Viewing docs for Nutanix v0.16.0
published on Tuesday, May 26, 2026 by Piers Karsenbarg
published on Tuesday, May 26, 2026 by Piers Karsenbarg
Viewing docs for Nutanix v0.16.0
published on Tuesday, May 26, 2026 by Piers Karsenbarg
published on Tuesday, May 26, 2026 by Piers Karsenbarg
Create a Network Security Policy
Example
import * as pulumi from "@pulumi/pulumi";
import * as nutanix from "@pierskarsenbarg/nutanix";
// Network Security Policy TWO_ENV_ISOLATION Rule
const isolation_nsp = new nutanix.NetworkSecurityPolicyV2("isolation-nsp", {
name: "isolation_policy",
description: "isolation policy example",
state: "SAVE",
type: "ISOLATION",
rules: [{
type: "TWO_ENV_ISOLATION",
specs: [{
twoEnvIsolationRuleSpecs: [{
firstIsolationGroups: ["ba250e3e-1db1-4950-917f-a9e2ea35b8e3"],
secondIsolationGroups: ["ab520e1d-4950-1db1-917f-a9e2ea35b8e3"],
}],
}],
}],
isHitlogEnabled: true,
});
// Network Security Policy with GLOBAL scope (VMs resolved by category across all VPCs)
const global_nsp = new nutanix.NetworkSecurityPolicyV2("global-nsp", {
name: "my-global-policy",
description: "Application policy with global scope",
state: "SAVE",
type: "APPLICATION",
scope: "GLOBAL",
rules: [{
type: "APPLICATION",
specs: [{
applicationRuleSpecs: [{
securedGroupCategoryReferences: [example.id],
serviceGroupReferences: [exampleNutanixServiceGroupsV2.id],
srcAddressGroupReferences: [exampleNutanixAddressGroupsV2.id],
}],
}],
}],
});
import pulumi
import pulumi_nutanix as nutanix
# Network Security Policy TWO_ENV_ISOLATION Rule
isolation_nsp = nutanix.NetworkSecurityPolicyV2("isolation-nsp",
name="isolation_policy",
description="isolation policy example",
state="SAVE",
type="ISOLATION",
rules=[{
"type": "TWO_ENV_ISOLATION",
"specs": [{
"two_env_isolation_rule_specs": [{
"first_isolation_groups": ["ba250e3e-1db1-4950-917f-a9e2ea35b8e3"],
"second_isolation_groups": ["ab520e1d-4950-1db1-917f-a9e2ea35b8e3"],
}],
}],
}],
is_hitlog_enabled=True)
# Network Security Policy with GLOBAL scope (VMs resolved by category across all VPCs)
global_nsp = nutanix.NetworkSecurityPolicyV2("global-nsp",
name="my-global-policy",
description="Application policy with global scope",
state="SAVE",
type="APPLICATION",
scope="GLOBAL",
rules=[{
"type": "APPLICATION",
"specs": [{
"application_rule_specs": [{
"secured_group_category_references": [example["id"]],
"service_group_references": [example_nutanix_service_groups_v2["id"]],
"src_address_group_references": [example_nutanix_address_groups_v2["id"]],
}],
}],
}])
package main
import (
"github.com/pierskarsenbarg/pulumi-nutanix/sdk/go/nutanix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Network Security Policy TWO_ENV_ISOLATION Rule
_, err := nutanix.NewNetworkSecurityPolicyV2(ctx, "isolation-nsp", &nutanix.NetworkSecurityPolicyV2Args{
Name: pulumi.String("isolation_policy"),
Description: pulumi.String("isolation policy example"),
State: pulumi.String("SAVE"),
Type: pulumi.String("ISOLATION"),
Rules: nutanix.NetworkSecurityPolicyV2RuleArray{
&nutanix.NetworkSecurityPolicyV2RuleArgs{
Type: pulumi.String("TWO_ENV_ISOLATION"),
Specs: nutanix.NetworkSecurityPolicyV2RuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecArgs{
TwoEnvIsolationRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs{
FirstIsolationGroups: pulumi.StringArray{
pulumi.String("ba250e3e-1db1-4950-917f-a9e2ea35b8e3"),
},
SecondIsolationGroups: pulumi.StringArray{
pulumi.String("ab520e1d-4950-1db1-917f-a9e2ea35b8e3"),
},
},
},
},
},
},
},
IsHitlogEnabled: pulumi.Bool(true),
})
if err != nil {
return err
}
// Network Security Policy with GLOBAL scope (VMs resolved by category across all VPCs)
_, err = nutanix.NewNetworkSecurityPolicyV2(ctx, "global-nsp", &nutanix.NetworkSecurityPolicyV2Args{
Name: pulumi.String("my-global-policy"),
Description: pulumi.String("Application policy with global scope"),
State: pulumi.String("SAVE"),
Type: pulumi.String("APPLICATION"),
Scope: pulumi.String("GLOBAL"),
Rules: nutanix.NetworkSecurityPolicyV2RuleArray{
&nutanix.NetworkSecurityPolicyV2RuleArgs{
Type: pulumi.String("APPLICATION"),
Specs: nutanix.NetworkSecurityPolicyV2RuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecArgs{
ApplicationRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs{
SecuredGroupCategoryReferences: pulumi.StringArray{
example.Id,
},
ServiceGroupReferences: pulumi.StringArray{
exampleNutanixServiceGroupsV2.Id,
},
SrcAddressGroupReferences: pulumi.StringArray{
exampleNutanixAddressGroupsV2.Id,
},
},
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nutanix = PiersKarsenbarg.Nutanix;
return await Deployment.RunAsync(() =>
{
// Network Security Policy TWO_ENV_ISOLATION Rule
var isolation_nsp = new Nutanix.NetworkSecurityPolicyV2("isolation-nsp", new()
{
Name = "isolation_policy",
Description = "isolation policy example",
State = "SAVE",
Type = "ISOLATION",
Rules = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleArgs
{
Type = "TWO_ENV_ISOLATION",
Specs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecArgs
{
TwoEnvIsolationRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs
{
FirstIsolationGroups = new[]
{
"ba250e3e-1db1-4950-917f-a9e2ea35b8e3",
},
SecondIsolationGroups = new[]
{
"ab520e1d-4950-1db1-917f-a9e2ea35b8e3",
},
},
},
},
},
},
},
IsHitlogEnabled = true,
});
// Network Security Policy with GLOBAL scope (VMs resolved by category across all VPCs)
var global_nsp = new Nutanix.NetworkSecurityPolicyV2("global-nsp", new()
{
Name = "my-global-policy",
Description = "Application policy with global scope",
State = "SAVE",
Type = "APPLICATION",
Scope = "GLOBAL",
Rules = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleArgs
{
Type = "APPLICATION",
Specs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecArgs
{
ApplicationRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs
{
SecuredGroupCategoryReferences = new[]
{
example.Id,
},
ServiceGroupReferences = new[]
{
exampleNutanixServiceGroupsV2.Id,
},
SrcAddressGroupReferences = new[]
{
exampleNutanixAddressGroupsV2.Id,
},
},
},
},
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nutanix.NetworkSecurityPolicyV2;
import com.pulumi.nutanix.NetworkSecurityPolicyV2Args;
import com.pulumi.nutanix.inputs.NetworkSecurityPolicyV2RuleArgs;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Network Security Policy TWO_ENV_ISOLATION Rule
var isolation_nsp = new NetworkSecurityPolicyV2("isolation-nsp", NetworkSecurityPolicyV2Args.builder()
.name("isolation_policy")
.description("isolation policy example")
.state("SAVE")
.type("ISOLATION")
.rules(NetworkSecurityPolicyV2RuleArgs.builder()
.type("TWO_ENV_ISOLATION")
.specs(NetworkSecurityPolicyV2RuleSpecArgs.builder()
.twoEnvIsolationRuleSpecs(NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs.builder()
.firstIsolationGroups("ba250e3e-1db1-4950-917f-a9e2ea35b8e3")
.secondIsolationGroups("ab520e1d-4950-1db1-917f-a9e2ea35b8e3")
.build())
.build())
.build())
.isHitlogEnabled(true)
.build());
// Network Security Policy with GLOBAL scope (VMs resolved by category across all VPCs)
var global_nsp = new NetworkSecurityPolicyV2("global-nsp", NetworkSecurityPolicyV2Args.builder()
.name("my-global-policy")
.description("Application policy with global scope")
.state("SAVE")
.type("APPLICATION")
.scope("GLOBAL")
.rules(NetworkSecurityPolicyV2RuleArgs.builder()
.type("APPLICATION")
.specs(NetworkSecurityPolicyV2RuleSpecArgs.builder()
