getAppSecIPGeo

Scopes: Security configuration; security policy

Returns information about the network lists used in the IP/Geo Firewall settings; also returns the firewall mode, which indicates whether devices on the geographic or IP address lists are allowed through the firewall or are blocked by the firewall.

Related API Endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/ip-geo-firewall

Output Options

The following options can be used to determine the information returned, and how that returned information is formatted:

  • mode. Specifies the action taken by the IP/Geo firewall. Valid values are:
    • block. Networks on the IP and geographic network lists are prevented from passing through the firewall.
    • allow. Networks on the IP and geographic network lists are allowed to pass through the firewall.
  • geo_network_lists. Network lists blocked or allowed based on geographic location.
  • ip_network_lists. Network lists blocked or allowed based on IP address.
  • exception_ip_network_lists. Network lists allowed through the firewall regardless of the values assigned to the mode, geo_network_lists, and ip_network_lists parameters.
  • output_text. Tabular report of the IP/Geo firewall settings.

Example Usage

Basic usage

using Pulumi;
using Akamai = Pulumi.Akamai;

class MyStack : Stack
{
    public MyStack()
    {
        var configuration = Output.Create(Akamai.GetAppSecConfiguration.InvokeAsync(new Akamai.GetAppSecConfigurationArgs
        {
            Name = "Documentation",
        }));
        var ipGeo = configuration.Apply(configuration => Output.Create(Akamai.GetAppSecIPGeo.InvokeAsync(new Akamai.GetAppSecIPGeoArgs
        {
            ConfigId = configuration.ConfigId,
            SecurityPolicyId = "gms1_134637",
        })));
        this.IpGeoMode = ipGeo.Apply(ipGeo => ipGeo.Mode);
        this.GeoNetworkLists = ipGeo.Apply(ipGeo => ipGeo.GeoNetworkLists);
        this.IpNetworkLists = ipGeo.Apply(ipGeo => ipGeo.IpNetworkLists);
        this.ExceptionIpNetworkLists = ipGeo.Apply(ipGeo => ipGeo.ExceptionIpNetworkLists);
    }

    [Output("ipGeoMode")]
    public Output<string> IpGeoMode { get; set; }
    [Output("geoNetworkLists")]
    public Output<string> GeoNetworkLists { get; set; }
    [Output("ipNetworkLists")]
    public Output<string> IpNetworkLists { get; set; }
    [Output("exceptionIpNetworkLists")]
    public Output<string> ExceptionIpNetworkLists { get; set; }
}
package main

import (
	"github.com/pulumi/pulumi-akamai/sdk/v3/go/akamai"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		configuration, err := akamai.LookupAppSecConfiguration(ctx, &GetAppSecConfigurationArgs{
			Name: pulumi.StringRef("Documentation"),
		}, nil)
		if err != nil {
			return err
		}
		ipGeo, err := akamai.LookupAppSecIPGeo(ctx, &GetAppSecIPGeoArgs{
			ConfigId:         configuration.ConfigId,
			SecurityPolicyId: "gms1_134637",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("ipGeoMode", ipGeo.Mode)
		ctx.Export("geoNetworkLists", ipGeo.GeoNetworkLists)
		ctx.Export("ipNetworkLists", ipGeo.IpNetworkLists)
		ctx.Export("exceptionIpNetworkLists", ipGeo.ExceptionIpNetworkLists)
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.akamai.AkamaiFunctions;
import com.pulumi.akamai.inputs.GetAppSecConfigurationArgs;
import com.pulumi.akamai.inputs.GetAppSecIPGeoArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var configuration = AkamaiFunctions.getAppSecConfiguration(GetAppSecConfigurationArgs.builder()
            .name("Documentation")
            .build());

        final var ipGeo = AkamaiFunctions.getAppSecIPGeo(GetAppSecIPGeoArgs.builder()
            .configId(configuration.applyValue(getAppSecConfigurationResult -> getAppSecConfigurationResult.configId()))
            .securityPolicyId("gms1_134637")
            .build());

        ctx.export("ipGeoMode", ipGeo.applyValue(getAppSecIPGeoResult -> getAppSecIPGeoResult.mode()));
        ctx.export("geoNetworkLists", ipGeo.applyValue(getAppSecIPGeoResult -> getAppSecIPGeoResult.geoNetworkLists()));
        ctx.export("ipNetworkLists", ipGeo.applyValue(getAppSecIPGeoResult -> getAppSecIPGeoResult.ipNetworkLists()));
        ctx.export("exceptionIpNetworkLists", ipGeo.applyValue(getAppSecIPGeoResult -> getAppSecIPGeoResult.exceptionIpNetworkLists()));
    }
}
import pulumi
import pulumi_akamai as akamai

configuration = akamai.get_app_sec_configuration(name="Documentation")
ip_geo = akamai.get_app_sec_ip_geo(config_id=configuration.config_id,
    security_policy_id="gms1_134637")
pulumi.export("ipGeoMode", ip_geo.mode)
pulumi.export("geoNetworkLists", ip_geo.geo_network_lists)
pulumi.export("ipNetworkLists", ip_geo.ip_network_lists)
pulumi.export("exceptionIpNetworkLists", ip_geo.exception_ip_network_lists)
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";

const configuration = akamai.getAppSecConfiguration({
    name: "Documentation",
});
const ipGeo = configuration.then(configuration => akamai.getAppSecIPGeo({
    configId: configuration.configId,
    securityPolicyId: "gms1_134637",
}));
export const ipGeoMode = ipGeo.then(ipGeo => ipGeo.mode);
export const geoNetworkLists = ipGeo.then(ipGeo => ipGeo.geoNetworkLists);
export const ipNetworkLists = ipGeo.then(ipGeo => ipGeo.ipNetworkLists);
export const exceptionIpNetworkLists = ipGeo.then(ipGeo => ipGeo.exceptionIpNetworkLists);
variables:
  configuration: # USE CASE: User wants to view IP/Geo firewall settings.
    Fn::Invoke:
      Function: akamai:getAppSecConfiguration
      Arguments:
        name: Documentation
  ipGeo:
    Fn::Invoke:
      Function: akamai:getAppSecIPGeo
      Arguments:
        configId: ${configuration.configId}
        securityPolicyId: gms1_134637
outputs:
  ipGeoMode: ${ipGeo.mode}
  geoNetworkLists: ${ipGeo.geoNetworkLists}
  ipNetworkLists: ${ipGeo.ipNetworkLists}
  exceptionIpNetworkLists: ${ipGeo.exceptionIpNetworkLists}

Using getAppSecIPGeo

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAppSecIPGeo(args: GetAppSecIPGeoArgs, opts?: InvokeOptions): Promise<GetAppSecIPGeoResult>
function getAppSecIPGeoOutput(args: GetAppSecIPGeoOutputArgs, opts?: InvokeOptions): Output<GetAppSecIPGeoResult>
def get_app_sec_ip_geo(config_id: Optional[int] = None,
                       security_policy_id: Optional[str] = None,
                       opts: Optional[InvokeOptions] = None) -> GetAppSecIPGeoResult
def get_app_sec_ip_geo_output(config_id: Optional[pulumi.Input[int]] = None,
                       security_policy_id: Optional[pulumi.Input[str]] = None,
                       opts: Optional[InvokeOptions] = None) -> Output[GetAppSecIPGeoResult]
func LookupAppSecIPGeo(ctx *Context, args *LookupAppSecIPGeoArgs, opts ...InvokeOption) (*LookupAppSecIPGeoResult, error)
func LookupAppSecIPGeoOutput(ctx *Context, args *LookupAppSecIPGeoOutputArgs, opts ...InvokeOption) LookupAppSecIPGeoResultOutput

> Note: This function is named LookupAppSecIPGeo in the Go SDK.

public static class GetAppSecIPGeo 
{
    public static Task<GetAppSecIPGeoResult> InvokeAsync(GetAppSecIPGeoArgs args, InvokeOptions? opts = null)
    public static Output<GetAppSecIPGeoResult> Invoke(GetAppSecIPGeoInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAppSecIPGeoResult> getAppSecIPGeo(GetAppSecIPGeoArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: akamai:index/getAppSecIPGeo:getAppSecIPGeo
  arguments:
    # arguments dictionary

The following arguments are supported:

ConfigId int

. Unique identifier of the security configuration associated with the IP/Geo lists.

SecurityPolicyId string

. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.

ConfigId int

. Unique identifier of the security configuration associated with the IP/Geo lists.

SecurityPolicyId string

. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.

configId Integer

. Unique identifier of the security configuration associated with the IP/Geo lists.

securityPolicyId String

. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.

configId number

. Unique identifier of the security configuration associated with the IP/Geo lists.

securityPolicyId string

. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.

config_id int

. Unique identifier of the security configuration associated with the IP/Geo lists.

security_policy_id str

. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.

configId Number

. Unique identifier of the security configuration associated with the IP/Geo lists.

securityPolicyId String

. Unique identifier of the security policy associated with the IP/Geo lists. If not included, information is returned for all your security policies.

getAppSecIPGeo Result

The following output properties are available:

ConfigId int
ExceptionIpNetworkLists List<string>
GeoNetworkLists List<string>
Id string

The provider-assigned unique ID for this managed resource.

IpNetworkLists List<string>
Mode string
OutputText string
SecurityPolicyId string
ConfigId int
ExceptionIpNetworkLists []string
GeoNetworkLists []string
Id string

The provider-assigned unique ID for this managed resource.

IpNetworkLists []string
Mode string
OutputText string
SecurityPolicyId string
configId Integer
exceptionIpNetworkLists List<String>
geoNetworkLists List<String>
id String

The provider-assigned unique ID for this managed resource.

ipNetworkLists List<String>
mode String
outputText String
securityPolicyId String
configId number
exceptionIpNetworkLists string[]
geoNetworkLists string[]
id string

The provider-assigned unique ID for this managed resource.

ipNetworkLists string[]
mode string
outputText string
securityPolicyId string
config_id int
exception_ip_network_lists Sequence[str]
geo_network_lists Sequence[str]
id str

The provider-assigned unique ID for this managed resource.

ip_network_lists Sequence[str]
mode str
output_text str
security_policy_id str
configId Number
exceptionIpNetworkLists List<String>
geoNetworkLists List<String>
id String

The provider-assigned unique ID for this managed resource.

ipNetworkLists List<String>
mode String
outputText String
securityPolicyId String

Package Details

Repository
https://github.com/pulumi/pulumi-akamai
License
Apache-2.0
Notes

This Pulumi package is based on the akamai Terraform Provider.