1. Packages
  2. Aviatrix
  3. API Docs
  4. AviatrixMicrosegPolicyList
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixMicrosegPolicyList

Explore with Pulumi AI

aviatrix logo
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

    !> WARNING aviatrix_microseg_policy_list is part of the Micro-segmentation private preview feature for R2.22.0. If you wish to enable a private preview mode feature, please contact your sales representative or Aviatrix Support.

    The aviatrix_microseg_policy_list resource handles the creation and management of Micro-segmentation Policies. Available as of Provider R2.22.0+.

    Example Usage

    using System.Collections.Generic;
    using Pulumi;
    using Aviatrix = Pulumi.Aviatrix;
    
    return await Deployment.RunAsync(() => 
    {
        // Create an Aviatrix Microseg Policy
        var test = new Aviatrix.AviatrixMicrosegPolicyList("test", new()
        {
            Policies = new[]
            {
                new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyArgs
                {
                    Action = "DENY",
                    DstAppDomains = new[]
                    {
                        "82e50c85-82bf-4b3b-b9da-aaed34a3aa53",
                    },
                    Logging = false,
                    Name = "microseg-policy-1",
                    Priority = 1,
                    Protocol = "ICMP",
                    SrcAppDomains = new[]
                    {
                        "f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30",
                    },
                    Watch = false,
                },
                new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyArgs
                {
                    Action = "PERMIT",
                    DstAppDomains = new[]
                    {
                        "f05b0ad7-d2d7-4d16-b2f6-48492319414c",
                    },
                    Name = "microseg-policy",
                    PortRanges = new[]
                    {
                        new Aviatrix.Inputs.AviatrixMicrosegPolicyListPolicyPortRangeArgs
                        {
                            Hi = 50000,
                            Lo = 49000,
                        },
                    },
                    Priority = 0,
                    Protocol = "TCP",
                    SrcAppDomains = new[]
                    {
                        "7e7d1573-7a7a-4a53-bcb5-1ad5041961e0",
                    },
                },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := aviatrix.NewAviatrixMicrosegPolicyList(ctx, "test", &aviatrix.AviatrixMicrosegPolicyListArgs{
    			Policies: AviatrixMicrosegPolicyListPolicyArray{
    				&AviatrixMicrosegPolicyListPolicyArgs{
    					Action: pulumi.String("DENY"),
    					DstAppDomains: pulumi.StringArray{
    						pulumi.String("82e50c85-82bf-4b3b-b9da-aaed34a3aa53"),
    					},
    					Logging:  pulumi.Bool(false),
    					Name:     pulumi.String("microseg-policy-1"),
    					Priority: pulumi.Int(1),
    					Protocol: pulumi.String("ICMP"),
    					SrcAppDomains: pulumi.StringArray{
    						pulumi.String("f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"),
    					},
    					Watch: pulumi.Bool(false),
    				},
    				&AviatrixMicrosegPolicyListPolicyArgs{
    					Action: pulumi.String("PERMIT"),
    					DstAppDomains: pulumi.StringArray{
    						pulumi.String("f05b0ad7-d2d7-4d16-b2f6-48492319414c"),
    					},
    					Name: pulumi.String("microseg-policy"),
    					PortRanges: AviatrixMicrosegPolicyListPolicyPortRangeArray{
    						&AviatrixMicrosegPolicyListPolicyPortRangeArgs{
    							Hi: pulumi.Int(50000),
    							Lo: pulumi.Int(49000),
    						},
    					},
    					Priority: pulumi.Int(0),
    					Protocol: pulumi.String("TCP"),
    					SrcAppDomains: pulumi.StringArray{
    						pulumi.String("7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aviatrix.AviatrixMicrosegPolicyList;
    import com.pulumi.aviatrix.AviatrixMicrosegPolicyListArgs;
    import com.pulumi.aviatrix.inputs.AviatrixMicrosegPolicyListPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new AviatrixMicrosegPolicyList("test", AviatrixMicrosegPolicyListArgs.builder()        
                .policies(            
                    AviatrixMicrosegPolicyListPolicyArgs.builder()
                        .action("DENY")
                        .dstAppDomains("82e50c85-82bf-4b3b-b9da-aaed34a3aa53")
                        .logging(false)
                        .name("microseg-policy-1")
                        .priority(1)
                        .protocol("ICMP")
                        .srcAppDomains("f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30")
                        .watch(false)
                        .build(),
                    AviatrixMicrosegPolicyListPolicyArgs.builder()
                        .action("PERMIT")
                        .dstAppDomains("f05b0ad7-d2d7-4d16-b2f6-48492319414c")
                        .name("microseg-policy")
                        .portRanges(AviatrixMicrosegPolicyListPolicyPortRangeArgs.builder()
                            .hi(50000)
                            .lo(49000)
                            .build())
                        .priority(0)
                        .protocol("TCP")
                        .srcAppDomains("7e7d1573-7a7a-4a53-bcb5-1ad5041961e0")
                        .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aviatrix as aviatrix
    
    # Create an Aviatrix Microseg Policy
    test = aviatrix.AviatrixMicrosegPolicyList("test", policies=[
        aviatrix.AviatrixMicrosegPolicyListPolicyArgs(
            action="DENY",
            dst_app_domains=["82e50c85-82bf-4b3b-b9da-aaed34a3aa53"],
            logging=False,
            name="microseg-policy-1",
            priority=1,
            protocol="ICMP",
            src_app_domains=["f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"],
            watch=False,
        ),
        aviatrix.AviatrixMicrosegPolicyListPolicyArgs(
            action="PERMIT",
            dst_app_domains=["f05b0ad7-d2d7-4d16-b2f6-48492319414c"],
            name="microseg-policy",
            port_ranges=[aviatrix.AviatrixMicrosegPolicyListPolicyPortRangeArgs(
                hi=50000,
                lo=49000,
            )],
            priority=0,
            protocol="TCP",
            src_app_domains=["7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"],
        ),
    ])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aviatrix from "@pulumi/aviatrix";
    
    // Create an Aviatrix Microseg Policy
    const test = new aviatrix.AviatrixMicrosegPolicyList("test", {
        policies: [
            {
                action: "DENY",
                dstAppDomains: ["82e50c85-82bf-4b3b-b9da-aaed34a3aa53"],
                logging: false,
                name: "microseg-policy-1",
                priority: 1,
                protocol: "ICMP",
                srcAppDomains: ["f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30"],
                watch: false,
            },
            {
                action: "PERMIT",
                dstAppDomains: ["f05b0ad7-d2d7-4d16-b2f6-48492319414c"],
                name: "microseg-policy",
                portRanges: [{
                    hi: 50000,
                    lo: 49000,
                }],
                priority: 0,
                protocol: "TCP",
                srcAppDomains: ["7e7d1573-7a7a-4a53-bcb5-1ad5041961e0"],
            },
        ],
    });
    
    resources:
      # Create an Aviatrix Microseg Policy
      test:
        type: aviatrix:AviatrixMicrosegPolicyList
        properties:
          policies:
            - action: DENY
              dstAppDomains:
                - 82e50c85-82bf-4b3b-b9da-aaed34a3aa53
              logging: false
              name: microseg-policy-1
              priority: 1
              protocol: ICMP
              srcAppDomains:
                - f15c9890-c8c4-4c1a-a2b5-ef0ab34d2e30
              watch: false
            - action: PERMIT
              dstAppDomains:
                - f05b0ad7-d2d7-4d16-b2f6-48492319414c
              name: microseg-policy
              portRanges:
                - hi: 50000
                  lo: 49000
              priority: 0
              protocol: TCP
              srcAppDomains:
                - 7e7d1573-7a7a-4a53-bcb5-1ad5041961e0
    

    Create AviatrixMicrosegPolicyList Resource

    new AviatrixMicrosegPolicyList(name: string, args: AviatrixMicrosegPolicyListArgs, opts?: CustomResourceOptions);
    @overload
    def AviatrixMicrosegPolicyList(resource_name: str,
                                   opts: Optional[ResourceOptions] = None,
                                   policies: Optional[Sequence[AviatrixMicrosegPolicyListPolicyArgs]] = None)
    @overload
    def AviatrixMicrosegPolicyList(resource_name: str,
                                   args: AviatrixMicrosegPolicyListArgs,
                                   opts: Optional[ResourceOptions] = None)
    func NewAviatrixMicrosegPolicyList(ctx *Context, name string, args AviatrixMicrosegPolicyListArgs, opts ...ResourceOption) (*AviatrixMicrosegPolicyList, error)
    public AviatrixMicrosegPolicyList(string name, AviatrixMicrosegPolicyListArgs args, CustomResourceOptions? opts = null)
    public AviatrixMicrosegPolicyList(String name, AviatrixMicrosegPolicyListArgs args)
    public AviatrixMicrosegPolicyList(String name, AviatrixMicrosegPolicyListArgs args, CustomResourceOptions options)
    
    type: aviatrix:AviatrixMicrosegPolicyList
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AviatrixMicrosegPolicyListArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AviatrixMicrosegPolicyListArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AviatrixMicrosegPolicyListArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AviatrixMicrosegPolicyListArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AviatrixMicrosegPolicyListArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AviatrixMicrosegPolicyList Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AviatrixMicrosegPolicyList resource accepts the following input properties:

    policies List<Property Map>
    List of policies.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AviatrixMicrosegPolicyList resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing AviatrixMicrosegPolicyList Resource

    Get an existing AviatrixMicrosegPolicyList resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AviatrixMicrosegPolicyListState, opts?: CustomResourceOptions): AviatrixMicrosegPolicyList
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            policies: Optional[Sequence[AviatrixMicrosegPolicyListPolicyArgs]] = None) -> AviatrixMicrosegPolicyList
    func GetAviatrixMicrosegPolicyList(ctx *Context, name string, id IDInput, state *AviatrixMicrosegPolicyListState, opts ...ResourceOption) (*AviatrixMicrosegPolicyList, error)
    public static AviatrixMicrosegPolicyList Get(string name, Input<string> id, AviatrixMicrosegPolicyListState? state, CustomResourceOptions? opts = null)
    public static AviatrixMicrosegPolicyList get(String name, Output<String> id, AviatrixMicrosegPolicyListState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.

    Supporting Types

    AviatrixMicrosegPolicyListPolicy, AviatrixMicrosegPolicyListPolicyArgs

    Action string
    Action for the policy. Must be one of PERMIT or DENY.
    DstAppDomains List<string>
    List of App Domain UUIDs for the destination for the policy.
    Name string
    Name of the policy.
    Protocol string
    Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
    SrcAppDomains List<string>
    List of App Domain UUIDs for the source for the policy.
    Logging bool
    Whether to enable logging for packets that match the policy. Type: Boolean.
    PortRanges List<AviatrixMicrosegPolicyListPolicyPortRange>
    List of port ranges for the policy. Cannot be used when protocol is "ICMP".
    Priority int
    Priority for the policy. Default: 0. Type: Integer.
    Uuid string
    UUID for the Policy.
    Watch bool
    Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
    Action string
    Action for the policy. Must be one of PERMIT or DENY.
    DstAppDomains []string
    List of App Domain UUIDs for the destination for the policy.
    Name string
    Name of the policy.
    Protocol string
    Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
    SrcAppDomains []string
    List of App Domain UUIDs for the source for the policy.
    Logging bool
    Whether to enable logging for packets that match the policy. Type: Boolean.
    PortRanges []AviatrixMicrosegPolicyListPolicyPortRange
    List of port ranges for the policy. Cannot be used when protocol is "ICMP".
    Priority int
    Priority for the policy. Default: 0. Type: Integer.
    Uuid string
    UUID for the Policy.
    Watch bool
    Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
    action String
    Action for the policy. Must be one of PERMIT or DENY.
    dstAppDomains List<String>
    List of App Domain UUIDs for the destination for the policy.
    name String
    Name of the policy.
    protocol String
    Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
    srcAppDomains List<String>
    List of App Domain UUIDs for the source for the policy.
    logging Boolean
    Whether to enable logging for packets that match the policy. Type: Boolean.
    portRanges List<AviatrixMicrosegPolicyListPolicyPortRange>
    List of port ranges for the policy. Cannot be used when protocol is "ICMP".
    priority Integer
    Priority for the policy. Default: 0. Type: Integer.
    uuid String
    UUID for the Policy.
    watch Boolean
    Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
    action string
    Action for the policy. Must be one of PERMIT or DENY.
    dstAppDomains string[]
    List of App Domain UUIDs for the destination for the policy.
    name string
    Name of the policy.
    protocol string
    Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
    srcAppDomains string[]
    List of App Domain UUIDs for the source for the policy.
    logging boolean
    Whether to enable logging for packets that match the policy. Type: Boolean.
    portRanges AviatrixMicrosegPolicyListPolicyPortRange[]
    List of port ranges for the policy. Cannot be used when protocol is "ICMP".
    priority number
    Priority for the policy. Default: 0. Type: Integer.
    uuid string
    UUID for the Policy.
    watch boolean
    Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
    action str
    Action for the policy. Must be one of PERMIT or DENY.
    dst_app_domains Sequence[str]
    List of App Domain UUIDs for the destination for the policy.
    name str
    Name of the policy.
    protocol str
    Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
    src_app_domains Sequence[str]
    List of App Domain UUIDs for the source for the policy.
    logging bool
    Whether to enable logging for packets that match the policy. Type: Boolean.
    port_ranges Sequence[AviatrixMicrosegPolicyListPolicyPortRange]
    List of port ranges for the policy. Cannot be used when protocol is "ICMP".
    priority int
    Priority for the policy. Default: 0. Type: Integer.
    uuid str
    UUID for the Policy.
    watch bool
    Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.
    action String
    Action for the policy. Must be one of PERMIT or DENY.
    dstAppDomains List<String>
    List of App Domain UUIDs for the destination for the policy.
    name String
    Name of the policy.
    protocol String
    Protocol for the policy. Must be one of TCP, UDP, ICMP or ANY.
    srcAppDomains List<String>
    List of App Domain UUIDs for the source for the policy.
    logging Boolean
    Whether to enable logging for packets that match the policy. Type: Boolean.
    portRanges List<Property Map>
    List of port ranges for the policy. Cannot be used when protocol is "ICMP".
    priority Number
    Priority for the policy. Default: 0. Type: Integer.
    uuid String
    UUID for the Policy.
    watch Boolean
    Whether to enforce the policy or only watch packets. If "true" packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped). Type: Boolean.

    AviatrixMicrosegPolicyListPolicyPortRange, AviatrixMicrosegPolicyListPolicyPortRangeArgs

    Lo int
    Lower bound for the range of ports.
    Hi int
    Upper bound for the range of ports. When not set, lo is the only port that matches the policy.
    Lo int
    Lower bound for the range of ports.
    Hi int
    Upper bound for the range of ports. When not set, lo is the only port that matches the policy.
    lo Integer
    Lower bound for the range of ports.
    hi Integer
    Upper bound for the range of ports. When not set, lo is the only port that matches the policy.
    lo number
    Lower bound for the range of ports.
    hi number
    Upper bound for the range of ports. When not set, lo is the only port that matches the policy.
    lo int
    Lower bound for the range of ports.
    hi int
    Upper bound for the range of ports. When not set, lo is the only port that matches the policy.
    lo Number
    Lower bound for the range of ports.
    hi Number
    Upper bound for the range of ports. When not set, lo is the only port that matches the policy.

    Import

    aviatrix_microseg_policy_list can be imported using the controller IP, e.g. controller IP is 10.11.12.13

     $ pulumi import aviatrix:index/aviatrixMicrosegPolicyList:AviatrixMicrosegPolicyList test 10-11-12-13
    

    Package Details

    Repository
    aviatrix astipkovits/pulumi-aviatrix
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aviatrix Terraform Provider.
    aviatrix logo
    Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix