1. Packages
  2. Aviatrix
  3. API Docs
  4. AviatrixFirewall
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixFirewall

Explore with Pulumi AI

aviatrix logo
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

    Import

    firewall can be imported using the gw_name, e.g.

     $ pulumi import aviatrix:index/aviatrixFirewall:AviatrixFirewall test gw_name
    

    Example Usage

    using System.Collections.Generic;
    using Pulumi;
    using Aviatrix = Pulumi.Aviatrix;
    
    return await Deployment.RunAsync(() => 
    {
        // Create an Aviatrix Firewall
        var statefulFirewall1 = new Aviatrix.AviatrixFirewall("statefulFirewall1", new()
        {
            BaseLogEnabled = true,
            BasePolicy = "allow-all",
            GwName = "gateway-1",
            ManageFirewallPolicies = false,
        });
    
    });
    
    package main
    
    import (
    	"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := aviatrix.NewAviatrixFirewall(ctx, "statefulFirewall1", &aviatrix.AviatrixFirewallArgs{
    			BaseLogEnabled:         pulumi.Bool(true),
    			BasePolicy:             pulumi.String("allow-all"),
    			GwName:                 pulumi.String("gateway-1"),
    			ManageFirewallPolicies: pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aviatrix.AviatrixFirewall;
    import com.pulumi.aviatrix.AviatrixFirewallArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var statefulFirewall1 = new AviatrixFirewall("statefulFirewall1", AviatrixFirewallArgs.builder()        
                .baseLogEnabled(true)
                .basePolicy("allow-all")
                .gwName("gateway-1")
                .manageFirewallPolicies(false)
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aviatrix as aviatrix
    
    # Create an Aviatrix Firewall
    stateful_firewall1 = aviatrix.AviatrixFirewall("statefulFirewall1",
        base_log_enabled=True,
        base_policy="allow-all",
        gw_name="gateway-1",
        manage_firewall_policies=False)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aviatrix from "@pulumi/aviatrix";
    
    // Create an Aviatrix Firewall
    const statefulFirewall1 = new aviatrix.AviatrixFirewall("stateful_firewall_1", {
        baseLogEnabled: true,
        basePolicy: "allow-all",
        gwName: "gateway-1",
        manageFirewallPolicies: false,
    });
    
    resources:
      # Create an Aviatrix Firewall
      statefulFirewall1:
        type: aviatrix:AviatrixFirewall
        properties:
          baseLogEnabled: true
          basePolicy: allow-all
          gwName: gateway-1
          manageFirewallPolicies: false
    
    using System.Collections.Generic;
    using Pulumi;
    using Aviatrix = Pulumi.Aviatrix;
    
    return await Deployment.RunAsync(() => 
    {
        // Create an Aviatrix Firewall with in-line rules
        var statefulFirewall1 = new Aviatrix.AviatrixFirewall("statefulFirewall1", new()
        {
            GwName = "gateway-1",
            BasePolicy = "allow-all",
            BaseLogEnabled = true,
            Policies = new[]
            {
                new Aviatrix.Inputs.AviatrixFirewallPolicyArgs
                {
                    Protocol = "all",
                    SrcIp = "10.17.0.224/32",
                    LogEnabled = true,
                    DstIp = "10.12.0.172/32",
                    Action = "force-drop",
                    Port = "0:65535",
                    Description = "first_policy",
                },
                new Aviatrix.Inputs.AviatrixFirewallPolicyArgs
                {
                    Protocol = "tcp",
                    SrcIp = "10.16.0.224/32",
                    LogEnabled = false,
                    DstIp = "10.12.1.172/32",
                    Action = "force-drop",
                    Port = "325",
                    Description = "second_policy",
                },
                new Aviatrix.Inputs.AviatrixFirewallPolicyArgs
                {
                    Protocol = "udp",
                    SrcIp = "10.14.0.225/32",
                    LogEnabled = false,
                    DstIp = "10.13.1.173/32",
                    Action = "deny",
                    Port = "325",
                    Description = "third_policy",
                },
                new Aviatrix.Inputs.AviatrixFirewallPolicyArgs
                {
                    Protocol = "tcp",
                    SrcIp = aviatrix_firewall_tag.Test.Firewall_tag,
                    LogEnabled = false,
                    DstIp = "10.13.1.173/32",
                    Action = "deny",
                    Port = "325",
                    Description = "fourth_policy",
                },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := aviatrix.NewAviatrixFirewall(ctx, "statefulFirewall1", &aviatrix.AviatrixFirewallArgs{
    			GwName:         pulumi.String("gateway-1"),
    			BasePolicy:     pulumi.String("allow-all"),
    			BaseLogEnabled: pulumi.Bool(true),
    			Policies: AviatrixFirewallPolicyTypeArray{
    				&AviatrixFirewallPolicyTypeArgs{
    					Protocol:    pulumi.String("all"),
    					SrcIp:       pulumi.String("10.17.0.224/32"),
    					LogEnabled:  pulumi.Bool(true),
    					DstIp:       pulumi.String("10.12.0.172/32"),
    					Action:      pulumi.String("force-drop"),
    					Port:        pulumi.String("0:65535"),
    					Description: pulumi.String("first_policy"),
    				},
    				&AviatrixFirewallPolicyTypeArgs{
    					Protocol:    pulumi.String("tcp"),
    					SrcIp:       pulumi.String("10.16.0.224/32"),
    					LogEnabled:  pulumi.Bool(false),
    					DstIp:       pulumi.String("10.12.1.172/32"),
    					Action:      pulumi.String("force-drop"),
    					Port:        pulumi.String("325"),
    					Description: pulumi.String("second_policy"),
    				},
    				&AviatrixFirewallPolicyTypeArgs{
    					Protocol:    pulumi.String("udp"),
    					SrcIp:       pulumi.String("10.14.0.225/32"),
    					LogEnabled:  pulumi.Bool(false),
    					DstIp:       pulumi.String("10.13.1.173/32"),
    					Action:      pulumi.String("deny"),
    					Port:        pulumi.String("325"),
    					Description: pulumi.String("third_policy"),
    				},
    				&AviatrixFirewallPolicyTypeArgs{
    					Protocol:    pulumi.String("tcp"),
    					SrcIp:       pulumi.Any(aviatrix_firewall_tag.Test.Firewall_tag),
    					LogEnabled:  pulumi.Bool(false),
    					DstIp:       pulumi.String("10.13.1.173/32"),
    					Action:      pulumi.String("deny"),
    					Port:        pulumi.String("325"),
    					Description: pulumi.String("fourth_policy"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aviatrix.AviatrixFirewall;
    import com.pulumi.aviatrix.AviatrixFirewallArgs;
    import com.pulumi.aviatrix.inputs.AviatrixFirewallPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var statefulFirewall1 = new AviatrixFirewall("statefulFirewall1", AviatrixFirewallArgs.builder()        
                .gwName("gateway-1")
                .basePolicy("allow-all")
                .baseLogEnabled(true)
                .policies(            
                    AviatrixFirewallPolicyArgs.builder()
                        .protocol("all")
                        .srcIp("10.17.0.224/32")
                        .logEnabled(true)
                        .dstIp("10.12.0.172/32")
                        .action("force-drop")
                        .port("0:65535")
                        .description("first_policy")
                        .build(),
                    AviatrixFirewallPolicyArgs.builder()
                        .protocol("tcp")
                        .srcIp("10.16.0.224/32")
                        .logEnabled(false)
                        .dstIp("10.12.1.172/32")
                        .action("force-drop")
                        .port("325")
                        .description("second_policy")
                        .build(),
                    AviatrixFirewallPolicyArgs.builder()
                        .protocol("udp")
                        .srcIp("10.14.0.225/32")
                        .logEnabled(false)
                        .dstIp("10.13.1.173/32")
                        .action("deny")
                        .port("325")
                        .description("third_policy")
                        .build(),
                    AviatrixFirewallPolicyArgs.builder()
                        .protocol("tcp")
                        .srcIp(aviatrix_firewall_tag.test().firewall_tag())
                        .logEnabled(false)
                        .dstIp("10.13.1.173/32")
                        .action("deny")
                        .port("325")
                        .description("fourth_policy")
                        .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aviatrix as aviatrix
    
    # Create an Aviatrix Firewall with in-line rules
    stateful_firewall1 = aviatrix.AviatrixFirewall("statefulFirewall1",
        gw_name="gateway-1",
        base_policy="allow-all",
        base_log_enabled=True,
        policies=[
            aviatrix.AviatrixFirewallPolicyArgs(
                protocol="all",
                src_ip="10.17.0.224/32",
                log_enabled=True,
                dst_ip="10.12.0.172/32",
                action="force-drop",
                port="0:65535",
                description="first_policy",
            ),
            aviatrix.AviatrixFirewallPolicyArgs(
                protocol="tcp",
                src_ip="10.16.0.224/32",
                log_enabled=False,
                dst_ip="10.12.1.172/32",
                action="force-drop",
                port="325",
                description="second_policy",
            ),
            aviatrix.AviatrixFirewallPolicyArgs(
                protocol="udp",
                src_ip="10.14.0.225/32",
                log_enabled=False,
                dst_ip="10.13.1.173/32",
                action="deny",
                port="325",
                description="third_policy",
            ),
            aviatrix.AviatrixFirewallPolicyArgs(
                protocol="tcp",
                src_ip=aviatrix_firewall_tag["test"]["firewall_tag"],
                log_enabled=False,
                dst_ip="10.13.1.173/32",
                action="deny",
                port="325",
                description="fourth_policy",
            ),
        ])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aviatrix from "@astipkovits/aviatrix";
    
    // Create an Aviatrix Firewall with in-line rules
    const statefulFirewall1 = new aviatrix.AviatrixFirewall("statefulFirewall1", {
        gwName: "gateway-1",
        basePolicy: "allow-all",
        baseLogEnabled: true,
        policies: [
            {
                protocol: "all",
                srcIp: "10.17.0.224/32",
                logEnabled: true,
                dstIp: "10.12.0.172/32",
                action: "force-drop",
                port: "0:65535",
                description: "first_policy",
            },
            {
                protocol: "tcp",
                srcIp: "10.16.0.224/32",
                logEnabled: false,
                dstIp: "10.12.1.172/32",
                action: "force-drop",
                port: "325",
                description: "second_policy",
            },
            {
                protocol: "udp",
                srcIp: "10.14.0.225/32",
                logEnabled: false,
                dstIp: "10.13.1.173/32",
                action: "deny",
                port: "325",
                description: "third_policy",
            },
            {
                protocol: "tcp",
                srcIp: aviatrix_firewall_tag.test.firewall_tag,
                logEnabled: false,
                dstIp: "10.13.1.173/32",
                action: "deny",
                port: "325",
                description: "fourth_policy",
            },
        ],
    });
    
    resources:
      # Create an Aviatrix Firewall with in-line rules
      statefulFirewall1:
        type: aviatrix:AviatrixFirewall
        properties:
          gwName: gateway-1
          basePolicy: allow-all
          baseLogEnabled: true
          policies:
            - protocol: all
              srcIp: 10.17.0.224/32
              logEnabled: true
              dstIp: 10.12.0.172/32
              action: force-drop
              port: 0:65535
              description: first_policy
            - protocol: tcp
              srcIp: 10.16.0.224/32
              logEnabled: false
              dstIp: 10.12.1.172/32
              action: force-drop
              port: '325'
              description: second_policy
            - protocol: udp
              srcIp: 10.14.0.225/32
              logEnabled: false
              dstIp: 10.13.1.173/32
              action: deny
              port: '325'
              description: third_policy
            - protocol: tcp
              srcIp: ${aviatrix_firewall_tag.test.firewall_tag}
              logEnabled: false
              dstIp: 10.13.1.173/32
              action: deny
              port: '325'
              description: fourth_policy
    

    Create AviatrixFirewall Resource

    new AviatrixFirewall(name: string, args: AviatrixFirewallArgs, opts?: CustomResourceOptions);
    @overload
    def AviatrixFirewall(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         base_log_enabled: Optional[bool] = None,
                         base_policy: Optional[str] = None,
                         gw_name: Optional[str] = None,
                         manage_firewall_policies: Optional[bool] = None,
                         policies: Optional[Sequence[AviatrixFirewallPolicyArgs]] = None)
    @overload
    def AviatrixFirewall(resource_name: str,
                         args: AviatrixFirewallArgs,
                         opts: Optional[ResourceOptions] = None)
    func NewAviatrixFirewall(ctx *Context, name string, args AviatrixFirewallArgs, opts ...ResourceOption) (*AviatrixFirewall, error)
    public AviatrixFirewall(string name, AviatrixFirewallArgs args, CustomResourceOptions? opts = null)
    public AviatrixFirewall(String name, AviatrixFirewallArgs args)
    public AviatrixFirewall(String name, AviatrixFirewallArgs args, CustomResourceOptions options)
    
    type: aviatrix:AviatrixFirewall
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AviatrixFirewallArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AviatrixFirewallArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AviatrixFirewallArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AviatrixFirewallArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AviatrixFirewallArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AviatrixFirewall Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AviatrixFirewall resource accepts the following input properties:

    GwName string
    Gateway name to attach firewall policy to.
    BaseLogEnabled bool
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    BasePolicy string
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    ManageFirewallPolicies bool
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    Policies List<AviatrixFirewallPolicy>
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    GwName string
    Gateway name to attach firewall policy to.
    BaseLogEnabled bool
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    BasePolicy string
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    ManageFirewallPolicies bool
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    Policies []AviatrixFirewallPolicyTypeArgs
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    gwName String
    Gateway name to attach firewall policy to.
    baseLogEnabled Boolean
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    basePolicy String
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    manageFirewallPolicies Boolean
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    policies List<AviatrixFirewallPolicy>
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    gwName string
    Gateway name to attach firewall policy to.
    baseLogEnabled boolean
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    basePolicy string
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    manageFirewallPolicies boolean
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    policies AviatrixFirewallPolicy[]
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    gw_name str
    Gateway name to attach firewall policy to.
    base_log_enabled bool
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    base_policy str
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    manage_firewall_policies bool
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    policies Sequence[AviatrixFirewallPolicyArgs]
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    gwName String
    Gateway name to attach firewall policy to.
    baseLogEnabled Boolean
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    basePolicy String
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    manageFirewallPolicies Boolean
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    policies List<Property Map>
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AviatrixFirewall resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing AviatrixFirewall Resource

    Get an existing AviatrixFirewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AviatrixFirewallState, opts?: CustomResourceOptions): AviatrixFirewall
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            base_log_enabled: Optional[bool] = None,
            base_policy: Optional[str] = None,
            gw_name: Optional[str] = None,
            manage_firewall_policies: Optional[bool] = None,
            policies: Optional[Sequence[AviatrixFirewallPolicyArgs]] = None) -> AviatrixFirewall
    func GetAviatrixFirewall(ctx *Context, name string, id IDInput, state *AviatrixFirewallState, opts ...ResourceOption) (*AviatrixFirewall, error)
    public static AviatrixFirewall Get(string name, Input<string> id, AviatrixFirewallState? state, CustomResourceOptions? opts = null)
    public static AviatrixFirewall get(String name, Output<String> id, AviatrixFirewallState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    BaseLogEnabled bool
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    BasePolicy string
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    GwName string
    Gateway name to attach firewall policy to.
    ManageFirewallPolicies bool
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    Policies List<AviatrixFirewallPolicy>
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    BaseLogEnabled bool
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    BasePolicy string
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    GwName string
    Gateway name to attach firewall policy to.
    ManageFirewallPolicies bool
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    Policies []AviatrixFirewallPolicyTypeArgs
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    baseLogEnabled Boolean
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    basePolicy String
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    gwName String
    Gateway name to attach firewall policy to.
    manageFirewallPolicies Boolean
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    policies List<AviatrixFirewallPolicy>
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    baseLogEnabled boolean
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    basePolicy string
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    gwName string
    Gateway name to attach firewall policy to.
    manageFirewallPolicies boolean
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    policies AviatrixFirewallPolicy[]
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    base_log_enabled bool
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    base_policy str
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    gw_name str
    Gateway name to attach firewall policy to.
    manage_firewall_policies bool
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    policies Sequence[AviatrixFirewallPolicyArgs]
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.
    baseLogEnabled Boolean
    Indicates whether enable logging or not. Valid Values: true, false. Default value: false.
    basePolicy String
    New base policy. Valid Values: "allow-all", "deny-all". Default value: "deny-all"
    gwName String
    Gateway name to attach firewall policy to.
    manageFirewallPolicies Boolean
    Enable to manage firewall policies via in-line rules. If false, policies must be managed using aviatrix.AviatrixFirewallPolicy resources. Default: true. Valid values: true, false. Available in provider version R2.17+.
    policies List<Property Map>
    New access policy for the gateway. Seven fields are required for each policy item: src_ip, dst_ip, protocol, port, action, log_enabled and description. No duplicate rules (with same src_ip, dst_ip, protocol and port) are allowed.

    Supporting Types

    AviatrixFirewallPolicy, AviatrixFirewallPolicyArgs

    Action string
    Valid values: "allow", "deny" and "force-drop" (in stateful firewall rule to allow immediate packet dropping on established sessions).
    DstIp string
    Destination address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    Port string
    A single port or a range of port numbers. Example: "25", "25:1024".
    SrcIp string
    Source address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    Description string
    Description of the policy. Example: "This is policy no.1".
    LogEnabled bool
    Valid values: true, false. Default value: false.
    Protocol string
    : Valid values: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp". Default value: "all".
    Action string
    Valid values: "allow", "deny" and "force-drop" (in stateful firewall rule to allow immediate packet dropping on established sessions).
    DstIp string
    Destination address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    Port string
    A single port or a range of port numbers. Example: "25", "25:1024".
    SrcIp string
    Source address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    Description string
    Description of the policy. Example: "This is policy no.1".
    LogEnabled bool
    Valid values: true, false. Default value: false.
    Protocol string
    : Valid values: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp". Default value: "all".
    action String
    Valid values: "allow", "deny" and "force-drop" (in stateful firewall rule to allow immediate packet dropping on established sessions).
    dstIp String
    Destination address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    port String
    A single port or a range of port numbers. Example: "25", "25:1024".
    srcIp String
    Source address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    description String
    Description of the policy. Example: "This is policy no.1".
    logEnabled Boolean
    Valid values: true, false. Default value: false.
    protocol String
    : Valid values: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp". Default value: "all".
    action string
    Valid values: "allow", "deny" and "force-drop" (in stateful firewall rule to allow immediate packet dropping on established sessions).
    dstIp string
    Destination address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    port string
    A single port or a range of port numbers. Example: "25", "25:1024".
    srcIp string
    Source address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    description string
    Description of the policy. Example: "This is policy no.1".
    logEnabled boolean
    Valid values: true, false. Default value: false.
    protocol string
    : Valid values: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp". Default value: "all".
    action str
    Valid values: "allow", "deny" and "force-drop" (in stateful firewall rule to allow immediate packet dropping on established sessions).
    dst_ip str
    Destination address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    port str
    A single port or a range of port numbers. Example: "25", "25:1024".
    src_ip str
    Source address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    description str
    Description of the policy. Example: "This is policy no.1".
    log_enabled bool
    Valid values: true, false. Default value: false.
    protocol str
    : Valid values: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp". Default value: "all".
    action String
    Valid values: "allow", "deny" and "force-drop" (in stateful firewall rule to allow immediate packet dropping on established sessions).
    dstIp String
    Destination address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    port String
    A single port or a range of port numbers. Example: "25", "25:1024".
    srcIp String
    Source address, a valid IPv4 address or tag name such "HR" or "marketing" etc. Example: "10.30.0.0/16". The aviatrix_firewall_tag resource should be created prior to using the tag name.
    description String
    Description of the policy. Example: "This is policy no.1".
    logEnabled Boolean
    Valid values: true, false. Default value: false.
    protocol String
    : Valid values: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp". Default value: "all".

    Package Details

    Repository
    aviatrix astipkovits/pulumi-aviatrix
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aviatrix Terraform Provider.
    aviatrix logo
    Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix