IP address ranges to not be SNAT.
- private_
ranges Sequence[str] - List of private IP addresses/IP address ranges to not be SNAT.
- private
Ranges List<String> - List of private IP addresses/IP address ranges to not be SNAT.
FirewallPolicySNATResponse, FirewallPolicySNATResponseArgs
- Private
Ranges List<string> - List of private IP addresses/IP address ranges to not be SNAT.
- Private
Ranges []string - List of private IP addresses/IP address ranges to not be SNAT.
- private
Ranges List<String> - List of private IP addresses/IP address ranges to not be SNAT.
- private
Ranges string[] - List of private IP addresses/IP address ranges to not be SNAT.
- private_
ranges Sequence[str] - List of private IP addresses/IP address ranges to not be SNAT.
- private
Ranges List<String> - List of private IP addresses/IP address ranges to not be SNAT.
FirewallPolicySku, FirewallPolicySkuArgs
- Tier
string | Pulumi.
Azure Native. Network. Firewall Policy Sku Tier - Tier of Firewall Policy.
- Tier
string | Firewall
Policy Sku Tier - Tier of Firewall Policy.
- tier
String | Firewall
Policy Sku Tier - Tier of Firewall Policy.
- tier
string | Firewall
Policy Sku Tier - Tier of Firewall Policy.
- tier
str | Firewall
Policy Sku Tier - Tier of Firewall Policy.
- tier String | "Standard" | "Premium"
- Tier of Firewall Policy.
FirewallPolicySkuResponse, FirewallPolicySkuResponseArgs
- Tier string
- Tier of Firewall Policy.
- Tier string
- Tier of Firewall Policy.
- tier String
- Tier of Firewall Policy.
- tier string
- Tier of Firewall Policy.
- tier str
- Tier of Firewall Policy.
- tier String
- Tier of Firewall Policy.
FirewallPolicySkuTier, FirewallPolicySkuTierArgs
- Standard
- Standard
- Premium
- Premium
- Firewall
Policy Sku Tier Standard - Standard
- Firewall
Policy Sku Tier Premium - Premium
- Standard
- Standard
- Premium
- Premium
- Standard
- Standard
- Premium
- Premium
- STANDARD
- Standard
- PREMIUM
- Premium
- "Standard"
- Standard
- "Premium"
- Premium
FirewallPolicyThreatIntelWhitelist, FirewallPolicyThreatIntelWhitelistArgs
- Fqdns List<string>
- List of FQDNs for the ThreatIntel Whitelist.
- Ip
Addresses List<string> - List of IP addresses for the ThreatIntel Whitelist.
- Fqdns []string
- List of FQDNs for the ThreatIntel Whitelist.
- Ip
Addresses []string - List of IP addresses for the ThreatIntel Whitelist.
- fqdns List<String>
- List of FQDNs for the ThreatIntel Whitelist.
- ip
Addresses List<String> - List of IP addresses for the ThreatIntel Whitelist.
- fqdns string[]
- List of FQDNs for the ThreatIntel Whitelist.
- ip
Addresses string[] - List of IP addresses for the ThreatIntel Whitelist.
- fqdns Sequence[str]
- List of FQDNs for the ThreatIntel Whitelist.
- ip_
addresses Sequence[str] - List of IP addresses for the ThreatIntel Whitelist.
- fqdns List<String>
- List of FQDNs for the ThreatIntel Whitelist.
- ip
Addresses List<String> - List of IP addresses for the ThreatIntel Whitelist.
FirewallPolicyThreatIntelWhitelistResponse, FirewallPolicyThreatIntelWhitelistResponseArgs
- Fqdns List<string>
- List of FQDNs for the ThreatIntel Whitelist.
- Ip
Addresses List<string> - List of IP addresses for the ThreatIntel Whitelist.
- Fqdns []string
- List of FQDNs for the ThreatIntel Whitelist.
- Ip
Addresses []string - List of IP addresses for the ThreatIntel Whitelist.
- fqdns List<String>
- List of FQDNs for the ThreatIntel Whitelist.
- ip
Addresses List<String> - List of IP addresses for the ThreatIntel Whitelist.
- fqdns string[]
- List of FQDNs for the ThreatIntel Whitelist.
- ip
Addresses string[] - List of IP addresses for the ThreatIntel Whitelist.
- fqdns Sequence[str]
- List of FQDNs for the ThreatIntel Whitelist.
- ip_
addresses Sequence[str] - List of IP addresses for the ThreatIntel Whitelist.
- fqdns List<String>
- List of FQDNs for the ThreatIntel Whitelist.
- ip
Addresses List<String> - List of IP addresses for the ThreatIntel Whitelist.
FirewallPolicyTransportSecurity, FirewallPolicyTransportSecurityArgs
-
Pulumi.
Azure Native. Network. Inputs. Firewall Policy Certificate Authority - The CA used for intermediate CA generation.
-
Firewall
Policy Certificate Authority - The CA used for intermediate CA generation.
-
Firewall
Policy Certificate Authority - The CA used for intermediate CA generation.
-
Firewall
Policy Certificate Authority - The CA used for intermediate CA generation.
-
Firewall
Policy Certificate Authority - The CA used for intermediate CA generation.
- Property Map
- The CA used for intermediate CA generation.
FirewallPolicyTransportSecurityResponse, FirewallPolicyTransportSecurityResponseArgs
-
Pulumi.
Azure Native. Network. Inputs. Firewall Policy Certificate Authority Response - The CA used for intermediate CA generation.
-
Firewall
Policy Certificate Authority Response - The CA used for intermediate CA generation.
-
Firewall
Policy Certificate Authority Response - The CA used for intermediate CA generation.
-
Firewall
Policy Certificate Authority Response - The CA used for intermediate CA generation.
-
Firewall
Policy Certificate Authority Response - The CA used for intermediate CA generation.
- Property Map
- The CA used for intermediate CA generation.
ManagedServiceIdentity, ManagedServiceIdentityArgs
- Type
Pulumi.
Azure Native. Network. Resource Identity Type - The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- User
Assigned Dictionary<string, object>Identities - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- Type
Resource
Identity Type - The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- User
Assigned map[string]interface{}Identities - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- type
Resource
Identity Type - The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user
Assigned Map<String,Object>Identities - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- type
Resource
Identity Type - The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user
Assigned {[key: string]: any}Identities - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- type
Resource
Identity Type - The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user_
assigned_ Mapping[str, Any]identities - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- type
"System
Assigned" | "User Assigned" | "System Assigned, User Assigned" | "None" - The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user
Assigned Map<Any>Identities - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
ManagedServiceIdentityResponse, ManagedServiceIdentityResponseArgs
- Principal
Id string - The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- Tenant
Id string - The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- Type string
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- User
Assigned Dictionary<string, Pulumi.Identities Azure Native. Network. Inputs. Managed Service Identity Response User Assigned Identities> - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- Principal
Id string - The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- Tenant
Id string - The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- Type string
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- User
Assigned map[string]ManagedIdentities Service Identity Response User Assigned Identities - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal
Id String - The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- tenant
Id String - The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- type String
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user
Assigned Map<String,ManagedIdentities Service Identity Response User Assigned Identities> - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal
Id string - The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- tenant
Id string - The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- type string
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user
Assigned {[key: string]: ManagedIdentities Service Identity Response User Assigned Identities} - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal_
id str - The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- tenant_
id str - The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- type str
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user_
assigned_ Mapping[str, Managedidentities Service Identity Response User Assigned Identities] - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal
Id String - The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
- tenant
Id String - The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
- type String
- The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
- user
Assigned Map<Property Map>Identities - The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
ManagedServiceIdentityResponseUserAssignedIdentities, ManagedServiceIdentityResponseUserAssignedIdentitiesArgs
- Client
Id string - The client id of user assigned identity.
- Principal
Id string - The principal id of user assigned identity.
- Client
Id string - The client id of user assigned identity.
- Principal
Id string - The principal id of user assigned identity.
- client
Id String - The client id of user assigned identity.
- principal
Id String - The principal id of user assigned identity.
- client
Id string - The client id of user assigned identity.
- principal
Id string - The principal id of user assigned identity.