.applicationRuleSpecs(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs.builder()
.securedGroupCategoryReferences(example.id())
.serviceGroupReferences(exampleNutanixServiceGroupsV2.id())
.srcAddressGroupReferences(exampleNutanixAddressGroupsV2.id())
.build())
.build())
.build())
.build());
}
}
resources:
# Network Security Policy TWO_ENV_ISOLATION Rule
isolation-nsp:
type: nutanix:NetworkSecurityPolicyV2
properties:
name: isolation_policy
description: isolation policy example
state: SAVE
type: ISOLATION
rules:
- type: TWO_ENV_ISOLATION
specs:
- twoEnvIsolationRuleSpecs:
- firstIsolationGroups:
- ba250e3e-1db1-4950-917f-a9e2ea35b8e3
secondIsolationGroups:
- ab520e1d-4950-1db1-917f-a9e2ea35b8e3
isHitlogEnabled: true
# Network Security Policy with GLOBAL scope (VMs resolved by category across all VPCs)
global-nsp:
type: nutanix:NetworkSecurityPolicyV2
properties:
name: my-global-policy
description: Application policy with global scope
state: SAVE
type: APPLICATION
scope: GLOBAL
rules:
- type: APPLICATION
specs:
- applicationRuleSpecs:
- securedGroupCategoryReferences:
- ${example.id}
serviceGroupReferences:
- ${exampleNutanixServiceGroupsV2.id}
srcAddressGroupReferences:
- ${exampleNutanixAddressGroupsV2.id}
pulumi {
required_providers {
nutanix = {
source = "pulumi/nutanix"
}
}
}
# Network Security Policy TWO_ENV_ISOLATION Rule
resource "nutanix_networksecuritypolicyv2" "isolation-nsp" {
name = "isolation_policy"
description = "isolation policy example"
state = "SAVE"
type = "ISOLATION"
rules {
type = "TWO_ENV_ISOLATION"
specs {
two_env_isolation_rule_specs {
first_isolation_groups = ["ba250e3e-1db1-4950-917f-a9e2ea35b8e3"]
second_isolation_groups = ["ab520e1d-4950-1db1-917f-a9e2ea35b8e3"]
}
}
}
is_hitlog_enabled = true
}
# Network Security Policy with GLOBAL scope (VMs resolved by category across all VPCs)
resource "nutanix_networksecuritypolicyv2" "global-nsp" {
name = "my-global-policy"
description = "Application policy with global scope"
state = "SAVE"
type = "APPLICATION"
scope = "GLOBAL"
rules {
type = "APPLICATION"
specs {
application_rule_specs {
secured_group_category_references = [example.id]
service_group_references = [exampleNutanixServiceGroupsV2.id]
src_address_group_references = [exampleNutanixAddressGroupsV2.id]
}
}
}
}
Create NetworkSecurityPolicyV2 Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new NetworkSecurityPolicyV2(name: string, args: NetworkSecurityPolicyV2Args, opts?: CustomResourceOptions);@overload
def NetworkSecurityPolicyV2(resource_name: str,
args: NetworkSecurityPolicyV2Args,
opts: Optional[ResourceOptions] = None)
@overload
def NetworkSecurityPolicyV2(resource_name: str,
opts: Optional[ResourceOptions] = None,
type: Optional[str] = None,
description: Optional[str] = None,
is_hitlog_enabled: Optional[bool] = None,
is_ipv6_traffic_allowed: Optional[bool] = None,
name: Optional[str] = None,
rules: Optional[Sequence[NetworkSecurityPolicyV2RuleArgs]] = None,
scope: Optional[str] = None,
state: Optional[str] = None,
vpc_references: Optional[Sequence[str]] = None)func NewNetworkSecurityPolicyV2(ctx *Context, name string, args NetworkSecurityPolicyV2Args, opts ...ResourceOption) (*NetworkSecurityPolicyV2, error)public NetworkSecurityPolicyV2(string name, NetworkSecurityPolicyV2Args args, CustomResourceOptions? opts = null)
public NetworkSecurityPolicyV2(String name, NetworkSecurityPolicyV2Args args)
public NetworkSecurityPolicyV2(String name, NetworkSecurityPolicyV2Args args, CustomResourceOptions options)
type: nutanix:NetworkSecurityPolicyV2
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
resource "nutanix_networksecuritypolicyv2" "name" {
# resource properties
}Parameters
- name string
- The unique name of the resource.
- args NetworkSecurityPolicyV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args NetworkSecurityPolicyV2Args
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args NetworkSecurityPolicyV2Args
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args NetworkSecurityPolicyV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args NetworkSecurityPolicyV2Args
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var networkSecurityPolicyV2Resource = new Nutanix.NetworkSecurityPolicyV2("networkSecurityPolicyV2Resource", new()
{
Type = "string",
Description = "string",
IsHitlogEnabled = false,
IsIpv6TrafficAllowed = false,
Name = "string",
Rules = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleArgs
{
Specs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecArgs
{
ApplicationRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs
{
SecuredGroupCategoryReferences = new[]
{
"string",
},
SecuredGroupCategoryAssociatedEntityType = "string",
SecuredGroupEntityGroupReference = "string",
DestCategoryReferences = new[]
{
"string",
},
DestEntityGroupReference = "string",
DestSubnets = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs
{
PrefixLength = 0,
Value = "string",
},
},
IcmpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs
{
Code = 0,
IsAllAllowed = false,
Type = 0,
},
},
IsAllProtocolAllowed = false,
NetworkFunctionChainReference = "string",
NetworkFunctionReference = "string",
DestAddressGroupReferences = new[]
{
"string",
},
DestCategoryAssociatedEntityType = "string",
ServiceGroupReferences = new[]
{
"string",
},
DestAllowSpec = "string",
SrcAddressGroupReferences = new[]
{
"string",
},
SrcAllowSpec = "string",
SrcCategoryAssociatedEntityType = "string",
SrcCategoryReferences = new[]
{
"string",
},
SrcEntityGroupReference = "string",
SrcSubnets = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs
{
PrefixLength = 0,
Value = "string",
},
},
TcpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs
{
EndPort = 0,
StartPort = 0,
},
},
UdpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs
{
EndPort = 0,
StartPort = 0,
},
},
},
},
IntraEntityGroupRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs
{
SecuredGroupAction = "string",
IcmpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecIcmpServiceArgs
{
Code = 0,
IsAllAllowed = false,
Type = 0,
},
},
SecuredGroupCategoryAssociatedEntityType = "string",
SecuredGroupCategoryReferences = new[]
{
"string",
},
SecuredGroupEntityGroupReference = "string",
SecuredGroupServiceReferences = new[]
{
"string",
},
TcpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecTcpServiceArgs
{
EndPort = 0,
StartPort = 0,
},
},
UdpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecUdpServiceArgs
{
EndPort = 0,
StartPort = 0,
},
},
},
},
MultiEnvIsolationRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs
{
Specs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs
{
AllToAllIsolationGroups = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs
{
IsolationGroups = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs
{
GroupCategoryReferences = new[]
{
"string",
},
GroupCategoryAssociatedEntityType = "string",
GroupEntityGroupReference = "string",
},
},
},
},
},
},
},
},
TwoEnvIsolationRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs
{
FirstIsolationGroups = new[]
{
"string",
},
SecondIsolationGroups = new[]
{
"string",
},
},
},
},
},
Type = "string",
Description = "string",
ExtId = "string",
Links = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleLinkArgs
{
Href = "string",
Rel = "string",
},
},
},
},
Scope = "string",
State = "string",
VpcReferences = new[]
{
"string",
},
});
example, err := nutanix.NewNetworkSecurityPolicyV2(ctx, "networkSecurityPolicyV2Resource", &nutanix.NetworkSecurityPolicyV2Args{
Type: pulumi.String("string"),
Description: pulumi.String("string"),
IsHitlogEnabled: pulumi.Bool(false),
IsIpv6TrafficAllowed: pulumi.Bool(false),
Name: pulumi.String("string"),
Rules: nutanix.NetworkSecurityPolicyV2RuleArray{
&nutanix.NetworkSecurityPolicyV2RuleArgs{
Specs: nutanix.NetworkSecurityPolicyV2RuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecArgs{
ApplicationRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs{
SecuredGroupCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
SecuredGroupCategoryAssociatedEntityType: pulumi.String("string"),
SecuredGroupEntityGroupReference: pulumi.String("string"),
DestCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
DestEntityGroupReference: pulumi.String("string"),
DestSubnets: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs{
PrefixLength: pulumi.Int(0),
Value: pulumi.String("string"),
},
},
IcmpServices: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs{
Code: pulumi.Int(0),
IsAllAllowed: pulumi.Bool(false),
Type: pulumi.Int(0),
},
},
IsAllProtocolAllowed: pulumi.Bool(false),
NetworkFunctionChainReference: pulumi.String("string"),
NetworkFunctionReference: pulumi.String("string"),
DestAddressGroupReferences: pulumi.StringArray{
pulumi.String("string"),
},
DestCategoryAssociatedEntityType: pulumi.String("string"),
ServiceGroupReferences: pulumi.StringArray{
pulumi.String("string"),
},
DestAllowSpec: pulumi.String("string"),
SrcAddressGroupReferences: pulumi.StringArray{
pulumi.String("string"),
},
SrcAllowSpec: pulumi.String("string"),
SrcCategoryAssociatedEntityType: pulumi.String("string"),
SrcCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
SrcEntityGroupReference: pulumi.String("string"),
SrcSubnets: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs{
PrefixLength: pulumi.Int(0),
Value: pulumi.String("string"),
},
},
TcpServices: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
UdpServices: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
},
},
IntraEntityGroupRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs{
SecuredGroupAction: pulumi.String("string"),
IcmpServices: nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecIcmpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecIcmpServiceArgs{
Code: pulumi.Int(0),
IsAllAllowed: pulumi.Bool(false),
Type: pulumi.Int(0),
},
},
SecuredGroupCategoryAssociatedEntityType: pulumi.String("string"),
SecuredGroupCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
SecuredGroupEntityGroupReference: pulumi.String("string"),
SecuredGroupServiceReferences: pulumi.StringArray{
pulumi.String("string"),
},
TcpServices: nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecTcpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecTcpServiceArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
UdpServices: nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecUdpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecUdpServiceArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
},
},
MultiEnvIsolationRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs{
Specs: nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs{
AllToAllIsolationGroups: nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs{
IsolationGroups: nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs{
GroupCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
GroupCategoryAssociatedEntityType: pulumi.String("string"),
GroupEntityGroupReference: pulumi.String("string"),
},
},
},
},
},
},
},
},
TwoEnvIsolationRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs{
FirstIsolationGroups: pulumi.StringArray{
pulumi.String("string"),
},
SecondIsolationGroups: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
Type: pulumi.String("string"),
Description: pulumi.String("string"),
ExtId: pulumi.String("string"),
Links: nutanix.NetworkSecurityPolicyV2RuleLinkArray{
&nutanix.NetworkSecurityPolicyV2RuleLinkArgs{
Href: pulumi.String("string"),
Rel: pulumi.String("string"),
},
},
},
},
Scope: pulumi.String("string"),
State: pulumi.String("string"),
VpcReferences: pulumi.StringArray{
pulumi.String("string"),
},
})
resource "nutanix_networksecuritypolicyv2" "networkSecurityPolicyV2Resource" {
type = "string"
description = "string"
is_hitlog_enabled = false
is_ipv6_traffic_allowed = false
name = "string"
rules {
specs {
application_rule_specs {
secured_group_category_references = ["string"]
secured_group_category_associated_entity_type = "string"
secured_group_entity_group_reference = "string"
dest_category_references = ["string"]
dest_entity_group_reference = "string"
dest_subnets {
prefix_length = 0
value = "string"
}
icmp_services {
code = 0
is_all_allowed = false
type = 0
}
is_all_protocol_allowed = false
network_function_chain_reference = "string"
network_function_reference = "string"
dest_address_group_references = ["string"]
dest_category_associated_entity_type = "string"
service_group_references = ["string"]
dest_allow_spec = "string"
src_address_group_references = ["string"]
src_allow_spec = "string"
src_category_associated_entity_type = "string"
src_category_references = ["string"]
src_entity_group_reference = "string"
src_subnets {
prefix_length = 0
value = "string"
}
tcp_services {
end_port = 0
start_port = 0
}
udp_services {
end_port = 0
start_port = 0
}
}
intra_entity_group_rule_specs {
secured_group_action = "string"
icmp_services {
code = 0
is_all_allowed = false
type = 0
}
secured_group_category_associated_entity_type = "string"
secured_group_category_references = ["string"]
secured_group_entity_group_reference = "string"
secured_group_service_references = ["string"]
tcp_services {
end_port = 0
start_port = 0
}
udp_services {
end_port = 0
start_port = 0
}
}
multi_env_isolation_rule_specs {
specs {
all_to_all_isolation_groups {
isolation_groups {
group_category_references = ["string"]
group_category_associated_entity_type = "string"
group_entity_group_reference = "string"
}
}
}
}
two_env_isolation_rule_specs {
first_isolation_groups = ["string"]
second_isolation_groups = ["string"]
}
}
type = "string"
description = "string"
ext_id = "string"
links {
href = "string"
rel = "string"
}
}
scope = "string"
state = "string"
vpc_references = ["string"]
}
var networkSecurityPolicyV2Resource = new NetworkSecurityPolicyV2("networkSecurityPolicyV2Resource", NetworkSecurityPolicyV2Args.builder()
.type("string")
.description("string")
.isHitlogEnabled(false)
.isIpv6TrafficAllowed(false)
.name("string")
.rules(NetworkSecurityPolicyV2RuleArgs.builder()
.specs(NetworkSecurityPolicyV2RuleSpecArgs.builder()
.applicationRuleSpecs(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs.builder()
.securedGroupCategoryReferences("string")
.securedGroupCategoryAssociatedEntityType("string")
.securedGroupEntityGroupReference("string")
.destCategoryReferences("string")
.destEntityGroupReference("string")
.destSubnets(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs.builder()
.prefixLength(0)
.value("string")
.build())
.icmpServices(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs.builder()
.code(0)
.isAllAllowed(false)
.type(0)
.build())
.isAllProtocolAllowed(false)
.networkFunctionChainReference("string")
.networkFunctionReference("string")
.destAddressGroupReferences("string")
.destCategoryAssociatedEntityType("string")
.serviceGroupReferences("string")
.destAllowSpec("string")
.srcAddressGroupReferences("string")
.srcAllowSpec("string")
.srcCategoryAssociatedEntityType("string")
.srcCategoryReferences("string")
.srcEntityGroupReference("string")
.srcSubnets(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs.builder()
.prefixLength(0)
.value("string")
.build())
.tcpServices(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs.builder()
.endPort(0)
.startPort(0)
.build())
.udpServices(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs.builder()
.endPort(0)
.startPort(0)
.build())
.build())
.intraEntityGroupRuleSpecs(NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs.builder()
.securedGroupAction("string")
.icmpServices(NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecIcmpServiceArgs.builder()
.code(0)
.isAllAllowed(false)
.type(0)
.build())
.securedGroupCategoryAssociatedEntityType("string")
.securedGroupCategoryReferences("string")
.securedGroupEntityGroupReference("string")
.securedGroupServiceReferences("string")
.tcpServices(NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecTcpServiceArgs.builder()
.endPort(0)
.startPort(0)
.build())
.udpServices(NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecUdpServiceArgs.builder()
.endPort(0)
.startPort(0)
.build())
.build())
.multiEnvIsolationRuleSpecs(NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs.builder()
.specs(NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs.builder()
.allToAllIsolationGroups(NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs.builder()
.isolationGroups(NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs.builder()
.groupCategoryReferences("string")
.groupCategoryAssociatedEntityType("string")
.groupEntityGroupReference("string")
.build())
.build())
.build())
.build())
.twoEnvIsolationRuleSpecs(NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs.builder()
.firstIsolationGroups("string")
.secondIsolationGroups("string")
.build())
.build())
.type("string")
.description("string")
.extId("string")
.links(NetworkSecurityPolicyV2RuleLinkArgs.builder()
.href("string")
.rel("string")
.build())
.build())
.scope("string")
.state("string")
.vpcReferences("string")
.build());
network_security_policy_v2_resource = nutanix.NetworkSecurityPolicyV2("networkSecurityPolicyV2Resource",
type="string",
description="string",
is_hitlog_enabled=False,
is_ipv6_traffic_allowed=False,
name="string",
rules=[{
"specs": [{
"application_rule_specs": [{
"secured_group_category_references": ["string"],
"secured_group_category_associated_entity_type": "string",
"secured_group_entity_group_reference": "string",
"dest_category_references": ["string"],
"dest_entity_group_reference": "string",
"dest_subnets": [{
"prefix_length": 0,
"value": "string",
}],
"icmp_services": [{
"code": 0,
"is_all_allowed": False,
"type": 0,
}],
"is_all_protocol_allowed": False,
"network_function_chain_reference": "string",
"network_function_reference": "string",
"dest_address_group_references": ["string"],
"dest_category_associated_entity_type": "string",
"service_group_references": ["string"],
"dest_allow_spec": "string",
"src_address_group_references": ["string"],
"src_allow_spec": "string",
"src_category_associated_entity_type": "string",
"src_category_references": ["string"],
"src_entity_group_reference": "string",
"src_subnets": [{
"prefix_length": 0,
"value": "string",
}],
"tcp_services": [{
"end_port": 0,
"start_port": 0,
}],
"udp_services": [{
"end_port": 0,
"start_port": 0,
}],
}],
"intra_entity_group_rule_specs": [{
"secured_group_action": "string",
"icmp_services": [{
"code": 0,
"is_all_allowed": False,
"type": 0,
}],
"secured_group_category_associated_entity_type": "string",
"secured_group_category_references": ["string"],
"secured_group_entity_group_reference": "string",
"secured_group_service_references": ["string"],
"tcp_services": [{
"end_port": 0,
"start_port": 0,
}],
"udp_services": [{
"end_port": 0,
"start_port": 0,
}],
}],
"multi_env_isolation_rule_specs": [{
"specs": [{
"all_to_all_isolation_groups": [{
"isolation_groups": [{
"group_category_references": ["string"],
"group_category_associated_entity_type": "string",
"group_entity_group_reference": "string",
}],
}],
}],
}],
