1. Packages
  2. Aviatrix
  3. API Docs
  4. AviatrixFirenet
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixFirenet

Explore with Pulumi AI

aviatrix logo
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

    The aviatrix_firenet resource allows the creation and management of Aviatrix Firewall Networks.

    NOTE: This resource is used in conjunction with multiple other resources that may include, and are not limited to: firewall_instance, firewall_instance_association, aws_tgw, and transit_gateway resources or even aviatrix_fqdn, under the Aviatrix FireNet solution. Explicit dependencies may be set using depends_on. For more information on proper FireNet configuration, please see the workflow here.

    Create AviatrixFirenet Resource

    new AviatrixFirenet(name: string, args: AviatrixFirenetArgs, opts?: CustomResourceOptions);
    @overload
    def AviatrixFirenet(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        east_west_inspection_excluded_cidrs: Optional[Sequence[str]] = None,
                        egress_enabled: Optional[bool] = None,
                        egress_static_cidrs: Optional[Sequence[str]] = None,
                        firewall_instance_associations: Optional[Sequence[AviatrixFirenetFirewallInstanceAssociationArgs]] = None,
                        hashing_algorithm: Optional[str] = None,
                        inspection_enabled: Optional[bool] = None,
                        keep_alive_via_lan_interface_enabled: Optional[bool] = None,
                        manage_firewall_instance_association: Optional[bool] = None,
                        tgw_segmentation_for_egress_enabled: Optional[bool] = None,
                        vpc_id: Optional[str] = None)
    @overload
    def AviatrixFirenet(resource_name: str,
                        args: AviatrixFirenetArgs,
                        opts: Optional[ResourceOptions] = None)
    func NewAviatrixFirenet(ctx *Context, name string, args AviatrixFirenetArgs, opts ...ResourceOption) (*AviatrixFirenet, error)
    public AviatrixFirenet(string name, AviatrixFirenetArgs args, CustomResourceOptions? opts = null)
    public AviatrixFirenet(String name, AviatrixFirenetArgs args)
    public AviatrixFirenet(String name, AviatrixFirenetArgs args, CustomResourceOptions options)
    
    type: aviatrix:AviatrixFirenet
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AviatrixFirenetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AviatrixFirenetArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AviatrixFirenetArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AviatrixFirenetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AviatrixFirenetArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AviatrixFirenet Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AviatrixFirenet resource accepts the following input properties:

    VpcId string
    VPC ID of the Security VPC.
    EastWestInspectionExcludedCidrs List<string>
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    EgressEnabled bool
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    EgressStaticCidrs List<string>
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    FirewallInstanceAssociations List<AviatrixFirenetFirewallInstanceAssociation>
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    HashingAlgorithm string
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    InspectionEnabled bool
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    KeepAliveViaLanInterfaceEnabled bool
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    ManageFirewallInstanceAssociation bool
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    TgwSegmentationForEgressEnabled bool
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    VpcId string
    VPC ID of the Security VPC.
    EastWestInspectionExcludedCidrs []string
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    EgressEnabled bool
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    EgressStaticCidrs []string
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    FirewallInstanceAssociations []AviatrixFirenetFirewallInstanceAssociationArgs
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    HashingAlgorithm string
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    InspectionEnabled bool
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    KeepAliveViaLanInterfaceEnabled bool
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    ManageFirewallInstanceAssociation bool
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    TgwSegmentationForEgressEnabled bool
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    vpcId String
    VPC ID of the Security VPC.
    eastWestInspectionExcludedCidrs List<String>
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    egressEnabled Boolean
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    egressStaticCidrs List<String>
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    firewallInstanceAssociations List<AviatrixFirenetFirewallInstanceAssociation>
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    hashingAlgorithm String
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    inspectionEnabled Boolean
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    keepAliveViaLanInterfaceEnabled Boolean
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    manageFirewallInstanceAssociation Boolean
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    tgwSegmentationForEgressEnabled Boolean
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    vpcId string
    VPC ID of the Security VPC.
    eastWestInspectionExcludedCidrs string[]
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    egressEnabled boolean
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    egressStaticCidrs string[]
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    firewallInstanceAssociations AviatrixFirenetFirewallInstanceAssociation[]
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    hashingAlgorithm string
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    inspectionEnabled boolean
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    keepAliveViaLanInterfaceEnabled boolean
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    manageFirewallInstanceAssociation boolean
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    tgwSegmentationForEgressEnabled boolean
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    vpc_id str
    VPC ID of the Security VPC.
    east_west_inspection_excluded_cidrs Sequence[str]
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    egress_enabled bool
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    egress_static_cidrs Sequence[str]
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    firewall_instance_associations Sequence[AviatrixFirenetFirewallInstanceAssociationArgs]
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    hashing_algorithm str
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    inspection_enabled bool
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    keep_alive_via_lan_interface_enabled bool
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    manage_firewall_instance_association bool
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    tgw_segmentation_for_egress_enabled bool
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    vpcId String
    VPC ID of the Security VPC.
    eastWestInspectionExcludedCidrs List<String>
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    egressEnabled Boolean
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    egressStaticCidrs List<String>
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    firewallInstanceAssociations List<Property Map>
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    hashingAlgorithm String
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    inspectionEnabled Boolean
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    keepAliveViaLanInterfaceEnabled Boolean
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    manageFirewallInstanceAssociation Boolean
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    tgwSegmentationForEgressEnabled Boolean
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AviatrixFirenet resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing AviatrixFirenet Resource

    Get an existing AviatrixFirenet resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AviatrixFirenetState, opts?: CustomResourceOptions): AviatrixFirenet
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            east_west_inspection_excluded_cidrs: Optional[Sequence[str]] = None,
            egress_enabled: Optional[bool] = None,
            egress_static_cidrs: Optional[Sequence[str]] = None,
            firewall_instance_associations: Optional[Sequence[AviatrixFirenetFirewallInstanceAssociationArgs]] = None,
            hashing_algorithm: Optional[str] = None,
            inspection_enabled: Optional[bool] = None,
            keep_alive_via_lan_interface_enabled: Optional[bool] = None,
            manage_firewall_instance_association: Optional[bool] = None,
            tgw_segmentation_for_egress_enabled: Optional[bool] = None,
            vpc_id: Optional[str] = None) -> AviatrixFirenet
    func GetAviatrixFirenet(ctx *Context, name string, id IDInput, state *AviatrixFirenetState, opts ...ResourceOption) (*AviatrixFirenet, error)
    public static AviatrixFirenet Get(string name, Input<string> id, AviatrixFirenetState? state, CustomResourceOptions? opts = null)
    public static AviatrixFirenet get(String name, Output<String> id, AviatrixFirenetState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    EastWestInspectionExcludedCidrs List<string>
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    EgressEnabled bool
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    EgressStaticCidrs List<string>
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    FirewallInstanceAssociations List<AviatrixFirenetFirewallInstanceAssociation>
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    HashingAlgorithm string
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    InspectionEnabled bool
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    KeepAliveViaLanInterfaceEnabled bool
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    ManageFirewallInstanceAssociation bool
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    TgwSegmentationForEgressEnabled bool
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    VpcId string
    VPC ID of the Security VPC.
    EastWestInspectionExcludedCidrs []string
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    EgressEnabled bool
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    EgressStaticCidrs []string
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    FirewallInstanceAssociations []AviatrixFirenetFirewallInstanceAssociationArgs
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    HashingAlgorithm string
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    InspectionEnabled bool
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    KeepAliveViaLanInterfaceEnabled bool
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    ManageFirewallInstanceAssociation bool
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    TgwSegmentationForEgressEnabled bool
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    VpcId string
    VPC ID of the Security VPC.
    eastWestInspectionExcludedCidrs List<String>
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    egressEnabled Boolean
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    egressStaticCidrs List<String>
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    firewallInstanceAssociations List<AviatrixFirenetFirewallInstanceAssociation>
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    hashingAlgorithm String
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    inspectionEnabled Boolean
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    keepAliveViaLanInterfaceEnabled Boolean
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    manageFirewallInstanceAssociation Boolean
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    tgwSegmentationForEgressEnabled Boolean
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    vpcId String
    VPC ID of the Security VPC.
    eastWestInspectionExcludedCidrs string[]
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    egressEnabled boolean
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    egressStaticCidrs string[]
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    firewallInstanceAssociations AviatrixFirenetFirewallInstanceAssociation[]
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    hashingAlgorithm string
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    inspectionEnabled boolean
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    keepAliveViaLanInterfaceEnabled boolean
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    manageFirewallInstanceAssociation boolean
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    tgwSegmentationForEgressEnabled boolean
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    vpcId string
    VPC ID of the Security VPC.
    east_west_inspection_excluded_cidrs Sequence[str]
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    egress_enabled bool
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    egress_static_cidrs Sequence[str]
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    firewall_instance_associations Sequence[AviatrixFirenetFirewallInstanceAssociationArgs]
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    hashing_algorithm str
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    inspection_enabled bool
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    keep_alive_via_lan_interface_enabled bool
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    manage_firewall_instance_association bool
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    tgw_segmentation_for_egress_enabled bool
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    vpc_id str
    VPC ID of the Security VPC.
    eastWestInspectionExcludedCidrs List<String>
    Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
    egressEnabled Boolean
    Enable/disable egress through firewall. Valid values: true, false. Default value: false.
    egressStaticCidrs List<String>
    List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
    firewallInstanceAssociations List<Property Map>
    Dynamic block of firewall instance(s) to be associated with the FireNet.

    Deprecated:Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.

    hashingAlgorithm String
    Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
    inspectionEnabled Boolean
    Enable/disable traffic inspection. Valid values: true, false. Default value: true.
    keepAliveViaLanInterfaceEnabled Boolean
    Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
    manageFirewallInstanceAssociation Boolean
    Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
    tgwSegmentationForEgressEnabled Boolean
    Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
    vpcId String
    VPC ID of the Security VPC.

    Supporting Types

    AviatrixFirenetFirewallInstanceAssociation, AviatrixFirenetFirewallInstanceAssociationArgs

    FirenetGwName string
    Name of the primary FireNet gateway.
    InstanceId string
    ID of Firewall instance.
    Attached bool
    Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
    EgressInterface string
    Egress interface ID. Required if it is a firewall instance.
    FirewallName string
    Firewall instance name. Required if it is a firewall instance.
    LanInterface string
    Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
    ManagementInterface string
    Management interface ID. Required if it is a firewall instance.
    VendorType string
    Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.
    FirenetGwName string
    Name of the primary FireNet gateway.
    InstanceId string
    ID of Firewall instance.
    Attached bool
    Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
    EgressInterface string
    Egress interface ID. Required if it is a firewall instance.
    FirewallName string
    Firewall instance name. Required if it is a firewall instance.
    LanInterface string
    Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
    ManagementInterface string
    Management interface ID. Required if it is a firewall instance.
    VendorType string
    Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.
    firenetGwName String
    Name of the primary FireNet gateway.
    instanceId String
    ID of Firewall instance.
    attached Boolean
    Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
    egressInterface String
    Egress interface ID. Required if it is a firewall instance.
    firewallName String
    Firewall instance name. Required if it is a firewall instance.
    lanInterface String
    Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
    managementInterface String
    Management interface ID. Required if it is a firewall instance.
    vendorType String
    Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.
    firenetGwName string
    Name of the primary FireNet gateway.
    instanceId string
    ID of Firewall instance.
    attached boolean
    Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
    egressInterface string
    Egress interface ID. Required if it is a firewall instance.
    firewallName string
    Firewall instance name. Required if it is a firewall instance.
    lanInterface string
    Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
    managementInterface string
    Management interface ID. Required if it is a firewall instance.
    vendorType string
    Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.
    firenet_gw_name str
    Name of the primary FireNet gateway.
    instance_id str
    ID of Firewall instance.
    attached bool
    Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
    egress_interface str
    Egress interface ID. Required if it is a firewall instance.
    firewall_name str
    Firewall instance name. Required if it is a firewall instance.
    lan_interface str
    Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
    management_interface str
    Management interface ID. Required if it is a firewall instance.
    vendor_type str
    Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.
    firenetGwName String
    Name of the primary FireNet gateway.
    instanceId String
    ID of Firewall instance.
    attached Boolean
    Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
    egressInterface String
    Egress interface ID. Required if it is a firewall instance.
    firewallName String
    Firewall instance name. Required if it is a firewall instance.
    lanInterface String
    Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
    managementInterface String
    Management interface ID. Required if it is a firewall instance.
    vendorType String
    Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.

    Import

    firenet can be imported using the vpc_id, e.g.

     $ pulumi import aviatrix:index/aviatrixFirenet:AviatrixFirenet test vpc_id
    

    Package Details

    Repository
    aviatrix astipkovits/pulumi-aviatrix
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aviatrix Terraform Provider.
    aviatrix logo
    Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix