Docs
PackagesAviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix
aviatrix.AviatrixVpnProfile
Explore with Pulumi AI
The aviatrix_vpn_profile resource allows the creation and management of Aviatrix VPN user profiles.
NOTE: As of R2.15, management of user/profile attachment can be set using
manage_user_attachment. This argument must be set to true in either aviatrix_vpn_user or aviatrix_vpn_profile. If attachment is managed in the aviatrix_vpn_profile (set to true), it must be set to false in the aviatrix_vpn_user resource and vice versa.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Aviatrix = Pulumi.Aviatrix;
return await Deployment.RunAsync(() =>
{
// Create an Aviatrix AWS VPN User Profile
var testVpnProfile = new Aviatrix.AviatrixVpnProfile("testVpnProfile", new()
{
BaseRule = "allow_all",
Policies = new[]
{
new Aviatrix.Inputs.AviatrixVpnProfilePolicyArgs
{
Action = "deny",
Port = "443",
Proto = "tcp",
Target = "10.0.0.0/32",
},
new Aviatrix.Inputs.AviatrixVpnProfilePolicyArgs
{
Action = "deny",
Port = "443",
Proto = "tcp",
Target = "10.0.0.1/32",
},
},
Users = new[]
{
"user1",
"user2",
},
});
});
package main
import (
"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := aviatrix.NewAviatrixVpnProfile(ctx, "testVpnProfile", &aviatrix.AviatrixVpnProfileArgs{
BaseRule: pulumi.String("allow_all"),
Policies: AviatrixVpnProfilePolicyArray{
&AviatrixVpnProfilePolicyArgs{
Action: pulumi.String("deny"),
Port: pulumi.String("443"),
Proto: pulumi.String("tcp"),
Target: pulumi.String("10.0.0.0/32"),
},
&AviatrixVpnProfilePolicyArgs{
Action: pulumi.String("deny"),
Port: pulumi.String("443"),
Proto: pulumi.String("tcp"),
Target: pulumi.String("10.0.0.1/32"),
},
},
Users: pulumi.StringArray{
pulumi.String("user1"),
pulumi.String("user2"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aviatrix.AviatrixVpnProfile;
import com.pulumi.aviatrix.AviatrixVpnProfileArgs;
import com.pulumi.aviatrix.inputs.AviatrixVpnProfilePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testVpnProfile = new AviatrixVpnProfile("testVpnProfile", AviatrixVpnProfileArgs.builder()
.baseRule("allow_all")
.policies(
AviatrixVpnProfilePolicyArgs.builder()
.action("deny")
.port("443")
.proto("tcp")
.target("10.0.0.0/32")
.build(),
AviatrixVpnProfilePolicyArgs.builder()
.action("deny")
.port("443")
.proto("tcp")
.target("10.0.0.1/32")
.build())
.users(
"user1",
"user2")
.build());
}
}
import pulumi
import pulumi_aviatrix as aviatrix
# Create an Aviatrix AWS VPN User Profile
test_vpn_profile = aviatrix.AviatrixVpnProfile("testVpnProfile",
base_rule="allow_all",
policies=[
aviatrix.AviatrixVpnProfilePolicyArgs(
action="deny",
port="443",
proto="tcp",
target="10.0.0.0/32",
),
aviatrix.AviatrixVpnProfilePolicyArgs(
action="deny",
port="443",
proto="tcp",
target="10.0.0.1/32",
),
],
users=[
"user1",
"user2",
])
import * as pulumi from "@pulumi/pulumi";
import * as aviatrix from "@pulumi/aviatrix";
// Create an Aviatrix AWS VPN User Profile
const testVpnProfile = new aviatrix.AviatrixVpnProfile("test_vpn_profile", {
baseRule: "allow_all",
policies: [
{
action: "deny",
port: "443",
proto: "tcp",
target: "10.0.0.0/32",
},
{
action: "deny",
port: "443",
proto: "tcp",
target: "10.0.0.1/32",
},
],
users: [
"user1",
"user2",
],
});
resources:
# Create an Aviatrix AWS VPN User Profile
testVpnProfile:
type: aviatrix:AviatrixVpnProfile
properties:
baseRule: allow_all
policies:
- action: deny
port: '443'
proto: tcp
target: 10.0.0.0/32
- action: deny
port: '443'
proto: tcp
target: 10.0.0.1/32
users:
- user1
- user2
Create AviatrixVpnProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AviatrixVpnProfile(name: string, args?: AviatrixVpnProfileArgs, opts?: CustomResourceOptions);@overload
