Viewing docs for Juniper Mist v0.8.1
published on Thursday, Apr 2, 2026 by Pulumi
published on Thursday, Apr 2, 2026 by Pulumi
Viewing docs for Juniper Mist v0.8.1
published on Thursday, Apr 2, 2026 by Pulumi
published on Thursday, Apr 2, 2026 by Pulumi
This resource manages MxCluster (cluster of MxEdge devices) in the Mist Organization.
A Mist Edge Cluster is a group of one or more Org Mist Edge devices (mist_org_mxedge) providing tunnel termination, edge network services and RADIUS proxy capabilities.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as junipermist from "@pulumi/juniper-mist";
// Resource for importing existing mxcluster
// Import with: terraform import mist_org_mxcluster.existing_mxcluster "<org_id>.<mxcluster_id>"
const existingMxcluster = new junipermist.org.Mxcluster("existing_mxcluster", {
orgId: terraformTest.id,
name: "edgey_cluster",
siteId: terraformTestSite.id,
});
// Create new mxcluster
const newMxcluster = new junipermist.org.Mxcluster("new_mxcluster", {
orgId: terraformTest.id,
name: "edgey_cluster_new",
siteId: terraformTestSite.id,
mistDas: {
enabled: true,
coaServers: [
{
disableEventTimestampCheck: false,
enabled: true,
host: "10.10.10.10",
port: 3799,
requireMessageAuthenticator: true,
secret: "coa-secret-123",
},
{
enabled: true,
host: "10.10.10.11",
port: 3799,
secret: "coa-secret-456",
},
],
},
mistNac: {
enabled: true,
acctServerPort: 1813,
authServerPort: 1812,
secret: "nac-shared-secret",
},
mxedgeMgmt: {
configAutoRevert: true,
fipsEnabled: false,
mistPassword: "mist-password-123",
rootPassword: "root-password-456",
oobIpType: "static",
oobIpType6: "dhcp",
},
proxy: {
disabled: false,
url: "http://proxy.example.com:8080",
},
radsec: {
enabled: true,
matchSsid: true,
nasIpSource: "tunnel",
serverSelection: "ordered",
srcIpSource: "tunnel",
proxyHosts: [
"radsec1.example.com",
"radsec2.example.com",
],
acctServers: [
{
host: "acct1.example.com",
port: 2083,
secret: "acct-secret-123",
ssids: [
"Corporate",
"Guest",
],
},
{
host: "acct2.example.com",
port: 2083,
secret: "acct-secret-456",
ssids: ["Corporate"],
},
],
authServers: [
{
host: "auth1.example.com",
port: 2083,
secret: "auth-secret-123",
inbandStatusCheck: true,
inbandStatusInterval: 60,
keywrapEnabled: true,
keywrapFormat: "hex",
keywrapKek: "keywrap-kek-value",
keywrapMack: "keywrap-mack-value",
retry: 3,
timeout: 30,
ssids: [
"Corporate",
"Guest",
],
},
{
host: "auth2.example.com",
port: 2083,
secret: "auth-secret-456",
retry: 3,
timeout: 30,
ssids: ["Corporate"],
},
],
},
tuntermApSubnets: [
"192.168.10.0/24",
"192.168.20.0/24",
"10.100.0.0/16",
],
tuntermDhcpdConfig: {
"100": {
enabled: true,
type: "relay",
servers: [
"10.100.0.5",
"10.100.0.6",
],
},
"200": {
enabled: true,
type: "relay",
servers: ["10.200.0.5"],
},
},
tuntermExtraRoutes: {
"172.16.0.0/16": {
via: "10.0.0.10",
},
"192.168.100.0/24": {
via: "10.0.0.20",
},
},
tuntermHosts: [
"mxedge1.example.com",
"mxedge2.example.com",
"10.10.10.100",
],
tuntermHostsOrders: [
0,
1,
2,
],
tuntermHostsSelection: "ordered",
tuntermMonitorings: [
[
{
host: "10.0.0.1",
port: 443,
protocol: "https",
srcVlanId: 100,
timeout: 10,
},
{
host: "10.0.0.2",
port: 80,
protocol: "http",
srcVlanId: 100,
timeout: 5,
},
],
[{
host: "8.8.8.8",
port: 443,
protocol: "https",
srcVlanId: 200,
timeout: 10,
}],
],
tuntermMonitoringDisabled: false,
});
import pulumi
import pulumi_juniper_mist as junipermist
# Resource for importing existing mxcluster
# Import with: terraform import mist_org_mxcluster.existing_mxcluster "<org_id>.<mxcluster_id>"
existing_mxcluster = junipermist.org.Mxcluster("existing_mxcluster",
org_id=terraform_test["id"],
name="edgey_cluster",
site_id=terraform_test_site["id"])
# Create new mxcluster
new_mxcluster = junipermist.org.Mxcluster("new_mxcluster",
org_id=terraform_test["id"],
name="edgey_cluster_new",
site_id=terraform_test_site["id"],
mist_das={
"enabled": True,
"coa_servers": [
{
"disable_event_timestamp_check": False,
"enabled": True,
"host": "10.10.10.10",
"port": 3799,
"require_message_authenticator": True,
"secret": "coa-secret-123",
},
{
"enabled": True,
"host": "10.10.10.11",
"port": 3799,
"secret": "coa-secret-456",
},
],
},
mist_nac={
"enabled": True,
"acct_server_port": 1813,
"auth_server_port": 1812,
"secret": "nac-shared-secret",
},
mxedge_mgmt={
"config_auto_revert": True,
"fips_enabled": False,
"mist_password": "mist-password-123",
"root_password": "root-password-456",
"oob_ip_type": "static",
"oob_ip_type6": "dhcp",
},
proxy={
"disabled": False,
"url": "http://proxy.example.com:8080",
},
radsec={
"enabled": True,
"match_ssid": True,
"nas_ip_source": "tunnel",
"server_selection": "ordered",
"src_ip_source": "tunnel",
"proxy_hosts": [
"radsec1.example.com",
"radsec2.example.com",
],
"acct_servers": [
{
"host": "acct1.example.com",
"port": 2083,
"secret": "acct-secret-123",
"ssids": [
"Corporate",
"Guest",
],
},
{
"host": "acct2.example.com",
"port": 2083,
"secret": "acct-secret-456",
"ssids": ["Corporate"],
},
],
"auth_servers": [
{
"host": "auth1.example.com",
"port": 2083,
"secret": "auth-secret-123",
"inband_status_check": True,
"inband_status_interval": 60,
"keywrap_enabled": True,
"keywrap_format": "hex",
"keywrap_kek": "keywrap-kek-value",
"keywrap_mack": "keywrap-mack-value",
"retry": 3,
"timeout": 30,
"ssids": [
"Corporate",
"Guest",
],
},
{
"host": "auth2.example.com",
"port": 2083,
"secret": "auth-secret-456",
"retry": 3,
"timeout": 30,
"ssids": ["Corporate"],
},
],
},
tunterm_ap_subnets=[
"192.168.10.0/24",
"192.168.20.0/24",
"10.100.0.0/16",
],
tunterm_dhcpd_config={
"100": {
"enabled": True,
"type": "relay",
"servers": [
"10.100.0.5",
"10.100.0.6",
],
},
"200": {
"enabled": True,
"type": "relay",
"servers": ["10.200.0.5"],
},
},
tunterm_extra_routes={
"172.16.0.0/16": {
"via": "10.0.0.10",
},
"192.168.100.0/24": {
"via": "10.0.0.20",
},
},
tunterm_hosts=[
"mxedge1.example.com",
"mxedge2.example.com",
"10.10.10.100",
],
tunterm_hosts_orders=[
0,
1,
2,
],
tunterm_hosts_selection="ordered",
tunterm_monitorings=[
[
{
"host": "10.0.0.1",
"port": 443,
"protocol": "https",
"src_vlan_id": 100,
"timeout": 10,
},
{
"host": "10.0.0.2",
"port": 80,
"protocol": "http",
"src_vlan_id": 100,
"timeout": 5,
},
],
[{
"host": "8.8.8.8",
"port": 443,
"protocol": "https",
"src_vlan_id": 200,
"timeout": 10,
}],
],
tunterm_monitoring_disabled=False)
package main
import (
"github.com/pulumi/pulumi-junipermist/sdk/go/junipermist/org"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Resource for importing existing mxcluster
// Import with: terraform import mist_org_mxcluster.existing_mxcluster "<org_id>.<mxcluster_id>"
_, err := org.NewMxcluster(ctx, "existing_mxcluster", &org.MxclusterArgs{
OrgId: pulumi.Any(terraformTest.Id),
Name: pulumi.String("edgey_cluster"),
SiteId: pulumi.Any(terraformTestSite.Id),
})
if err != nil {
return err
}
// Create new mxcluster
_, err = org.NewMxcluster(ctx, "new_mxcluster", &org.MxclusterArgs{
OrgId: pulumi.Any(terraformTest.Id),
Name: pulumi.String("edgey_cluster_new"),
SiteId: pulumi.Any(terraformTestSite.Id),
MistDas: &org.MxclusterMistDasArgs{
Enabled: pulumi.Bool(true),
CoaServers: org.MxclusterMistDasCoaServerArray{
&org.MxclusterMistDasCoaServerArgs{
DisableEventTimestampCheck: pulumi.Bool(false),
Enabled: pulumi.Bool(true),
Host: pulumi.String("10.10.10.10"),
Port: pulumi.Int(3799),
RequireMessageAuthenticator: pulumi.Bool(true),
Secret: pulumi.String("coa-secret-123"),
},
&org.MxclusterMistDasCoaServerArgs{
Enabled: pulumi.Bool(true),
Host: pulumi.String("10.10.10.11"),
Port: pulumi.Int(3799),
Secret: pulumi.String("coa-secret-456"),
},
},
},
MistNac: &org.MxclusterMistNacArgs{
Enabled: pulumi.Bool(true),
AcctServerPort: pulumi.Int(1813),
AuthServerPort: pulumi.Int(1812),
Secret: pulumi.String("nac-shared-secret"),
},
MxedgeMgmt: &org.MxclusterMxedgeMgmtArgs{
ConfigAutoRevert: pulumi.Bool(true),
FipsEnabled: pulumi.Bool(false),
MistPassword: pulumi.String("mist-password-123"),
RootPassword: pulumi.String("root-password-456"),
OobIpType: pulumi.String("static"),
OobIpType6: pulumi.String("dhcp"),
},
Proxy: &org.MxclusterProxyArgs{
Disabled: pulumi.Bool(false),
Url: pulumi.String("http://proxy.example.com:8080"),
},
Radsec: &org.MxclusterRadsecArgs{
Enabled: pulumi.Bool(true),
MatchSsid: pulumi.Bool(true),
NasIpSource: pulumi.String("tunnel"),
ServerSelection: pulumi.String("ordered"),
SrcIpSource: pulumi.String("tunnel"),
ProxyHosts: pulumi.StringArray{
pulumi.String("radsec1.example.com"),
pulumi.String("radsec2.example.com"),
},
AcctServers: org.MxclusterRadsecAcctServerArray{
&org.MxclusterRadsecAcctServerArgs{
Host: pulumi.String("acct1.example.com"),
Port: pulumi.Int(2083),
Secret: pulumi.String("acct-secret-123"),
Ssids: pulumi.StringArray{
pulumi.String("Corporate"),
pulumi.String("Guest"),
},
},
&org.MxclusterRadsecAcctServerArgs{
Host: pulumi.String("acct2.example.com"),
Port: pulumi.Int(2083),
Secret: pulumi.String("acct-secret-456"),
Ssids: pulumi.StringArray{
pulumi.String("Corporate"),
},
},
},
AuthServers: org.MxclusterRadsecAuthServerArray{
&org.MxclusterRadsecAuthServerArgs{
Host: pulumi.String("auth1.example.com"),
Port: pulumi.Int(2083),
Secret: pulumi.String("auth-secret-123"),
InbandStatusCheck: pulumi.Bool(true),
InbandStatusInterval: pulumi.Int(60),
KeywrapEnabled: pulumi.Bool(true),
KeywrapFormat: pulumi.String("hex"),
KeywrapKek: pulumi.String("keywrap-kek-value"),
KeywrapMack: pulumi.String("keywrap-mack-value"),
Retry: pulumi.Int(3),
Timeout: pulumi.Int(30),
Ssids: pulumi.StringArray{
pulumi.String("Corporate"),
pulumi.String("Guest"),
},
},
&org.MxclusterRadsecAuthServerArgs{
Host: pulumi.String("auth2.example.com"),
Port: pulumi.Int(2083),
Secret: pulumi.String("auth-secret-456"),
Retry: pulumi.Int(3),
Timeout: pulumi.Int(30),
Ssids: pulumi.StringArray{
pulumi.String("Corporate"),
},
},
},
},
TuntermApSubnets: pulumi.StringArray{
pulumi.String("192.168.10.0/24"),
pulumi.String("192.168.20.0/24"),
pulumi.String("10.100.0.0/16"),
},
TuntermDhcpdConfig: org.MxclusterTuntermDhcpdConfigMap{
"100": &org.MxclusterTuntermDhcpdConfigArgs{
Enabled: pulumi.Bool(true),
Type: pulumi.String("relay"),
Servers: pulumi.StringArray{
pulumi.String("10.100.0.5"),
pulumi.String("10.100.0.6"),
},
},
"200": &org.MxclusterTuntermDhcpdConfigArgs{
Enabled: pulumi.Bool(true),
Type: pulumi.String("relay"),
Servers: pulumi.StringArray{
pulumi.String("10.200.0.5"),
},
},
},
TuntermExtraRoutes: org.MxclusterTuntermExtraRoutesMap{
"172.16.0.0/16": &org.MxclusterTuntermExtraRoutesArgs{
Via: pulumi.String("10.0.0.10"),
},
"192.168.100.0/24": &org.MxclusterTuntermExtraRoutesArgs{
Via: pulumi.String("10.0.0.20"),
},
},
TuntermHosts: pulumi.StringArray{
pulumi.String("mxedge1.example.com"),
pulumi.String("mxedge2.example.com"),
pulumi.String("10.10.10.100"),
},
TuntermHostsOrders: pulumi.IntArray{
pulumi.Int(0),
pulumi.Int(1),
pulumi.Int(2),
},
TuntermHostsSelection: pulumi.String("ordered"),
TuntermMonitorings: org.MxclusterTuntermMonitoringArrayArray{
org.MxclusterTuntermMonitoringArray{
&org.MxclusterTuntermMonitoringArgs{
Host: pulumi.String("10.0.0.1"),
Port: pulumi.Int(443),
Protocol: pulumi.String("https"),
SrcVlanId: pulumi.Int(100),
Timeout: pulumi.Int(10),
},
&org.MxclusterTuntermMonitoringArgs{
Host: pulumi.String("10.0.0.2"),
Port: pulumi.Int(80),
Protocol: pulumi.String("http"),
SrcVlanId: pulumi.Int(100),
Timeout: pulumi.Int(5),
},
},
org.MxclusterTuntermMonitoringArray{
&org.MxclusterTuntermMonitoringArgs{
Host: pulumi.String("8.8.8.8"),
Port: pulumi.Int(443),
Protocol: pulumi.String("https"),
SrcVlanId: pulumi.Int(200),
Timeout: pulumi.Int(10),
},
},
},
TuntermMonitoringDisabled: pulumi.Bool(false),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using JuniperMist = Pulumi.JuniperMist;
return await Deployment.RunAsync(() =>
{
// Resource for importing existing mxcluster
// Import with: terraform import mist_org_mxcluster.existing_mxcluster "<org_id>.<mxcluster_id>"
var existingMxcluster = new JuniperMist.Org.Mxcluster("existing_mxcluster", new()
{
OrgId = terraformTest.Id,
Name = "edgey_cluster",
SiteId = terraformTestSite.Id,
});
// Create new mxcluster
var newMxcluster = new JuniperMist.Org.Mxcluster("new_mxcluster", new()
{
OrgId = terraformTest.Id,
Name = "edgey_cluster_new",
SiteId = terraformTestSite.Id,
MistDas = new JuniperMist.Org.Inputs.MxclusterMistDasArgs
{
Enabled = true,
CoaServers = new[]
{
new JuniperMist.Org.Inputs.MxclusterMistDasCoaServerArgs
{
DisableEventTimestampCheck = false,
Enabled = true,
Host = "10.10.10.10",
Port = 3799,
RequireMessageAuthenticator = true,
Secret = "coa-secret-123",
},
new JuniperMist.Org.Inputs.MxclusterMistDasCoaServerArgs
{
Enabled = true,
Host = "10.10.10.11",
Port = 3799,
Secret = "coa-secret-456",
},
},
},
MistNac = new JuniperMist.Org.Inputs.MxclusterMistNacArgs
{
Enabled = true,
AcctServerPort = 1813,
AuthServerPort = 1812,
Secret = "nac-shared-secret",
},
MxedgeMgmt = new JuniperMist.Org.Inputs.MxclusterMxedgeMgmtArgs
{
ConfigAutoRevert = true,
FipsEnabled = false,
MistPassword = "mist-password-123",
RootPassword = "root-password-456",
OobIpType = "static",
OobIpType6 = "dhcp",
},
Proxy = new JuniperMist.Org.Inputs.MxclusterProxyArgs
{
Disabled = false,
Url = "http://proxy.example.com:8080",
},
Radsec = new JuniperMist.Org.Inputs.MxclusterRadsecArgs
{
Enabled = true,
MatchSsid = true,
NasIpSource = "tunnel",
ServerSelection = "ordered",
SrcIpSource = "tunnel",
ProxyHosts = new[]
{
"radsec1.example.com",
"radsec2.example.com",
},
AcctServers = new[]
{
new JuniperMist.Org.Inputs.MxclusterRadsecAcctServerArgs
{
Host = "acct1.example.com",
Port = 2083,
Secret = "acct-secret-123",
Ssids = new[]
{
"Corporate",
"Guest",
},
},
new JuniperMist.Org.Inputs.MxclusterRadsecAcctServerArgs
{
Host = "acct2.example.com",
Port = 2083,
Secret = "acct-secret-456",
Ssids = new[]
{
"Corporate",
},
},
},
AuthServers = new[]
{
new JuniperMist.Org.Inputs.MxclusterRadsecAuthServerArgs
{
Host = "auth1.example.com",
Port = 2083,
Secret = "auth-secret-123",
InbandStatusCheck = true,
InbandStatusInterval = 60,
KeywrapEnabled = true,
KeywrapFormat = "hex",
KeywrapKek = "keywrap-kek-value",
KeywrapMack = "keywrap-mack-value",
Retry = 3,
Timeout = 30,
Ssids = new[]
{
"Corporate",
"Guest",
},
},
new JuniperMist.Org.Inputs.MxclusterRadsecAuthServerArgs
{
Host = "auth2.example.com",
Port = 2083,
Secret = "auth-secret-456",
Retry = 3,
Timeout = 30,
Ssids = new[]
{
"Corporate",
},
},
},
},
TuntermApSubnets = new[]
{
"192.168.10.0/24",
"192.168.20.0/24",
"10.100.0.0/16",
},
TuntermDhcpdConfig =
{
{ "100", new JuniperMist.Org.Inputs.MxclusterTuntermDhcpdConfigArgs
{
Enabled = true,
Type = "relay",
Servers = new[]
{
"10.100.0.5",
"10.100.0.6",
},
} },
{ "200", new JuniperMist.Org.Inputs.MxclusterTuntermDhcpdConfigArgs
{
Enabled = true,
Type = "relay",
Servers = new[]
{
"10.200.0.5",
},
} },
},
TuntermExtraRoutes =
{
{ "172.16.0.0/16", new JuniperMist.Org.Inputs.MxclusterTuntermExtraRoutesArgs
{
Via = "10.0.0.10",
} },
{ "192.168.100.0/24", new JuniperMist.Org.Inputs.MxclusterTuntermExtraRoutesArgs
{
Via = "10.0.0.20",
} },
},
TuntermHosts = new[]
{
"mxedge1.example.com",
"mxedge2.example.com",
"10.10.10.100",
},
TuntermHostsOrders = new[]
{
0,
1,
2,
},
TuntermHostsSelection = "ordered",
TuntermMonitorings = new[]
{
new[]
{
new JuniperMist.Org.Inputs.MxclusterTuntermMonitoringArgs
{
Host = "10.0.0.1",
Port = 443,
Protocol = "https",
SrcVlanId = 100,
Timeout = 10,
},
new JuniperMist.Org.Inputs.MxclusterTuntermMonitoringArgs
{
Host = "10.0.0.2",
Port = 80,
Protocol = "http",
SrcVlanId = 100,
Timeout = 5,
},
},
new[]
{
new JuniperMist.Org.Inputs.MxclusterTuntermMonitoringArgs
{
Host = "8.8.8.8",
Port = 443,
Protocol = "https",
SrcVlanId = 200,
Timeout = 10,
},
},
},
TuntermMonitoringDisabled = false,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.junipermist.org.Mxcluster;
import com.pulumi.junipermist.org.MxclusterArgs;
import com.pulumi.junipermist.org.inputs.MxclusterMistDasArgs;
import com.pulumi.junipermist.org.inputs.MxclusterMistNacArgs;
import com.pulumi.junipermist.org.inputs.MxclusterMxedgeMgmtArgs;
import com.pulumi.junipermist.org.inputs.MxclusterProxyArgs;
import com.pulumi.junipermist.org.inputs.MxclusterRadsecArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Resource for importing existing mxcluster
// Import with: terraform import mist_org_mxcluster.existing_mxcluster "<org_id>.<mxcluster_id>"
var existingMxcluster = new Mxcluster("existingMxcluster", MxclusterArgs.builder()
.orgId(terraformTest.id())
.name("edgey_cluster")
.siteId(terraformTestSite.id())
.build());
// Create new mxcluster
var newMxcluster = new Mxcluster("newMxcluster", MxclusterArgs.builder()
.orgId(terraformTest.id())
.name("edgey_cluster_new")
.siteId(terraformTestSite.id())
.mistDas(MxclusterMistDasArgs.builder()
.enabled(true)
.coaServers(
MxclusterMistDasCoaServerArgs.builder()
.disableEventTimestampCheck(false)
.enabled(true)
.host("10.10.10.10")
.port(3799)
.requireMessageAuthenticator(true)
.secret("coa-secret-123")
.build(),
MxclusterMistDasCoaServerArgs.builder()
.enabled(true)
.host("10.10.10.11")
.port(3799)
.secret("coa-secret-456")
.build())
.build())
.mistNac(MxclusterMistNacArgs.builder()
.enabled(true)
.acctServerPort(1813)
.authServerPort(1812)
.secret("nac-shared-secret")
.build())
.mxedgeMgmt(MxclusterMxedgeMgmtArgs.builder()
.configAutoRevert(true)
.fipsEnabled(false)
.mistPassword("mist-password-123")
.rootPassword("root-password-456")
.oobIpType("static")
.oobIpType6("dhcp")
.build())
.proxy(MxclusterProxyArgs.builder()
.disabled(false)
.url("http://proxy.example.com:8080")
.build())
.radsec(MxclusterRadsecArgs.builder()
.enabled(true)
.matchSsid(true)
.nasIpSource("tunnel")
.serverSelection("ordered")
.srcIpSource("tunnel")
.proxyHosts(
"radsec1.example.com",
"radsec2.example.com")
.acctServers(
MxclusterRadsecAcctServerArgs.builder()
.host("acct1.example.com")
.port(2083)
.secret("acct-secret-123")
.ssids(
"Corporate",
"Guest")
.build(),
MxclusterRadsecAcctServerArgs.builder()
.host("acct2.example.com")
.port(2083)
.secret("acct-secret-456")
.ssids("Corporate")
.build())
.authServers(
MxclusterRadsecAuthServerArgs.builder()
.host("auth1.example.com")
.port(2083)
.secret("auth-secret-123")
.inbandStatusCheck(true)
.inbandStatusInterval(60)
.keywrapEnabled(true)
.keywrapFormat("hex")
.keywrapKek("keywrap-kek-value")
.keywrapMack("keywrap-mack-value")
.retry(3)
.timeout(30)
.ssids(
"Corporate",
"Guest")
.build(),
MxclusterRadsecAuthServerArgs.builder()
.host("auth2.example.com")
.port(2083)
.secret("auth-secret-456")
.retry(3)
.timeout(30)
.ssids("Corporate")
.build())
.build())
.tuntermApSubnets(
"192.168.10.0/24",
"192.168.20.0/24",
"10.100.0.0/16")
.tuntermDhcpdConfig(Map.ofEntries(
Map.entry("100", MxclusterTuntermDhcpdConfigArgs.builder()
.enabled(true)
.type("relay")
.servers(
"10.100.0.5",
"10.100.0.6")
.build()),
Map.entry("200", MxclusterTuntermDhcpdConfigArgs.builder()
.enabled(true)
.type("relay")
.servers("10.200.0.5")
.build())
))
.tuntermExtraRoutes(Map.ofEntries(
Map.entry("172.16.0.0/16", MxclusterTuntermExtraRoutesArgs.builder()
.via("10.0.0.10")
.build()),
Map.entry("192.168.100.0/24", MxclusterTuntermExtraRoutesArgs.builder()
.via("10.0.0.20")
.build())
))
.tuntermHosts(
"mxedge1.example.com",
"mxedge2.example.com",
"10.10.10.100")
.tuntermHostsOrders(
0,
1,
2)
.tuntermHostsSelection("ordered")
.tuntermMonitorings(
MxclusterTuntermMonitoringArgs.builder()
.host("10.0.0.1")
.port(443)
.protocol("https")
.srcVlanId(100)
.timeout(10)
.build(),
MxclusterTuntermMonitoringArgs.builder()
.host("10.0.0.2")
.port(80)
.protocol("http")
.srcVlanId(100)
.timeout(5)
.build(),
MxclusterTuntermMonitoringArgs.builder()
.host("8.8.8.8")
.port(443)
.protocol("https")
.srcVlanId(200)
.timeout(10)
.build())
.tuntermMonitoringDisabled(false)
.build());
}
}
resources:
# Resource for importing existing mxcluster
# Import with: terraform import mist_org_mxcluster.existing_mxcluster "<org_id>.<mxcluster_id>"
existingMxcluster:
type: junipermist:org:Mxcluster
name: existing_mxcluster
properties:
orgId: ${terraformTest.id}
name: edgey_cluster
siteId: ${terraformTestSite.id}
# Create new mxcluster
newMxcluster:
type: junipermist:org:Mxcluster
name: new_mxcluster
properties:
orgId: ${terraformTest.id}
name: edgey_cluster_new
siteId: ${terraformTestSite.id}
mistDas:
enabled: true
coaServers:
- disableEventTimestampCheck: false
enabled: true
host: 10.10.10.10
port: 3799
requireMessageAuthenticator: true
secret: coa-secret-123
- enabled: true
host: 10.10.10.11
port: 3799
secret: coa-secret-456
mistNac:
enabled: true
acctServerPort: 1813
authServerPort: 1812
secret: nac-shared-secret
mxedgeMgmt:
configAutoRevert: true
fipsEnabled: false
mistPassword: mist-password-123
rootPassword: root-password-456
oobIpType: static
oobIpType6: dhcp
proxy:
disabled: false
url: http://proxy.example.com:8080
radsec:
enabled: true
matchSsid: true
nasIpSource: tunnel
serverSelection: ordered
srcIpSource: tunnel
proxyHosts:
- radsec1.example.com
- radsec2.example.com
acctServers:
- host: acct1.example.com
port: 2083
secret: acct-secret-123
ssids:
- Corporate
- Guest
- host: acct2.example.com
port: 2083
secret: acct-secret-456
ssids:
- Corporate
authServers:
- host: auth1.example.com
port: 2083
secret: auth-secret-123
inbandStatusCheck: true
inbandStatusInterval: 60
keywrapEnabled: true
keywrapFormat: hex
keywrapKek: keywrap-kek-value
keywrapMack: keywrap-mack-value
retry: 3
timeout: 30
ssids:
- Corporate
- Guest
- host: auth2.example.com
port: 2083
secret: auth-secret-456
retry: 3
timeout: 30
ssids:
- Corporate
tuntermApSubnets:
- 192.168.10.0/24
- 192.168.20.0/24
- 10.100.0.0/16
tuntermDhcpdConfig:
'100':
enabled: true
type: relay
servers:
- 10.100.0.5
- 10.100.0.6
'200':
enabled: true
type: relay
servers:
- 10.200.0.5
tuntermExtraRoutes:
172.16.0.0/16:
via: 10.0.0.10
192.168.100.0/24:
via: 10.0.0.20
tuntermHosts:
- mxedge1.example.com
- mxedge2.example.com
- 10.10.10.100
tuntermHostsOrders:
- 0
- 1
- 2
tuntermHostsSelection: ordered
tuntermMonitorings:
- - host: 10.0.0.1
port: 443
protocol: https
srcVlanId: 100
timeout: 10
- host: 10.0.0.2
port: 80
protocol: http
srcVlanId: 100
timeout: 5
- - host: 8.8.8.8
port: 443
protocol: https
srcVlanId: 200
timeout: 10
tuntermMonitoringDisabled: false
Create Mxcluster Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Mxcluster(name: string, args: MxclusterArgs, opts?: CustomResourceOptions);@overload
def Mxcluster(resource_name: str,
args: MxclusterArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Mxcluster(resource_name: str,
opts: Optional[ResourceOptions] = None,
org_id: Optional[str] = None,
tunterm_ap_subnets: Optional[Sequence[str]] = None,
tunterm_hosts: Optional[Sequence[str]] = None,
name: Optional[str] = None,
mist_nac: Optional[MxclusterMistNacArgs] = None,
proxy: Optional[MxclusterProxyArgs] = None,
radsec: Optional[MxclusterRadsecArgs] = None,
mxedge_mgmt: Optional[MxclusterMxedgeMgmtArgs] = None,
tunterm_dhcpd_config: Optional[Mapping[str, MxclusterTuntermDhcpdConfigArgs]] = None,
site_id: Optional[str] = None,
tunterm_extra_routes: Optional[Mapping[str, MxclusterTuntermExtraRoutesArgs]] = None,
mist_das: Optional[MxclusterMistDasArgs] = None,
tunterm_hosts_orders: Optional[Sequence[int]] = None,
tunterm_hosts_selection: Optional[str] = None,
tunterm_monitoring_disabled: Optional[bool] = None,
tunterm_monitorings: Optional[Sequence[Sequence[MxclusterTuntermMonitoringArgs]]] = None)func NewMxcluster(ctx *Context, name string, args MxclusterArgs, opts ...ResourceOption) (*Mxcluster, error)public Mxcluster(string name, MxclusterArgs args, CustomResourceOptions? opts = null)
public Mxcluster(String name, MxclusterArgs args)
public Mxcluster(String name, MxclusterArgs args, CustomResourceOptions options)
type: junipermist:org:Mxcluster
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args MxclusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args MxclusterArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args MxclusterArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args MxclusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args MxclusterArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var mxclusterResource = new JuniperMist.Org.Mxcluster("mxclusterResource", new()
{
OrgId = "string",
TuntermApSubnets = new[]
{
"string",
},
TuntermHosts = new[]
{
"string",
},
Name = "string",
MistNac = new JuniperMist.Org.Inputs.MxclusterMistNacArgs
{
AcctServerPort = 0,
AuthServerPort = 0,
ClientIps =
{
{ "string", null },
},
Enabled = false,
Secret = "string",
},
Proxy = new JuniperMist.Org.Inputs.MxclusterProxyArgs
{
Disabled = false,
Url = "string",
},
Radsec = new JuniperMist.Org.Inputs.MxclusterRadsecArgs
{
AcctServers = new[]
{
new JuniperMist.Org.Inputs.MxclusterRadsecAcctServerArgs
{
Host = "string",
Port = 0,
Secret = "string",
Ssids = new[]
{
"string",
},
},
},
AuthServers = new[]
{
new JuniperMist.Org.Inputs.MxclusterRadsecAuthServerArgs
{
Host = "string",
InbandStatusCheck = false,
InbandStatusInterval = 0,
KeywrapEnabled = false,
KeywrapFormat = "string",
KeywrapKek = "string",
KeywrapMack = "string",
Port = 0,
Retry = 0,
Secret = "string",
Ssids = new[]
{
"string",
},
Timeout = 0,
},
},
Enabled = false,
MatchSsid = false,
NasIpSource = "string",
ProxyHosts = new[]
{
"string",
},
ServerSelection = "string",
SrcIpSource = "string",
},
MxedgeMgmt = new JuniperMist.Org.Inputs.MxclusterMxedgeMgmtArgs
{
ConfigAutoRevert = false,
FipsEnabled = false,
MistPassword = "string",
OobIpType = "string",
OobIpType6 = "string",
RootPassword = "string",
},
TuntermDhcpdConfig =
{
{ "string", new JuniperMist.Org.Inputs.MxclusterTuntermDhcpdConfigArgs
{
Enabled = false,
Servers = new[]
{
"string",
},
Type = "string",
} },
},
SiteId = "string",
TuntermExtraRoutes =
{
{ "string", new JuniperMist.Org.Inputs.MxclusterTuntermExtraRoutesArgs
{
Via = "string",
} },
},
MistDas = new JuniperMist.Org.Inputs.MxclusterMistDasArgs
{
CoaServers = new[]
{
new JuniperMist.Org.Inputs.MxclusterMistDasCoaServerArgs
{
DisableEventTimestampCheck = false,
Enabled = false,
Host = "string",
Port = 0,
RequireMessageAuthenticator = false,
Secret = "string",
},
},
Enabled = false,
},
TuntermHostsOrders = new[]
{
0,
},
TuntermHostsSelection = "string",
TuntermMonitoringDisabled = false,
TuntermMonitorings = new[]
{
new[]
{
new JuniperMist.Org.Inputs.MxclusterTuntermMonitoringArgs
{
Host = "string",
Port = 0,
Protocol = "string",
SrcVlanId = 0,
Timeout = 0,
},
},
},
});
example, err := org.NewMxcluster(ctx, "mxclusterResource", &org.MxclusterArgs{
OrgId: pulumi.String("string"),
TuntermApSubnets: pulumi.StringArray{
pulumi.String("string"),
},
TuntermHosts: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
MistNac: &org.MxclusterMistNacArgs{
AcctServerPort: pulumi.Int(0),
AuthServerPort: pulumi.Int(0),
ClientIps: org.MxclusterMistNacClientIpsMap{
"string": &org.MxclusterMistNacClientIpsArgs{},
},
Enabled: pulumi.Bool(false),
Secret: pulumi.String("string"),
},
Proxy: &org.MxclusterProxyArgs{
Disabled: pulumi.Bool(false),
Url: pulumi.String("string"),
},
Radsec: &org.MxclusterRadsecArgs{
AcctServers: org.MxclusterRadsecAcctServerArray{
&org.MxclusterRadsecAcctServerArgs{
Host: pulumi.String("string"),
Port: pulumi.Int(0),
Secret: pulumi.String("string"),
Ssids: pulumi.StringArray{
pulumi.String("string"),
},
},
},
AuthServers: org.MxclusterRadsecAuthServerArray{
&org.MxclusterRadsecAuthServerArgs{
Host: pulumi.String("string"),
InbandStatusCheck: pulumi.Bool(false),
InbandStatusInterval: pulumi.Int(0),
KeywrapEnabled: pulumi.Bool(false),
KeywrapFormat: pulumi.String("string"),
KeywrapKek: pulumi.String("string"),
KeywrapMack: pulumi.String("string"),
Port: pulumi.Int(0),
Retry: pulumi.Int(0),
Secret: pulumi.String("string"),
Ssids: pulumi.StringArray{
pulumi.String("string"),
},
Timeout: pulumi.Int(0),
},
},
Enabled: pulumi.Bool(false),
MatchSsid: pulumi.Bool(false),
NasIpSource: pulumi.String("string"),
ProxyHosts: pulumi.StringArray{
pulumi.String("string"),
},
ServerSelection: pulumi.String("string"),
SrcIpSource: pulumi.String("string"),
},
MxedgeMgmt: &org.MxclusterMxedgeMgmtArgs{
ConfigAutoRevert: pulumi.Bool(false),
FipsEnabled: pulumi.Bool(false),
MistPassword: pulumi.String("string"),
OobIpType: pulumi.String("string"),
OobIpType6: pulumi.String("string"),
RootPassword: pulumi.String("string"),
},
TuntermDhcpdConfig: org.MxclusterTuntermDhcpdConfigMap{
"string": &org.MxclusterTuntermDhcpdConfigArgs{
Enabled: pulumi.Bool(false),
Servers: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
},
},
SiteId: pulumi.String("string"),
TuntermExtraRoutes: org.MxclusterTuntermExtraRoutesMap{
"string": &org.MxclusterTuntermExtraRoutesArgs{
Via: pulumi.String("string"),
},
},
MistDas: &org.MxclusterMistDasArgs{
CoaServers: org.MxclusterMistDasCoaServerArray{
&org.MxclusterMistDasCoaServerArgs{
DisableEventTimestampCheck: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
Host: pulumi.String("string"),
Port: pulumi.Int(0),
RequireMessageAuthenticator: pulumi.Bool(false),
Secret: pulumi.String("string"),
},
},
Enabled: pulumi.Bool(false),
},
TuntermHostsOrders: pulumi.IntArray{
pulumi.Int(0),
},
TuntermHostsSelection: pulumi.String("string"),
TuntermMonitoringDisabled: pulumi.Bool(false),
TuntermMonitorings: org.MxclusterTuntermMonitoringArrayArray{
org.MxclusterTuntermMonitoringArray{
&org.MxclusterTuntermMonitoringArgs{
Host: pulumi.String("string"),
Port: pulumi.Int(0),
Protocol: pulumi.String("string"),
SrcVlanId: pulumi.Int(0),
Timeout: pulumi.Int(0),
},
},
},
})
var mxclusterResource = new Mxcluster("mxclusterResource", MxclusterArgs.builder()
.orgId("string")
.tuntermApSubnets("string")
.tuntermHosts("string")
.name("string")
.mistNac(MxclusterMistNacArgs.builder()
.acctServerPort(0)
.authServerPort(0)
.clientIps(Map.of("string", MxclusterMistNacClientIpsArgs.builder()
.build()))
.enabled(false)
.secret("string")
.build())
.proxy(MxclusterProxyArgs.builder()
.disabled(false)
.url("string")
.build())
.radsec(MxclusterRadsecArgs.builder()
.acctServers(MxclusterRadsecAcctServerArgs.builder()
.host("string")
.port(0)
.secret("string")
.ssids("string")
.build())
.authServers(MxclusterRadsecAuthServerArgs.builder()
.host("string")
.inbandStatusCheck(false)
.inbandStatusInterval(0)
.keywrapEnabled(false)
.keywrapFormat("string")
.keywrapKek("string")
.keywrapMack("string")
.port(0)
.retry(0)
.secret("string")
.ssids("string")
.timeout(0)
.build())
.enabled(false)
.matchSsid(false)
.nasIpSource("string")
.proxyHosts("string")
.serverSelection("string")
.srcIpSource("string")
.build())
.mxedgeMgmt(MxclusterMxedgeMgmtArgs.builder()
.configAutoRevert(false)
.fipsEnabled(false)
.mistPassword("string")
.oobIpType("string")
.oobIpType6("string")
.rootPassword("string")
.build())
.tuntermDhcpdConfig(Map.of("string", MxclusterTuntermDhcpdConfigArgs.builder()
.enabled(false)
.servers("string")
.type("string")
.build()))
.siteId("string")
.tuntermExtraRoutes(Map.of("string", MxclusterTuntermExtraRoutesArgs.builder()
.via("string")
.build()))
.mistDas(MxclusterMistDasArgs.builder()
.coaServers(MxclusterMistDasCoaServerArgs.builder()
.disableEventTimestampCheck(false)
.enabled(false)
.host("string")
.port(0)
.requireMessageAuthenticator(false)
.secret("string")
.build())
.enabled(false)
.build())
.tuntermHostsOrders(0)
.tuntermHostsSelection("string")
.tuntermMonitoringDisabled(false)
.tuntermMonitorings(MxclusterTuntermMonitoringArgs.builder()
.host("string")
.port(0)
.protocol("string")
.srcVlanId(0)
.timeout(0)
.build())
.build());
mxcluster_resource = junipermist.org.Mxcluster("mxclusterResource",
org_id="string",
tunterm_ap_subnets=["string"],
tunterm_hosts=["string"],
name="string",
mist_nac={
"acct_server_port": 0,
"auth_server_port": 0,
"client_ips": {
"string": {},
},
"enabled": False,
"secret": "string",
},
proxy={
"disabled": False,
"url": "string",
},
radsec={
"acct_servers": [{
"host": "string",
"port": 0,
"secret": "string",
"ssids": ["string"],
}],
"auth_servers": [{
"host": "string",
"inband_status_check": False,
"inband_status_interval": 0,
"keywrap_enabled": False,
"keywrap_format": "string",
"keywrap_kek": "string",
"keywrap_mack": "string",
"port": 0,
"retry": 0,
"secret": "string",
"ssids": ["string"],
"timeout": 0,
}],
"enabled": False,
"match_ssid": False,
"nas_ip_source": "string",
"proxy_hosts": ["string"],
"server_selection": "string",
"src_ip_source": "string",
},
mxedge_mgmt={
"config_auto_revert": False,
"fips_enabled": False,
"mist_password": "string",
"oob_ip_type": "string",
"oob_ip_type6": "string",
"root_password": "string",
},
tunterm_dhcpd_config={
"string": {
"enabled": False,
"servers": ["string"],
"type": "string",
},
},
site_id="string",
tunterm_extra_routes={
"string": {
"via": "string",
},
},
mist_das={
"coa_servers": [{
"disable_event_timestamp_check": False,
"enabled": False,
"host": "string",
"port": 0,
"require_message_authenticator": False,
"secret": "string",
}],
"enabled": False,
},
tunterm_hosts_orders=[0],
tunterm_hosts_selection="string",
tunterm_monitoring_disabled=False,
tunterm_monitorings=[[{
"host": "string",
"port": 0,
"protocol": "string",
"src_vlan_id": 0,
"timeout": 0,
}]])
const mxclusterResource = new junipermist.org.Mxcluster("mxclusterResource", {
orgId: "string",
tuntermApSubnets: ["string"],
tuntermHosts: ["string"],
name: "string",
mistNac: {
acctServerPort: 0,
authServerPort: 0,
clientIps: {
string: {},
},
enabled: false,
secret: "string",
},
proxy: {
disabled: false,
url: "string",
},
radsec: {
acctServers: [{
host: "string",
port: 0,
secret: "string",
ssids: ["string"],
}],
authServers: [{
host: "string",
inbandStatusCheck: false,
inbandStatusInterval: 0,
keywrapEnabled: false,
keywrapFormat: "string",
keywrapKek: "string",
keywrapMack: "string",
port: 0,
retry: 0,
secret: "string",
ssids: ["string"],
timeout: 0,
}],
enabled: false,
matchSsid: false,
nasIpSource: "string",
proxyHosts: ["string"],
serverSelection: "string",
srcIpSource: "string",
},
mxedgeMgmt: {
configAutoRevert: false,
