Docs Home
ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
ibm.IsNetworkAclRule
Explore with Pulumi AI
Provides a network ACL rule resource with icmp, tcp, udp or all protocol. This allows Network ACL rule to create, update, and delete an existing network ACL. For more information, about managing IBM Cloud Network ACL , see about network acl.
Note:
VPC infrastructure services are a regional specific based endpoint, by default targets to us-south. Please make sure to target right region in the provider block as shown in the provider.tf file, if VPC service is created in region other than us-south.
provider.tf
import * as pulumi from "@pulumi/pulumi";
import pulumi
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
return await Deployment.RunAsync(() =>
{
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
}
}
{}
Example Usage
All)
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const exampleIsVpc = new ibm.IsVpc("exampleIsVpc", {});
const exampleIsNetworkAcl = new ibm.IsNetworkAcl("exampleIsNetworkAcl", {vpc: exampleIsVpc.isVpcId});
const exampleIsNetworkAclRule = new ibm.IsNetworkAclRule("exampleIsNetworkAclRule", {
networkAcl: exampleIsNetworkAcl.isNetworkAclId,
action: "allow",
source: "0.0.0.0/0",
destination: "0.0.0.0/0",
direction: "outbound",
});
const example1 = new ibm.IsNetworkAclRule("example1", {
networkAcl: exampleIsNetworkAcl.isNetworkAclId,
action: "allow",
source: "0.0.0.0/0",
destination: "0.0.0.0/0",
direction: "inbound",
});
import pulumi
import pulumi_ibm as ibm
example_is_vpc = ibm.IsVpc("exampleIsVpc")
example_is_network_acl = ibm.IsNetworkAcl("exampleIsNetworkAcl", vpc=example_is_vpc.is_vpc_id)
example_is_network_acl_rule = ibm.IsNetworkAclRule("exampleIsNetworkAclRule",
network_acl=example_is_network_acl.is_network_acl_id,
action="allow",
source="0.0.0.0/0",
destination="0.0.0.0/0",
direction="outbound")
example1 = ibm.IsNetworkAclRule("example1",
network_acl=example_is_network_acl.is_network_acl_id,
action="allow",
source="0.0.0.0/0",
destination="0.0.0.0/0",
direction="inbound")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleIsVpc, err := ibm.NewIsVpc(ctx, "exampleIsVpc", nil)
if err != nil {
return err
}
exampleIsNetworkAcl, err := ibm.NewIsNetworkAcl(ctx, "exampleIsNetworkAcl", &ibm.IsNetworkAclArgs{
Vpc: exampleIsVpc.IsVpcId,
})
if err != nil {
return err
}
_, err = ibm.NewIsNetworkAclRule(ctx, "exampleIsNetworkAclRule", &ibm.IsNetworkAclRuleArgs{
NetworkAcl: exampleIsNetworkAcl.IsNetworkAclId,
Action: pulumi.String("allow"),
Source: pulumi.String("0.0.0.0/0"),
Destination: pulumi.String("0.0.0.0/0"),
Direction: pulumi.String("outbound"),
})
if err != nil {
return err
}
_, err = ibm.NewIsNetworkAclRule(ctx, "example1", &ibm.IsNetworkAclRuleArgs{
NetworkAcl: exampleIsNetworkAcl.IsNetworkAclId,
Action: pulumi.String("allow"),
Source: pulumi.String("0.0.0.0/0"),
Destination: pulumi.String("0.0.0.0/0"),
Direction: pulumi.String("inbound"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var exampleIsVpc = new Ibm.IsVpc("exampleIsVpc");
var exampleIsNetworkAcl = new Ibm.IsNetworkAcl("exampleIsNetworkAcl", new()
{
Vpc = exampleIsVpc.IsVpcId,
});
var exampleIsNetworkAclRule = new Ibm.IsNetworkAclRule("exampleIsNetworkAclRule", new()
{
NetworkAcl = exampleIsNetworkAcl.IsNetworkAclId,
Action = "allow",
Source = "0.0.0.0/0",
Destination = "0.0.0.0/0",
Direction = "outbound",
});
var example1 = new Ibm.IsNetworkAclRule("example1", new()
{
NetworkAcl = exampleIsNetworkAcl.IsNetworkAclId,
Action = "allow",
Source = "0.0.0.0/0",
Destination = "0.0.0.0/0",
Direction = "inbound",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IsVpc;
import com.pulumi.ibm.IsNetworkAcl;
import com.pulumi.ibm.IsNetworkAclArgs;
import com.pulumi.ibm.IsNetworkAclRule;
import com.pulumi.ibm.IsNetworkAclRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleIsVpc = new IsVpc("exampleIsVpc");
var exampleIsNetworkAcl = new IsNetworkAcl("exampleIsNetworkAcl", IsNetworkAclArgs.builder()
.vpc(exampleIsVpc.isVpcId())
.build());
var exampleIsNetworkAclRule = new IsNetworkAclRule("exampleIsNetworkAclRule", IsNetworkAclRuleArgs.builder()
.networkAcl(exampleIsNetworkAcl.isNetworkAclId())
.action("allow")
.source("0.0.0.0/0")
.destination("0.0.0.0/0")
.direction("outbound")
.build());
var example1 = new IsNetworkAclRule("example1", IsNetworkAclRuleArgs.builder()
.networkAcl(exampleIsNetworkAcl.isNetworkAclId())
.action("allow")
.source("0.0.0.0/0")
.destination("0.0.0.0/0")
.direction("inbound")
.build());
}
}
resources:
exampleIsVpc:
type: ibm:IsVpc
exampleIsNetworkAcl:
type: ibm:IsNetworkAcl
properties:
vpc: ${exampleIsVpc.isVpcId}
exampleIsNetworkAclRule:
type: ibm:IsNetworkAclRule
properties:
networkAcl: ${exampleIsNetworkAcl.isNetworkAclId}
action: allow
source: 0.0.0.0/0
destination: 0.0.0.0/0
direction: outbound
example1:
type: ibm:IsNetworkAclRule
properties:
networkAcl: ${exampleIsNetworkAcl.isNetworkAclId}
action: allow
source: 0.0.0.0/0
destination: 0.0.0.0/0
direction: inbound
Icmp)
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const example = new ibm.IsNetworkAclRule("example", {
networkAcl: ibm_is_network_acl.example.id,
action: "allow",
source: "0.0.0.0/0",
destination: "0.0.0.0/0",
direction: "outbound",
icmp: {
code: 1,
type: 1,
},
});
const example1 = new ibm.IsNetworkAclRule("example1", {
networkAcl: ibm_is_network_acl.example.id,
action: "allow",
source: "0.0.0.0/0",
destination: "0.0.0.0/0",
direction: "inbound",
icmp: {
code: 1,
type: 1,
},
});
import pulumi
import pulumi_ibm as ibm
example = ibm.IsNetworkAclRule("example",
network_acl=ibm_is_network_acl["example"]["id"],
action="allow",
source="0.0.0.0/0",
destination="0.0.0.0/0",
direction="outbound",
icmp={
"code": 1,
"type": 1,
})
example1 = ibm.IsNetworkAclRule("example1",
network_acl=ibm_is_network_acl["example"]["id"],
action="allow",
source="0.0.0.0/0",
destination="0.0.0.0/0",
direction="inbound",
icmp={
"code": 1,
"type": 1,
})
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ibm.NewIsNetworkAclRule(ctx, "example", &ibm.IsNetworkAclRuleArgs{
NetworkAcl: pulumi.Any(ibm_is_network_acl.Example.Id),
Action: pulumi.String("allow"),
Source: pulumi.String("0.0.0.0/0"),
Destination: pulumi.String("0.0.0.0/0"),
Direction: pulumi.String("outbound"),
Icmp: &ibm.IsNetworkAclRuleIcmpArgs{
Code: pulumi.Float64(1),
Type: pulumi.Float64(1),
},
})
if err != nil {
return err
}
_, err = ibm.NewIsNetworkAclRule(ctx, "example1", &ibm.IsNetworkAclRuleArgs{
NetworkAcl: pulumi.Any(ibm_is_network_acl.Example.Id),
Action: pulumi.String("allow"),
Source: pulumi.String("0.0.0.0/0"),
Destination: pulumi.String("0.0.0.0/0"),
Direction: pulumi.String("inbound"),
Icmp: &ibm.IsNetworkAclRuleIcmpArgs{
Code: pulumi.Float64(1),
Type: pulumi.Float64(1),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var example = new Ibm.IsNetworkAclRule("example", new()
{
NetworkAcl = ibm_is_network_acl.Example.Id,
Action = "allow",
Source = "0.0.0.0/0",
Destination = "0.0.0.0/0",
Direction = "outbound",
Icmp = new Ibm.Inputs.IsNetworkAclRuleIcmpArgs
{
Code = 1,
Type = 1,
},
});
var example1 = new Ibm.IsNetworkAclRule("example1", new()
{
NetworkAcl = ibm_is_network_acl.Example.Id,
Action = "allow",
Source = "0.0.0.0/0",
Destination = "0.0.0.0/0",
Direction = "inbound",
Icmp = new Ibm.Inputs.IsNetworkAclRuleIcmpArgs
{
Code = 1,
Type = 1,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IsNetworkAclRule;
import com.pulumi.ibm.IsNetworkAclRuleArgs;
import com.pulumi.ibm.inputs.IsNetworkAclRuleIcmpArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new IsNetworkAclRule("example", IsNetworkAclRuleArgs.builder()
.networkAcl(ibm_is_network_acl.example().id())
.action("allow")
.source("0.0.0.0/0")
.destination("0.0.0.0/0")
.direction("outbound")
.icmp(IsNetworkAclRuleIcmpArgs.builder()
.code(1)
.type(1)
.build())
.build());
var example1 = new IsNetworkAclRule("example1", IsNetworkAclRuleArgs.builder()
.networkAcl(ibm_is_network_acl.example().id())
.action("allow")
.source("0.0.0.0/0")
.destination("0.0.0.0/0")
.direction("inbound")
.icmp(IsNetworkAclRuleIcmpArgs.builder()
.code(1)
.type(1)
.build())
.build());
}
}
resources:
example:
type: ibm:IsNetworkAclRule
properties:
networkAcl: ${ibm_is_network_acl.example.id}
action: allow
source: 0.0.0.0/0
destination: 0.0.0.0/0
direction: outbound
icmp:
code: 1
type: 1
example1:
type: ibm:IsNetworkAclRule
properties:
networkAcl: ${ibm_is_network_acl.example.id}
action: allow
source: 0.0.0.0/0
destination: 0.0.0.0/0
direction: inbound
icmp:
code: 1
type: 1
Tcp/Udp)
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const example = new ibm.IsNetworkAclRule("example", {
networkAcl: ibm_is_network_acl.example.id,
action: "allow",
source: "0.0.0.0/0",
destination: "0.0.0.0/0",
direction: "outbound",
tcp: {
portMax: 65535,
portMin: 1,
sourcePortMax: 60000,
sourcePortMin: 22,
},
});
const example1 = new ibm.IsNetworkAclRule("example1", {
networkAcl: ibm_is_network_acl.example.id,
action: "allow",
source: "0.0.0.0/0",
destination: "0.0.0.0/0",
direction: "inbound",
tcp: {
portMax: 65535,
portMin: 1,
sourcePortMax: 60000,
sourcePortMin: 22,
},
});
import pulumi
import pulumi_ibm as ibm
example = ibm.IsNetworkAclRule("example",
network_acl=ibm_is_network_acl["example"]["id"],
action="allow",
source="0.0.0.0/0",
destination="0.0.0.0/0",
direction="outbound",
tcp={
"port_max": 65535,
"port_min": 1,
"source_port_max": 60000,
"source_port_min": 22,
})
example1 = ibm.IsNetworkAclRule("example1",
network_acl=ibm_is_network_acl["example"]["id"],
action="allow",
source="0.0.0.0/0",
destination="0.0.0.0/0",
direction="inbound",
tcp={
"port_max": 65535,
"port_min": 1,
"source_port_max": 60000,
"source_port_min": 22,
})
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ibm.NewIsNetworkAclRule(ctx, "example", &ibm.IsNetworkAclRuleArgs{
NetworkAcl: pulumi.Any(ibm_is_network_acl.Example.Id),
Action: pulumi.String("allow"),
Source: pulumi.String("0.0.0.0/0"),
Destination: pulumi.String("0.0.0.0/0"),
Direction: pulumi.String("outbound"),
Tcp: &ibm.IsNetworkAclRuleTcpArgs{
PortMax: pulumi.Float64(65535),
PortMin: pulumi.Float64(1),
SourcePortMax: pulumi.Float64(60000),
SourcePortMin: pulumi.Float64(22),
},
})
if err != nil {
return err
}
_, err = ibm.NewIsNetworkAclRule(ctx, "example1", &ibm.IsNetworkAclRuleArgs{
NetworkAcl: pulumi.Any(ibm_is_network_acl.Example.Id),
Action: pulumi.String("allow"),
Source: pulumi.String("0.0.0.0/0"),
Destination: pulumi.String("0.0.0.0/0"),
Direction: pulumi.String("inbound"),
Tcp: &ibm.IsNetworkAclRuleTcpArgs{
PortMax: pulumi.Float64(65535),
PortMin: pulumi.Float64(1),
SourcePortMax: pulumi.Float64(60000),
SourcePortMin: pulumi.Float64(22),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var example = new Ibm.IsNetworkAclRule("example", new()
{
NetworkAcl = ibm_is_network_acl.Example.Id,
Action = "allow",
Source = "0.0.0.0/0",
Destination = "0.0.0.0/0",
Direction = "outbound",
Tcp = new Ibm.Inputs.IsNetworkAclRuleTcpArgs
{
PortMax = 65535,
PortMin = 1,
SourcePortMax = 60000,
SourcePortMin = 22,
},
});
var example1 = new Ibm.IsNetworkAclRule("example1", new()
{
NetworkAcl = ibm_is_network_acl.Example.Id,
Action = "allow",
Source = "0.0.0.0/0",
Destination = "0.0.0.0/0",
Direction = "inbound",
Tcp = new Ibm.Inputs.IsNetworkAclRuleTcpArgs
{
PortMax = 65535,
PortMin = 1,
SourcePortMax = 60000,
SourcePortMin = 22,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IsNetworkAclRule;
import com.pulumi.ibm.IsNetworkAclRuleArgs;
import com.pulumi.ibm.inputs.IsNetworkAclRuleTcpArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new IsNetworkAclRule("example", IsNetworkAclRuleArgs.builder()
.networkAcl(ibm_is_network_acl.example().id())
.action("allow")
.source("0.0.0.0/0")
.destination("0.0.0.0/0")
.direction("outbound")
.tcp(IsNetworkAclRuleTcpArgs.builder()
.portMax(65535)
.portMin(1)
.sourcePortMax(60000)
.sourcePortMin(22)
.build())
.build());
var example1 = new IsNetworkAclRule("example1", IsNetworkAclRuleArgs.builder()
.networkAcl(ibm_is_network_acl.example().id())
.action("allow")
.source("0.0.0.0/0")
.destination("0.0.0.0/0")
.direction("inbound")
.tcp(IsNetworkAclRuleTcpArgs.builder()
.portMax(65535)
.portMin(1)
.sourcePortMax(60000)
.sourcePortMin(22)
.build())
.build());
}
}
resources:
example:
type: ibm:IsNetworkAclRule
properties:
networkAcl: ${ibm_is_network_acl.example.id}
action: allow
source: 0.0.0.0/0
destination: 0.0.0.0/0
direction: outbound
tcp:
portMax: 65535
portMin: 1
sourcePortMax: 60000
sourcePortMin: 22
example1:
type: ibm:IsNetworkAclRule
properties:
networkAcl: ${ibm_is_network_acl.example.id}
action: allow
source: 0.0.0.0/0
destination: 0.0.0.0/0
direction: inbound
tcp:
portMax: 65535
portMin: 1
sourcePortMax: 60000
sourcePortMin: 22
Create IsNetworkAclRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IsNetworkAclRule(name: string, args: IsNetworkAclRuleArgs, opts?: CustomResourceOptions);@overload
def IsNetworkAclRule(resource_name: str,
args: IsNetworkAclRuleInitArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IsNetworkAclRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
destination: Optional[str] = None,
direction: Optional[str] = None,
network_acl: Optional[str] = None,
source: Optional[str] = None,
before: Optional[str] = None,
icmp: Optional[IsNetworkAclRuleIcmpArgs] = None,
is_network_acl_rule_id: Optional[str] = None,
name: Optional[str] = None,
tcp: Optional[IsNetworkAclRuleTcpArgs] = None,
timeouts: Optional[IsNetworkAclRuleTimeoutsArgs] = None,
udp: Optional[IsNetworkAclRuleUdpArgs] = None)func NewIsNetworkAclRule(ctx *Context, name string, args IsNetworkAclRuleArgs, opts ...ResourceOption) (*IsNetworkAclRule, error)public IsNetworkAclRule(string name, IsNetworkAclRuleArgs args, CustomResourceOptions? opts = null)
public IsNetworkAclRule(String name, IsNetworkAclRuleArgs args)
public IsNetworkAclRule(String name, IsNetworkAclRuleArgs args, CustomResourceOptions options)
type: ibm:IsNetworkAclRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IsNetworkAclRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IsNetworkAclRuleInitArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IsNetworkAclRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IsNetworkAclRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IsNetworkAclRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var isNetworkAclRuleResource = new Ibm.IsNetworkAclRule("isNetworkAclRuleResource", new()
{
Action = "string",
Destination = "string",
Direction = "string",
NetworkAcl = "string",
Source = "string",
Before = "string",
Icmp = new Ibm.Inputs.IsNetworkAclRuleIcmpArgs
{
Code = 0,
Type = 0,
},
IsNetworkAclRuleId = "string",
Name = "string",
Tcp = new Ibm.Inputs.IsNetworkAclRuleTcpArgs
{
PortMax = 0,
PortMin = 0,
SourcePortMax = 0,
SourcePortMin = 0,
},
Timeouts = new Ibm.Inputs.IsNetworkAclRuleTimeoutsArgs
{
Create = "string",
Delete = "string",
},
Udp = new Ibm.Inputs.IsNetworkAclRuleUdpArgs
{
PortMax = 0,
PortMin = 0,
SourcePortMax = 0,
SourcePortMin = 0,
},
});
example, err := ibm.NewIsNetworkAclRule(ctx, "isNetworkAclRuleResource", &ibm.IsNetworkAclRuleArgs{
Action: pulumi.String("string"),
Destination: pulumi.String("string"),
Direction: pulumi.String("string"),
NetworkAcl: pulumi.String("string"),
Source: pulumi.String("string"),
Before: pulumi.String("string"),
Icmp: &ibm.IsNetworkAclRuleIcmpArgs{
Code: pulumi.Float64(0),
Type: pulumi.Float64(0),
},
IsNetworkAclRuleId: pulumi.String("string"),
Name: pulumi.String("string"),
Tcp: &ibm.IsNetworkAclRuleTcpArgs{
PortMax: pulumi.Float64(0),
PortMin: pulumi.Float64(0),
SourcePortMax: pulumi.Float64(0),
SourcePortMin: pulumi.Float64(0),
},
Timeouts: &ibm.IsNetworkAclRuleTimeoutsArgs{
Create: pulumi.String("string"),
Delete: pulumi.String("string"),
},
Udp: &ibm.IsNetworkAclRuleUdpArgs{
PortMax: pulumi.Float64(0),
PortMin: pulumi.Float64(0),
SourcePortMax: pulumi.Float64(0),
SourcePortMin: pulumi.Float64(0),
},
})
var isNetworkAclRuleResource = new IsNetworkAclRule("isNetworkAclRuleResource", IsNetworkAclRuleArgs.builder()
.action("string")
.destination("string")
.direction("string")
.networkAcl("string")
.source("string")
.before("string")
.icmp(IsNetworkAclRuleIcmpArgs.builder()
.code(0)
.type(0)
.build())
.isNetworkAclRuleId("string")
.name("string")
.tcp(IsNetworkAclRuleTcpArgs.builder()
.portMax(0)
.portMin(0)
.sourcePortMax(0)
.sourcePortMin(0)
.build())
.timeouts(IsNetworkAclRuleTimeoutsArgs.builder()
.create("string")
.delete("string")
.build())
.udp(IsNetworkAclRuleUdpArgs.builder()
.portMax(0)
.portMin(0)
.sourcePortMax(0)
.sourcePortMin(0)
.build())
.build());
is_network_acl_rule_resource = ibm.IsNetworkAclRule("isNetworkAclRuleResource",
action="string",
destination="string",
direction="string",
network_acl="string",
source="string",
before="string",
icmp={
"code": 0,
"type": 0,
},
is_network_acl_rule_id="string",
name="string",
tcp={
"port_max": 0,
"port_min": 0,
"source_port_max": 0,
"source_port_min": 0,
},
timeouts={
"create": "string",
"delete": "string",
},
udp={
"port_max": 0,
"port_min": 0,
"source_port_max": 0,
"source_port_min": 0,
})
const isNetworkAclRuleResource = new ibm.IsNetworkAclRule("isNetworkAclRuleResource", {
action: "string",
destination: "string",
direction: "string",
networkAcl: "string",
source: "string",
before: "string",
icmp: {
code: 0,
type: 0,
},
isNetworkAclRuleId: "string",
name: "string",
tcp: {
portMax: 0,
portMin: 0,
sourcePortMax: 0,
sourcePortMin: 0,
},
timeouts: {
create: "string",
"delete": "string",
},
udp: {
portMax: 0,
portMin: 0,
sourcePortMax: 0,
sourcePortMin: 0,
},
});
type: ibm:IsNetworkAclRule
properties:
action: string
before: string
destination: string
direction: string
icmp:
code: 0
type: 0
isNetworkAclRuleId: string
name: string
networkAcl: string
source: string
tcp:
portMax: 0
portMin: 0
sourcePortMax: 0
sourcePortMin: 0
timeouts:
create: string
delete: string
udp:
portMax: 0
portMin: 0
sourcePortMax: 0
sourcePortMin: 0
IsNetworkAclRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IsNetworkAclRule resource accepts the following input properties:
- Action string
- Whether to allow or deny matching traffic.
- Destination string
- The destination IP address or CIDR block.
- Direction string
- Whether the traffic to be matched is inbound or outbound.
- Network
Acl string - The ID of the network ACL.
- Source string
- The source IP address or CIDR block.
- Before string
- The rule that this rule is immediately before. If absent, this is the last rule.
- Icmp
Is
Network Acl Rule Icmp The protocol ICMP.
Nested scheme for
icmp:- Is
Network stringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - Name string
- The user-defined name for this rule.
- Tcp
Is
Network Acl Rule Tcp TCP protocol.
Nested scheme for
tcp:- Timeouts
Is
Network Acl Rule Timeouts - Udp
Is
Network Acl Rule Udp UDP protocol
Nested scheme for
udp:
- Action string
- Whether to allow or deny matching traffic.
- Destination string
- The destination IP address or CIDR block.
- Direction string
- Whether the traffic to be matched is inbound or outbound.
- Network
Acl string - The ID of the network ACL.
- Source string
- The source IP address or CIDR block.
- Before string
- The rule that this rule is immediately before. If absent, this is the last rule.
- Icmp
Is
Network Acl Rule Icmp Args The protocol ICMP.
Nested scheme for
icmp:- Is
Network stringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - Name string
- The user-defined name for this rule.
- Tcp
Is
Network Acl Rule Tcp Args TCP protocol.
Nested scheme for
tcp:- Timeouts
Is
Network Acl Rule Timeouts Args - Udp
Is
Network Acl Rule Udp Args UDP protocol
Nested scheme for
udp:
- action String
- Whether to allow or deny matching traffic.
- destination String
- The destination IP address or CIDR block.
- direction String
- Whether the traffic to be matched is inbound or outbound.
- network
Acl String - The ID of the network ACL.
- source String
- The source IP address or CIDR block.
- before String
- The rule that this rule is immediately before. If absent, this is the last rule.
- icmp
Is
Network Acl Rule Icmp The protocol ICMP.
Nested scheme for
icmp:- is
Network StringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - name String
- The user-defined name for this rule.
- tcp
Is
Network Acl Rule Tcp TCP protocol.
Nested scheme for
tcp:- timeouts
Is
Network Acl Rule Timeouts - udp
Is
Network Acl Rule Udp UDP protocol
Nested scheme for
udp:
- action string
- Whether to allow or deny matching traffic.
- destination string
- The destination IP address or CIDR block.
- direction string
- Whether the traffic to be matched is inbound or outbound.
- network
Acl string - The ID of the network ACL.
- source string
- The source IP address or CIDR block.
- before string
- The rule that this rule is immediately before. If absent, this is the last rule.
- icmp
Is
Network Acl Rule Icmp The protocol ICMP.
Nested scheme for
icmp:- is
Network stringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - name string
- The user-defined name for this rule.
- tcp
Is
Network Acl Rule Tcp TCP protocol.
Nested scheme for
tcp:- timeouts
Is
Network Acl Rule Timeouts - udp
Is
Network Acl Rule Udp UDP protocol
Nested scheme for
udp:
- action str
- Whether to allow or deny matching traffic.
- destination str
- The destination IP address or CIDR block.
- direction str
- Whether the traffic to be matched is inbound or outbound.
- network_
acl str - The ID of the network ACL.
- source str
- The source IP address or CIDR block.
- before str
- The rule that this rule is immediately before. If absent, this is the last rule.
- icmp
Is
Network Acl Rule Icmp Args The protocol ICMP.
Nested scheme for
icmp:- is_
network_ stracl_ rule_ id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - name str
- The user-defined name for this rule.
- tcp
Is
Network Acl Rule Tcp Args TCP protocol.
Nested scheme for
tcp:- timeouts
Is
Network Acl Rule Timeouts Args - udp
Is
Network Acl Rule Udp Args UDP protocol
Nested scheme for
udp:
- action String
- Whether to allow or deny matching traffic.
- destination String
- The destination IP address or CIDR block.
- direction String
- Whether the traffic to be matched is inbound or outbound.
- network
Acl String - The ID of the network ACL.
- source String
- The source IP address or CIDR block.
- before String
- The rule that this rule is immediately before. If absent, this is the last rule.
- icmp Property Map
The protocol ICMP.
Nested scheme for
icmp:- is
Network StringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - name String
- The user-defined name for this rule.
- tcp Property Map
TCP protocol.
Nested scheme for
tcp:- timeouts Property Map
- udp Property Map
UDP protocol
Nested scheme for
udp:
Outputs
All input properties are implicitly available as output properties. Additionally, the IsNetworkAclRule resource produces the following output properties:
- href str
- (String) The URL for this network ACL rule.
- id str
- The provider-assigned unique ID for this managed resource.
- ip_
version str - The IP version for this rule.
- protocol str
- (String) The protocol to enforce.
- rule_
id str - (String) The unique identifier of the rule.
Look up Existing IsNetworkAclRule Resource
Get an existing IsNetworkAclRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IsNetworkAclRuleState, opts?: CustomResourceOptions): IsNetworkAclRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
before: Optional[str] = None,
destination: Optional[str] = None,
direction: Optional[str] = None,
href: Optional[str] = None,
icmp: Optional[IsNetworkAclRuleIcmpArgs] = None,
ip_version: Optional[str] = None,
is_network_acl_rule_id: Optional[str] = None,
name: Optional[str] = None,
network_acl: Optional[str] = None,
protocol: Optional[str] = None,
rule_id: Optional[str] = None,
source: Optional[str] = None,
tcp: Optional[IsNetworkAclRuleTcpArgs] = None,
timeouts: Optional[IsNetworkAclRuleTimeoutsArgs] = None,
udp: Optional[IsNetworkAclRuleUdpArgs] = None) -> IsNetworkAclRulefunc GetIsNetworkAclRule(ctx *Context, name string, id IDInput, state *IsNetworkAclRuleState, opts ...ResourceOption) (*IsNetworkAclRule, error)public static IsNetworkAclRule Get(string name, Input<string> id, IsNetworkAclRuleState? state, CustomResourceOptions? opts = null)public static IsNetworkAclRule get(String name, Output<String> id, IsNetworkAclRuleState state, CustomResourceOptions options)resources: _: type: ibm:IsNetworkAclRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action string
- Whether to allow or deny matching traffic.
- Before string
- The rule that this rule is immediately before. If absent, this is the last rule.
- Destination string
- The destination IP address or CIDR block.
- Direction string
- Whether the traffic to be matched is inbound or outbound.
- Href string
- (String) The URL for this network ACL rule.
- Icmp
Is
Network Acl Rule Icmp The protocol ICMP.
Nested scheme for
icmp:- Ip
Version string - The IP version for this rule.
- Is
Network stringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - Name string
- The user-defined name for this rule.
- Network
Acl string - The ID of the network ACL.
- Protocol string
- (String) The protocol to enforce.
- Rule
Id string - (String) The unique identifier of the rule.
- Source string
- The source IP address or CIDR block.
- Tcp
Is
Network Acl Rule Tcp TCP protocol.
Nested scheme for
tcp:- Timeouts
Is
Network Acl Rule Timeouts - Udp
Is
Network Acl Rule Udp UDP protocol
Nested scheme for
udp:
- Action string
- Whether to allow or deny matching traffic.
- Before string
- The rule that this rule is immediately before. If absent, this is the last rule.
- Destination string
- The destination IP address or CIDR block.
- Direction string
- Whether the traffic to be matched is inbound or outbound.
- Href string
- (String) The URL for this network ACL rule.
- Icmp
Is
Network Acl Rule Icmp Args The protocol ICMP.
Nested scheme for
icmp:- Ip
Version string - The IP version for this rule.
- Is
Network stringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - Name string
- The user-defined name for this rule.
- Network
Acl string - The ID of the network ACL.
- Protocol string
- (String) The protocol to enforce.
- Rule
Id string - (String) The unique identifier of the rule.
- Source string
- The source IP address or CIDR block.
- Tcp
Is
Network Acl Rule Tcp Args TCP protocol.
Nested scheme for
tcp:- Timeouts
Is
Network Acl Rule Timeouts Args - Udp
Is
Network Acl Rule Udp Args UDP protocol
Nested scheme for
udp:
- action String
- Whether to allow or deny matching traffic.
- before String
- The rule that this rule is immediately before. If absent, this is the last rule.
- destination String
- The destination IP address or CIDR block.
- direction String
- Whether the traffic to be matched is inbound or outbound.
- href String
- (String) The URL for this network ACL rule.
- icmp
Is
Network Acl Rule Icmp The protocol ICMP.
Nested scheme for
icmp:- ip
Version String - The IP version for this rule.
- is
Network StringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - name String
- The user-defined name for this rule.
- network
Acl String - The ID of the network ACL.
- protocol String
- (String) The protocol to enforce.
- rule
Id String - (String) The unique identifier of the rule.
- source String
- The source IP address or CIDR block.
- tcp
Is
Network Acl Rule Tcp TCP protocol.
Nested scheme for
tcp:- timeouts
Is
Network Acl Rule Timeouts - udp
Is
Network Acl Rule Udp UDP protocol
Nested scheme for
udp:
- action string
- Whether to allow or deny matching traffic.
- before string
- The rule that this rule is immediately before. If absent, this is the last rule.
- destination string
- The destination IP address or CIDR block.
- direction string
- Whether the traffic to be matched is inbound or outbound.
- href string
- (String) The URL for this network ACL rule.
- icmp
Is
Network Acl Rule Icmp The protocol ICMP.
Nested scheme for
icmp:- ip
Version string - The IP version for this rule.
- is
Network stringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - name string
- The user-defined name for this rule.
- network
Acl string - The ID of the network ACL.
- protocol string
- (String) The protocol to enforce.
- rule
Id string - (String) The unique identifier of the rule.
- source string
- The source IP address or CIDR block.
- tcp
Is
Network Acl Rule Tcp TCP protocol.
Nested scheme for
tcp:- timeouts
Is
Network Acl Rule Timeouts - udp
Is
Network Acl Rule Udp UDP protocol
Nested scheme for
udp:
- action str
- Whether to allow or deny matching traffic.
- before str
- The rule that this rule is immediately before. If absent, this is the last rule.
- destination str
- The destination IP address or CIDR block.
- direction str
- Whether the traffic to be matched is inbound or outbound.
- href str
- (String) The URL for this network ACL rule.
- icmp
Is
Network Acl Rule Icmp Args The protocol ICMP.
Nested scheme for
icmp:- ip_
version str - The IP version for this rule.
- is_
network_ stracl_ rule_ id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - name str
- The user-defined name for this rule.
- network_
acl str - The ID of the network ACL.
- protocol str
- (String) The protocol to enforce.
- rule_
id str - (String) The unique identifier of the rule.
- source str
- The source IP address or CIDR block.
- tcp
Is
Network Acl Rule Tcp Args TCP protocol.
Nested scheme for
tcp:- timeouts
Is
Network Acl Rule Timeouts Args - udp
Is
Network Acl Rule Udp Args UDP protocol
Nested scheme for
udp:
- action String
- Whether to allow or deny matching traffic.
- before String
- The rule that this rule is immediately before. If absent, this is the last rule.
- destination String
- The destination IP address or CIDR block.
- direction String
- Whether the traffic to be matched is inbound or outbound.
- href String
- (String) The URL for this network ACL rule.
- icmp Property Map
The protocol ICMP.
Nested scheme for
icmp:- ip
Version String - The IP version for this rule.
- is
Network StringAcl Rule Id - (String) The ID of the network ACL rule. The ID is composed of
\network_acl\rule_id. - name String
- The user-defined name for this rule.
- network
Acl String - The ID of the network ACL.
- protocol String
- (String) The protocol to enforce.
- rule
Id String - (String) The unique identifier of the rule.
- source String
- The source IP address or CIDR block.
- tcp Property Map
TCP protocol.
Nested scheme for
tcp:- timeouts Property Map
- udp Property Map
UDP protocol
Nested scheme for
udp:
Supporting Types
IsNetworkAclRuleIcmp, IsNetworkAclRuleIcmpArgs
IsNetworkAclRuleTcp, IsNetworkAclRuleTcpArgs
- Port
Max double - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- Port
Min double - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- Source
Port doubleMax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- Source
Port doubleMin - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- Port
Max float64 - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- Port
Min float64 - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- Source
Port float64Max - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- Source
Port float64Min - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- port
Max Double - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- port
Min Double - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- source
Port DoubleMax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- source
Port DoubleMin - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- port
Max number - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- port
Min number - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- source
Port numberMax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- source
Port numberMin - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- port_
max float - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- port_
min float - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- source_
port_ floatmax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- source_
port_ floatmin - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- port
Max Number - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- port
Min Number - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- source
Port NumberMax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- source
Port NumberMin - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
IsNetworkAclRuleTimeouts, IsNetworkAclRuleTimeoutsArgs
IsNetworkAclRuleUdp, IsNetworkAclRuleUdpArgs
- Port
Max double - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- Port
Min double - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- Source
Port doubleMax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- Source
Port doubleMin The lowest port in the range of ports to be matched; if unspecified, 1 is used.
NOTE: Only one type of protocol out of icmp, tcp, or udp can be used to create a new rule. If none is provided, all is selected.
- Port
Max float64 - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- Port
Min float64 - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- Source
Port float64Max - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- Source
Port float64Min The lowest port in the range of ports to be matched; if unspecified, 1 is used.
NOTE: Only one type of protocol out of icmp, tcp, or udp can be used to create a new rule. If none is provided, all is selected.
- port
Max Double - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- port
Min Double - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- source
Port DoubleMax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- source
Port DoubleMin The lowest port in the range of ports to be matched; if unspecified, 1 is used.
NOTE: Only one type of protocol out of icmp, tcp, or udp can be used to create a new rule. If none is provided, all is selected.
- port
Max number - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- port
Min number - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- source
Port numberMax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- source
Port numberMin The lowest port in the range of ports to be matched; if unspecified, 1 is used.
NOTE: Only one type of protocol out of icmp, tcp, or udp can be used to create a new rule. If none is provided, all is selected.
- port_
max float - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- port_
min float - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- source_
port_ floatmax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- source_
port_ floatmin The lowest port in the range of ports to be matched; if unspecified, 1 is used.
NOTE: Only one type of protocol out of icmp, tcp, or udp can be used to create a new rule. If none is provided, all is selected.
- port
Max Number - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- port
Min Number - The lowest port in the range of ports to be matched; if unspecified, 1 is used.
- source
Port NumberMax - The highest port in the range of ports to be matched; if unspecified, 65535 is used.
- source
Port NumberMin The lowest port in the range of ports to be matched; if unspecified, 1 is used.
NOTE: Only one type of protocol out of icmp, tcp, or udp can be used to create a new rule. If none is provided, all is selected.
Import
The ibm_is_network_acl_rule can be imported using ID \network_acl\rule_id
Example
$ pulumi import ibm:index/isNetworkAclRule:IsNetworkAclRule example d7bec597-4726-451f-8a63-e62e6f19c32c/cea6651a-bc0a-4438-9f8a-a0770bbf3ebb
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- ibm ibm-cloud/terraform-provider-ibm
- License
- Notes
- This Pulumi package is based on the
ibmTerraform Provider.