1. Packages
  2. Aviatrix
  3. API Docs
  4. AviatrixFirewallInstance
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixFirewallInstance

Explore with Pulumi AI

aviatrix logo
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

    The aviatrix_firewall_instance resource allows the creation and management of Aviatrix Firewall Instances.

    This resource is used in Aviatrix FireNet and Aviatrix Transit FireNet solutions, in conjunction with other resources that may include, and are not limited to: firenet, firewall_instance_association, aws_tgw and transit_gateway resources.

    Create AviatrixFirewallInstance Resource

    new AviatrixFirewallInstance(name: string, args: AviatrixFirewallInstanceArgs, opts?: CustomResourceOptions);
    @overload
    def AviatrixFirewallInstance(resource_name: str,
                                 opts: Optional[ResourceOptions] = None,
                                 availability_domain: Optional[str] = None,
                                 bootstrap_bucket_name: Optional[str] = None,
                                 bootstrap_storage_name: Optional[str] = None,
                                 container_folder: Optional[str] = None,
                                 egress_subnet: Optional[str] = None,
                                 egress_vpc_id: Optional[str] = None,
                                 fault_domain: Optional[str] = None,
                                 file_share_folder: Optional[str] = None,
                                 firenet_gw_name: Optional[str] = None,
                                 firewall_image: Optional[str] = None,
                                 firewall_image_id: Optional[str] = None,
                                 firewall_image_version: Optional[str] = None,
                                 firewall_name: Optional[str] = None,
                                 firewall_size: Optional[str] = None,
                                 iam_role: Optional[str] = None,
                                 key_name: Optional[str] = None,
                                 management_subnet: Optional[str] = None,
                                 management_vpc_id: Optional[str] = None,
                                 password: Optional[str] = None,
                                 sas_url_config: Optional[str] = None,
                                 sas_url_license: Optional[str] = None,
                                 share_directory: Optional[str] = None,
                                 sic_key: Optional[str] = None,
                                 ssh_public_key: Optional[str] = None,
                                 storage_access_key: Optional[str] = None,
                                 tags: Optional[Mapping[str, str]] = None,
                                 user_data: Optional[str] = None,
                                 username: Optional[str] = None,
                                 vpc_id: Optional[str] = None,
                                 zone: Optional[str] = None)
    @overload
    def AviatrixFirewallInstance(resource_name: str,
                                 args: AviatrixFirewallInstanceArgs,
                                 opts: Optional[ResourceOptions] = None)
    func NewAviatrixFirewallInstance(ctx *Context, name string, args AviatrixFirewallInstanceArgs, opts ...ResourceOption) (*AviatrixFirewallInstance, error)
    public AviatrixFirewallInstance(string name, AviatrixFirewallInstanceArgs args, CustomResourceOptions? opts = null)
    public AviatrixFirewallInstance(String name, AviatrixFirewallInstanceArgs args)
    public AviatrixFirewallInstance(String name, AviatrixFirewallInstanceArgs args, CustomResourceOptions options)
    
    type: aviatrix:AviatrixFirewallInstance
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AviatrixFirewallInstanceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AviatrixFirewallInstanceArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AviatrixFirewallInstanceArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AviatrixFirewallInstanceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AviatrixFirewallInstanceArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AviatrixFirewallInstance Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AviatrixFirewallInstance resource accepts the following input properties:

    EgressSubnet string
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    FirewallImage string
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    FirewallName string
    Name of the firewall instance to be created.
    FirewallSize string
    Instance size of the firewall. Example: "m5.xlarge".
    VpcId string
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    AvailabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    BootstrapBucketName string
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    BootstrapStorageName string
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    ContainerFolder string
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    EgressVpcId string
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    FaultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    FileShareFolder string
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    FirenetGwName string
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    FirewallImageId string
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    FirewallImageVersion string
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    IamRole string
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    KeyName string
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    ManagementSubnet string
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    ManagementVpcId string
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    Password string
    Applicable to Azure or AzureGov deployment only.
    SasUrlConfig string
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    SasUrlLicense string
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    ShareDirectory string
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    SicKey string
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    SshPublicKey string
    Applicable to Azure or AzureGov deployment only.
    StorageAccessKey string
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    Tags Dictionary<string, string>
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    UserData string
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    Username string
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    Zone string
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    EgressSubnet string
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    FirewallImage string
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    FirewallName string
    Name of the firewall instance to be created.
    FirewallSize string
    Instance size of the firewall. Example: "m5.xlarge".
    VpcId string
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    AvailabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    BootstrapBucketName string
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    BootstrapStorageName string
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    ContainerFolder string
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    EgressVpcId string
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    FaultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    FileShareFolder string
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    FirenetGwName string
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    FirewallImageId string
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    FirewallImageVersion string
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    IamRole string
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    KeyName string
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    ManagementSubnet string
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    ManagementVpcId string
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    Password string
    Applicable to Azure or AzureGov deployment only.
    SasUrlConfig string
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    SasUrlLicense string
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    ShareDirectory string
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    SicKey string
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    SshPublicKey string
    Applicable to Azure or AzureGov deployment only.
    StorageAccessKey string
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    Tags map[string]string
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    UserData string
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    Username string
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    Zone string
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    egressSubnet String
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    firewallImage String
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    firewallName String
    Name of the firewall instance to be created.
    firewallSize String
    Instance size of the firewall. Example: "m5.xlarge".
    vpcId String
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    availabilityDomain String
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    bootstrapBucketName String
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    bootstrapStorageName String
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    containerFolder String
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    egressVpcId String
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    faultDomain String
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    fileShareFolder String
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    firenetGwName String
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    firewallImageId String
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    firewallImageVersion String
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    iamRole String
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    keyName String
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    managementSubnet String
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    managementVpcId String
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    password String
    Applicable to Azure or AzureGov deployment only.
    sasUrlConfig String
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    sasUrlLicense String
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    shareDirectory String
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    sicKey String
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    sshPublicKey String
    Applicable to Azure or AzureGov deployment only.
    storageAccessKey String
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    tags Map<String,String>
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    userData String
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    username String
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    zone String
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    egressSubnet string
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    firewallImage string
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    firewallName string
    Name of the firewall instance to be created.
    firewallSize string
    Instance size of the firewall. Example: "m5.xlarge".
    vpcId string
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    availabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    bootstrapBucketName string
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    bootstrapStorageName string
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    containerFolder string
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    egressVpcId string
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    faultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    fileShareFolder string
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    firenetGwName string
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    firewallImageId string
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    firewallImageVersion string
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    iamRole string
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    keyName string
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    managementSubnet string
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    managementVpcId string
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    password string
    Applicable to Azure or AzureGov deployment only.
    sasUrlConfig string
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    sasUrlLicense string
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    shareDirectory string
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    sicKey string
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    sshPublicKey string
    Applicable to Azure or AzureGov deployment only.
    storageAccessKey string
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    tags {[key: string]: string}
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    userData string
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    username string
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    zone string
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    egress_subnet str
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    firewall_image str
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    firewall_name str
    Name of the firewall instance to be created.
    firewall_size str
    Instance size of the firewall. Example: "m5.xlarge".
    vpc_id str
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    availability_domain str
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    bootstrap_bucket_name str
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    bootstrap_storage_name str
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    container_folder str
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    egress_vpc_id str
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    fault_domain str
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    file_share_folder str
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    firenet_gw_name str
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    firewall_image_id str
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    firewall_image_version str
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    iam_role str
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    key_name str
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    management_subnet str
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    management_vpc_id str
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    password str
    Applicable to Azure or AzureGov deployment only.
    sas_url_config str
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    sas_url_license str
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    share_directory str
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    sic_key str
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    ssh_public_key str
    Applicable to Azure or AzureGov deployment only.
    storage_access_key str
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    tags Mapping[str, str]
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    user_data str
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    username str
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    zone str
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    egressSubnet String
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    firewallImage String
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    firewallName String
    Name of the firewall instance to be created.
    firewallSize String
    Instance size of the firewall. Example: "m5.xlarge".
    vpcId String
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    availabilityDomain String
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    bootstrapBucketName String
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    bootstrapStorageName String
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    containerFolder String
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    egressVpcId String
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    faultDomain String
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    fileShareFolder String
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    firenetGwName String
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    firewallImageId String
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    firewallImageVersion String
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    iamRole String
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    keyName String
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    managementSubnet String
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    managementVpcId String
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    password String
    Applicable to Azure or AzureGov deployment only.
    sasUrlConfig String
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    sasUrlLicense String
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    shareDirectory String
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    sicKey String
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    sshPublicKey String
    Applicable to Azure or AzureGov deployment only.
    storageAccessKey String
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    tags Map<String>
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    userData String
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    username String
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    zone String
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AviatrixFirewallInstance resource produces the following output properties:

    CloudType int
    Cloud Type.
    EgressInterface string
    ID of Egress Interface created.
    GcpVpcId string
    GCP Only. The current VPC ID.
    Id string
    The provider-assigned unique ID for this managed resource.
    InstanceId string
    ID of the firewall instance created.
    LanInterface string
    ID of Lan Interface created.
    ManagementInterface string
    ID of Management Interface created.
    PublicIp string
    Management Public IP.
    CloudType int
    Cloud Type.
    EgressInterface string
    ID of Egress Interface created.
    GcpVpcId string
    GCP Only. The current VPC ID.
    Id string
    The provider-assigned unique ID for this managed resource.
    InstanceId string
    ID of the firewall instance created.
    LanInterface string
    ID of Lan Interface created.
    ManagementInterface string
    ID of Management Interface created.
    PublicIp string
    Management Public IP.
    cloudType Integer
    Cloud Type.
    egressInterface String
    ID of Egress Interface created.
    gcpVpcId String
    GCP Only. The current VPC ID.
    id String
    The provider-assigned unique ID for this managed resource.
    instanceId String
    ID of the firewall instance created.
    lanInterface String
    ID of Lan Interface created.
    managementInterface String
    ID of Management Interface created.
    publicIp String
    Management Public IP.
    cloudType number
    Cloud Type.
    egressInterface string
    ID of Egress Interface created.
    gcpVpcId string
    GCP Only. The current VPC ID.
    id string
    The provider-assigned unique ID for this managed resource.
    instanceId string
    ID of the firewall instance created.
    lanInterface string
    ID of Lan Interface created.
    managementInterface string
    ID of Management Interface created.
    publicIp string
    Management Public IP.
    cloud_type int
    Cloud Type.
    egress_interface str
    ID of Egress Interface created.
    gcp_vpc_id str
    GCP Only. The current VPC ID.
    id str
    The provider-assigned unique ID for this managed resource.
    instance_id str
    ID of the firewall instance created.
    lan_interface str
    ID of Lan Interface created.
    management_interface str
    ID of Management Interface created.
    public_ip str
    Management Public IP.
    cloudType Number
    Cloud Type.
    egressInterface String
    ID of Egress Interface created.
    gcpVpcId String
    GCP Only. The current VPC ID.
    id String
    The provider-assigned unique ID for this managed resource.
    instanceId String
    ID of the firewall instance created.
    lanInterface String
    ID of Lan Interface created.
    managementInterface String
    ID of Management Interface created.
    publicIp String
    Management Public IP.

    Look up Existing AviatrixFirewallInstance Resource

    Get an existing AviatrixFirewallInstance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AviatrixFirewallInstanceState, opts?: CustomResourceOptions): AviatrixFirewallInstance
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            availability_domain: Optional[str] = None,
            bootstrap_bucket_name: Optional[str] = None,
            bootstrap_storage_name: Optional[str] = None,
            cloud_type: Optional[int] = None,
            container_folder: Optional[str] = None,
            egress_interface: Optional[str] = None,
            egress_subnet: Optional[str] = None,
            egress_vpc_id: Optional[str] = None,
            fault_domain: Optional[str] = None,
            file_share_folder: Optional[str] = None,
            firenet_gw_name: Optional[str] = None,
            firewall_image: Optional[str] = None,
            firewall_image_id: Optional[str] = None,
            firewall_image_version: Optional[str] = None,
            firewall_name: Optional[str] = None,
            firewall_size: Optional[str] = None,
            gcp_vpc_id: Optional[str] = None,
            iam_role: Optional[str] = None,
            instance_id: Optional[str] = None,
            key_name: Optional[str] = None,
            lan_interface: Optional[str] = None,
            management_interface: Optional[str] = None,
            management_subnet: Optional[str] = None,
            management_vpc_id: Optional[str] = None,
            password: Optional[str] = None,
            public_ip: Optional[str] = None,
            sas_url_config: Optional[str] = None,
            sas_url_license: Optional[str] = None,
            share_directory: Optional[str] = None,
            sic_key: Optional[str] = None,
            ssh_public_key: Optional[str] = None,
            storage_access_key: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            user_data: Optional[str] = None,
            username: Optional[str] = None,
            vpc_id: Optional[str] = None,
            zone: Optional[str] = None) -> AviatrixFirewallInstance
    func GetAviatrixFirewallInstance(ctx *Context, name string, id IDInput, state *AviatrixFirewallInstanceState, opts ...ResourceOption) (*AviatrixFirewallInstance, error)
    public static AviatrixFirewallInstance Get(string name, Input<string> id, AviatrixFirewallInstanceState? state, CustomResourceOptions? opts = null)
    public static AviatrixFirewallInstance get(String name, Output<String> id, AviatrixFirewallInstanceState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AvailabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    BootstrapBucketName string
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    BootstrapStorageName string
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    CloudType int
    Cloud Type.
    ContainerFolder string
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    EgressInterface string
    ID of Egress Interface created.
    EgressSubnet string
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    EgressVpcId string
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    FaultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    FileShareFolder string
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    FirenetGwName string
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    FirewallImage string
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    FirewallImageId string
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    FirewallImageVersion string
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    FirewallName string
    Name of the firewall instance to be created.
    FirewallSize string
    Instance size of the firewall. Example: "m5.xlarge".
    GcpVpcId string
    GCP Only. The current VPC ID.
    IamRole string
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    InstanceId string
    ID of the firewall instance created.
    KeyName string
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    LanInterface string
    ID of Lan Interface created.
    ManagementInterface string
    ID of Management Interface created.
    ManagementSubnet string
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    ManagementVpcId string
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    Password string
    Applicable to Azure or AzureGov deployment only.
    PublicIp string
    Management Public IP.
    SasUrlConfig string
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    SasUrlLicense string
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    ShareDirectory string
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    SicKey string
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    SshPublicKey string
    Applicable to Azure or AzureGov deployment only.
    StorageAccessKey string
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    Tags Dictionary<string, string>
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    UserData string
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    Username string
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    VpcId string
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    Zone string
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    AvailabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    BootstrapBucketName string
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    BootstrapStorageName string
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    CloudType int
    Cloud Type.
    ContainerFolder string
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    EgressInterface string
    ID of Egress Interface created.
    EgressSubnet string
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    EgressVpcId string
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    FaultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    FileShareFolder string
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    FirenetGwName string
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    FirewallImage string
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    FirewallImageId string
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    FirewallImageVersion string
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    FirewallName string
    Name of the firewall instance to be created.
    FirewallSize string
    Instance size of the firewall. Example: "m5.xlarge".
    GcpVpcId string
    GCP Only. The current VPC ID.
    IamRole string
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    InstanceId string
    ID of the firewall instance created.
    KeyName string
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    LanInterface string
    ID of Lan Interface created.
    ManagementInterface string
    ID of Management Interface created.
    ManagementSubnet string
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    ManagementVpcId string
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    Password string
    Applicable to Azure or AzureGov deployment only.
    PublicIp string
    Management Public IP.
    SasUrlConfig string
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    SasUrlLicense string
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    ShareDirectory string
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    SicKey string
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    SshPublicKey string
    Applicable to Azure or AzureGov deployment only.
    StorageAccessKey string
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    Tags map[string]string
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    UserData string
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    Username string
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    VpcId string
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    Zone string
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    availabilityDomain String
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    bootstrapBucketName String
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    bootstrapStorageName String
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    cloudType Integer
    Cloud Type.
    containerFolder String
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    egressInterface String
    ID of Egress Interface created.
    egressSubnet String
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    egressVpcId String
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    faultDomain String
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    fileShareFolder String
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    firenetGwName String
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    firewallImage String
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    firewallImageId String
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    firewallImageVersion String
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    firewallName String
    Name of the firewall instance to be created.
    firewallSize String
    Instance size of the firewall. Example: "m5.xlarge".
    gcpVpcId String
    GCP Only. The current VPC ID.
    iamRole String
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    instanceId String
    ID of the firewall instance created.
    keyName String
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    lanInterface String
    ID of Lan Interface created.
    managementInterface String
    ID of Management Interface created.
    managementSubnet String
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    managementVpcId String
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    password String
    Applicable to Azure or AzureGov deployment only.
    publicIp String
    Management Public IP.
    sasUrlConfig String
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    sasUrlLicense String
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    shareDirectory String
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    sicKey String
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    sshPublicKey String
    Applicable to Azure or AzureGov deployment only.
    storageAccessKey String
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    tags Map<String,String>
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    userData String
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    username String
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    vpcId String
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    zone String
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    availabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    bootstrapBucketName string
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    bootstrapStorageName string
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    cloudType number
    Cloud Type.
    containerFolder string
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    egressInterface string
    ID of Egress Interface created.
    egressSubnet string
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    egressVpcId string
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    faultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    fileShareFolder string
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    firenetGwName string
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    firewallImage string
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    firewallImageId string
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    firewallImageVersion string
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    firewallName string
    Name of the firewall instance to be created.
    firewallSize string
    Instance size of the firewall. Example: "m5.xlarge".
    gcpVpcId string
    GCP Only. The current VPC ID.
    iamRole string
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    instanceId string
    ID of the firewall instance created.
    keyName string
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    lanInterface string
    ID of Lan Interface created.
    managementInterface string
    ID of Management Interface created.
    managementSubnet string
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    managementVpcId string
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    password string
    Applicable to Azure or AzureGov deployment only.
    publicIp string
    Management Public IP.
    sasUrlConfig string
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    sasUrlLicense string
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    shareDirectory string
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    sicKey string
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    sshPublicKey string
    Applicable to Azure or AzureGov deployment only.
    storageAccessKey string
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    tags {[key: string]: string}
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    userData string
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    username string
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    vpcId string
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    zone string
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    availability_domain str
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    bootstrap_bucket_name str
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    bootstrap_storage_name str
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    cloud_type int
    Cloud Type.
    container_folder str
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    egress_interface str
    ID of Egress Interface created.
    egress_subnet str
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    egress_vpc_id str
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    fault_domain str
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    file_share_folder str
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    firenet_gw_name str
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    firewall_image str
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    firewall_image_id str
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    firewall_image_version str
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    firewall_name str
    Name of the firewall instance to be created.
    firewall_size str
    Instance size of the firewall. Example: "m5.xlarge".
    gcp_vpc_id str
    GCP Only. The current VPC ID.
    iam_role str
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    instance_id str
    ID of the firewall instance created.
    key_name str
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    lan_interface str
    ID of Lan Interface created.
    management_interface str
    ID of Management Interface created.
    management_subnet str
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    management_vpc_id str
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    password str
    Applicable to Azure or AzureGov deployment only.
    public_ip str
    Management Public IP.
    sas_url_config str
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    sas_url_license str
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    share_directory str
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    sic_key str
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    ssh_public_key str
    Applicable to Azure or AzureGov deployment only.
    storage_access_key str
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    tags Mapping[str, str]
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    user_data str
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    username str
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    vpc_id str
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    zone str
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.
    availabilityDomain String
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    bootstrapBucketName String
    Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
    bootstrapStorageName String
    Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
    cloudType Number
    Cloud Type.
    containerFolder String
    Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    egressInterface String
    ID of Egress Interface created.
    egressSubnet String
    Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
    egressVpcId String
    Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
    faultDomain String
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    fileShareFolder String
    Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    firenetGwName String
    Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
    firewallImage String
    One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
    firewallImageId String
    Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
    firewallImageVersion String
    Version of firewall image. If not specified, Controller will automatically select the latest version available.
    firewallName String
    Name of the firewall instance to be created.
    firewallSize String
    Instance size of the firewall. Example: "m5.xlarge".
    gcpVpcId String
    GCP Only. The current VPC ID.
    iamRole String
    Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
    instanceId String
    ID of the firewall instance created.
    keyName String
    Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
    lanInterface String
    ID of Lan Interface created.
    managementInterface String
    ID of Management Interface created.
    managementSubnet String
    Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
    managementVpcId String
    Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
    password String
    Applicable to Azure or AzureGov deployment only.
    publicIp String
    Management Public IP.
    sasUrlConfig String
    Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    sasUrlLicense String
    Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
    shareDirectory String
    Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    sicKey String
    Advanced option. Sic key. Applicable to Check Point Series deployment only.
    sshPublicKey String
    Applicable to Azure or AzureGov deployment only.
    storageAccessKey String
    Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
    tags Map<String>
    Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
    userData String
    Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
    username String
    Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
    vpcId String
    VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
    zone String
    Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

    Import

    firewall_instance can be imported using the instance_id. For Azure or AzureGov FireNet instances, the value will be the firewall_name concatenated with a “:” and the Resource Group of the vpc_id set for that instance. e.g.

     $ pulumi import aviatrix:index/aviatrixFirewallInstance:AviatrixFirewallInstance test instance_id
    

    Package Details

    Repository
    aviatrix astipkovits/pulumi-aviatrix
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aviatrix Terraform Provider.
    aviatrix logo
    Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix