1. Packages
  2. Aquasec
  3. API Docs
  4. getFunctionRuntimePolicy
Aquasec v0.8.29 published on Monday, Jul 22, 2024 by Pulumiverse

aquasec.getFunctionRuntimePolicy

Explore with Pulumi AI

aquasec logo
Aquasec v0.8.29 published on Monday, Jul 22, 2024 by Pulumiverse

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aquasec from "@pulumi/aquasec";
    
    const functionRuntimePolicy = aquasec.getFunctionRuntimePolicy({
        name: "FunctionRuntimePolicyName",
    });
    export const functionRuntimePolicyDetails = functionRuntimePolicy;
    
    import pulumi
    import pulumi_aquasec as aquasec
    
    function_runtime_policy = aquasec.get_function_runtime_policy(name="FunctionRuntimePolicyName")
    pulumi.export("functionRuntimePolicyDetails", function_runtime_policy)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-aquasec/sdk/go/aquasec"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		functionRuntimePolicy, err := aquasec.LookupFunctionRuntimePolicy(ctx, &aquasec.LookupFunctionRuntimePolicyArgs{
    			Name: "FunctionRuntimePolicyName",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		ctx.Export("functionRuntimePolicyDetails", functionRuntimePolicy)
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aquasec = Pulumi.Aquasec;
    
    return await Deployment.RunAsync(() => 
    {
        var functionRuntimePolicy = Aquasec.GetFunctionRuntimePolicy.Invoke(new()
        {
            Name = "FunctionRuntimePolicyName",
        });
    
        return new Dictionary<string, object?>
        {
            ["functionRuntimePolicyDetails"] = functionRuntimePolicy,
        };
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aquasec.AquasecFunctions;
    import com.pulumi.aquasec.inputs.GetFunctionRuntimePolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var functionRuntimePolicy = AquasecFunctions.getFunctionRuntimePolicy(GetFunctionRuntimePolicyArgs.builder()
                .name("FunctionRuntimePolicyName")
                .build());
    
            ctx.export("functionRuntimePolicyDetails", functionRuntimePolicy.applyValue(getFunctionRuntimePolicyResult -> getFunctionRuntimePolicyResult));
        }
    }
    
    variables:
      functionRuntimePolicy:
        fn::invoke:
          Function: aquasec:getFunctionRuntimePolicy
          Arguments:
            name: FunctionRuntimePolicyName
    outputs:
      functionRuntimePolicyDetails: ${functionRuntimePolicy}
    

    Using getFunctionRuntimePolicy

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getFunctionRuntimePolicy(args: GetFunctionRuntimePolicyArgs, opts?: InvokeOptions): Promise<GetFunctionRuntimePolicyResult>
    function getFunctionRuntimePolicyOutput(args: GetFunctionRuntimePolicyOutputArgs, opts?: InvokeOptions): Output<GetFunctionRuntimePolicyResult>
    def get_function_runtime_policy(drift_preventions: Optional[Sequence[GetFunctionRuntimePolicyDriftPrevention]] = None,
                                    executable_blacklists: Optional[Sequence[GetFunctionRuntimePolicyExecutableBlacklist]] = None,
                                    name: Optional[str] = None,
                                    opts: Optional[InvokeOptions] = None) -> GetFunctionRuntimePolicyResult
    def get_function_runtime_policy_output(drift_preventions: Optional[pulumi.Input[Sequence[pulumi.Input[GetFunctionRuntimePolicyDriftPreventionArgs]]]] = None,
                                    executable_blacklists: Optional[pulumi.Input[Sequence[pulumi.Input[GetFunctionRuntimePolicyExecutableBlacklistArgs]]]] = None,
                                    name: Optional[pulumi.Input[str]] = None,
                                    opts: Optional[InvokeOptions] = None) -> Output[GetFunctionRuntimePolicyResult]
    func LookupFunctionRuntimePolicy(ctx *Context, args *LookupFunctionRuntimePolicyArgs, opts ...InvokeOption) (*LookupFunctionRuntimePolicyResult, error)
    func LookupFunctionRuntimePolicyOutput(ctx *Context, args *LookupFunctionRuntimePolicyOutputArgs, opts ...InvokeOption) LookupFunctionRuntimePolicyResultOutput

    > Note: This function is named LookupFunctionRuntimePolicy in the Go SDK.

    public static class GetFunctionRuntimePolicy 
    {
        public static Task<GetFunctionRuntimePolicyResult> InvokeAsync(GetFunctionRuntimePolicyArgs args, InvokeOptions? opts = null)
        public static Output<GetFunctionRuntimePolicyResult> Invoke(GetFunctionRuntimePolicyInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetFunctionRuntimePolicyResult> getFunctionRuntimePolicy(GetFunctionRuntimePolicyArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aquasec:index/getFunctionRuntimePolicy:getFunctionRuntimePolicy
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Name string
    Name of the function runtime policy
    DriftPreventions []GetFunctionRuntimePolicyDriftPrevention
    Drift prevention configuration.
    ExecutableBlacklists []GetFunctionRuntimePolicyExecutableBlacklist
    Executable blacklist configuration.
    name String
    Name of the function runtime policy
    driftPreventions List<GetFunctionRuntimePolicyDriftPrevention>
    Drift prevention configuration.
    executableBlacklists List<GetFunctionRuntimePolicyExecutableBlacklist>
    Executable blacklist configuration.
    name string
    Name of the function runtime policy
    driftPreventions GetFunctionRuntimePolicyDriftPrevention[]
    Drift prevention configuration.
    executableBlacklists GetFunctionRuntimePolicyExecutableBlacklist[]
    Executable blacklist configuration.
    name str
    Name of the function runtime policy
    drift_preventions Sequence[GetFunctionRuntimePolicyDriftPrevention]
    Drift prevention configuration.
    executable_blacklists Sequence[GetFunctionRuntimePolicyExecutableBlacklist]
    Executable blacklist configuration.
    name String
    Name of the function runtime policy
    driftPreventions List<Property Map>
    Drift prevention configuration.
    executableBlacklists List<Property Map>
    Executable blacklist configuration.

    getFunctionRuntimePolicy Result

    The following output properties are available:

    ApplicationScopes List<string>
    Indicates the application scope of the service.
    Author string
    Username of the account that created the service.
    BlockMaliciousExecutables bool
    If true, prevent creation of malicious executables in functions during their runtime post invocation.
    BlockMaliciousExecutablesAllowedProcesses List<string>
    List of processes that will be allowed
    BlockRunningExecutablesInTmpFolder bool
    If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
    BlockedExecutables List<string>
    List of executables that are prevented from running in containers.
    Description string
    The description of the function runtime policy
    Enabled bool
    Indicates if the runtime policy is enabled or not.
    Enforce bool
    Indicates that policy should effect container execution (not just for audit).
    HoneypotAccessKey string
    Honeypot User ID (Access Key)
    HoneypotApplyOns List<string>
    List of options to apply the honeypot on (Environment Vairable, Layer, File)
    HoneypotSecretKey string
    Honeypot User Password (Secret Key)
    HoneypotServerlessAppName string
    Serverless application name
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    Name of the function runtime policy
    ScopeExpression string
    Logical expression of how to compute the dependency of the scope variables.
    ScopeVariables List<Pulumiverse.Aquasec.Outputs.GetFunctionRuntimePolicyScopeVariable>
    List of scope attributes.
    DriftPreventions List<Pulumiverse.Aquasec.Outputs.GetFunctionRuntimePolicyDriftPrevention>
    Drift prevention configuration.
    ExecutableBlacklists List<Pulumiverse.Aquasec.Outputs.GetFunctionRuntimePolicyExecutableBlacklist>
    Executable blacklist configuration.
    ApplicationScopes []string
    Indicates the application scope of the service.
    Author string
    Username of the account that created the service.
    BlockMaliciousExecutables bool
    If true, prevent creation of malicious executables in functions during their runtime post invocation.
    BlockMaliciousExecutablesAllowedProcesses []string
    List of processes that will be allowed
    BlockRunningExecutablesInTmpFolder bool
    If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
    BlockedExecutables []string
    List of executables that are prevented from running in containers.
    Description string
    The description of the function runtime policy
    Enabled bool
    Indicates if the runtime policy is enabled or not.
    Enforce bool
    Indicates that policy should effect container execution (not just for audit).
    HoneypotAccessKey string
    Honeypot User ID (Access Key)
    HoneypotApplyOns []string
    List of options to apply the honeypot on (Environment Vairable, Layer, File)
    HoneypotSecretKey string
    Honeypot User Password (Secret Key)
    HoneypotServerlessAppName string
    Serverless application name
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    Name of the function runtime policy
    ScopeExpression string
    Logical expression of how to compute the dependency of the scope variables.
    ScopeVariables []GetFunctionRuntimePolicyScopeVariable
    List of scope attributes.
    DriftPreventions []GetFunctionRuntimePolicyDriftPrevention
    Drift prevention configuration.
    ExecutableBlacklists []GetFunctionRuntimePolicyExecutableBlacklist
    Executable blacklist configuration.
    applicationScopes List<String>
    Indicates the application scope of the service.
    author String
    Username of the account that created the service.
    blockMaliciousExecutables Boolean
    If true, prevent creation of malicious executables in functions during their runtime post invocation.
    blockMaliciousExecutablesAllowedProcesses List<String>
    List of processes that will be allowed
    blockRunningExecutablesInTmpFolder Boolean
    If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
    blockedExecutables List<String>
    List of executables that are prevented from running in containers.
    description String
    The description of the function runtime policy
    enabled Boolean
    Indicates if the runtime policy is enabled or not.
    enforce Boolean
    Indicates that policy should effect container execution (not just for audit).
    honeypotAccessKey String
    Honeypot User ID (Access Key)
    honeypotApplyOns List<String>
    List of options to apply the honeypot on (Environment Vairable, Layer, File)
    honeypotSecretKey String
    Honeypot User Password (Secret Key)
    honeypotServerlessAppName String
    Serverless application name
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    Name of the function runtime policy
    scopeExpression String
    Logical expression of how to compute the dependency of the scope variables.
    scopeVariables List<GetFunctionRuntimePolicyScopeVariable>
    List of scope attributes.
    driftPreventions List<GetFunctionRuntimePolicyDriftPrevention>
    Drift prevention configuration.
    executableBlacklists List<GetFunctionRuntimePolicyExecutableBlacklist>
    Executable blacklist configuration.
    applicationScopes string[]
    Indicates the application scope of the service.
    author string
    Username of the account that created the service.
    blockMaliciousExecutables boolean
    If true, prevent creation of malicious executables in functions during their runtime post invocation.
    blockMaliciousExecutablesAllowedProcesses string[]
    List of processes that will be allowed
    blockRunningExecutablesInTmpFolder boolean
    If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
    blockedExecutables string[]
    List of executables that are prevented from running in containers.
    description string
    The description of the function runtime policy
    enabled boolean
    Indicates if the runtime policy is enabled or not.
    enforce boolean
    Indicates that policy should effect container execution (not just for audit).
    honeypotAccessKey string
    Honeypot User ID (Access Key)
    honeypotApplyOns string[]
    List of options to apply the honeypot on (Environment Vairable, Layer, File)
    honeypotSecretKey string
    Honeypot User Password (Secret Key)
    honeypotServerlessAppName string
    Serverless application name
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    Name of the function runtime policy
    scopeExpression string
    Logical expression of how to compute the dependency of the scope variables.
    scopeVariables GetFunctionRuntimePolicyScopeVariable[]
    List of scope attributes.
    driftPreventions GetFunctionRuntimePolicyDriftPrevention[]
    Drift prevention configuration.
    executableBlacklists GetFunctionRuntimePolicyExecutableBlacklist[]
    Executable blacklist configuration.
    application_scopes Sequence[str]
    Indicates the application scope of the service.
    author str
    Username of the account that created the service.
    block_malicious_executables bool
    If true, prevent creation of malicious executables in functions during their runtime post invocation.
    block_malicious_executables_allowed_processes Sequence[str]
    List of processes that will be allowed
    block_running_executables_in_tmp_folder bool
    If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
    blocked_executables Sequence[str]
    List of executables that are prevented from running in containers.
    description str
    The description of the function runtime policy
    enabled bool
    Indicates if the runtime policy is enabled or not.
    enforce bool
    Indicates that policy should effect container execution (not just for audit).
    honeypot_access_key str
    Honeypot User ID (Access Key)
    honeypot_apply_ons Sequence[str]
    List of options to apply the honeypot on (Environment Vairable, Layer, File)
    honeypot_secret_key str
    Honeypot User Password (Secret Key)
    honeypot_serverless_app_name str
    Serverless application name
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    Name of the function runtime policy
    scope_expression str
    Logical expression of how to compute the dependency of the scope variables.
    scope_variables Sequence[GetFunctionRuntimePolicyScopeVariable]
    List of scope attributes.
    drift_preventions Sequence[GetFunctionRuntimePolicyDriftPrevention]
    Drift prevention configuration.
    executable_blacklists Sequence[GetFunctionRuntimePolicyExecutableBlacklist]
    Executable blacklist configuration.
    applicationScopes List<String>
    Indicates the application scope of the service.
    author String
    Username of the account that created the service.
    blockMaliciousExecutables Boolean
    If true, prevent creation of malicious executables in functions during their runtime post invocation.
    blockMaliciousExecutablesAllowedProcesses List<String>
    List of processes that will be allowed
    blockRunningExecutablesInTmpFolder Boolean
    If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
    blockedExecutables List<String>
    List of executables that are prevented from running in containers.
    description String
    The description of the function runtime policy
    enabled Boolean
    Indicates if the runtime policy is enabled or not.
    enforce Boolean
    Indicates that policy should effect container execution (not just for audit).
    honeypotAccessKey String
    Honeypot User ID (Access Key)
    honeypotApplyOns List<String>
    List of options to apply the honeypot on (Environment Vairable, Layer, File)
    honeypotSecretKey String
    Honeypot User Password (Secret Key)
    honeypotServerlessAppName String
    Serverless application name
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    Name of the function runtime policy
    scopeExpression String
    Logical expression of how to compute the dependency of the scope variables.
    scopeVariables List<Property Map>
    List of scope attributes.
    driftPreventions List<Property Map>
    Drift prevention configuration.
    executableBlacklists List<Property Map>
    Executable blacklist configuration.

    Supporting Types

    GetFunctionRuntimePolicyDriftPrevention

    Enabled bool
    Whether drift prevention is enabled.
    ExecLockdown bool
    Whether to lockdown execution drift.
    ExecLockdownWhiteLists List<string>
    List of items in the execution lockdown white list.
    ImageLockdown bool
    Whether to lockdown image drift.
    Enabled bool
    Whether drift prevention is enabled.
    ExecLockdown bool
    Whether to lockdown execution drift.
    ExecLockdownWhiteLists []string
    List of items in the execution lockdown white list.
    ImageLockdown bool
    Whether to lockdown image drift.
    enabled Boolean
    Whether drift prevention is enabled.
    execLockdown Boolean
    Whether to lockdown execution drift.
    execLockdownWhiteLists List<String>
    List of items in the execution lockdown white list.
    imageLockdown Boolean
    Whether to lockdown image drift.
    enabled boolean
    Whether drift prevention is enabled.
    execLockdown boolean
    Whether to lockdown execution drift.
    execLockdownWhiteLists string[]
    List of items in the execution lockdown white list.
    imageLockdown boolean
    Whether to lockdown image drift.
    enabled bool
    Whether drift prevention is enabled.
    exec_lockdown bool
    Whether to lockdown execution drift.
    exec_lockdown_white_lists Sequence[str]
    List of items in the execution lockdown white list.
    image_lockdown bool
    Whether to lockdown image drift.
    enabled Boolean
    Whether drift prevention is enabled.
    execLockdown Boolean
    Whether to lockdown execution drift.
    execLockdownWhiteLists List<String>
    List of items in the execution lockdown white list.
    imageLockdown Boolean
    Whether to lockdown image drift.

    GetFunctionRuntimePolicyExecutableBlacklist

    Enabled bool
    Whether the executable blacklist is enabled.
    Executables List<string>
    List of blacklisted executables.
    Enabled bool
    Whether the executable blacklist is enabled.
    Executables []string
    List of blacklisted executables.
    enabled Boolean
    Whether the executable blacklist is enabled.
    executables List<String>
    List of blacklisted executables.
    enabled boolean
    Whether the executable blacklist is enabled.
    executables string[]
    List of blacklisted executables.
    enabled bool
    Whether the executable blacklist is enabled.
    executables Sequence[str]
    List of blacklisted executables.
    enabled Boolean
    Whether the executable blacklist is enabled.
    executables List<String>
    List of blacklisted executables.

    GetFunctionRuntimePolicyScopeVariable

    Attribute string
    Class of supported scope.
    Name string
    Name assigned to the attribute.
    Value string
    Value assigned to the attribute.
    Attribute string
    Class of supported scope.
    Name string
    Name assigned to the attribute.
    Value string
    Value assigned to the attribute.
    attribute String
    Class of supported scope.
    name String
    Name assigned to the attribute.
    value String
    Value assigned to the attribute.
    attribute string
    Class of supported scope.
    name string
    Name assigned to the attribute.
    value string
    Value assigned to the attribute.
    attribute str
    Class of supported scope.
    name str
    Name assigned to the attribute.
    value str
    Value assigned to the attribute.
    attribute String
    Class of supported scope.
    name String
    Name assigned to the attribute.
    value String
    Value assigned to the attribute.

    Package Details

    Repository
    aquasec pulumiverse/pulumi-aquasec
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aquasec Terraform Provider.
    aquasec logo
    Aquasec v0.8.29 published on Monday, Jul 22, 2024 by Pulumiverse