fipsEnabled: false,
mistPassword: "string",
oobIpType: "string",
oobIpType6: "string",
rootPassword: "string",
},
tuntermDhcpdConfig: {
string: {
enabled: false,
servers: ["string"],
type: "string",
},
},
siteId: "string",
tuntermExtraRoutes: {
string: {
via: "string",
},
},
mistDas: {
coaServers: [{
disableEventTimestampCheck: false,
enabled: false,
host: "string",
port: 0,
requireMessageAuthenticator: false,
secret: "string",
}],
enabled: false,
},
tuntermHostsOrders: [0],
tuntermHostsSelection: "string",
tuntermMonitoringDisabled: false,
tuntermMonitorings: [[{
host: "string",
port: 0,
protocol: "string",
srcVlanId: 0,
timeout: 0,
}]],
});
type: junipermist:org:Mxcluster
properties:
mistDas:
coaServers:
- disableEventTimestampCheck: false
enabled: false
host: string
port: 0
requireMessageAuthenticator: false
secret: string
enabled: false
mistNac:
acctServerPort: 0
authServerPort: 0
clientIps:
string: {}
enabled: false
secret: string
mxedgeMgmt:
configAutoRevert: false
fipsEnabled: false
mistPassword: string
oobIpType: string
oobIpType6: string
rootPassword: string
name: string
orgId: string
proxy:
disabled: false
url: string
radsec:
acctServers:
- host: string
port: 0
secret: string
ssids:
- string
authServers:
- host: string
inbandStatusCheck: false
inbandStatusInterval: 0
keywrapEnabled: false
keywrapFormat: string
keywrapKek: string
keywrapMack: string
port: 0
retry: 0
secret: string
ssids:
- string
timeout: 0
enabled: false
matchSsid: false
nasIpSource: string
proxyHosts:
- string
serverSelection: string
srcIpSource: string
siteId: string
tuntermApSubnets:
- string
tuntermDhcpdConfig:
string:
enabled: false
servers:
- string
type: string
tuntermExtraRoutes:
string:
via: string
tuntermHosts:
- string
tuntermHostsOrders:
- 0
tuntermHostsSelection: string
tuntermMonitoringDisabled: false
tuntermMonitorings:
- - host: string
port: 0
protocol: string
srcVlanId: 0
timeout: 0
Mxcluster Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Mxcluster resource accepts the following input properties:
- Org
Id string - Mist
Das Pulumi.Juniper Mist. Org. Inputs. Mxcluster Mist Das - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- Mist
Nac Pulumi.Juniper Mist. Org. Inputs. Mxcluster Mist Nac - Mxedge
Mgmt Pulumi.Juniper Mist. Org. Inputs. Mxcluster Mxedge Mgmt - Name string
- Proxy
Pulumi.
Juniper Mist. Org. Inputs. Mxcluster Proxy - Proxy Configuration to talk to Mist
- Radsec
Pulumi.
Juniper Mist. Org. Inputs. Mxcluster Radsec - MxEdge RadSec Configuration
- Site
Id string - Tunterm
Ap List<string>Subnets - List of subnets where we allow AP to establish Mist Tunnels from
- Tunterm
Dhcpd Dictionary<string, Pulumi.Config Juniper Mist. Org. Inputs. Mxcluster Tunterm Dhcpd Config Args> - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- Tunterm
Extra Dictionary<string, Pulumi.Routes Juniper Mist. Org. Inputs. Mxcluster Tunterm Extra Routes Args> - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- Tunterm
Hosts List<string> - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- Tunterm
Hosts List<int>Orders - List of index of tunterm_hosts
- Tunterm
Hosts stringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- Tunterm
Monitoring boolDisabled - Tunterm
Monitorings List<ImmutableArray<Pulumi. Juniper Mist. Org. Inputs. Mxcluster Tunterm Monitoring>>
- Org
Id string - Mist
Das MxclusterMist Das Args - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- Mist
Nac MxclusterMist Nac Args - Mxedge
Mgmt MxclusterMxedge Mgmt Args - Name string
- Proxy
Mxcluster
Proxy Args - Proxy Configuration to talk to Mist
- Radsec
Mxcluster
Radsec Args - MxEdge RadSec Configuration
- Site
Id string - Tunterm
Ap []stringSubnets - List of subnets where we allow AP to establish Mist Tunnels from
- Tunterm
Dhcpd map[string]MxclusterConfig Tunterm Dhcpd Config Args - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- Tunterm
Extra map[string]MxclusterRoutes Tunterm Extra Routes Args - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- Tunterm
Hosts []string - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- Tunterm
Hosts []intOrders - List of index of tunterm_hosts
- Tunterm
Hosts stringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- Tunterm
Monitoring boolDisabled - Tunterm
Monitorings [][]MxclusterTunterm Monitoring Args
- org
Id String - mist
Das MxclusterMist Das - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- mist
Nac MxclusterMist Nac - mxedge
Mgmt MxclusterMxedge Mgmt - name String
- proxy
Mxcluster
Proxy - Proxy Configuration to talk to Mist
- radsec
Mxcluster
Radsec - MxEdge RadSec Configuration
- site
Id String - tunterm
Ap List<String>Subnets - List of subnets where we allow AP to establish Mist Tunnels from
- tunterm
Dhcpd Map<String,MxclusterConfig Tunterm Dhcpd Config Args> - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- tunterm
Extra Map<String,MxclusterRoutes Tunterm Extra Routes Args> - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- tunterm
Hosts List<String> - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- tunterm
Hosts List<Integer>Orders - List of index of tunterm_hosts
- tunterm
Hosts StringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- tunterm
Monitoring BooleanDisabled - tunterm
Monitorings List<List<MxclusterTunterm Monitoring>>
- org
Id string - mist
Das MxclusterMist Das - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- mist
Nac MxclusterMist Nac - mxedge
Mgmt MxclusterMxedge Mgmt - name string
- proxy
Mxcluster
Proxy - Proxy Configuration to talk to Mist
- radsec
Mxcluster
Radsec - MxEdge RadSec Configuration
- site
Id string - tunterm
Ap string[]Subnets - List of subnets where we allow AP to establish Mist Tunnels from
- tunterm
Dhcpd {[key: string]: MxclusterConfig Tunterm Dhcpd Config Args} - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- tunterm
Extra {[key: string]: MxclusterRoutes Tunterm Extra Routes Args} - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- tunterm
Hosts string[] - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- tunterm
Hosts number[]Orders - List of index of tunterm_hosts
- tunterm
Hosts stringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- tunterm
Monitoring booleanDisabled - tunterm
Monitorings MxclusterTunterm Monitoring[][]
- org_
id str - mist_
das MxclusterMist Das Args - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- mist_
nac MxclusterMist Nac Args - mxedge_
mgmt MxclusterMxedge Mgmt Args - name str
- proxy
Mxcluster
Proxy Args - Proxy Configuration to talk to Mist
- radsec
Mxcluster
Radsec Args - MxEdge RadSec Configuration
- site_
id str - tunterm_
ap_ Sequence[str]subnets - List of subnets where we allow AP to establish Mist Tunnels from
- tunterm_
dhcpd_ Mapping[str, Mxclusterconfig Tunterm Dhcpd Config Args] - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- tunterm_
extra_ Mapping[str, Mxclusterroutes Tunterm Extra Routes Args] - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- tunterm_
hosts Sequence[str] - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- tunterm_
hosts_ Sequence[int]orders - List of index of tunterm_hosts
- tunterm_
hosts_ strselection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- tunterm_
monitoring_ booldisabled - tunterm_
monitorings Sequence[Sequence[MxclusterTunterm Monitoring Args]]
- org
Id String - mist
Das Property Map - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- mist
Nac Property Map - mxedge
Mgmt Property Map - name String
- proxy Property Map
- Proxy Configuration to talk to Mist
- radsec Property Map
- MxEdge RadSec Configuration
- site
Id String - tunterm
Ap List<String>Subnets - List of subnets where we allow AP to establish Mist Tunnels from
- tunterm
Dhcpd Map<Property Map>Config - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- tunterm
Extra Map<Property Map>Routes - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- tunterm
Hosts List<String> - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- tunterm
Hosts List<Number>Orders - List of index of tunterm_hosts
- tunterm
Hosts StringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- tunterm
Monitoring BooleanDisabled - tunterm
Monitorings List<List<Property Map>>
Outputs
All input properties are implicitly available as output properties. Additionally, the Mxcluster resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Radsec
Tls Pulumi.Juniper Mist. Org. Outputs. Mxcluster Radsec Tls
- Id string
- The provider-assigned unique ID for this managed resource.
- Radsec
Tls MxclusterRadsec Tls
- id String
- The provider-assigned unique ID for this managed resource.
- radsec
Tls MxclusterRadsec Tls
- id string
- The provider-assigned unique ID for this managed resource.
- radsec
Tls MxclusterRadsec Tls
- id str
- The provider-assigned unique ID for this managed resource.
- radsec_
tls MxclusterRadsec Tls
- id String
- The provider-assigned unique ID for this managed resource.
- radsec
Tls Property Map
Look up Existing Mxcluster Resource
Get an existing Mxcluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: MxclusterState, opts?: CustomResourceOptions): Mxcluster@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
mist_das: Optional[MxclusterMistDasArgs] = None,
mist_nac: Optional[MxclusterMistNacArgs] = None,
mxedge_mgmt: Optional[MxclusterMxedgeMgmtArgs] = None,
name: Optional[str] = None,
org_id: Optional[str] = None,
proxy: Optional[MxclusterProxyArgs] = None,
radsec: Optional[MxclusterRadsecArgs] = None,
radsec_tls: Optional[MxclusterRadsecTlsArgs] = None,
site_id: Optional[str] = None,
tunterm_ap_subnets: Optional[Sequence[str]] = None,
tunterm_dhcpd_config: Optional[Mapping[str, MxclusterTuntermDhcpdConfigArgs]] = None,
tunterm_extra_routes: Optional[Mapping[str, MxclusterTuntermExtraRoutesArgs]] = None,
tunterm_hosts: Optional[Sequence[str]] = None,
tunterm_hosts_orders: Optional[Sequence[int]] = None,
tunterm_hosts_selection: Optional[str] = None,
tunterm_monitoring_disabled: Optional[bool] = None,
tunterm_monitorings: Optional[Sequence[Sequence[MxclusterTuntermMonitoringArgs]]] = None) -> Mxclusterfunc GetMxcluster(ctx *Context, name string, id IDInput, state *MxclusterState, opts ...ResourceOption) (*Mxcluster, error)public static Mxcluster Get(string name, Input<string> id, MxclusterState? state, CustomResourceOptions? opts = null)public static Mxcluster get(String name, Output<String> id, MxclusterState state, CustomResourceOptions options)resources: _: type: junipermist:org:Mxcluster get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Mist
Das Pulumi.Juniper Mist. Org. Inputs. Mxcluster Mist Das - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- Mist
Nac Pulumi.Juniper Mist. Org. Inputs. Mxcluster Mist Nac - Mxedge
Mgmt Pulumi.Juniper Mist. Org. Inputs. Mxcluster Mxedge Mgmt - Name string
- Org
Id string - Proxy
Pulumi.
Juniper Mist. Org. Inputs. Mxcluster Proxy - Proxy Configuration to talk to Mist
- Radsec
Pulumi.
Juniper Mist. Org. Inputs. Mxcluster Radsec - MxEdge RadSec Configuration
- Radsec
Tls Pulumi.Juniper Mist. Org. Inputs. Mxcluster Radsec Tls - Site
Id string - Tunterm
Ap List<string>Subnets - List of subnets where we allow AP to establish Mist Tunnels from
- Tunterm
Dhcpd Dictionary<string, Pulumi.Config Juniper Mist. Org. Inputs. Mxcluster Tunterm Dhcpd Config Args> - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- Tunterm
Extra Dictionary<string, Pulumi.Routes Juniper Mist. Org. Inputs. Mxcluster Tunterm Extra Routes Args> - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- Tunterm
Hosts List<string> - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- Tunterm
Hosts List<int>Orders - List of index of tunterm_hosts
- Tunterm
Hosts stringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- Tunterm
Monitoring boolDisabled - Tunterm
Monitorings List<ImmutableArray<Pulumi. Juniper Mist. Org. Inputs. Mxcluster Tunterm Monitoring>>
- Mist
Das MxclusterMist Das Args - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- Mist
Nac MxclusterMist Nac Args - Mxedge
Mgmt MxclusterMxedge Mgmt Args - Name string
- Org
Id string - Proxy
Mxcluster
Proxy Args - Proxy Configuration to talk to Mist
- Radsec
Mxcluster
Radsec Args - MxEdge RadSec Configuration
- Radsec
Tls MxclusterRadsec Tls Args - Site
Id string - Tunterm
Ap []stringSubnets - List of subnets where we allow AP to establish Mist Tunnels from
- Tunterm
Dhcpd map[string]MxclusterConfig Tunterm Dhcpd Config Args - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- Tunterm
Extra map[string]MxclusterRoutes Tunterm Extra Routes Args - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- Tunterm
Hosts []string - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- Tunterm
Hosts []intOrders - List of index of tunterm_hosts
- Tunterm
Hosts stringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- Tunterm
Monitoring boolDisabled - Tunterm
Monitorings [][]MxclusterTunterm Monitoring Args
- mist
Das MxclusterMist Das - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- mist
Nac MxclusterMist Nac - mxedge
Mgmt MxclusterMxedge Mgmt - name String
- org
Id String - proxy
Mxcluster
Proxy - Proxy Configuration to talk to Mist
- radsec
Mxcluster
Radsec - MxEdge RadSec Configuration
- radsec
Tls MxclusterRadsec Tls - site
Id String - tunterm
Ap List<String>Subnets - List of subnets where we allow AP to establish Mist Tunnels from
- tunterm
Dhcpd Map<String,MxclusterConfig Tunterm Dhcpd Config Args> - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- tunterm
Extra Map<String,MxclusterRoutes Tunterm Extra Routes Args> - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- tunterm
Hosts List<String> - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- tunterm
Hosts List<Integer>Orders - List of index of tunterm_hosts
- tunterm
Hosts StringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- tunterm
Monitoring BooleanDisabled - tunterm
Monitorings List<List<MxclusterTunterm Monitoring>>
- mist
Das MxclusterMist Das - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- mist
Nac MxclusterMist Nac - mxedge
Mgmt MxclusterMxedge Mgmt - name string
- org
Id string - proxy
Mxcluster
Proxy - Proxy Configuration to talk to Mist
- radsec
Mxcluster
Radsec - MxEdge RadSec Configuration
- radsec
Tls MxclusterRadsec Tls - site
Id string - tunterm
Ap string[]Subnets - List of subnets where we allow AP to establish Mist Tunnels from
- tunterm
Dhcpd {[key: string]: MxclusterConfig Tunterm Dhcpd Config Args} - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- tunterm
Extra {[key: string]: MxclusterRoutes Tunterm Extra Routes Args} - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- tunterm
Hosts string[] - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- tunterm
Hosts number[]Orders - List of index of tunterm_hosts
- tunterm
Hosts stringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- tunterm
Monitoring booleanDisabled - tunterm
Monitorings MxclusterTunterm Monitoring[][]
- mist_
das MxclusterMist Das Args - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- mist_
nac MxclusterMist Nac Args - mxedge_
mgmt MxclusterMxedge Mgmt Args - name str
- org_
id str - proxy
Mxcluster
Proxy Args - Proxy Configuration to talk to Mist
- radsec
Mxcluster
Radsec Args - MxEdge RadSec Configuration
- radsec_
tls MxclusterRadsec Tls Args - site_
id str - tunterm_
ap_ Sequence[str]subnets - List of subnets where we allow AP to establish Mist Tunnels from
- tunterm_
dhcpd_ Mapping[str, Mxclusterconfig Tunterm Dhcpd Config Args] - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- tunterm_
extra_ Mapping[str, Mxclusterroutes Tunterm Extra Routes Args] - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- tunterm_
hosts Sequence[str] - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- tunterm_
hosts_ Sequence[int]orders - List of index of tunterm_hosts
- tunterm_
hosts_ strselection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- tunterm_
monitoring_ booldisabled - tunterm_
monitorings Sequence[Sequence[MxclusterTunterm Monitoring Args]]
- mist
Das Property Map - Configure cloud-assisted dynamic authorization service on this cluster of mist edges
- mist
Nac Property Map - mxedge
Mgmt Property Map - name String
- org
Id String - proxy Property Map
- Proxy Configuration to talk to Mist
- radsec Property Map
- MxEdge RadSec Configuration
- radsec
Tls Property Map - site
Id String - tunterm
Ap List<String>Subnets - List of subnets where we allow AP to establish Mist Tunnels from
- tunterm
Dhcpd Map<Property Map>Config - DHCP server/relay configuration of Mist Tunneled VLANs. Property key is the VLAN ID
- tunterm
Extra Map<Property Map>Routes - Extra routes for Mist Tunneled VLANs. Property key is a CIDR
- tunterm
Hosts List<String> - Hostnames or IPs where a Mist Tunnel will use as the Peer (i.e. they are reachable from AP)
- tunterm
Hosts List<Number>Orders - List of index of tunterm_hosts
- tunterm
Hosts StringSelection - Ordering of tuntermHosts for mxedge within the same mxcluster. enum:
shuffle: the ordering of tuntermHosts is randomized by the device''s MACshuffle-by-site: shuffle by site_id+tunnel_id (so when client connects to a specific Tunnel, it will go to the same (order of) mxedge, and we load-balancing between tunnels)ordered: order decided by tunterm_hosts_order
- tunterm
Monitoring BooleanDisabled - tunterm
Monitorings List<List<Property Map>>
Supporting Types
MxclusterMistDas, MxclusterMistDasArgs
- Coa
Servers List<Pulumi.Juniper Mist. Org. Inputs. Mxcluster Mist Das Coa Server> - Dynamic authorization clients configured to send CoA|DM to mist edges on port 3799
- Enabled bool
- Coa
Servers []MxclusterMist Das Coa Server - Dynamic authorization clients configured to send CoA|DM to mist edges on port 3799
- Enabled bool
- coa
Servers List<MxclusterMist Das Coa Server> - Dynamic authorization clients configured to send CoA|DM to mist edges on port 3799
- enabled Boolean
- coa
Servers MxclusterMist Das Coa Server[] - Dynamic authorization clients configured to send CoA|DM to mist edges on port 3799
- enabled boolean
- coa_
servers Sequence[MxclusterMist Das Coa Server] - Dynamic authorization clients configured to send CoA|DM to mist edges on port 3799
- enabled bool
- coa
Servers List<Property Map> - Dynamic authorization clients configured to send CoA|DM to mist edges on port 3799
- enabled Boolean
MxclusterMistDasCoaServer, MxclusterMistDasCoaServerArgs
- Disable
Event boolTimestamp Check - Whether to disable Event-Timestamp Check
- Enabled bool
- Host string
- This server configured to send CoA|DM to mist edges
- Port int
- Mist edges will allow this host on this port
- Require
Message boolAuthenticator - Whether to require Message-Authenticator in requests
- Secret string
- Disable
Event boolTimestamp Check - Whether to disable Event-Timestamp Check
- Enabled bool
- Host string
- This server configured to send CoA|DM to mist edges
- Port int
- Mist edges will allow this host on this port
- Require
Message boolAuthenticator - Whether to require Message-Authenticator in requests
- Secret string
- disable
Event BooleanTimestamp Check - Whether to disable Event-Timestamp Check
- enabled Boolean
- host String
- This server configured to send CoA|DM to mist edges
- port Integer
- Mist edges will allow this host on this port
- require
Message BooleanAuthenticator - Whether to require Message-Authenticator in requests
- secret String
- disable
Event booleanTimestamp Check - Whether to disable Event-Timestamp Check
- enabled boolean
- host string
- This server configured to send CoA|DM to mist edges
- port number
- Mist edges will allow this host on this port
- require
Message booleanAuthenticator - Whether to require Message-Authenticator in requests
- secret string
- disable_
event_ booltimestamp_ check - Whether to disable Event-Timestamp Check
- enabled bool
- host str
- This server configured to send CoA|DM to mist edges
- port int
- Mist edges will allow this host on this port
- require_
message_ boolauthenticator - Whether to require Message-Authenticator in requests
- secret str
- disable
Event BooleanTimestamp Check - Whether to disable Event-Timestamp Check
- enabled Boolean
- host String
- This server configured to send CoA|DM to mist edges
- port Number
- Mist edges will allow this host on this port
- require
Message BooleanAuthenticator - Whether to require Message-Authenticator in requests
- secret String
MxclusterMistNac, MxclusterMistNacArgs
- Acct
Server intPort - Auth
Server intPort - Client
Ips Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Mxcluster Mist Nac Client Ips> - Property key is the RADIUS Client IP/Subnet.
- Enabled bool
- Secret string
- Acct
Server intPort - Auth
Server intPort - Client
Ips map[string]MxclusterMist Nac Client Ips - Property key is the RADIUS Client IP/Subnet.
- Enabled bool
- Secret string
- acct
Server IntegerPort - auth
Server IntegerPort - client
Ips Map<String,MxclusterMist Nac Client Ips> - Property key is the RADIUS Client IP/Subnet.
- enabled Boolean
- secret String
- acct
Server numberPort - auth
Server numberPort - client
Ips {[key: string]: MxclusterMist Nac Client Ips} - Property key is the RADIUS Client IP/Subnet.
- enabled boolean
- secret string
- acct_
server_ intport - auth_
server_ intport - client_
ips Mapping[str, MxclusterMist Nac Client Ips] - Property key is the RADIUS Client IP/Subnet.
- enabled bool
- secret str
- acct
Server NumberPort - auth
Server NumberPort - client
Ips Map<Property Map> - Property key is the RADIUS Client IP/Subnet.
- enabled Boolean
- secret String
MxclusterMxedgeMgmt, MxclusterMxedgeMgmtArgs
- Config
Auto boolRevert - Fips
Enabled bool - Mist
Password string - Oob
Ip stringType - enum:
dhcp,disabled,static - Oob
Ip stringType6 - enum:
autoconf,dhcp,disabled,static - Root
Password string
- Config
Auto boolRevert - Fips
Enabled bool - Mist
Password string - Oob
Ip stringType - enum:
dhcp,disabled,static - Oob
Ip stringType6 - enum:
autoconf,dhcp,disabled,static - Root
Password string
- config
Auto BooleanRevert - fips
Enabled Boolean - mist
Password String - oob
Ip StringType - enum:
dhcp,disabled,static - oob
Ip StringType6 - enum:
autoconf,dhcp,disabled,static - root
Password String
- config
Auto booleanRevert - fips
Enabled boolean - mist
Password string - oob
Ip stringType - enum:
dhcp,disabled,static - oob
Ip stringType6 - enum:
autoconf,dhcp,disabled,static - root
Password string
- config_
auto_ boolrevert - fips_
enabled bool - mist_
password str - oob_
ip_ strtype - enum:
dhcp,disabled,static - oob_
ip_ strtype6 - enum:
autoconf,dhcp,disabled,static - root_
password str
- config
Auto BooleanRevert - fips
Enabled Boolean - mist
Password String - oob
Ip StringType - enum:
dhcp,disabled,static - oob
Ip StringType6 - enum:
autoconf,dhcp,disabled,static - root
Password String
MxclusterProxy, MxclusterProxyArgs
MxclusterRadsec, MxclusterRadsecArgs
- Acct
Servers List<Pulumi.Juniper Mist. Org. Inputs. Mxcluster Radsec Acct Server> - List of RADIUS accounting servers, optional, order matters where the first one is treated as primary
- Auth
Servers List<Pulumi.Juniper Mist. Org. Inputs. Mxcluster Radsec Auth Server> - List of RADIUS authentication servers, order matters where the first one is treated as primary
- Enabled bool
- Whether to enable service on Mist Edge i.e. RADIUS proxy over TLS
- Match
Ssid bool - Whether to match ssid in request message to select from a subset of RADIUS servers
- Nas
Ip stringSource - SSpecify NAS-IP-ADDRESS, NAS-IPv6-ADDRESS to use with auth_servers. enum:
any,oob,oob6,tunnel,tunnel6 - Proxy
Hosts List<string> - Hostnames or IPs for Mist AP to use as the TLS Server (i.e. they are reachable from AP) in addition to
tuntermHosts - Server
Selection string - When ordered, Mist Edge will prefer and go back to the first radius server if possible. enum:
ordered,unordered - Src
Ip stringSource - Specify IP address to connect to authServers and acct_servers. enum:
any,oob,oob6,tunnel,tunnel6
- Acct
Servers []MxclusterRadsec Acct Server - List of RADIUS accounting servers, optional, order matters where the first one is treated as primary
- Auth
Servers []MxclusterRadsec Auth Server - List of RADIUS authentication servers, order matters where the first one is treated as primary
- Enabled bool
- Whether to enable service on Mist Edge i.e. RADIUS proxy over TLS
- Match
Ssid bool - Whether to match ssid in request message to select from a subset of RADIUS servers
- Nas
Ip stringSource - SSpecify NAS-IP-ADDRESS, NAS-IPv6-ADDRESS to use with auth_servers. enum:
any,oob,oob6,tunnel,tunnel6 - Proxy
Hosts []string - Hostnames or IPs for Mist AP to use as the TLS Server (i.e. they are reachable from AP) in addition to
tuntermHosts - Server
Selection string - When ordered, Mist Edge will prefer and go back to the first radius server if possible. enum:
ordered,unordered - Src
Ip stringSource - Specify IP address to connect to authServers and acct_servers. enum:
any,oob,oob6,tunnel,tunnel6
- acct
Servers List<MxclusterRadsec Acct Server> - List of RADIUS accounting servers, optional, order matters where the first one is treated as primary
- auth
Servers List<MxclusterRadsec Auth Server> - List of RADIUS authentication servers, order matters where the first one is treated as primary
- enabled Boolean
- Whether to enable service on Mist Edge i.e. RADIUS proxy over TLS
- match
Ssid Boolean - Whether to match ssid in request message to select from a subset of RADIUS servers
- nas
Ip StringSource - SSpecify NAS-IP-ADDRESS, NAS-IPv6-ADDRESS to use with auth_servers. enum:
any,oob,oob6,tunnel,tunnel6 - proxy
Hosts List<String> - Hostnames or IPs for Mist AP to use as the TLS Server (i.e. they are reachable from AP) in addition to
tuntermHosts - server
Selection String - When ordered, Mist Edge will prefer and go back to the first radius server if possible. enum:
ordered,unordered - src
Ip StringSource - Specify IP address to connect to authServers and acct_servers. enum:
any,oob,oob6,tunnel,tunnel6
- acct
Servers MxclusterRadsec Acct Server[] - List of RADIUS accounting servers, optional, order matters where the first one is treated as primary
- auth
Servers MxclusterRadsec Auth Server[] - List of RADIUS authentication servers, order matters where the first one is treated as primary
- enabled boolean
- Whether to enable service on Mist Edge i.e. RADIUS proxy over TLS
- match
Ssid boolean - Whether to match ssid in request message to select from a subset of RADIUS servers
- nas
Ip stringSource - SSpecify NAS-IP-ADDRESS, NAS-IPv6-ADDRESS to use with auth_servers. enum:
any,oob,oob6,tunnel,tunnel6 - proxy
Hosts string[] - Hostnames or IPs for Mist AP to use as the TLS Server (i.e. they are reachable from AP) in addition to
tuntermHosts - server
Selection string - When ordered, Mist Edge will prefer and go back to the first radius server if possible. enum:
ordered,unordered - src
Ip stringSource - Specify IP address to connect to authServers and acct_servers. enum:
any,oob,oob6,tunnel,tunnel6
- acct_
servers Sequence[MxclusterRadsec Acct Server] - List of RADIUS accounting servers, optional, order matters where the first one is treated as primary
- auth_
servers Sequence[MxclusterRadsec Auth Server] - List of RADIUS authentication servers, order matters where the first one is treated as primary
- enabled bool
- Whether to enable service on Mist Edge i.e. RADIUS proxy over TLS
- match_
ssid bool - Whether to match ssid in request message to select from a subset of RADIUS servers
- nas_
ip_ strsource - SSpecify NAS-IP-ADDRESS, NAS-IPv6-ADDRESS to use with auth_servers. enum:
any,oob,oob6,tunnel,tunnel6 - proxy_
hosts Sequence[str] - Hostnames or IPs for Mist AP to use as the TLS Server (i.e. they are reachable from AP) in addition to
tuntermHosts - server_
selection str - When ordered, Mist Edge will prefer and go back to the first radius server if possible. enum:
ordered,unordered - src_
ip_ strsource - Specify IP address to connect to authServers and acct_servers. enum:
any,oob,oob6,tunnel,tunnel6
- acct
Servers List<Property Map> - List of RADIUS accounting servers, optional, order matters where the first one is treated as primary
- auth
Servers List<Property Map> - List of RADIUS authentication servers, order matters where the first one is treated as primary
- enabled Boolean
- Whether to enable service on Mist Edge i.e. RADIUS proxy over TLS
- match
Ssid Boolean - Whether to match ssid in request message to select from a subset of RADIUS servers
- nas
Ip StringSource - SSpecify NAS-IP-ADDRESS, NAS-IPv6-ADDRESS to use with auth_servers. enum:
any,oob,oob6,tunnel,tunnel6 - proxy
Hosts List<String> - Hostnames or IPs for Mist AP to use as the TLS Server (i.e. they are reachable from AP) in addition to
tuntermHosts - server
Selection String - When ordered, Mist Edge will prefer and go back to the first radius server if possible. enum:
ordered,unordered - src
Ip StringSource - Specify IP address to connect to authServers and acct_servers. enum:
any,oob,oob6,tunnel,tunnel6
MxclusterRadsecAcctServer, MxclusterRadsecAcctServerArgs
MxclusterRadsecAuthServer, MxclusterRadsecAuthServerArgs
- Host string
- IP / hostname of RADIUS server
- Inband
Status boolCheck - Whether to enable inband status check
- Inband
Status intInterval - Inband status interval, in seconds
- Keywrap
Enabled bool - If used for Mist APs, enable keywrap algorithm. Default is false
- Keywrap
Format string - if used for Mist APs. enum:
ascii,hex - Keywrap
Kek string - If used for Mist APs, encryption key
- Keywrap
Mack string - If used for Mist APs, Message Authentication Code Key
- Port int
- Auth port of RADIUS server
- Retry int
- Authentication request retry
- Secret string
- Secret of RADIUS server
- Ssids List<string>
- List of ssids that will use this server if matchSsid is true and match is found
- Timeout int
- Authentication request timeout, in seconds
- Host string
- IP / hostname of RADIUS server
- Inband
Status boolCheck - Whether to enable inband status check
- Inband
Status intInterval - Inband status interval, in seconds
- Keywrap
Enabled bool - If used for Mist APs, enable keywrap algorithm. Default is false
- Keywrap
Format string - if used for Mist APs. enum:
ascii,hex - Keywrap
Kek string - If used for Mist APs, encryption key
- Keywrap
Mack string - If used for Mist APs, Message Authentication Code Key
- Port int
- Auth port of RADIUS server
- Retry int
- Authentication request retry
- Secret string
- Secret of RADIUS server
- Ssids []string
- List of ssids that will use this server if matchSsid is true and match is found
- Timeout int
- Authentication request timeout, in seconds
- host String
- IP / hostname of RADIUS server
- inband
Status BooleanCheck - Whether to enable inband status check
- inband
Status IntegerInterval - Inband status interval, in seconds
- keywrap
Enabled Boolean - If used for Mist APs, enable keywrap algorithm. Default is false
- keywrap
Format String - if used for Mist APs. enum:
ascii,hex - keywrap
Kek String - If used for Mist APs, encryption key
- keywrap
Mack String - If used for Mist APs, Message Authentication Code Key
- port Integer
- Auth port of RADIUS server
- retry Integer
- Authentication request retry
- secret String
- Secret of RADIUS server
- ssids List<String>
- List of ssids that will use this server if matchSsid is true and match is found
- timeout Integer
- Authentication request timeout, in seconds
- host string
- IP / hostname of RADIUS server
- inband
Status booleanCheck - Whether to enable inband status check
- inband
Status numberInterval - Inband status interval, in seconds
- keywrap
Enabled boolean - If used for Mist APs, enable keywrap algorithm. Default is false
- keywrap
Format string - if used for Mist APs. enum:
ascii,hex - keywrap
Kek string - If used for Mist APs, encryption key
- keywrap
Mack string - If used for Mist APs, Message Authentication Code Key
- port number
- Auth port of RADIUS server
- retry number
- Authentication request retry
- secret string
- Secret of RADIUS server
- ssids string[]
- List of ssids that will use this server if matchSsid is true and match is found
- timeout number
- Authentication request timeout, in seconds
- host str
- IP / hostname of RADIUS server
- inband_
status_ boolcheck - Whether to enable inband status check
- inband_
status_ intinterval - Inband status interval, in seconds
- keywrap_
enabled bool - If used for Mist APs, enable keywrap algorithm. Default is false
- keywrap_
format str - if used for Mist APs. enum:
ascii,hex - keywrap_
kek str - If used for Mist APs, encryption key
- keywrap_
mack str - If used for Mist APs, Message Authentication Code Key
- port int
- Auth port of RADIUS server
- retry int
- Authentication request retry
- secret str
- Secret of RADIUS server
- ssids Sequence[str]
- List of ssids that will use this server if matchSsid is true and match is found
- timeout int
- Authentication request timeout, in seconds
- host String
- IP / hostname of RADIUS server
- inband
Status BooleanCheck - Whether to enable inband status check
- inband
Status NumberInterval - Inband status interval, in seconds
- keywrap
Enabled Boolean - If used for Mist APs, enable keywrap algorithm. Default is false
- keywrap
Format String - if used for Mist APs. enum:
ascii,hex - keywrap
Kek String - If used for Mist APs, encryption key
- keywrap
Mack String - If used for Mist APs, Message Authentication Code Key
- port Number
- Auth port of RADIUS server
- retry Number
- Authentication request retry
- secret String
- Secret of RADIUS server
- ssids List<String>
- List of ssids that will use this server if matchSsid is true and match is found
- timeout Number
- Authentication request timeout, in seconds
MxclusterRadsecTls, MxclusterRadsecTlsArgs
- Keypair string
- Keypair string
- keypair String
- keypair string
- keypair str
- keypair String
MxclusterTuntermDhcpdConfig, MxclusterTuntermDhcpdConfigArgs
MxclusterTuntermExtraRoutes, MxclusterTuntermExtraRoutesArgs
- Via string
- Via string
- via String
- via string
- via str
- via String
MxclusterTuntermMonitoring, MxclusterTuntermMonitoringArgs
- host str
- port int
- protocol str
- src_
vlan_ intid - timeout int
Import
Using pulumi import, import junipermist.org.Mxcluster with:
Mist Org MxCluster can be imported by specifying the orgId and the mxclusterId
$ pulumi import junipermist:org/mxcluster:Mxcluster cluster_one 17f90707-aebe-4274-af42-f42952a665a3.387804a7-3474-85ce-15a2-f9a9684c9c90
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- junipermist pulumi/pulumi-junipermist
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
mistTerraform Provider.
Viewing docs for Juniper Mist v0.8.1
published on Thursday, Apr 2, 2026 by Pulumi
published on Thursday, Apr 2, 2026 by Pulumi
