ibm 1.78.0, Apr 30 25

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm.IsIpsecPolicy

Explore with Pulumi AI

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
    }
}

{}

Example Usage

In the following example, you can create a IPsec policy:

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const example = new ibm.IsIpsecPolicy("example", {
    authenticationAlgorithm: "sha256",
    encryptionAlgorithm: "aes128",
    pfs: "disabled",
});

import pulumi
import pulumi_ibm as ibm

example = ibm.IsIpsecPolicy("example",
    authentication_algorithm="sha256",
    encryption_algorithm="aes128",
    pfs="disabled")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewIsIpsecPolicy(ctx, "example", &ibm.IsIpsecPolicyArgs{
			AuthenticationAlgorithm: pulumi.String("sha256"),
			EncryptionAlgorithm:     pulumi.String("aes128"),
			Pfs:                     pulumi.String("disabled"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var example = new Ibm.IsIpsecPolicy("example", new()
    {
        AuthenticationAlgorithm = "sha256",
        EncryptionAlgorithm = "aes128",
        Pfs = "disabled",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IsIpsecPolicy;
import com.pulumi.ibm.IsIpsecPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new IsIpsecPolicy("example", IsIpsecPolicyArgs.builder()
            .authenticationAlgorithm("sha256")
            .encryptionAlgorithm("aes128")
            .pfs("disabled")
            .build());

    }
}

resources:
  example:
    type: ibm:IsIpsecPolicy
    properties:
      authenticationAlgorithm: sha256
      encryptionAlgorithm: aes128
      pfs: disabled

Create IsIpsecPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new IsIpsecPolicy(name: string, args: IsIpsecPolicyArgs, opts?: CustomResourceOptions);

@overload
def IsIpsecPolicy(resource_name: str,
                  args: IsIpsecPolicyArgs,
                  opts: Optional[ResourceOptions] = None)

@overload
def IsIpsecPolicy(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  authentication_algorithm: Optional[str] = None,
                  encryption_algorithm: Optional[str] = None,
                  pfs: Optional[str] = None,
                  is_ipsec_policy_id: Optional[str] = None,
                  key_lifetime: Optional[float] = None,
                  name: Optional[str] = None,
                  resource_group: Optional[str] = None)

func NewIsIpsecPolicy(ctx *Context, name string, args IsIpsecPolicyArgs, opts ...ResourceOption) (*IsIpsecPolicy, error)

public IsIpsecPolicy(string name, IsIpsecPolicyArgs args, CustomResourceOptions? opts = null)

public IsIpsecPolicy(String name, IsIpsecPolicyArgs args)
public IsIpsecPolicy(String name, IsIpsecPolicyArgs args, CustomResourceOptions options)

type: ibm:IsIpsecPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var isIpsecPolicyResource = new Ibm.IsIpsecPolicy("isIpsecPolicyResource", new()
{
    AuthenticationAlgorithm = "string",
    EncryptionAlgorithm = "string",
    Pfs = "string",
    IsIpsecPolicyId = "string",
    KeyLifetime = 0,
    Name = "string",
    ResourceGroup = "string",
});

example, err := ibm.NewIsIpsecPolicy(ctx, "isIpsecPolicyResource", &ibm.IsIpsecPolicyArgs{
	AuthenticationAlgorithm: pulumi.String("string"),
	EncryptionAlgorithm:     pulumi.String("string"),
	Pfs:                     pulumi.String("string"),
	IsIpsecPolicyId:         pulumi.String("string"),
	KeyLifetime:             pulumi.Float64(0),
	Name:                    pulumi.String("string"),
	ResourceGroup:           pulumi.String("string"),
})

var isIpsecPolicyResource = new IsIpsecPolicy("isIpsecPolicyResource", IsIpsecPolicyArgs.builder()
    .authenticationAlgorithm("string")
    .encryptionAlgorithm("string")
    .pfs("string")
    .isIpsecPolicyId("string")
    .keyLifetime(0)
    .name("string")
    .resourceGroup("string")
    .build());

is_ipsec_policy_resource = ibm.IsIpsecPolicy("isIpsecPolicyResource",
    authentication_algorithm="string",
    encryption_algorithm="string",
    pfs="string",
    is_ipsec_policy_id="string",
    key_lifetime=0,
    name="string",
    resource_group="string")

const isIpsecPolicyResource = new ibm.IsIpsecPolicy("isIpsecPolicyResource", {
    authenticationAlgorithm: "string",
    encryptionAlgorithm: "string",
    pfs: "string",
    isIpsecPolicyId: "string",
    keyLifetime: 0,
    name: "string",
    resourceGroup: "string",
});

type: ibm:IsIpsecPolicy
properties:
    authenticationAlgorithm: string
    encryptionAlgorithm: string
    isIpsecPolicyId: string
    keyLifetime: 0
    name: string
    pfs: string
    resourceGroup: string

IsIpsecPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The IsIpsecPolicy resource accepts the following input properties:

AuthenticationAlgorithm string: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
EncryptionAlgorithm string: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
Pfs string: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
IsIpsecPolicyId string: (String) The unique identifier of a VPN connection.
KeyLifetime double: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
Name string: Enter the name for your IPSec policy.
ResourceGroup string: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.

AuthenticationAlgorithm string: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
EncryptionAlgorithm string: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
Pfs string: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
IsIpsecPolicyId string: (String) The unique identifier of a VPN connection.
KeyLifetime float64: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
Name string: Enter the name for your IPSec policy.
ResourceGroup string: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.

authenticationAlgorithm String: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
encryptionAlgorithm String: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
pfs String: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
isIpsecPolicyId String: (String) The unique identifier of a VPN connection.
keyLifetime Double: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
name String: Enter the name for your IPSec policy.
resourceGroup String: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.

authenticationAlgorithm string: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
encryptionAlgorithm string: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
pfs string: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
isIpsecPolicyId string: (String) The unique identifier of a VPN connection.
keyLifetime number: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
name string: Enter the name for your IPSec policy.
resourceGroup string: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.

authentication_algorithm str: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
encryption_algorithm str: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
pfs str: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
is_ipsec_policy_id str: (String) The unique identifier of a VPN connection.
key_lifetime float: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
name str: Enter the name for your IPSec policy.
resource_group str: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.

authenticationAlgorithm String: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
encryptionAlgorithm String: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
pfs String: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
isIpsecPolicyId String: (String) The unique identifier of a VPN connection.
keyLifetime Number: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
name String: Enter the name for your IPSec policy.
resourceGroup String: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.

Outputs

All input properties are implicitly available as output properties. Additionally, the IsIpsecPolicy resource produces the following output properties:

EncapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
Id string: The provider-assigned unique ID for this managed resource.
ResourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
ResourceCrn string: The crn of the resource
ResourceGroupName string: The resource group name in which resource is provisioned
ResourceName string: The name of the resource
TransformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
VpnConnections List<IsIpsecPolicyVpnConnection>: (List) A collection of VPN connections that use the IPSec policy.

EncapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
Id string: The provider-assigned unique ID for this managed resource.
ResourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
ResourceCrn string: The crn of the resource
ResourceGroupName string: The resource group name in which resource is provisioned
ResourceName string: The name of the resource
TransformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
VpnConnections []IsIpsecPolicyVpnConnection: (List) A collection of VPN connections that use the IPSec policy.

encapsulationMode String: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id String: The provider-assigned unique ID for this managed resource.
resourceControllerUrl String: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn String: The crn of the resource
resourceGroupName String: The resource group name in which resource is provisioned
resourceName String: The name of the resource
transformProtocol String: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections List<IsIpsecPolicyVpnConnection>: (List) A collection of VPN connections that use the IPSec policy.

encapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id string: The provider-assigned unique ID for this managed resource.
resourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn string: The crn of the resource
resourceGroupName string: The resource group name in which resource is provisioned
resourceName string: The name of the resource
transformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections IsIpsecPolicyVpnConnection[]: (List) A collection of VPN connections that use the IPSec policy.

encapsulation_mode str: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id str: The provider-assigned unique ID for this managed resource.
resource_controller_url str: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resource_crn str: The crn of the resource
resource_group_name str: The resource group name in which resource is provisioned
resource_name str: The name of the resource
transform_protocol str: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpn_connections Sequence[IsIpsecPolicyVpnConnection]: (List) A collection of VPN connections that use the IPSec policy.

encapsulationMode String: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id String: The provider-assigned unique ID for this managed resource.
resourceControllerUrl String: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn String: The crn of the resource
resourceGroupName String: The resource group name in which resource is provisioned
resourceName String: The name of the resource
transformProtocol String: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections List<Property Map>: (List) A collection of VPN connections that use the IPSec policy.

Look up Existing IsIpsecPolicy Resource

Get an existing IsIpsecPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IsIpsecPolicyState, opts?: CustomResourceOptions): IsIpsecPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        authentication_algorithm: Optional[str] = None,
        encapsulation_mode: Optional[str] = None,
        encryption_algorithm: Optional[str] = None,
        is_ipsec_policy_id: Optional[str] = None,
        key_lifetime: Optional[float] = None,
        name: Optional[str] = None,
        pfs: Optional[str] = None,
        resource_controller_url: Optional[str] = None,
        resource_crn: Optional[str] = None,
        resource_group: Optional[str] = None,
        resource_group_name: Optional[str] = None,
        resource_name: Optional[str] = None,
        transform_protocol: Optional[str] = None,
        vpn_connections: Optional[Sequence[IsIpsecPolicyVpnConnectionArgs]] = None) -> IsIpsecPolicy

func GetIsIpsecPolicy(ctx *Context, name string, id IDInput, state *IsIpsecPolicyState, opts ...ResourceOption) (*IsIpsecPolicy, error)

public static IsIpsecPolicy Get(string name, Input<string> id, IsIpsecPolicyState? state, CustomResourceOptions? opts = null)

public static IsIpsecPolicy get(String name, Output<String> id, IsIpsecPolicyState state, CustomResourceOptions options)

resources:  _:    type: ibm:IsIpsecPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AuthenticationAlgorithm string: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
EncapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
EncryptionAlgorithm string: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
IsIpsecPolicyId string: (String) The unique identifier of a VPN connection.
KeyLifetime double: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
Name string: Enter the name for your IPSec policy.
Pfs string: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
ResourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
ResourceCrn string: The crn of the resource
ResourceGroup string: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.
ResourceGroupName string: The resource group name in which resource is provisioned
ResourceName string: The name of the resource
TransformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
VpnConnections List<IsIpsecPolicyVpnConnection>: (List) A collection of VPN connections that use the IPSec policy.

AuthenticationAlgorithm string: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
EncapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
EncryptionAlgorithm string: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
IsIpsecPolicyId string: (String) The unique identifier of a VPN connection.
KeyLifetime float64: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
Name string: Enter the name for your IPSec policy.
Pfs string: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
ResourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
ResourceCrn string: The crn of the resource
ResourceGroup string: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.
ResourceGroupName string: The resource group name in which resource is provisioned
ResourceName string: The name of the resource
TransformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
VpnConnections []IsIpsecPolicyVpnConnectionArgs: (List) A collection of VPN connections that use the IPSec policy.

authenticationAlgorithm String: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
encapsulationMode String: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
encryptionAlgorithm String: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
isIpsecPolicyId String: (String) The unique identifier of a VPN connection.
keyLifetime Double: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
name String: Enter the name for your IPSec policy.
pfs String: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
resourceControllerUrl String: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn String: The crn of the resource
resourceGroup String: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.
resourceGroupName String: The resource group name in which resource is provisioned
resourceName String: The name of the resource
transformProtocol String: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections List<IsIpsecPolicyVpnConnection>: (List) A collection of VPN connections that use the IPSec policy.

authenticationAlgorithm string: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
encapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
encryptionAlgorithm string: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
isIpsecPolicyId string: (String) The unique identifier of a VPN connection.
keyLifetime number: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
name string: Enter the name for your IPSec policy.
pfs string: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
resourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn string: The crn of the resource
resourceGroup string: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.
resourceGroupName string: The resource group name in which resource is provisioned
resourceName string: The name of the resource
transformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections IsIpsecPolicyVpnConnection[]: (List) A collection of VPN connections that use the IPSec policy.

authentication_algorithm str: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
encapsulation_mode str: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
encryption_algorithm str: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
is_ipsec_policy_id str: (String) The unique identifier of a VPN connection.
key_lifetime float: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
name str: Enter the name for your IPSec policy.
pfs str: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
resource_controller_url str: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resource_crn str: The crn of the resource
resource_group str: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.
resource_group_name str: The resource group name in which resource is provisioned
resource_name str: The name of the resource
transform_protocol str: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpn_connections Sequence[IsIpsecPolicyVpnConnectionArgs]: (List) A collection of VPN connections that use the IPSec policy.

authenticationAlgorithm String: Enter the algorithm that you want to use to authenticate IPSec peers. Available options are sha256, sha512, sha384, disabled.
Note authentication_algorithm must be set to disabled if and only if the encryption_algorithm is aes128gcm16, aes192gcm16, or aes256gcm16
encapsulationMode String: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
encryptionAlgorithm String: Enter the algorithm that you want to use to encrypt data. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16
isIpsecPolicyId String: (String) The unique identifier of a VPN connection.
keyLifetime Number: Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.
name String: Enter the name for your IPSec policy.
pfs String: Enter the Perfect Forward Secrecy protocol that you want to use during a session. Available options are disabled, group_2, group_5, and group_14.
resourceControllerUrl String: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn String: The crn of the resource
resourceGroup String: Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.
resourceGroupName String: The resource group name in which resource is provisioned
resourceName String: The name of the resource
transformProtocol String: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections List<Property Map>: (List) A collection of VPN connections that use the IPSec policy.

Supporting Types

IsIpsecPolicyVpnConnection, IsIpsecPolicyVpnConnectionArgs

Href string: (String) The VPN connection's canonical URL.
Id string: (String) The unique identifier of a VPN connection.
Name string: Enter the name for your IPSec policy.

Href string: (String) The VPN connection's canonical URL.
Id string: (String) The unique identifier of a VPN connection.
Name string: Enter the name for your IPSec policy.

href String: (String) The VPN connection's canonical URL.
id String: (String) The unique identifier of a VPN connection.
name String: Enter the name for your IPSec policy.

href string: (String) The VPN connection's canonical URL.
id string: (String) The unique identifier of a VPN connection.
name string: Enter the name for your IPSec policy.

href str: (String) The VPN connection's canonical URL.
id str: (String) The unique identifier of a VPN connection.
name str: Enter the name for your IPSec policy.

href String: (String) The VPN connection's canonical URL.
id String: (String) The unique identifier of a VPN connection.
name String: Enter the name for your IPSec policy.

Import

The ibm_is_ipsec_policy resource can be imported by using ID.

Example

$ pulumi import ibm:index/isIpsecPolicy:IsIpsecPolicy example d7bec597-4726-451f-8a63-e62e6f19c32c

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

ibm.IsIpsecPolicy

On this page

On this page

Example Usage

Create IsIpsecPolicy Resource

Constructor syntax

Parameters

Constructor example

IsIpsecPolicy Resource Properties

Inputs

Outputs

Look up Existing IsIpsecPolicy Resource

Supporting Types

IsIpsecPolicyVpnConnection, IsIpsecPolicyVpnConnectionArgs

Import

Package Details

On this page

On this page