Aviatrix v0.0.10, Jan 21 23
Aviatrix v0.0.10, Jan 21 23
aviatrix.AviatrixVpnProfile
Explore with Pulumi AI
The aviatrix_vpn_profile resource allows the creation and management of Aviatrix VPN user profiles.
NOTE: As of R2.15, management of user/profile attachment can be set using
manage_user_attachment
. This argument must be set to true in either aviatrix_vpn_user or aviatrix_vpn_profile. If attachment is managed in the aviatrix_vpn_profile (set to true), it must be set to false in the aviatrix_vpn_user resource and vice versa.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Aviatrix = Pulumi.Aviatrix;
return await Deployment.RunAsync(() =>
{
// Create an Aviatrix AWS VPN User Profile
var testVpnProfile = new Aviatrix.AviatrixVpnProfile("testVpnProfile", new()
{
BaseRule = "allow_all",
Policies = new[]
{
new Aviatrix.Inputs.AviatrixVpnProfilePolicyArgs
{
Action = "deny",
Port = "443",
Proto = "tcp",
Target = "10.0.0.0/32",
},
new Aviatrix.Inputs.AviatrixVpnProfilePolicyArgs
{
Action = "deny",
Port = "443",
Proto = "tcp",
Target = "10.0.0.1/32",
},
},
Users = new[]
{
"user1",
"user2",
},
});
});
package main
import (
"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := aviatrix.NewAviatrixVpnProfile(ctx, "testVpnProfile", &aviatrix.AviatrixVpnProfileArgs{
BaseRule: pulumi.String("allow_all"),
Policies: AviatrixVpnProfilePolicyArray{
&AviatrixVpnProfilePolicyArgs{
Action: pulumi.String("deny"),
Port: pulumi.String("443"),
Proto: pulumi.String("tcp"),
Target: pulumi.String("10.0.0.0/32"),
},
&AviatrixVpnProfilePolicyArgs{
Action: pulumi.String("deny"),
Port: pulumi.String("443"),
Proto: pulumi.String("tcp"),
Target: pulumi.String("10.0.0.1/32"),
},
},
Users: pulumi.StringArray{
pulumi.String("user1"),
pulumi.String("user2"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aviatrix.AviatrixVpnProfile;
import com.pulumi.aviatrix.AviatrixVpnProfileArgs;
import com.pulumi.aviatrix.inputs.AviatrixVpnProfilePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testVpnProfile = new AviatrixVpnProfile("testVpnProfile", AviatrixVpnProfileArgs.builder()
.baseRule("allow_all")
.policies(
AviatrixVpnProfilePolicyArgs.builder()
.action("deny")
.port("443")
.proto("tcp")
.target("10.0.0.0/32")
.build(),
AviatrixVpnProfilePolicyArgs.builder()
.action("deny")
.port("443")
.proto("tcp")
.target("10.0.0.1/32")
.build())
.users(
"user1",
"user2")
.build());
}
}
import pulumi
import pulumi_aviatrix as aviatrix
# Create an Aviatrix AWS VPN User Profile
test_vpn_profile = aviatrix.AviatrixVpnProfile("testVpnProfile",
base_rule="allow_all",
policies=[
aviatrix.AviatrixVpnProfilePolicyArgs(
action="deny",
port="443",
proto="tcp",
target="10.0.0.0/32",
),
aviatrix.AviatrixVpnProfilePolicyArgs(
action="deny",
port="443",
proto="tcp",
target="10.0.0.1/32",
),
],
users=[
"user1",
"user2",
])
import * as pulumi from "@pulumi/pulumi";
import * as aviatrix from "@pulumi/aviatrix";
// Create an Aviatrix AWS VPN User Profile
const testVpnProfile = new aviatrix.AviatrixVpnProfile("test_vpn_profile", {
baseRule: "allow_all",
policies: [
{
action: "deny",
port: "443",
proto: "tcp",
target: "10.0.0.0/32",
},
{
action: "deny",
port: "443",
proto: "tcp",
target: "10.0.0.1/32",
},
],
users: [
"user1",
"user2",
],
});
resources:
# Create an Aviatrix AWS VPN User Profile
testVpnProfile:
type: aviatrix:AviatrixVpnProfile
properties:
baseRule: allow_all
policies:
- action: deny
port: '443'
proto: tcp
target: 10.0.0.0/32
- action: deny
port: '443'
proto: tcp
target: 10.0.0.1/32
users:
- user1
- user2
Create AviatrixVpnProfile Resource
new AviatrixVpnProfile(name: string, args?: AviatrixVpnProfileArgs, opts?: CustomResourceOptions);
@overload
def AviatrixVpnProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
base_rule: Optional[str] = None,
manage_user_attachment: Optional[bool] = None,
name: Optional[str] = None,
policies: Optional[Sequence[AviatrixVpnProfilePolicyArgs]] = None,
users: Optional[Sequence[str]] = None)
@overload
def AviatrixVpnProfile(resource_name: str,
args: Optional[AviatrixVpnProfileArgs] = None,
opts: Optional[ResourceOptions] = None)
func NewAviatrixVpnProfile(ctx *Context, name string, args *AviatrixVpnProfileArgs, opts ...ResourceOption) (*AviatrixVpnProfile, error)
public AviatrixVpnProfile(string name, AviatrixVpnProfileArgs? args = null, CustomResourceOptions? opts = null)
public AviatrixVpnProfile(String name, AviatrixVpnProfileArgs args)
public AviatrixVpnProfile(String name, AviatrixVpnProfileArgs args, CustomResourceOptions options)
type: aviatrix:AviatrixVpnProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AviatrixVpnProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AviatrixVpnProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AviatrixVpnProfile resource accepts the following input properties:
- Base
Rule string Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- Manage
User boolAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- Name string
Enter any name for the VPN profile.
- Policies
List<Aviatrix
Vpn Profile Policy Args> New security policy for the profile. Each policy has the following attributes:
- Users List<string>
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- Base
Rule string Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- Manage
User boolAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- Name string
Enter any name for the VPN profile.
- Policies
[]Aviatrix
Vpn Profile Policy Args New security policy for the profile. Each policy has the following attributes:
- Users []string
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- base
Rule String Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User BooleanAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name String
Enter any name for the VPN profile.
- policies
List<Aviatrix
Vpn Profile Policy Args> New security policy for the profile. Each policy has the following attributes:
- users List<String>
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- base
Rule string Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User booleanAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name string
Enter any name for the VPN profile.
- policies
Aviatrix
Vpn Profile Policy Args[] New security policy for the profile. Each policy has the following attributes:
- users string[]
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- base_
rule str Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage_
user_ boolattachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name str
Enter any name for the VPN profile.
- policies
Sequence[Aviatrix
Vpn Profile Policy Args] New security policy for the profile. Each policy has the following attributes:
- users Sequence[str]
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- base
Rule String Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User BooleanAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name String
Enter any name for the VPN profile.
- policies List<Property Map>
New security policy for the profile. Each policy has the following attributes:
- users List<String>
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
Outputs
All input properties are implicitly available as output properties. Additionally, the AviatrixVpnProfile resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing AviatrixVpnProfile Resource
Get an existing AviatrixVpnProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AviatrixVpnProfileState, opts?: CustomResourceOptions): AviatrixVpnProfile
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
base_rule: Optional[str] = None,
manage_user_attachment: Optional[bool] = None,
name: Optional[str] = None,
policies: Optional[Sequence[AviatrixVpnProfilePolicyArgs]] = None,
users: Optional[Sequence[str]] = None) -> AviatrixVpnProfile
func GetAviatrixVpnProfile(ctx *Context, name string, id IDInput, state *AviatrixVpnProfileState, opts ...ResourceOption) (*AviatrixVpnProfile, error)
public static AviatrixVpnProfile Get(string name, Input<string> id, AviatrixVpnProfileState? state, CustomResourceOptions? opts = null)
public static AviatrixVpnProfile get(String name, Output<String> id, AviatrixVpnProfileState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Base
Rule string Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- Manage
User boolAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- Name string
Enter any name for the VPN profile.
- Policies
List<Aviatrix
Vpn Profile Policy Args> New security policy for the profile. Each policy has the following attributes:
- Users List<string>
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- Base
Rule string Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- Manage
User boolAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- Name string
Enter any name for the VPN profile.
- Policies
[]Aviatrix
Vpn Profile Policy Args New security policy for the profile. Each policy has the following attributes:
- Users []string
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- base
Rule String Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User BooleanAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name String
Enter any name for the VPN profile.
- policies
List<Aviatrix
Vpn Profile Policy Args> New security policy for the profile. Each policy has the following attributes:
- users List<String>
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- base
Rule string Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User booleanAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name string
Enter any name for the VPN profile.
- policies
Aviatrix
Vpn Profile Policy Args[] New security policy for the profile. Each policy has the following attributes:
- users string[]
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- base_
rule str Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage_
user_ boolattachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name str
Enter any name for the VPN profile.
- policies
Sequence[Aviatrix
Vpn Profile Policy Args] New security policy for the profile. Each policy has the following attributes:
- users Sequence[str]
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
- base
Rule String Base policy rule of the profile to be added. Enter "allow_all" or "deny_all", based on whether you want a whitelist or blacklist.
- manage
User BooleanAttachment This parameter is a switch used to determine whether or not to manage VPN user attachments to the VPN profile using this resource. If this is set to false, attachment must be managed using the aviatrix_vpn_user resource. Valid values: true, false. Default value: true.
- name String
Enter any name for the VPN profile.
- policies List<Property Map>
New security policy for the profile. Each policy has the following attributes:
- users List<String>
List of VPN users to attach to this profile. This should be set to null if
manage_user_attachment
is set to false.
Supporting Types
AviatrixVpnProfilePolicy
- Action string
Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- Port string
Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- Proto string
Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- Target string
CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- Action string
Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- Port string
Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- Proto string
Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- Target string
CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- action String
Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- port String
Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- proto String
Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- target String
CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- action string
Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- port string
Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- proto string
Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- target string
CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- action str
Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- port str
Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- proto str
Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- target str
CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
- action String
Should be the opposite of the base rule for correct behavior. Valid values for action: "allow", "deny".
- port String
Port to be allowed or denied. Valid values for port: a single port or a range of port numbers e.g.: "25", "25:1024". For "all" and "icmp", port should only be "0:65535".
- proto String
Protocol to allow or deny. Valid values for protocol: "all", "tcp", "udp", "icmp", "sctp", "rdp", "dccp".
- target String
CIDR to be allowed or denied. Valid values for target: IPv4 CIDRs. Example: "10.30.0.0/16".
Import
vpn_profile can be imported using the VPN profile’s name
, e.g.
$ pulumi import aviatrix:index/aviatrixVpnProfile:AviatrixVpnProfile test name
Package Details
- Repository
- aviatrix astipkovits/pulumi-aviatrix
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
aviatrix
Terraform Provider.