Aviatrix v0.0.11, Jun 17 23

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixFirenet

Explore with Pulumi AI

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

NOTE: This resource is used in conjunction with multiple other resources that may include, and are not limited to: firewall_instance, firewall_instance_association, aws_tgw, and transit_gateway resources or even aviatrix_fqdn, under the Aviatrix FireNet solution. Explicit dependencies may be set using depends_on. For more information on proper FireNet configuration, please see the workflow here.

Create AviatrixFirenet Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new AviatrixFirenet(name: string, args: AviatrixFirenetArgs, opts?: CustomResourceOptions);

@overload
def AviatrixFirenet(resource_name: str,
                    args: AviatrixFirenetArgs,
                    opts: Optional[ResourceOptions] = None)

@overload
def AviatrixFirenet(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    vpc_id: Optional[str] = None,
                    east_west_inspection_excluded_cidrs: Optional[Sequence[str]] = None,
                    egress_enabled: Optional[bool] = None,
                    egress_static_cidrs: Optional[Sequence[str]] = None,
                    firewall_instance_associations: Optional[Sequence[AviatrixFirenetFirewallInstanceAssociationArgs]] = None,
                    hashing_algorithm: Optional[str] = None,
                    inspection_enabled: Optional[bool] = None,
                    keep_alive_via_lan_interface_enabled: Optional[bool] = None,
                    manage_firewall_instance_association: Optional[bool] = None,
                    tgw_segmentation_for_egress_enabled: Optional[bool] = None)

func NewAviatrixFirenet(ctx *Context, name string, args AviatrixFirenetArgs, opts ...ResourceOption) (*AviatrixFirenet, error)

public AviatrixFirenet(string name, AviatrixFirenetArgs args, CustomResourceOptions? opts = null)

public AviatrixFirenet(String name, AviatrixFirenetArgs args)
public AviatrixFirenet(String name, AviatrixFirenetArgs args, CustomResourceOptions options)

type: aviatrix:AviatrixFirenet
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AviatrixFirenetArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AviatrixFirenetArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AviatrixFirenetArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AviatrixFirenetArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AviatrixFirenetArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Example

The following reference example uses placeholder values for all input properties.

var aviatrixFirenetResource = new Aviatrix.AviatrixFirenet("aviatrixFirenetResource", new()
{
    VpcId = "string",
    EastWestInspectionExcludedCidrs = new[]
    {
        "string",
    },
    EgressEnabled = false,
    EgressStaticCidrs = new[]
    {
        "string",
    },
    HashingAlgorithm = "string",
    InspectionEnabled = false,
    KeepAliveViaLanInterfaceEnabled = false,
    ManageFirewallInstanceAssociation = false,
    TgwSegmentationForEgressEnabled = false,
});

example, err := aviatrix.NewAviatrixFirenet(ctx, "aviatrixFirenetResource", &aviatrix.AviatrixFirenetArgs{
	VpcId: pulumi.String("string"),
	EastWestInspectionExcludedCidrs: pulumi.StringArray{
		pulumi.String("string"),
	},
	EgressEnabled: pulumi.Bool(false),
	EgressStaticCidrs: pulumi.StringArray{
		pulumi.String("string"),
	},
	HashingAlgorithm:                  pulumi.String("string"),
	InspectionEnabled:                 pulumi.Bool(false),
	KeepAliveViaLanInterfaceEnabled:   pulumi.Bool(false),
	ManageFirewallInstanceAssociation: pulumi.Bool(false),
	TgwSegmentationForEgressEnabled:   pulumi.Bool(false),
})

var aviatrixFirenetResource = new AviatrixFirenet("aviatrixFirenetResource", AviatrixFirenetArgs.builder()        
    .vpcId("string")
    .eastWestInspectionExcludedCidrs("string")
    .egressEnabled(false)
    .egressStaticCidrs("string")
    .hashingAlgorithm("string")
    .inspectionEnabled(false)
    .keepAliveViaLanInterfaceEnabled(false)
    .manageFirewallInstanceAssociation(false)
    .tgwSegmentationForEgressEnabled(false)
    .build());

aviatrix_firenet_resource = aviatrix.AviatrixFirenet("aviatrixFirenetResource",
    vpc_id="string",
    east_west_inspection_excluded_cidrs=["string"],
    egress_enabled=False,
    egress_static_cidrs=["string"],
    hashing_algorithm="string",
    inspection_enabled=False,
    keep_alive_via_lan_interface_enabled=False,
    manage_firewall_instance_association=False,
    tgw_segmentation_for_egress_enabled=False)

const aviatrixFirenetResource = new aviatrix.AviatrixFirenet("aviatrixFirenetResource", {
    vpcId: "string",
    eastWestInspectionExcludedCidrs: ["string"],
    egressEnabled: false,
    egressStaticCidrs: ["string"],
    hashingAlgorithm: "string",
    inspectionEnabled: false,
    keepAliveViaLanInterfaceEnabled: false,
    manageFirewallInstanceAssociation: false,
    tgwSegmentationForEgressEnabled: false,
});

type: aviatrix:AviatrixFirenet
properties:
    eastWestInspectionExcludedCidrs:
        - string
    egressEnabled: false
    egressStaticCidrs:
        - string
    hashingAlgorithm: string
    inspectionEnabled: false
    keepAliveViaLanInterfaceEnabled: false
    manageFirewallInstanceAssociation: false
    tgwSegmentationForEgressEnabled: false
    vpcId: string

AviatrixFirenet Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AviatrixFirenet resource accepts the following input properties:

VpcId string: VPC ID of the Security VPC.
EastWestInspectionExcludedCidrs List<string>: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
EgressEnabled bool: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
EgressStaticCidrs List<string>: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
FirewallInstanceAssociations List<AviatrixFirenetFirewallInstanceAssociation>: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
HashingAlgorithm string: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
InspectionEnabled bool: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
KeepAliveViaLanInterfaceEnabled bool: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
ManageFirewallInstanceAssociation bool: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
TgwSegmentationForEgressEnabled bool: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.

VpcId string: VPC ID of the Security VPC.
EastWestInspectionExcludedCidrs []string: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
EgressEnabled bool: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
EgressStaticCidrs []string: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
FirewallInstanceAssociations []AviatrixFirenetFirewallInstanceAssociationArgs: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
HashingAlgorithm string: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
InspectionEnabled bool: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
KeepAliveViaLanInterfaceEnabled bool: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
ManageFirewallInstanceAssociation bool: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
TgwSegmentationForEgressEnabled bool: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.

vpcId String: VPC ID of the Security VPC.
eastWestInspectionExcludedCidrs List<String>: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
egressEnabled Boolean: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
egressStaticCidrs List<String>: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
firewallInstanceAssociations List<AviatrixFirenetFirewallInstanceAssociation>: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
hashingAlgorithm String: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
inspectionEnabled Boolean: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
keepAliveViaLanInterfaceEnabled Boolean: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
manageFirewallInstanceAssociation Boolean: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
tgwSegmentationForEgressEnabled Boolean: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.

vpcId string: VPC ID of the Security VPC.
eastWestInspectionExcludedCidrs string[]: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
egressEnabled boolean: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
egressStaticCidrs string[]: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
firewallInstanceAssociations AviatrixFirenetFirewallInstanceAssociation[]: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
hashingAlgorithm string: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
inspectionEnabled boolean: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
keepAliveViaLanInterfaceEnabled boolean: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
manageFirewallInstanceAssociation boolean: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
tgwSegmentationForEgressEnabled boolean: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.

vpc_id str: VPC ID of the Security VPC.
east_west_inspection_excluded_cidrs Sequence[str]: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
egress_enabled bool: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
egress_static_cidrs Sequence[str]: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
firewall_instance_associations Sequence[AviatrixFirenetFirewallInstanceAssociationArgs]: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
hashing_algorithm str: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
inspection_enabled bool: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
keep_alive_via_lan_interface_enabled bool: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
manage_firewall_instance_association bool: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
tgw_segmentation_for_egress_enabled bool: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.

vpcId String: VPC ID of the Security VPC.
eastWestInspectionExcludedCidrs List<String>: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
egressEnabled Boolean: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
egressStaticCidrs List<String>: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
firewallInstanceAssociations List<Property Map>: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
hashingAlgorithm String: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
inspectionEnabled Boolean: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
keepAliveViaLanInterfaceEnabled Boolean: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
manageFirewallInstanceAssociation Boolean: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
tgwSegmentationForEgressEnabled Boolean: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.

Outputs

All input properties are implicitly available as output properties. Additionally, the AviatrixFirenet resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing AviatrixFirenet Resource

Get an existing AviatrixFirenet resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AviatrixFirenetState, opts?: CustomResourceOptions): AviatrixFirenet

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        east_west_inspection_excluded_cidrs: Optional[Sequence[str]] = None,
        egress_enabled: Optional[bool] = None,
        egress_static_cidrs: Optional[Sequence[str]] = None,
        firewall_instance_associations: Optional[Sequence[AviatrixFirenetFirewallInstanceAssociationArgs]] = None,
        hashing_algorithm: Optional[str] = None,
        inspection_enabled: Optional[bool] = None,
        keep_alive_via_lan_interface_enabled: Optional[bool] = None,
        manage_firewall_instance_association: Optional[bool] = None,
        tgw_segmentation_for_egress_enabled: Optional[bool] = None,
        vpc_id: Optional[str] = None) -> AviatrixFirenet

func GetAviatrixFirenet(ctx *Context, name string, id IDInput, state *AviatrixFirenetState, opts ...ResourceOption) (*AviatrixFirenet, error)

public static AviatrixFirenet Get(string name, Input<string> id, AviatrixFirenetState? state, CustomResourceOptions? opts = null)

public static AviatrixFirenet get(String name, Output<String> id, AviatrixFirenetState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

EastWestInspectionExcludedCidrs List<string>: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
EgressEnabled bool: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
EgressStaticCidrs List<string>: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
FirewallInstanceAssociations List<AviatrixFirenetFirewallInstanceAssociation>: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
HashingAlgorithm string: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
InspectionEnabled bool: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
KeepAliveViaLanInterfaceEnabled bool: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
ManageFirewallInstanceAssociation bool: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
TgwSegmentationForEgressEnabled bool: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
VpcId string: VPC ID of the Security VPC.

EastWestInspectionExcludedCidrs []string: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
EgressEnabled bool: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
EgressStaticCidrs []string: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
FirewallInstanceAssociations []AviatrixFirenetFirewallInstanceAssociationArgs: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
HashingAlgorithm string: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
InspectionEnabled bool: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
KeepAliveViaLanInterfaceEnabled bool: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
ManageFirewallInstanceAssociation bool: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
TgwSegmentationForEgressEnabled bool: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
VpcId string: VPC ID of the Security VPC.

eastWestInspectionExcludedCidrs List<String>: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
egressEnabled Boolean: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
egressStaticCidrs List<String>: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
firewallInstanceAssociations List<AviatrixFirenetFirewallInstanceAssociation>: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
hashingAlgorithm String: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
inspectionEnabled Boolean: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
keepAliveViaLanInterfaceEnabled Boolean: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
manageFirewallInstanceAssociation Boolean: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
tgwSegmentationForEgressEnabled Boolean: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
vpcId String: VPC ID of the Security VPC.

eastWestInspectionExcludedCidrs string[]: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
egressEnabled boolean: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
egressStaticCidrs string[]: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
firewallInstanceAssociations AviatrixFirenetFirewallInstanceAssociation[]: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
hashingAlgorithm string: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
inspectionEnabled boolean: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
keepAliveViaLanInterfaceEnabled boolean: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
manageFirewallInstanceAssociation boolean: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
tgwSegmentationForEgressEnabled boolean: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
vpcId string: VPC ID of the Security VPC.

east_west_inspection_excluded_cidrs Sequence[str]: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
egress_enabled bool: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
egress_static_cidrs Sequence[str]: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
firewall_instance_associations Sequence[AviatrixFirenetFirewallInstanceAssociationArgs]: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
hashing_algorithm str: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
inspection_enabled bool: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
keep_alive_via_lan_interface_enabled bool: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
manage_firewall_instance_association bool: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
tgw_segmentation_for_egress_enabled bool: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
vpc_id str: VPC ID of the Security VPC.

eastWestInspectionExcludedCidrs List<String>: Network List Excluded From East-West Inspection. CIDRs to be excluded from inspection. Type: Set(String). Available as of provider version R2.19.5+.
egressEnabled Boolean: Enable/disable egress through firewall. Valid values: true, false. Default value: false.
egressStaticCidrs List<String>: List of egress static CIDRs. Egress is required to be enabled. Example: ["1.171.15.184/32", "1.171.15.185/32"]. Available as of provider version R2.19+.
firewallInstanceAssociations List<Property Map>: Dynamic block of firewall instance(s) to be associated with the FireNet.
Deprecated: Please set manage_firewall_instance_association to false, and use the standalone aviatrix_firewall_instance_association resource instead.
hashingAlgorithm String: Hashing algorithm to load balance traffic across the firewall. Valid values: "2-Tuple", "5-Tuple". Default value: "5-Tuple".
inspectionEnabled Boolean: Enable/disable traffic inspection. Valid values: true, false. Default value: true.
keepAliveViaLanInterfaceEnabled Boolean: Enable Keep Alive via Firewall LAN Interface. Valid values: true or false. Default value: false. Available as of provider version R2.18.1+.
manageFirewallInstanceAssociation Boolean: Enable this attribute to manage firewall associations in-line. If set to true, in-line firewall_instance_association blocks can be used. If set to false, all firewall associations must be managed via standalone aviatrix.AviatrixFirewallInstanceAssociation resources. Default value: true. Valid values: true or false. Available in provider version R2.17.1+.
tgwSegmentationForEgressEnabled Boolean: Enable TGW segmentation for egress. Valid values: true or false. Default value: false. Available as of provider version R2.19+.
vpcId String: VPC ID of the Security VPC.

Supporting Types

AviatrixFirenetFirewallInstanceAssociation, AviatrixFirenetFirewallInstanceAssociationArgs

FirenetGwName string: Name of the primary FireNet gateway.
InstanceId string: ID of Firewall instance.
Attached bool: Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
EgressInterface string: Egress interface ID. Required if it is a firewall instance.
FirewallName string: Firewall instance name. Required if it is a firewall instance.
LanInterface string: Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
ManagementInterface string: Management interface ID. Required if it is a firewall instance.
VendorType string: Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.

FirenetGwName string: Name of the primary FireNet gateway.
InstanceId string: ID of Firewall instance.
Attached bool: Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
EgressInterface string: Egress interface ID. Required if it is a firewall instance.
FirewallName string: Firewall instance name. Required if it is a firewall instance.
LanInterface string: Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
ManagementInterface string: Management interface ID. Required if it is a firewall instance.
VendorType string: Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.

firenetGwName String: Name of the primary FireNet gateway.
instanceId String: ID of Firewall instance.
attached Boolean: Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
egressInterface String: Egress interface ID. Required if it is a firewall instance.
firewallName String: Firewall instance name. Required if it is a firewall instance.
lanInterface String: Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
managementInterface String: Management interface ID. Required if it is a firewall instance.
vendorType String: Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.

firenetGwName string: Name of the primary FireNet gateway.
instanceId string: ID of Firewall instance.
attached boolean: Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
egressInterface string: Egress interface ID. Required if it is a firewall instance.
firewallName string: Firewall instance name. Required if it is a firewall instance.
lanInterface string: Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
managementInterface string: Management interface ID. Required if it is a firewall instance.
vendorType string: Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.

firenet_gw_name str: Name of the primary FireNet gateway.
instance_id str: ID of Firewall instance.
attached bool: Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
egress_interface str: Egress interface ID. Required if it is a firewall instance.
firewall_name str: Firewall instance name. Required if it is a firewall instance.
lan_interface str: Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
management_interface str: Management interface ID. Required if it is a firewall instance.
vendor_type str: Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.

firenetGwName String: Name of the primary FireNet gateway.
instanceId String: ID of Firewall instance.
attached Boolean: Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.
egressInterface String: Egress interface ID. Required if it is a firewall instance.
firewallName String: Firewall instance name. Required if it is a firewall instance.
lanInterface String: Lan interface ID. Required if it is a firewall instance or FQDN gateway in Azure.
managementInterface String: Management interface ID. Required if it is a firewall instance.
vendorType String: Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.

Import

firenet can be imported using the vpc_id, e.g.

 $ pulumi import aviatrix:index/aviatrixFirenet:AviatrixFirenet test vpc_id

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: aviatrix astipkovits/pulumi-aviatrix
License: Apache-2.0
Notes: This Pulumi package is based on the aviatrix Terraform Provider.

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

astipkovits/pulumi-aviatrix

aviatrix.AviatrixFirenet

On this page

On this page

Create AviatrixFirenet Resource

Constructor syntax

Parameters

Example

AviatrixFirenet Resource Properties

Inputs

Outputs

Look up Existing AviatrixFirenet Resource

Supporting Types

AviatrixFirenetFirewallInstanceAssociation, AviatrixFirenetFirewallInstanceAssociationArgs

Import

Package Details

On this page

On this page