Akamai
getAppSecIPGeo
Scopes: Security configuration; security policy
Returns information about the network lists used in the IP/Geo Firewall settings; also returns the firewall mode
, which indicates whether devices on the geographic or IP address lists are allowed through the firewall or are blocked by the firewall.
Related API Endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/ip-geo-firewall
Output Options
The following options can be used to determine the information returned, and how that returned information is formatted:
mode
. Specifies the action taken by the IP/Geo firewall. Valid values are:- block. Networks on the IP and geographic network lists are prevented from passing through the firewall.
- allow. Networks on the IP and geographic network lists are allowed to pass through the firewall.
geo_network_lists
. Network lists blocked or allowed based on geographic location.ip_network_lists
. Network lists blocked or allowed based on IP address.exception_ip_network_lists
. Network lists allowed through the firewall regardless of the values assigned to themode
,geo_network_lists
, andip_network_lists
parameters.output_text
. Tabular report of the IP/Geo firewall settings.
Example Usage
using Pulumi;
using Akamai = Pulumi.Akamai;
class MyStack : Stack
{
public MyStack()
{
var configuration = Output.Create(Akamai.GetAppSecConfiguration.InvokeAsync(new Akamai.GetAppSecConfigurationArgs
{
Name = "Documentation",
}));
var ipGeo = configuration.Apply(configuration => Output.Create(Akamai.GetAppSecIPGeo.InvokeAsync(new Akamai.GetAppSecIPGeoArgs
{
ConfigId = configuration.ConfigId,
SecurityPolicyId = "gms1_134637",
})));
this.IpGeoMode = ipGeo.Apply(ipGeo => ipGeo.Mode);
this.GeoNetworkLists = ipGeo.Apply(ipGeo => ipGeo.GeoNetworkLists);
this.IpNetworkLists = ipGeo.Apply(ipGeo => ipGeo.IpNetworkLists);
this.ExceptionIpNetworkLists = ipGeo.Apply(ipGeo => ipGeo.ExceptionIpNetworkLists);
}
[Output("ipGeoMode")]
public Output<string> IpGeoMode { get; set; }
[Output("geoNetworkLists")]
public Output<string> GeoNetworkLists { get; set; }
[Output("ipNetworkLists")]
public Output<string> IpNetworkLists { get; set; }
[Output("exceptionIpNetworkLists")]
public Output<string> ExceptionIpNetworkLists { get; set; }
}
package main
import (
"github.com/pulumi/pulumi-akamai/sdk/v3/go/akamai"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
configuration, err := akamai.LookupAppSecConfiguration(ctx, &GetAppSecConfigurationArgs{
Name: pulumi.StringRef("Documentation"),
}, nil)
if err != nil {
return err
}
ipGeo, err := akamai.LookupAppSecIPGeo(ctx, &GetAppSecIPGeoArgs{
ConfigId: configuration.ConfigId,
SecurityPolicyId: "gms1_134637",
}, nil)
if err != nil {
return err
}
ctx.Export("ipGeoMode", ipGeo.Mode)
ctx.Export("geoNetworkLists", ipGeo.GeoNetworkLists)
ctx.Export("ipNetworkLists", ipGeo.IpNetworkLists)
ctx.Export("exceptionIpNetworkLists", ipGeo.ExceptionIpNetworkLists)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.akamai.AkamaiFunctions;
import com.pulumi.akamai.inputs.GetAppSecConfigurationArgs;
import com.pulumi.akamai.inputs.GetAppSecIPGeoArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var configuration = AkamaiFunctions.getAppSecConfiguration(GetAppSecConfigurationArgs.builder()
.name("Documentation")
.build());
final var ipGeo = AkamaiFunctions.getAppSecIPGeo(GetAppSecIPGeoArgs.builder()
.configId(configuration.applyValue(getAppSecConfigurationResult -> getAppSecConfigurationResult.configId()))
.securityPolicyId("gms1_134637")
.build());
ctx.export("ipGeoMode", ipGeo.applyValue(getAppSecIPGeoResult -> getAppSecIPGeoResult.mode()));
ctx.export("geoNetworkLists", ipGeo.applyValue(getAppSecIPGeoResult -> getAppSecIPGeoResult.geoNetworkLists()));
ctx.export("ipNetworkLists", ipGeo.applyValue(getAppSecIPGeoResult -> getAppSecIPGeoResult.ipNetworkLists()));
ctx.export("exceptionIpNetworkLists", ipGeo.applyValue(getAppSecIPGeoResult -> getAppSecIPGeoResult.exceptionIpNetworkLists()));
}
}
import pulumi
import pulumi_akamai as akamai
configuration = akamai.get_app_sec_configuration(name="Documentation")
ip_geo = akamai.get_app_sec_ip_geo(config_id=configuration.config_id,
security_policy_id="gms1_134637")
pulumi.export("ipGeoMode", ip_geo.mode)
pulumi.export("geoNetworkLists", ip_geo.geo_network_lists)
pulumi.export("ipNetworkLists", ip_geo.ip_network_lists)
pulumi.export("exceptionIpNetworkLists", ip_geo.exception_ip_network_lists)
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";
const configuration = akamai.getAppSecConfiguration({
name: "Documentation",
});
const ipGeo = configuration.then(configuration => akamai.getAppSecIPGeo({
configId: configuration.configId,
securityPolicyId: "gms1_134637",
}));
export const ipGeoMode = ipGeo.then(ipGeo => ipGeo.mode);
export const geoNetworkLists = ipGeo.then(ipGeo => ipGeo.geoNetworkLists);
export const ipNetworkLists = ipGeo.then(ipGeo => ipGeo.ipNetworkLists);
export const exceptionIpNetworkLists = ipGeo.then(ipGeo => ipGeo.exceptionIpNetworkLists);
variables:
configuration: # USE CASE: User wants to view IP/Geo firewall settings.
Fn::Invoke:
Function: akamai:getAppSecConfiguration
Arguments:
name: Documentation
ipGeo:
Fn::Invoke:
Function: akamai:getAppSecIPGeo
Arguments:
configId: ${configuration.configId}
securityPolicyId: gms1_134637
outputs:
ipGeoMode: ${ipGeo.mode}
geoNetworkLists: ${ipGeo.geoNetworkLists}
ipNetworkLists: ${ipGeo.ipNetworkLists}
exceptionIpNetworkLists: ${ipGeo.exceptionIpNetworkLists}
Using getAppSecIPGeo
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAppSecIPGeo(args: GetAppSecIPGeoArgs, opts?: InvokeOptions): Promise<GetAppSecIPGeoResult>
function getAppSecIPGeoOutput(args: GetAppSecIPGeoOutputArgs, opts?: InvokeOptions): Output<GetAppSecIPGeoResult>
def get_app_sec_ip_geo(config_id: Optional[int] = None,
security_policy_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetAppSecIPGeoResult
def get_app_sec_ip_geo_output(config_id: Optional[pulumi.Input[int]] = None,
security_policy_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAppSecIPGeoResult]
func LookupAppSecIPGeo(ctx *Context, args *LookupAppSecIPGeoArgs, opts ...InvokeOption) (*LookupAppSecIPGeoResult, error)
func LookupAppSecIPGeoOutput(ctx *Context, args *LookupAppSecIPGeoOutputArgs, opts ...InvokeOption) LookupAppSecIPGeoResultOutput
> Note: This function is named LookupAppSecIPGeo
in the Go SDK.
public static class GetAppSecIPGeo
{
public static Task<GetAppSecIPGeoResult> InvokeAsync(GetAppSecIPGeoArgs args, InvokeOptions? opts = null)
public static Output<GetAppSecIPGeoResult> Invoke(GetAppSecIPGeoInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAppSecIPGeoResult> getAppSecIPGeo(GetAppSecIPGeoArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
Fn::Invoke:
Function: akamai:index/getAppSecIPGeo:getAppSecIPGeo
Arguments:
# Arguments dictionary
The following arguments are supported:
- Config
Id int . Unique identifier of the security configuration associated with the IP/Geo lists.
- Security
Policy stringId . Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
- Config
Id int . Unique identifier of the security configuration associated with the IP/Geo lists.
- Security
Policy stringId . Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
- config
Id Integer . Unique identifier of the security configuration associated with the IP/Geo lists.
- security
Policy StringId . Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
- config
Id number . Unique identifier of the security configuration associated with the IP/Geo lists.
- security
Policy stringId . Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
- config_
id int . Unique identifier of the security configuration associated with the IP/Geo lists.
- security_
policy_ strid . Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
- config
Id Number . Unique identifier of the security configuration associated with the IP/Geo lists.
- security
Policy StringId . Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.
getAppSecIPGeo Result
The following output properties are available:
- Config
Id int - Exception
Ip List<string>Network Lists - Geo
Network List<string>Lists - Id string
The provider-assigned unique ID for this managed resource.
- Ip
Network List<string>Lists - Mode string
- Output
Text string - Security
Policy stringId
- Config
Id int - Exception
Ip []stringNetwork Lists - Geo
Network []stringLists - Id string
The provider-assigned unique ID for this managed resource.
- Ip
Network []stringLists - Mode string
- Output
Text string - Security
Policy stringId
- config
Id Integer - exception
Ip List<String>Network Lists - geo
Network List<String>Lists - id String
The provider-assigned unique ID for this managed resource.
- ip
Network List<String>Lists - mode String
- output
Text String - security
Policy StringId
- config
Id number - exception
Ip string[]Network Lists - geo
Network string[]Lists - id string
The provider-assigned unique ID for this managed resource.
- ip
Network string[]Lists - mode string
- output
Text string - security
Policy stringId
- config_
id int - exception_
ip_ Sequence[str]network_ lists - geo_
network_ Sequence[str]lists - id str
The provider-assigned unique ID for this managed resource.
- ip_
network_ Sequence[str]lists - mode str
- output_
text str - security_
policy_ strid
- config
Id Number - exception
Ip List<String>Network Lists - geo
Network List<String>Lists - id String
The provider-assigned unique ID for this managed resource.
- ip
Network List<String>Lists - mode String
- output
Text String - security
Policy StringId
Package Details
- Repository
- https://github.com/pulumi/pulumi-akamai
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
akamai
Terraform Provider.