def AviatrixVpnProfile(resource_name: str,
args: Optional[AviatrixVpnProfileArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def AviatrixVpnProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
base_rule: Optional[str] = None,
manage_user_attachment: Optional[bool] = None,
name: Optional[str] = None,
policies: Optional[Sequence[AviatrixVpnProfilePolicyArgs]] = None,
users: Optional[Sequence[str]] = None)func NewAviatrixVpnProfile(ctx *Context, name string, args *AviatrixVpnProfileArgs, opts ...ResourceOption) (*AviatrixVpnProfile, error)public AviatrixVpnProfile(string name, AviatrixVpnProfileArgs? args = null, CustomResourceOptions? opts = null)
public AviatrixVpnProfile(String name, AviatrixVpnProfileArgs args)
public AviatrixVpnProfile(String name, AviatrixVpnProfileArgs args, CustomResourceOptions options)
type: aviatrix:AviatrixVpnProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var aviatrixVpnProfileResource = new Aviatrix.AviatrixVpnProfile("aviatrixVpnProfileResource", new()
{
BaseRule = "string",
ManageUserAttachment = false,
Name = "string",
Policies = new[]
{
new Aviatrix.Inputs.AviatrixVpnProfilePolicyArgs
{
Action = "string",
Port = "string",
Proto = "string",
Target = "string",
},
},
Users = new[]
{
"string",
},
});
example, err := aviatrix.NewAviatrixVpnProfile(ctx, "aviatrixVpnProfileResource", &aviatrix.AviatrixVpnProfileArgs{
BaseRule: pulumi.String("string"),
ManageUserAttachment: pulumi.Bool(false),
Name: pulumi.String("string"),
Policies: aviatrix.AviatrixVpnProfilePolicyArray{
&aviatrix.AviatrixVpnProfilePolicyArgs{
Action: pulumi.String("string"),
Port: pulumi.String("string"),
Proto: pulumi.String("string"),
Target: pulumi.String("string"),
},
},
Users: pulumi.StringArray{
pulumi.String("string"),
},
})
var aviatrixVpnProfileResource = new AviatrixVpnProfile("aviatrixVpnProfileResource", AviatrixVpnProfileArgs.builder()
.baseRule("string")
.manageUserAttachment(false)
.name("string")
.policies(AviatrixVpnProfilePolicyArgs.builder()
.action("string")
.port("string")
.proto("string")
.target("string")
.build())
.users("string")
.build());
aviatrix_vpn_profile_resource = aviatrix.AviatrixVpnProfile("aviatrixVpnProfileResource",
base_rule="string",
manage_user_attachment=False,
name="string",
policies=[aviatrix.AviatrixVpnProfilePolicyArgs(
action="string",
port="string",
proto="string",
target="string",
)],
users=["string"])
const aviatrixVpnProfileResource = new aviatrix.AviatrixVpnProfile("aviatrixVpnProfileResource", {
baseRule: "string",
manageUserAttachment: false,
name: "string",
policies: [{
action: "string",
port: "string",
proto: "string",
target: "string",
}],
users: ["string"],
});
type: aviatrix:AviatrixVpnProfile
properties:
baseRule: string
manageUserAttachment: false
name: string
policies:
- action: string
port: string
proto: string
target: string
users:
- string
AviatrixVpnProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AviatrixVpnProfile resource accepts the following input properties:
- Base
Rule string - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- Manage
User boolAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- Name string
- Enter any name for the VPN profile.
- Policies
List<Aviatrix
Vpn Profile Policy> - New security policy for the profile. Each policy has the following attributes:
- Users List<string>
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- Base
Rule string - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- Manage
User boolAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- Name string
- Enter any name for the VPN profile.
- Policies
[]Aviatrix
Vpn Profile Policy Args - New security policy for the profile. Each policy has the following attributes:
- Users []string
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- base
Rule String - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User BooleanAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name String
- Enter any name for the VPN profile.
- policies
List<Aviatrix
Vpn Profile Policy> - New security policy for the profile. Each policy has the following attributes:
- users List<String>
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- base
Rule string - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User booleanAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name string
- Enter any name for the VPN profile.
- policies
Aviatrix
Vpn Profile Policy[] - New security policy for the profile. Each policy has the following attributes:
- users string[]
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- base_
rule str - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage_
user_ boolattachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name str
- Enter any name for the VPN profile.
- policies
Sequence[Aviatrix
Vpn Profile Policy Args] - New security policy for the profile. Each policy has the following attributes:
- users Sequence[str]
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- base
Rule String - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User BooleanAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name String
- Enter any name for the VPN profile.
- policies List<Property Map>
- New security policy for the profile. Each policy has the following attributes:
- users List<String>
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
Outputs
All input properties are implicitly available as output properties. Additionally, the AviatrixVpnProfile resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AviatrixVpnProfile Resource
Get an existing AviatrixVpnProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AviatrixVpnProfileState, opts?: CustomResourceOptions): AviatrixVpnProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
base_rule: Optional[str] = None,
manage_user_attachment: Optional[bool] = None,
name: Optional[str] = None,
policies: Optional[Sequence[AviatrixVpnProfilePolicyArgs]] = None,
users: Optional[Sequence[str]] = None) -> AviatrixVpnProfilefunc GetAviatrixVpnProfile(ctx *Context, name string, id IDInput, state *AviatrixVpnProfileState, opts ...ResourceOption) (*AviatrixVpnProfile, error)public static AviatrixVpnProfile Get(string name, Input<string> id, AviatrixVpnProfileState? state, CustomResourceOptions? opts = null)public static AviatrixVpnProfile get(String name, Output<String> id, AviatrixVpnProfileState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Base
Rule string - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- Manage
User boolAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- Name string
- Enter any name for the VPN profile.
- Policies
List<Aviatrix
Vpn Profile Policy> - New security policy for the profile. Each policy has the following attributes:
- Users List<string>
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- Base
Rule string - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- Manage
User boolAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- Name string
- Enter any name for the VPN profile.
- Policies
[]Aviatrix
Vpn Profile Policy Args - New security policy for the profile. Each policy has the following attributes:
- Users []string
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- base
Rule String - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User BooleanAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name String
- Enter any name for the VPN profile.
- policies
List<Aviatrix
Vpn Profile Policy> - New security policy for the profile. Each policy has the following attributes:
- users List<String>
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- base
Rule string - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User booleanAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name string
- Enter any name for the VPN profile.
- policies
Aviatrix
Vpn Profile Policy[] - New security policy for the profile. Each policy has the following attributes:
- users string[]
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- base_
rule str - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage_
user_ boolattachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name str
- Enter any name for the VPN profile.
- policies
Sequence[Aviatrix
Vpn Profile Policy Args] - New security policy for the profile. Each policy has the following attributes:
- users Sequence[str]
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
- base
Rule String - Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User BooleanAttachment - This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name String
- Enter any name for the VPN profile.
- policies List<Property Map>
- New security policy for the profile. Each policy has the following attributes:
- users List<String>
- List of VPN users to attach to this profile. This should be set to null if
manage_user_attachmentis set to false.
Supporting Types
AviatrixVpnProfilePolicy, AviatrixVpnProfilePolicyArgs
- Action string
- Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- Port string
- Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- Proto string
- Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- Target string
- CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- Action string
- Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- Port string
- Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- Proto string
- Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- Target string
- CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- action String
- Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- port String
- Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- proto String
- Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- target String
- CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- action string
- Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- port string
- Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- proto string
- Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- target string
- CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- action str
- Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- port str
- Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- proto str
- Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- target str
- CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- action String
- Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- port String
- Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- proto String
- Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- target String
- CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
Import
vpn_profile can be imported using the VPN profile’s name, e.g.
$ pulumi import aviatrix:index/aviatrixVpnProfile:AviatrixVpnProfile test name
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- aviatrix astipkovits/pulumi-aviatrix
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aviatrixTerraform Provider.