- client_
id str - The client id of user assigned identity.
- principal_
id str - The principal id of user assigned identity.
- client
Id String - The client id of user assigned identity.
- principal
Id String - The principal id of user assigned identity.
ResourceIdentityType, ResourceIdentityTypeArgs
- System
Assigned - SystemAssigned
- User
Assigned - UserAssigned
- System
Assigned_User Assigned - SystemAssigned, UserAssigned
- None
- None
- Resource
Identity Type System Assigned - SystemAssigned
- Resource
Identity Type User Assigned - UserAssigned
- Resource
Identity Type_System Assigned_User Assigned - SystemAssigned, UserAssigned
- Resource
Identity Type None - None
- System
Assigned - SystemAssigned
- User
Assigned - UserAssigned
- System
Assigned_User Assigned - SystemAssigned, UserAssigned
- None
- None
- System
Assigned - SystemAssigned
- User
Assigned - UserAssigned
- System
Assigned_User Assigned - SystemAssigned, UserAssigned
- None
- None
- SYSTEM_ASSIGNED
- SystemAssigned
- USER_ASSIGNED
- UserAssigned
- SYSTEM_ASSIGNED_USER_ASSIGNED
- SystemAssigned, UserAssigned
- NONE
- None
- "System
Assigned" - SystemAssigned
- "User
Assigned" - UserAssigned
- "System
Assigned, User Assigned" - SystemAssigned, UserAssigned
- "None"
- None
SubResource, SubResourceArgs
- Id string
- Sub-resource ID. Both absolute resource ID and a relative resource ID are accepted. An absolute ID starts with /subscriptions/ and contains the entire ID of the parent resource and the ID of the sub-resource in the end. A relative ID replaces the ID of the parent resource with a token '$self', followed by the sub-resource ID itself. Example of a relative ID: $self/frontEndConfigurations/my-frontend.
- Id string
- Sub-resource ID. Both absolute resource ID and a relative resource ID are accepted. An absolute ID starts with /subscriptions/ and contains the entire ID of the parent resource and the ID of the sub-resource in the end. A relative ID replaces the ID of the parent resource with a token '$self', followed by the sub-resource ID itself. Example of a relative ID: $self/frontEndConfigurations/my-frontend.
- id String
- Sub-resource ID. Both absolute resource ID and a relative resource ID are accepted. An absolute ID starts with /subscriptions/ and contains the entire ID of the parent resource and the ID of the sub-resource in the end. A relative ID replaces the ID of the parent resource with a token '$self', followed by the sub-resource ID itself. Example of a relative ID: $self/frontEndConfigurations/my-frontend.
- id string
- Sub-resource ID. Both absolute resource ID and a relative resource ID are accepted. An absolute ID starts with /subscriptions/ and contains the entire ID of the parent resource and the ID of the sub-resource in the end. A relative ID replaces the ID of the parent resource with a token '$self', followed by the sub-resource ID itself. Example of a relative ID: $self/frontEndConfigurations/my-frontend.
- id str
- Sub-resource ID. Both absolute resource ID and a relative resource ID are accepted. An absolute ID starts with /subscriptions/ and contains the entire ID of the parent resource and the ID of the sub-resource in the end. A relative ID replaces the ID of the parent resource with a token '$self', followed by the sub-resource ID itself. Example of a relative ID: $self/frontEndConfigurations/my-frontend.
- id String
- Sub-resource ID. Both absolute resource ID and a relative resource ID are accepted. An absolute ID starts with /subscriptions/ and contains the entire ID of the parent resource and the ID of the sub-resource in the end. A relative ID replaces the ID of the parent resource with a token '$self', followed by the sub-resource ID itself. Example of a relative ID: $self/frontEndConfigurations/my-frontend.
SubResourceResponse, SubResourceResponseArgs
- Id string
- Resource ID.
- Id string
- Resource ID.
- id String
- Resource ID.
- id string
- Resource ID.
- id str
- Resource ID.
- id String
- Resource ID.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:network:FirewallPolicy firewallPolicy /subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- azure-native-v1 pulumi/pulumi-azure-native
- License
- Apache-2.0
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi