aviatrix.AviatrixMicrosegPolicyList

Explore with Pulumi AI

!> WARNING aviatrix_microseg_policy_list is part of the Micro-segmentation private preview feature for R2.22.0. If you wish to enable a private preview mode feature, please contact your sales representative or Aviatrix Support.

The aviatrix_microseg_policy_list resource handles the creation and management of Micro-segmentation Policies. Available as of Provider R2.22.0+.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Aviatrix = Pulumi.Aviatrix;

return await Deployment.RunAsync(() => 
{
    // Create an Aviatrix Microseg Policy
    var test = new Aviatrix.AviatrixMicrosegPolicyList("test", new()
    {
        Policies = new[]
        {
            new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyArgs
            {
                Action = "DENY",
                DstAppDomains = new[]
                {
                    "82e50c85-82bf-4b3b-b9da-aaed34a3aa53",
                },
                Logging = false,
                Name = "microseg-policy-1",
                Priority = 1,
                Protocol = "ICMP",
                SrcAppDomains = new[]
                {
                    "f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30",
                },
                Watch = false,
            },
            new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyArgs
            {
                Action = "PERMIT",
                DstAppDomains = new[]
                {
                    "f05b0ad7-d2d7-4d16-b2f6-48492319414c",
                },
                Name = "microseg-policy",
                PortRanges = new[]
                {
                    new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyPortRangeArgs
                    {
                        Hi = 50000,
                        Lo = 49000,
                    },
                },
                Priority = 0,
                Protocol = "TCP",
                SrcAppDomains = new[]
                {
                    "7e7d1573-7a7a-4a53-bcb5-1ad5041961e0",
                },
            },
        },
    });

});
package main

import (
	"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := aviatrix.NewAviatrixMicrosegPolicyList(ctx, "test", &aviatrix.AviatrixMicrosegPolicyListArgs{
			Policies: AviatrixMicrosegPolicyListPolicyArray{
				&AviatrixMicrosegPolicyListPolicyArgs{
					Action: pulumi.String("DENY"),
					DstAppDomains: pulumi.StringArray{
						pulumi.String("82e50c85-82bf-4b3b-b9da-aaed34a3aa53"),
					},
					Logging:  pulumi.Bool(false),
					Name:     pulumi.String("microseg-policy-1"),
					Priority: pulumi.Int(1),
					Protocol: pulumi.String("ICMP"),
					SrcAppDomains: pulumi.StringArray{
						pulumi.String("f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"),
					},
					Watch: pulumi.Bool(false),
				},
				&AviatrixMicrosegPolicyListPolicyArgs{
					Action: pulumi.String("PERMIT"),
					DstAppDomains: pulumi.StringArray{
						pulumi.String("f05b0ad7-d2d7-4d16-b2f6-48492319414c"),
					},
					Name: pulumi.String("microseg-policy"),
					PortRanges: AviatrixMicrosegPolicyListPolicyPortRangeArray{
						&AviatrixMicrosegPolicyListPolicyPortRangeArgs{
							Hi: pulumi.Int(50000),
							Lo: pulumi.Int(49000),
						},
					},
					Priority: pulumi.Int(0),
					Protocol: pulumi.String("TCP"),
					SrcAppDomains: pulumi.StringArray{
						pulumi.String("7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aviatrix.AviatrixMicrosegPolicyList;
import com.pulumi.aviatrix.AviatrixMicrosegPolicyListArgs;
import com.pulumi.aviatrix.inputs.AviatrixMicrosegPolicyListPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var test = new AviatrixMicrosegPolicyList("test", AviatrixMicrosegPolicyListArgs.builder()        
            .policies(            
                AviatrixMicrosegPolicyListPolicyArgs.builder()
                    .action("DENY")
                    .dstAppDomains("82e50c85-82bf-4b3b-b9da-aaed34a3aa53")
                    .logging(false)
                    .name("microseg-policy-1")
                    .priority(1)
                    .protocol("ICMP")
                    .srcAppDomains("f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30")
                    .watch(false)
                    .build(),
                AviatrixMicrosegPolicyListPolicyArgs.builder()
                    .action("PERMIT")
                    .dstAppDomains("f05b0ad7-d2d7-4d16-b2f6-48492319414c")
                    .name("microseg-policy")
                    .portRanges(AviatrixMicrosegPolicyListPolicyPortRangeArgs.builder()
                        .hi(50000)
                        .lo(49000)
                        .build())
                    .priority(0)
                    .protocol("TCP")
                    .srcAppDomains("7e7d1573-7a7a-4a53-bcb5-1ad5041961e0")
                    .build())
            .build());

    }
}
import pulumi
import pulumi_aviatrix as aviatrix

# Create an Aviatrix Microseg Policy
test = aviatrix.AviatrixMicrosegPolicyList("test", policies=[
    aviatrix.AviatrixMicrosegPolicyListPolicyArgs(
        action="DENY",
        dst_app_domains=["82e50c85-82bf-4b3b-b9da-aaed34a3aa53"],
        logging=False,
        name="microseg-policy-1",
        priority=1,
        protocol="ICMP",
        src_app_domains=["f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"],
        watch=False,
    ),
    aviatrix.AviatrixMicrosegPolicyListPolicyArgs(
        action="PERMIT",
        dst_app_domains=["f05b0ad7-d2d7-4d16-b2f6-48492319414c"],
        name="microseg-policy",
        port_ranges=[aviatrix.AviatrixMicrosegPolicyListPolicyPortRangeArgs(
            hi=50000,
            lo=49000,
        )],
        priority=0,
        protocol="TCP",
        src_app_domains=["7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"],
    ),
])
import * as pulumi from "@pulumi/pulumi";
import * as aviatrix from "@pulumi/aviatrix";

// Create an Aviatrix Microseg Policy
const test = new aviatrix.AviatrixMicrosegPolicyList("test", {
    policies: [
        {
            action: "DENY",
            dstAppDomains: ["82e50c85-82bf-4b3b-b9da-aaed34a3aa53"],
            logging: false,
            name: "microseg-policy-1",
            priority: 1,
            protocol: "ICMP",
            srcAppDomains: ["f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"],
            watch: false,
        },
        {
            action: "PERMIT",
            dstAppDomains: ["f05b0ad7-d2d7-4d16-b2f6-48492319414c"],
            name: "microseg-policy",
            portRanges: [{
                hi: 50000,
                lo: 49000,
            }],
            priority: 0,
            protocol: "TCP",
            srcAppDomains: ["7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"],
        },
    ],
});
resources:
  # Create an Aviatrix Microseg Policy
  test:
    type: aviatrix:AviatrixMicrosegPolicyList
    properties:
      policies:
        - action: DENY
          dstAppDomains:
            - 82e50c85-82bf-4b3b-b9da-aaed34a3aa53
          logging: false
          name: microseg-policy-1
          priority: 1
          protocol: ICMP
          srcAppDomains:
            - f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30
          watch: false
        - action: PERMIT
          dstAppDomains:
            - f05b0ad7-d2d7-4d16-b2f6-48492319414c
          name: microseg-policy
          portRanges:
            - hi: 50000
              lo: 49000
          priority: 0
          protocol: TCP
          srcAppDomains:
            - 7e7d1573-7a7a-4a53-bcb5-1ad5041961e0

Create AviatrixMicrosegPolicyList Resource

new AviatrixMicrosegPolicyList(name: string, args: AviatrixMicrosegPolicyListArgs, opts?: CustomResourceOptions);
@overload
def AviatrixMicrosegPolicyList(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               policies: Optional[Sequence[AviatrixMicrosegPolicyListPolicyArgs]] = None)
@overload
def AviatrixMicrosegPolicyList(resource_name: str,
                               args: AviatrixMicrosegPolicyListArgs,
                               opts: Optional[ResourceOptions] = None)
func NewAviatrixMicrosegPolicyList(ctx *Context, name string, args AviatrixMicrosegPolicyListArgs, opts ...ResourceOption) (*AviatrixMicrosegPolicyList, error)
public AviatrixMicrosegPolicyList(string name, AviatrixMicrosegPolicyListArgs args, CustomResourceOptions? opts = null)
public AviatrixMicrosegPolicyList(String name, AviatrixMicrosegPolicyListArgs args)
public AviatrixMicrosegPolicyList(String name, AviatrixMicrosegPolicyListArgs args, CustomResourceOptions options)
type: aviatrix:AviatrixMicrosegPolicyList
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AviatrixMicrosegPolicyListArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AviatrixMicrosegPolicyListArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AviatrixMicrosegPolicyListArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AviatrixMicrosegPolicyListArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AviatrixMicrosegPolicyListArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

AviatrixMicrosegPolicyList Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AviatrixMicrosegPolicyList resource accepts the following input properties:

policies List<Property Map>

List of policies.

Outputs

All input properties are implicitly available as output properties. Additionally, the AviatrixMicrosegPolicyList resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing AviatrixMicrosegPolicyList Resource

Get an existing AviatrixMicrosegPolicyList resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AviatrixMicrosegPolicyListState, opts?: CustomResourceOptions): AviatrixMicrosegPolicyList
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        policies: Optional[Sequence[AviatrixMicrosegPolicyListPolicyArgs]] = None) -> AviatrixMicrosegPolicyList
func GetAviatrixMicrosegPolicyList(ctx *Context, name string, id IDInput, state *AviatrixMicrosegPolicyListState, opts ...ResourceOption) (*AviatrixMicrosegPolicyList, error)
public static AviatrixMicrosegPolicyList Get(string name, Input<string> id, AviatrixMicrosegPolicyListState? state, CustomResourceOptions? opts = null)
public static AviatrixMicrosegPolicyList get(String name, Output<String> id, AviatrixMicrosegPolicyListState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

Supporting Types

AviatrixMicrosegPolicyListPolicy

Action string

Action for the policy. Must be one of PERMIT or DENY.

DstAppDomains List<string>

List of App Domain UUIDs for the destination for the policy.

Name string

Name of the policy.

Protocol string

Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.

SrcAppDomains List<string>

List of App Domain UUIDs for the source for the policy.

Logging bool

Whether to enable logging for packets that match the policy. Type: Boolean.

PortRanges List<AviatrixMicrosegPolicyListPolicyPortRange>

List of port ranges for the policy. Cannot be used when protocol is "ICMP".

Priority int

Priority for the policy. Default: 0. Type: Integer.

Uuid string

UUID for the Policy.

Watch bool

Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.

Action string

Action for the policy. Must be one of PERMIT or DENY.

DstAppDomains []string

List of App Domain UUIDs for the destination for the policy.

Name string

Name of the policy.

Protocol string

Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.

SrcAppDomains []string

List of App Domain UUIDs for the source for the policy.

Logging bool

Whether to enable logging for packets that match the policy. Type: Boolean.

PortRanges []AviatrixMicrosegPolicyListPolicyPortRange

List of port ranges for the policy. Cannot be used when protocol is "ICMP".

Priority int

Priority for the policy. Default: 0. Type: Integer.

Uuid string

UUID for the Policy.

Watch bool

Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.

action String

Action for the policy. Must be one of PERMIT or DENY.

dstAppDomains List<String>

List of App Domain UUIDs for the destination for the policy.

name String

Name of the policy.

protocol String

Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.

srcAppDomains List<String>

List of App Domain UUIDs for the source for the policy.

logging Boolean

Whether to enable logging for packets that match the policy. Type: Boolean.

portRanges List<AviatrixMicrosegPolicyListPolicyPortRange>

List of port ranges for the policy. Cannot be used when protocol is "ICMP".

priority Integer

Priority for the policy. Default: 0. Type: Integer.

uuid String

UUID for the Policy.

watch Boolean

Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.

action string

Action for the policy. Must be one of PERMIT or DENY.

dstAppDomains string[]

List of App Domain UUIDs for the destination for the policy.

name string

Name of the policy.

protocol string

Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.

srcAppDomains string[]

List of App Domain UUIDs for the source for the policy.

logging boolean

Whether to enable logging for packets that match the policy. Type: Boolean.

portRanges AviatrixMicrosegPolicyListPolicyPortRange[]

List of port ranges for the policy. Cannot be used when protocol is "ICMP".

priority number

Priority for the policy. Default: 0. Type: Integer.

uuid string

UUID for the Policy.

watch boolean

Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.

action str

Action for the policy. Must be one of PERMIT or DENY.

dst_app_domains Sequence[str]

List of App Domain UUIDs for the destination for the policy.

name str

Name of the policy.

protocol str

Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.

src_app_domains Sequence[str]

List of App Domain UUIDs for the source for the policy.

logging bool

Whether to enable logging for packets that match the policy. Type: Boolean.

port_ranges Sequence[AviatrixMicrosegPolicyListPolicyPortRange]

List of port ranges for the policy. Cannot be used when protocol is "ICMP".

priority int

Priority for the policy. Default: 0. Type: Integer.

uuid str

UUID for the Policy.

watch bool

Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.

action String

Action for the policy. Must be one of PERMIT or DENY.

dstAppDomains List<String>

List of App Domain UUIDs for the destination for the policy.

name String

Name of the policy.

protocol String

Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.

srcAppDomains List<String>

List of App Domain UUIDs for the source for the policy.

logging Boolean

Whether to enable logging for packets that match the policy. Type: Boolean.

portRanges List<Property Map>

List of port ranges for the policy. Cannot be used when protocol is "ICMP".

priority Number

Priority for the policy. Default: 0. Type: Integer.

uuid String

UUID for the Policy.

watch Boolean

Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.

AviatrixMicrosegPolicyListPolicyPortRange

Lo int

Lower bound for the range of ports.

Hi int

Upper bound for the range of ports. When not set, lo is the only port that matches the policy.

Lo int

Lower bound for the range of ports.

Hi int

Upper bound for the range of ports. When not set, lo is the only port that matches the policy.

lo Integer

Lower bound for the range of ports.

hi Integer

Upper bound for the range of ports. When not set, lo is the only port that matches the policy.

lo number

Lower bound for the range of ports.

hi number

Upper bound for the range of ports. When not set, lo is the only port that matches the policy.

lo int

Lower bound for the range of ports.

hi int

Upper bound for the range of ports. When not set, lo is the only port that matches the policy.

lo Number

Lower bound for the range of ports.

hi Number

Upper bound for the range of ports. When not set, lo is the only port that matches the policy.

Import

aviatrix_microseg_policy_list can be imported using the controller IP, e.g. controller IP is 10.11.12.13

 $ pulumi import aviatrix:index/aviatrixMicrosegPolicyList:AviatrixMicrosegPolicyList test 10-11-12-13

Package Details

Repository
aviatrix astipkovits/pulumi-aviatrix
License
Apache-2.0
Notes

This Pulumi package is based on the aviatrix Terraform Provider.