Docs
PackagesOracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi
oci.NetworkFirewall.getNetworkFirewallPolicySecurityRules
Explore with Pulumi AI
Oracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi
This data source provides the list of Network Firewall Policy Security Rules in Oracle Cloud Infrastructure Network Firewall service.
Returns a list of Security Rule for the Network Firewall Policy.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testNetworkFirewallPolicySecurityRules = oci.NetworkFirewall.getNetworkFirewallPolicySecurityRules({
networkFirewallPolicyId: testNetworkFirewallPolicy.id,
displayName: networkFirewallPolicySecurityRuleDisplayName,
securityRulePriorityOrder: networkFirewallPolicySecurityRuleSecurityRulePriorityOrder,
});
import pulumi
import pulumi_oci as oci
test_network_firewall_policy_security_rules = oci.NetworkFirewall.get_network_firewall_policy_security_rules(network_firewall_policy_id=test_network_firewall_policy["id"],
display_name=network_firewall_policy_security_rule_display_name,
security_rule_priority_order=network_firewall_policy_security_rule_security_rule_priority_order)
package main
import (
"github.com/pulumi/pulumi-oci/sdk/go/oci/NetworkFirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := NetworkFirewall.GetNetworkFirewallPolicySecurityRules(ctx, &networkfirewall.GetNetworkFirewallPolicySecurityRulesArgs{
NetworkFirewallPolicyId: testNetworkFirewallPolicy.Id,
DisplayName: pulumi.StringRef(networkFirewallPolicySecurityRuleDisplayName),
SecurityRulePriorityOrder: pulumi.IntRef(networkFirewallPolicySecurityRuleSecurityRulePriorityOrder),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testNetworkFirewallPolicySecurityRules = Oci.NetworkFirewall.GetNetworkFirewallPolicySecurityRules.Invoke(new()
{
NetworkFirewallPolicyId = testNetworkFirewallPolicy.Id,
DisplayName = networkFirewallPolicySecurityRuleDisplayName,
SecurityRulePriorityOrder = networkFirewallPolicySecurityRuleSecurityRulePriorityOrder,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.NetworkFirewall.NetworkFirewallFunctions;
import com.pulumi.oci.NetworkFirewall.inputs.GetNetworkFirewallPolicySecurityRulesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testNetworkFirewallPolicySecurityRules = NetworkFirewallFunctions.getNetworkFirewallPolicySecurityRules(GetNetworkFirewallPolicySecurityRulesArgs.builder()
.networkFirewallPolicyId(testNetworkFirewallPolicy.id())
.displayName(networkFirewallPolicySecurityRuleDisplayName)
.securityRulePriorityOrder(networkFirewallPolicySecurityRuleSecurityRulePriorityOrder)
.build());
}
}
variables:
testNetworkFirewallPolicySecurityRules:
fn::invoke:
Function: oci:NetworkFirewall:getNetworkFirewallPolicySecurityRules
Arguments:
networkFirewallPolicyId: ${testNetworkFirewallPolicy.id}
displayName: ${networkFirewallPolicySecurityRuleDisplayName}
securityRulePriorityOrder: ${networkFirewallPolicySecurityRuleSecurityRulePriorityOrder}
Using getNetworkFirewallPolicySecurityRules
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getNetworkFirewallPolicySecurityRules(args: GetNetworkFirewallPolicySecurityRulesArgs, opts?: InvokeOptions): Promise<GetNetworkFirewallPolicySecurityRulesResult>
function getNetworkFirewallPolicySecurityRulesOutput(args: GetNetworkFirewallPolicySecurityRulesOutputArgs, opts?: InvokeOptions): Output<GetNetworkFirewallPolicySecurityRulesResult>def get_network_firewall_policy_security_rules(display_name: Optional[str] = None,
filters: Optional[Sequence[_networkfirewall.GetNetworkFirewallPolicySecurityRulesFilter]] = None,
network_firewall_policy_id: Optional[str] = None,
security_rule_priority_order: Optional[int] = None,
opts: Optional[InvokeOptions] = None) -> GetNetworkFirewallPolicySecurityRulesResult
def get_network_firewall_policy_security_rules_output(display_name: Optional[pulumi.Input[str]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[_networkfirewall.GetNetworkFirewallPolicySecurityRulesFilterArgs]]]] = None,
network_firewall_policy_id: Optional[pulumi.Input[str]] = None,
security_rule_priority_order: Optional[pulumi.Input[int]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetNetworkFirewallPolicySecurityRulesResult]func GetNetworkFirewallPolicySecurityRules(ctx *Context, args *GetNetworkFirewallPolicySecurityRulesArgs, opts ...InvokeOption) (*GetNetworkFirewallPolicySecurityRulesResult, error)
func GetNetworkFirewallPolicySecurityRulesOutput(ctx *Context, args *GetNetworkFirewallPolicySecurityRulesOutputArgs, opts ...InvokeOption) GetNetworkFirewallPolicySecurityRulesResultOutput> Note: This function is named GetNetworkFirewallPolicySecurityRules in the Go SDK.
public static class GetNetworkFirewallPolicySecurityRules
{
public static Task<GetNetworkFirewallPolicySecurityRulesResult> InvokeAsync(GetNetworkFirewallPolicySecurityRulesArgs args, InvokeOptions? opts = null)
public static Output<GetNetworkFirewallPolicySecurityRulesResult> Invoke(GetNetworkFirewallPolicySecurityRulesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetNetworkFirewallPolicySecurityRulesResult> getNetworkFirewallPolicySecurityRules(GetNetworkFirewallPolicySecurityRulesArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: oci:NetworkFirewall/getNetworkFirewallPolicySecurityRules:getNetworkFirewallPolicySecurityRules
arguments:
# arguments dictionaryThe following arguments are supported:
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Display
Name string - A filter to return only resources that match the entire display name given.
- Filters
List<Get
Network Firewall Policy Security Rules Filter> - Security
Rule intPriority Order - Unique priority order for Security Rules in the network firewall policy.
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Display
Name string - A filter to return only resources that match the entire display name given.
- Filters
[]Get
Network Firewall Policy Security Rules Filter - Security
Rule intPriority Order - Unique priority order for Security Rules in the network firewall policy.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- display
Name String - A filter to return only resources that match the entire display name given.
- filters
List<Get
Policy Security Rules Filter> - security
Rule IntegerPriority Order - Unique priority order for Security Rules in the network firewall policy.
- network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- display
Name string - A filter to return only resources that match the entire display name given.
- filters
Get
Network Firewall Policy Security Rules Filter[] - security
Rule numberPriority Order - Unique priority order for Security Rules in the network firewall policy.
- network_
firewall_ strpolicy_ id - Unique Network Firewall Policy identifier
- display_
name str - A filter to return only resources that match the entire display name given.
- filters
Sequence[networkfirewall.
Get Network Firewall Policy Security Rules Filter] - security_
rule_ intpriority_ order - Unique priority order for Security Rules in the network firewall policy.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- display
Name String - A filter to return only resources that match the entire display name given.
- filters List<Property Map>
- security
Rule NumberPriority Order - Unique priority order for Security Rules in the network firewall policy.
getNetworkFirewallPolicySecurityRules Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Network
Firewall stringPolicy Id - Security
Rule List<GetSummary Collections Network Firewall Policy Security Rules Security Rule Summary Collection> - The list of security_rule_summary_collection.
- Display
Name string - Filters
List<Get
Network Firewall Policy Security Rules Filter> - Security
Rule intPriority Order
- Id string
- The provider-assigned unique ID for this managed resource.
- Network
Firewall stringPolicy Id - Security
Rule []GetSummary Collections Network Firewall Policy Security Rules Security Rule Summary Collection - The list of security_rule_summary_collection.
- Display
Name string - Filters
[]Get
Network Firewall Policy Security Rules Filter - Security
Rule intPriority Order
- id String
- The provider-assigned unique ID for this managed resource.
- network
Firewall StringPolicy Id - security
Rule List<GetSummary Collections Policy Security Rules Security Rule Summary Collection> - The list of security_rule_summary_collection.
- display
Name String - filters
List<Get
Policy Security Rules Filter> - security
Rule IntegerPriority Order
- id string
- The provider-assigned unique ID for this managed resource.
- network
Firewall stringPolicy Id - security
Rule GetSummary Collections Network Firewall Policy Security Rules Security Rule Summary Collection[] - The list of security_rule_summary_collection.
- display
Name string - filters
Get
Network Firewall Policy Security Rules Filter[] - security
Rule numberPriority Order
- id str
- The provider-assigned unique ID for this managed resource.
- network_
firewall_ strpolicy_ id - security_
rule_ Sequence[networkfirewall.summary_ collections Get Network Firewall Policy Security Rules Security Rule Summary Collection] - The list of security_rule_summary_collection.
- display_
name str - filters
Sequence[networkfirewall.
Get Network Firewall Policy Security Rules Filter] - security_
rule_ intpriority_ order
- id String
- The provider-assigned unique ID for this managed resource.
- network
Firewall StringPolicy Id - security
Rule List<Property Map>Summary Collections - The list of security_rule_summary_collection.
- display
Name String - filters List<Property Map>
- security
Rule NumberPriority Order
Supporting Types
GetNetworkFirewallPolicySecurityRulesFilter
GetNetworkFirewallPolicySecurityRulesSecurityRuleSummaryCollection
GetNetworkFirewallPolicySecurityRulesSecurityRuleSummaryCollectionItem
- Action string
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection, which may result in rejection.
- Condition
Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- Name string
- Name for the Security rule, must be unique within the policy.
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Parent
Resource stringId - OCID of the Network Firewall Policy this security rule belongs to.
- Positions
List<Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Position> - An object which defines the position of the rule.
- Inspection string
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type.
- Priority
Order string
- Action string
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection, which may result in rejection.
- Condition
Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- Name string
- Name for the Security rule, must be unique within the policy.
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Parent
Resource stringId - OCID of the Network Firewall Policy this security rule belongs to.
- Positions
[]Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Position - An object which defines the position of the rule.
- Inspection string
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type.
- Priority
Order string
- action String
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection, which may result in rejection.
- condition
Get
Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- name String
- Name for the Security rule, must be unique within the policy.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- parent
Resource StringId - OCID of the Network Firewall Policy this security rule belongs to.
- positions
List<Get
Policy Security Rules Security Rule Summary Collection Item Position> - An object which defines the position of the rule.
- inspection String
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type.
- priority
Order String
- action string
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection, which may result in rejection.
- condition
Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- name string
- Name for the Security rule, must be unique within the policy.
- network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- parent
Resource stringId - OCID of the Network Firewall Policy this security rule belongs to.
- positions
Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Position[] - An object which defines the position of the rule.
- inspection string
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type.
- priority
Order string
- action str
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection, which may result in rejection.
- condition
networkfirewall.
Get Network Firewall Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- name str
- Name for the Security rule, must be unique within the policy.
- network_
firewall_ strpolicy_ id - Unique Network Firewall Policy identifier
- parent_
resource_ strid - OCID of the Network Firewall Policy this security rule belongs to.
- positions
Sequence[networkfirewall.
Get Network Firewall Policy Security Rules Security Rule Summary Collection Item Position] - An object which defines the position of the rule.
- inspection str
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type.
- priority_
order str
- action String
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection, which may result in rejection.
- condition Property Map
- Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- name String
- Name for the Security rule, must be unique within the policy.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- parent
Resource StringId - OCID of the Network Firewall Policy this security rule belongs to.
- positions List<Property Map>
- An object which defines the position of the rule.
- inspection String
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type.
- priority
Order String
GetNetworkFirewallPolicySecurityRulesSecurityRuleSummaryCollectionItemCondition
- Applications List<string>
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- Destination
Addresses List<string> - An array of IP address list names to be evaluated against the traffic destination address.
- Services List<string>
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- Source
Addresses List<string> - An array of IP address list names to be evaluated against the traffic source address.
- Urls List<string>
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- Applications []string
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- Destination
Addresses []string - An array of IP address list names to be evaluated against the traffic destination address.
- Services []string
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- Source
Addresses []string - An array of IP address list names to be evaluated against the traffic source address.
- Urls []string
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- applications List<String>
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- destination
Addresses List<String> - An array of IP address list names to be evaluated against the traffic destination address.
- services List<String>
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- source
Addresses List<String> - An array of IP address list names to be evaluated against the traffic source address.
- urls List<String>
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- applications string[]
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- destination
Addresses string[] - An array of IP address list names to be evaluated against the traffic destination address.
- services string[]
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- source
Addresses string[] - An array of IP address list names to be evaluated against the traffic source address.
- urls string[]
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- applications Sequence[str]
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- destination_
addresses Sequence[str] - An array of IP address list names to be evaluated against the traffic destination address.
- services Sequence[str]
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- source_
addresses Sequence[str] - An array of IP address list names to be evaluated against the traffic source address.
- urls Sequence[str]
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- applications List<String>
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- destination
Addresses List<String> - An array of IP address list names to be evaluated against the traffic destination address.
- services List<String>
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- source
Addresses List<String> - An array of IP address list names to be evaluated against the traffic source address.
- urls List<String>
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
GetNetworkFirewallPolicySecurityRulesSecurityRuleSummaryCollectionItemPosition
- After
Rule string - Identifier for rule after which this rule lies.
- Before
Rule string - Identifier for rule before which this rule lies.
- After
Rule string - Identifier for rule after which this rule lies.
- Before
Rule string - Identifier for rule before which this rule lies.
- after
Rule String - Identifier for rule after which this rule lies.
- before
Rule String - Identifier for rule before which this rule lies.
- after
Rule string - Identifier for rule after which this rule lies.
- before
Rule string - Identifier for rule before which this rule lies.
- after_
rule str - Identifier for rule after which this rule lies.
- before_
rule str - Identifier for rule before which this rule lies.
- after
Rule String - Identifier for rule after which this rule lies.
- before
Rule String - Identifier for rule before which this rule lies.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.
Oracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi