getAppSecIPGeo

Scopes: Security configuration; security policy

Returns information about the network lists used in the IP/Geo Firewall settings; also returns the firewall mode, which indicates whether devices on the geographic or IP address lists are allowed through the firewall or are blocked by the firewall.

Related API Endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/ip-geo-firewall

Output Options

The following options can be used to determine the information returned, and how that returned information is formatted:

  • mode. Specifies the action taken by the IP/Geo firewall. Valid values are:
    • block. Networks on the IP and geographic network lists are prevented from passing through the firewall.
    • allow. Networks on the IP and geographic network lists are allowed to pass through the firewall.
  • geo_network_lists. Network lists blocked or allowed based on geographic location.
  • ip_network_lists. Network lists blocked or allowed based on IP address.
  • exception_ip_network_lists. Network lists allowed through the firewall regardless of the values assigned to the mode, geo_network_lists, and ip_network_lists parameters.
  • output_text. Tabular report of the IP/Geo firewall settings.

Example Usage

using Pulumi;
using Akamai = Pulumi.Akamai;

class MyStack : Stack
{
    public MyStack()
    {
        var configuration = Output.Create(Akamai.GetAppSecConfiguration.InvokeAsync(new Akamai.GetAppSecConfigurationArgs
        {
            Name = "Documentation",
        }));
        var ipGeo = configuration.Apply(configuration => Output.Create(Akamai.GetAppSecIPGeo.InvokeAsync(new Akamai.GetAppSecIPGeoArgs
        {
            ConfigId = configuration.ConfigId,
            SecurityPolicyId = "gms1_134637",
        })));
        this.IpGeoMode = ipGeo.Apply(ipGeo => ipGeo.Mode);
        this.GeoNetworkLists = ipGeo.Apply(ipGeo => ipGeo.GeoNetworkLists);
        this.IpNetworkLists = ipGeo.Apply(ipGeo => ipGeo.IpNetworkLists);
        this.ExceptionIpNetworkLists = ipGeo.Apply(ipGeo => ipGeo.ExceptionIpNetworkLists);
    }

    [Output("ipGeoMode")]
    public Output<string> IpGeoMode { get; set; }
    [Output("geoNetworkLists")]
    public Output<string> GeoNetworkLists { get; set; }
    [Output("ipNetworkLists")]
    public Output<string> IpNetworkLists { get; set; }
    [Output("exceptionIpNetworkLists")]
    public Output<string> ExceptionIpNetworkLists { get; set; }
}
package main

import (
	"github.com/pulumi/pulumi-akamai/sdk/v2/go/akamai"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		opt0 := "Documentation"
		configuration, err := akamai.LookupAppSecConfiguration(ctx, &GetAppSecConfigurationArgs{
			Name: &opt0,
		}, nil)
		if err != nil {
			return err
		}
		ipGeo, err := akamai.LookupAppSecIPGeo(ctx, &GetAppSecIPGeoArgs{
			ConfigId:         configuration.ConfigId,
			SecurityPolicyId: "gms1_134637",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("ipGeoMode", ipGeo.Mode)
		ctx.Export("geoNetworkLists", ipGeo.GeoNetworkLists)
		ctx.Export("ipNetworkLists", ipGeo.IpNetworkLists)
		ctx.Export("exceptionIpNetworkLists", ipGeo.ExceptionIpNetworkLists)
		return nil
	})
}
import pulumi
import pulumi_akamai as akamai

configuration = akamai.get_app_sec_configuration(name="Documentation")
ip_geo = akamai.get_app_sec_ip_geo(config_id=configuration.config_id,
    security_policy_id="gms1_134637")
pulumi.export("ipGeoMode", ip_geo.mode)
pulumi.export("geoNetworkLists", ip_geo.geo_network_lists)
pulumi.export("ipNetworkLists", ip_geo.ip_network_lists)
pulumi.export("exceptionIpNetworkLists", ip_geo.exception_ip_network_lists)
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";

const configuration = akamai.getAppSecConfiguration({
    name: "Documentation",
});
const ipGeo = configuration.then(configuration => akamai.getAppSecIPGeo({
    configId: configuration.configId,
    securityPolicyId: "gms1_134637",
}));
export const ipGeoMode = ipGeo.then(ipGeo => ipGeo.mode);
export const geoNetworkLists = ipGeo.then(ipGeo => ipGeo.geoNetworkLists);
export const ipNetworkLists = ipGeo.then(ipGeo => ipGeo.ipNetworkLists);
export const exceptionIpNetworkLists = ipGeo.then(ipGeo => ipGeo.exceptionIpNetworkLists);

Using getAppSecIPGeo

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAppSecIPGeo(args: GetAppSecIPGeoArgs, opts?: InvokeOptions): Promise<GetAppSecIPGeoResult>
function getAppSecIPGeoOutput(args: GetAppSecIPGeoOutputArgs, opts?: InvokeOptions): Output<GetAppSecIPGeoResult>
def get_app_sec_ip_geo(config_id: Optional[int] = None,
                       security_policy_id: Optional[str] = None,
                       opts: Optional[InvokeOptions] = None) -> GetAppSecIPGeoResult
def get_app_sec_ip_geo_output(config_id: Optional[pulumi.Input[int]] = None,
                       security_policy_id: Optional[pulumi.Input[str]] = None,
                       opts: Optional[InvokeOptions] = None) -> Output[GetAppSecIPGeoResult]
func LookupAppSecIPGeo(ctx *Context, args *LookupAppSecIPGeoArgs, opts ...InvokeOption) (*LookupAppSecIPGeoResult, error)
func LookupAppSecIPGeoOutput(ctx *Context, args *LookupAppSecIPGeoOutputArgs, opts ...InvokeOption) LookupAppSecIPGeoResultOutput

> Note: This function is named LookupAppSecIPGeo in the Go SDK.

public static class GetAppSecIPGeo 
{
    public static Task<GetAppSecIPGeoResult> InvokeAsync(GetAppSecIPGeoArgs args, InvokeOptions? opts = null)
    public static Output<GetAppSecIPGeoResult> Invoke(GetAppSecIPGeoInvokeArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

ConfigId int
. Unique identifier of the security configuration associated with the IP/Geo lists.
SecurityPolicyId string
. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
ConfigId int
. Unique identifier of the security configuration associated with the IP/Geo lists.
SecurityPolicyId string
. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
configId number
. Unique identifier of the security configuration associated with the IP/Geo lists.
securityPolicyId string
. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
config_id int
. Unique identifier of the security configuration associated with the IP/Geo lists.
security_policy_id str
. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.

getAppSecIPGeo Result

The following output properties are available:

ConfigId int
ExceptionIpNetworkLists List<string>
GeoNetworkLists List<string>
Id string
The provider-assigned unique ID for this managed resource.
IpNetworkLists List<string>
Mode string
OutputText string
SecurityPolicyId string
ConfigId int
ExceptionIpNetworkLists []string
GeoNetworkLists []string
Id string
The provider-assigned unique ID for this managed resource.
IpNetworkLists []string
Mode string
OutputText string
SecurityPolicyId string
configId number
exceptionIpNetworkLists string[]
geoNetworkLists string[]
id string
The provider-assigned unique ID for this managed resource.
ipNetworkLists string[]
mode string
outputText string
securityPolicyId string
config_id int
exception_ip_network_lists Sequence[str]
geo_network_lists Sequence[str]
id str
The provider-assigned unique ID for this managed resource.
ip_network_lists Sequence[str]
mode str
output_text str
security_policy_id str

Package Details

Repository
https://github.com/pulumi/pulumi-akamai
License
Apache-2.0
Notes
This Pulumi package is based on the akamai Terraform Provider.