1. Packages
  2. Cisco ISE
  3. API Docs
  4. deviceadmin
  5. getAuthorizationRule
Cisco ISE v0.1.4 published on Friday, May 31, 2024 by Pulumi

ise.deviceadmin.getAuthorizationRule

Explore with Pulumi AI

ise logo
Cisco ISE v0.1.4 published on Friday, May 31, 2024 by Pulumi

    This data source can read the Device Admin Authorization Rule.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as ise from "@pulumi/ise";
    
    const example = ise.deviceadmin.getAuthorizationRule({
        id: "76d24097-41c4-4558-a4d0-a8c07ac08470",
        policySetId: "d82952cb-b901-4b09-b363-5ebf39bdbaf9",
    });
    
    import pulumi
    import pulumi_ise as ise
    
    example = ise.deviceadmin.get_authorization_rule(id="76d24097-41c4-4558-a4d0-a8c07ac08470",
        policy_set_id="d82952cb-b901-4b09-b363-5ebf39bdbaf9")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-ise/sdk/go/ise/deviceadmin"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := deviceadmin.LookupAuthorizationRule(ctx, &deviceadmin.LookupAuthorizationRuleArgs{
    			Id:          pulumi.StringRef("76d24097-41c4-4558-a4d0-a8c07ac08470"),
    			PolicySetId: "d82952cb-b901-4b09-b363-5ebf39bdbaf9",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Ise = Pulumi.Ise;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Ise.DeviceAdmin.GetAuthorizationRule.Invoke(new()
        {
            Id = "76d24097-41c4-4558-a4d0-a8c07ac08470",
            PolicySetId = "d82952cb-b901-4b09-b363-5ebf39bdbaf9",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.ise.deviceadmin.DeviceadminFunctions;
    import com.pulumi.ise.deviceadmin.inputs.GetAuthorizationRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = DeviceadminFunctions.getAuthorizationRule(GetAuthorizationRuleArgs.builder()
                .id("76d24097-41c4-4558-a4d0-a8c07ac08470")
                .policySetId("d82952cb-b901-4b09-b363-5ebf39bdbaf9")
                .build());
    
        }
    }
    
    variables:
      example:
        fn::invoke:
          Function: ise:deviceadmin:getAuthorizationRule
          Arguments:
            id: 76d24097-41c4-4558-a4d0-a8c07ac08470
            policySetId: d82952cb-b901-4b09-b363-5ebf39bdbaf9
    

    Using getAuthorizationRule

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getAuthorizationRule(args: GetAuthorizationRuleArgs, opts?: InvokeOptions): Promise<GetAuthorizationRuleResult>
    function getAuthorizationRuleOutput(args: GetAuthorizationRuleOutputArgs, opts?: InvokeOptions): Output<GetAuthorizationRuleResult>
    def get_authorization_rule(id: Optional[str] = None,
                               name: Optional[str] = None,
                               policy_set_id: Optional[str] = None,
                               opts: Optional[InvokeOptions] = None) -> GetAuthorizationRuleResult
    def get_authorization_rule_output(id: Optional[pulumi.Input[str]] = None,
                               name: Optional[pulumi.Input[str]] = None,
                               policy_set_id: Optional[pulumi.Input[str]] = None,
                               opts: Optional[InvokeOptions] = None) -> Output[GetAuthorizationRuleResult]
    func LookupAuthorizationRule(ctx *Context, args *LookupAuthorizationRuleArgs, opts ...InvokeOption) (*LookupAuthorizationRuleResult, error)
    func LookupAuthorizationRuleOutput(ctx *Context, args *LookupAuthorizationRuleOutputArgs, opts ...InvokeOption) LookupAuthorizationRuleResultOutput

    > Note: This function is named LookupAuthorizationRule in the Go SDK.

    public static class GetAuthorizationRule 
    {
        public static Task<GetAuthorizationRuleResult> InvokeAsync(GetAuthorizationRuleArgs args, InvokeOptions? opts = null)
        public static Output<GetAuthorizationRuleResult> Invoke(GetAuthorizationRuleInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetAuthorizationRuleResult> getAuthorizationRule(GetAuthorizationRuleArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: ise:deviceadmin/getAuthorizationRule:getAuthorizationRule
      arguments:
        # arguments dictionary

    The following arguments are supported:

    PolicySetId string
    Policy set ID
    Id string
    The id of the object
    Name string
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    PolicySetId string
    Policy set ID
    Id string
    The id of the object
    Name string
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    policySetId String
    Policy set ID
    id String
    The id of the object
    name String
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    policySetId string
    Policy set ID
    id string
    The id of the object
    name string
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    policy_set_id str
    Policy set ID
    id str
    The id of the object
    name str
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    policySetId String
    Policy set ID
    id String
    The id of the object
    name String
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]

    getAuthorizationRule Result

    The following output properties are available:

    Childrens List<GetAuthorizationRuleChildren>
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    CommandSets List<string>
    Command sets enforce the specified list of commands that can be executed by a device administrator
    ConditionAttributeName string
    Dictionary attribute name
    ConditionAttributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    ConditionDictionaryName string
    Dictionary name
    ConditionDictionaryValue string
    Dictionary value
    ConditionId string
    UUID for condition
    ConditionIsNegate bool
    Indicates whereas this condition is in negate mode
    ConditionOperator string
    Equality operator
    ConditionType string
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    Default bool
    Indicates if this rule is the default one
    Id string
    The id of the object
    Name string
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    PolicySetId string
    Policy set ID
    Profile string
    Device admin profiles control the initial login session of the device administrator
    Rank int
    The rank (priority) in relation to other rules. Lower rank is higher priority.
    State string
    The state that the rule is in. A disabled rule cannot be matched.
    Childrens []GetAuthorizationRuleChildren
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    CommandSets []string
    Command sets enforce the specified list of commands that can be executed by a device administrator
    ConditionAttributeName string
    Dictionary attribute name
    ConditionAttributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    ConditionDictionaryName string
    Dictionary name
    ConditionDictionaryValue string
    Dictionary value
    ConditionId string
    UUID for condition
    ConditionIsNegate bool
    Indicates whereas this condition is in negate mode
    ConditionOperator string
    Equality operator
    ConditionType string
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    Default bool
    Indicates if this rule is the default one
    Id string
    The id of the object
    Name string
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    PolicySetId string
    Policy set ID
    Profile string
    Device admin profiles control the initial login session of the device administrator
    Rank int
    The rank (priority) in relation to other rules. Lower rank is higher priority.
    State string
    The state that the rule is in. A disabled rule cannot be matched.
    childrens List<GetAuthorizationRuleChildren>
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    commandSets List<String>
    Command sets enforce the specified list of commands that can be executed by a device administrator
    conditionAttributeName String
    Dictionary attribute name
    conditionAttributeValue String
    Attribute value for condition. Value type is specified in dictionary object.
    conditionDictionaryName String
    Dictionary name
    conditionDictionaryValue String
    Dictionary value
    conditionId String
    UUID for condition
    conditionIsNegate Boolean
    Indicates whereas this condition is in negate mode
    conditionOperator String
    Equality operator
    conditionType String
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    default_ Boolean
    Indicates if this rule is the default one
    id String
    The id of the object
    name String
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    policySetId String
    Policy set ID
    profile String
    Device admin profiles control the initial login session of the device administrator
    rank Integer
    The rank (priority) in relation to other rules. Lower rank is higher priority.
    state String
    The state that the rule is in. A disabled rule cannot be matched.
    childrens GetAuthorizationRuleChildren[]
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    commandSets string[]
    Command sets enforce the specified list of commands that can be executed by a device administrator
    conditionAttributeName string
    Dictionary attribute name
    conditionAttributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    conditionDictionaryName string
    Dictionary name
    conditionDictionaryValue string
    Dictionary value
    conditionId string
    UUID for condition
    conditionIsNegate boolean
    Indicates whereas this condition is in negate mode
    conditionOperator string
    Equality operator
    conditionType string
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    default boolean
    Indicates if this rule is the default one
    id string
    The id of the object
    name string
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    policySetId string
    Policy set ID
    profile string
    Device admin profiles control the initial login session of the device administrator
    rank number
    The rank (priority) in relation to other rules. Lower rank is higher priority.
    state string
    The state that the rule is in. A disabled rule cannot be matched.
    childrens Sequence[GetAuthorizationRuleChildren]
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    command_sets Sequence[str]
    Command sets enforce the specified list of commands that can be executed by a device administrator
    condition_attribute_name str
    Dictionary attribute name
    condition_attribute_value str
    Attribute value for condition. Value type is specified in dictionary object.
    condition_dictionary_name str
    Dictionary name
    condition_dictionary_value str
    Dictionary value
    condition_id str
    UUID for condition
    condition_is_negate bool
    Indicates whereas this condition is in negate mode
    condition_operator str
    Equality operator
    condition_type str
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    default bool
    Indicates if this rule is the default one
    id str
    The id of the object
    name str
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    policy_set_id str
    Policy set ID
    profile str
    Device admin profiles control the initial login session of the device administrator
    rank int
    The rank (priority) in relation to other rules. Lower rank is higher priority.
    state str
    The state that the rule is in. A disabled rule cannot be matched.
    childrens List<Property Map>
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    commandSets List<String>
    Command sets enforce the specified list of commands that can be executed by a device administrator
    conditionAttributeName String
    Dictionary attribute name
    conditionAttributeValue String
    Attribute value for condition. Value type is specified in dictionary object.
    conditionDictionaryName String
    Dictionary name
    conditionDictionaryValue String
    Dictionary value
    conditionId String
    UUID for condition
    conditionIsNegate Boolean
    Indicates whereas this condition is in negate mode
    conditionOperator String
    Equality operator
    conditionType String
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    default Boolean
    Indicates if this rule is the default one
    id String
    The id of the object
    name String
    Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
    policySetId String
    Policy set ID
    profile String
    Device admin profiles control the initial login session of the device administrator
    rank Number
    The rank (priority) in relation to other rules. Lower rank is higher priority.
    state String
    The state that the rule is in. A disabled rule cannot be matched.

    Supporting Types

    GetAuthorizationRuleChildren

    AttributeName string
    Dictionary attribute name
    AttributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    Childrens List<GetAuthorizationRuleChildrenChildren>
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    ConditionType string
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    DictionaryName string
    Dictionary name
    DictionaryValue string
    Dictionary value
    Id string
    UUID for condition
    IsNegate bool
    Indicates whereas this condition is in negate mode
    Operator string
    Equality operator
    AttributeName string
    Dictionary attribute name
    AttributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    Childrens []GetAuthorizationRuleChildrenChildren
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    ConditionType string
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    DictionaryName string
    Dictionary name
    DictionaryValue string
    Dictionary value
    Id string
    UUID for condition
    IsNegate bool
    Indicates whereas this condition is in negate mode
    Operator string
    Equality operator
    attributeName String
    Dictionary attribute name
    attributeValue String
    Attribute value for condition. Value type is specified in dictionary object.
    childrens List<GetAuthorizationRuleChildrenChildren>
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    conditionType String
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    dictionaryName String
    Dictionary name
    dictionaryValue String
    Dictionary value
    id String
    UUID for condition
    isNegate Boolean
    Indicates whereas this condition is in negate mode
    operator String
    Equality operator
    attributeName string
    Dictionary attribute name
    attributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    childrens GetAuthorizationRuleChildrenChildren[]
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    conditionType string
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    dictionaryName string
    Dictionary name
    dictionaryValue string
    Dictionary value
    id string
    UUID for condition
    isNegate boolean
    Indicates whereas this condition is in negate mode
    operator string
    Equality operator
    attribute_name str
    Dictionary attribute name
    attribute_value str
    Attribute value for condition. Value type is specified in dictionary object.
    childrens Sequence[GetAuthorizationRuleChildrenChildren]
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    condition_type str
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    dictionary_name str
    Dictionary name
    dictionary_value str
    Dictionary value
    id str
    UUID for condition
    is_negate bool
    Indicates whereas this condition is in negate mode
    operator str
    Equality operator
    attributeName String
    Dictionary attribute name
    attributeValue String
    Attribute value for condition. Value type is specified in dictionary object.
    childrens List<Property Map>
    List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
    conditionType String
    Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
    dictionaryName String
    Dictionary name
    dictionaryValue String
    Dictionary value
    id String
    UUID for condition
    isNegate Boolean
    Indicates whereas this condition is in negate mode
    operator String
    Equality operator

    GetAuthorizationRuleChildrenChildren

    AttributeName string
    Dictionary attribute name
    AttributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    ConditionType string
    Condition type.
    DictionaryName string
    Dictionary name
    DictionaryValue string
    Dictionary value
    Id string
    UUID for condition
    IsNegate bool
    Indicates whereas this condition is in negate mode
    Operator string
    Equality operator
    AttributeName string
    Dictionary attribute name
    AttributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    ConditionType string
    Condition type.
    DictionaryName string
    Dictionary name
    DictionaryValue string
    Dictionary value
    Id string
    UUID for condition
    IsNegate bool
    Indicates whereas this condition is in negate mode
    Operator string
    Equality operator
    attributeName String
    Dictionary attribute name
    attributeValue String
    Attribute value for condition. Value type is specified in dictionary object.
    conditionType String
    Condition type.
    dictionaryName String
    Dictionary name
    dictionaryValue String
    Dictionary value
    id String
    UUID for condition
    isNegate Boolean
    Indicates whereas this condition is in negate mode
    operator String
    Equality operator
    attributeName string
    Dictionary attribute name
    attributeValue string
    Attribute value for condition. Value type is specified in dictionary object.
    conditionType string
    Condition type.
    dictionaryName string
    Dictionary name
    dictionaryValue string
    Dictionary value
    id string
    UUID for condition
    isNegate boolean
    Indicates whereas this condition is in negate mode
    operator string
    Equality operator
    attribute_name str
    Dictionary attribute name
    attribute_value str
    Attribute value for condition. Value type is specified in dictionary object.
    condition_type str
    Condition type.
    dictionary_name str
    Dictionary name
    dictionary_value str
    Dictionary value
    id str
    UUID for condition
    is_negate bool
    Indicates whereas this condition is in negate mode
    operator str
    Equality operator
    attributeName String
    Dictionary attribute name
    attributeValue String
    Attribute value for condition. Value type is specified in dictionary object.
    conditionType String
    Condition type.
    dictionaryName String
    Dictionary name
    dictionaryValue String
    Dictionary value
    id String
    UUID for condition
    isNegate Boolean
    Indicates whereas this condition is in negate mode
    operator String
    Equality operator

    Package Details

    Repository
    ise pulumi/pulumi-ise
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the ise Terraform Provider.
    ise logo
    Cisco ISE v0.1.4 published on Friday, May 31, 2024 by Pulumi