"two_env_isolation_rule_specs": [{
"first_isolation_groups": ["string"],
"second_isolation_groups": ["string"],
}],
}],
"type": "string",
"description": "string",
"ext_id": "string",
"links": [{
"href": "string",
"rel": "string",
}],
}],
scope="string",
state="string",
vpc_references=["string"])
const networkSecurityPolicyV2Resource = new nutanix.NetworkSecurityPolicyV2("networkSecurityPolicyV2Resource", {
type: "string",
description: "string",
isHitlogEnabled: false,
isIpv6TrafficAllowed: false,
name: "string",
rules: [{
specs: [{
applicationRuleSpecs: [{
securedGroupCategoryReferences: ["string"],
securedGroupCategoryAssociatedEntityType: "string",
securedGroupEntityGroupReference: "string",
destCategoryReferences: ["string"],
destEntityGroupReference: "string",
destSubnets: [{
prefixLength: 0,
value: "string",
}],
icmpServices: [{
code: 0,
isAllAllowed: false,
type: 0,
}],
isAllProtocolAllowed: false,
networkFunctionChainReference: "string",
networkFunctionReference: "string",
destAddressGroupReferences: ["string"],
destCategoryAssociatedEntityType: "string",
serviceGroupReferences: ["string"],
destAllowSpec: "string",
srcAddressGroupReferences: ["string"],
srcAllowSpec: "string",
srcCategoryAssociatedEntityType: "string",
srcCategoryReferences: ["string"],
srcEntityGroupReference: "string",
srcSubnets: [{
prefixLength: 0,
value: "string",
}],
tcpServices: [{
endPort: 0,
startPort: 0,
}],
udpServices: [{
endPort: 0,
startPort: 0,
}],
}],
intraEntityGroupRuleSpecs: [{
securedGroupAction: "string",
icmpServices: [{
code: 0,
isAllAllowed: false,
type: 0,
}],
securedGroupCategoryAssociatedEntityType: "string",
securedGroupCategoryReferences: ["string"],
securedGroupEntityGroupReference: "string",
securedGroupServiceReferences: ["string"],
tcpServices: [{
endPort: 0,
startPort: 0,
}],
udpServices: [{
endPort: 0,
startPort: 0,
}],
}],
multiEnvIsolationRuleSpecs: [{
specs: [{
allToAllIsolationGroups: [{
isolationGroups: [{
groupCategoryReferences: ["string"],
groupCategoryAssociatedEntityType: "string",
groupEntityGroupReference: "string",
}],
}],
}],
}],
twoEnvIsolationRuleSpecs: [{
firstIsolationGroups: ["string"],
secondIsolationGroups: ["string"],
}],
}],
type: "string",
description: "string",
extId: "string",
links: [{
href: "string",
rel: "string",
}],
}],
scope: "string",
state: "string",
vpcReferences: ["string"],
});
type: nutanix:NetworkSecurityPolicyV2
properties:
description: string
isHitlogEnabled: false
isIpv6TrafficAllowed: false
name: string
rules:
- description: string
extId: string
links:
- href: string
rel: string
specs:
- applicationRuleSpecs:
- destAddressGroupReferences:
- string
destAllowSpec: string
destCategoryAssociatedEntityType: string
destCategoryReferences:
- string
destEntityGroupReference: string
destSubnets:
- prefixLength: 0
value: string
icmpServices:
- code: 0
isAllAllowed: false
type: 0
isAllProtocolAllowed: false
networkFunctionChainReference: string
networkFunctionReference: string
securedGroupCategoryAssociatedEntityType: string
securedGroupCategoryReferences:
- string
securedGroupEntityGroupReference: string
serviceGroupReferences:
- string
srcAddressGroupReferences:
- string
srcAllowSpec: string
srcCategoryAssociatedEntityType: string
srcCategoryReferences:
- string
srcEntityGroupReference: string
srcSubnets:
- prefixLength: 0
value: string
tcpServices:
- endPort: 0
startPort: 0
udpServices:
- endPort: 0
startPort: 0
intraEntityGroupRuleSpecs:
- icmpServices:
- code: 0
isAllAllowed: false
type: 0
securedGroupAction: string
securedGroupCategoryAssociatedEntityType: string
securedGroupCategoryReferences:
- string
securedGroupEntityGroupReference: string
securedGroupServiceReferences:
- string
tcpServices:
- endPort: 0
startPort: 0
udpServices:
- endPort: 0
startPort: 0
multiEnvIsolationRuleSpecs:
- specs:
- allToAllIsolationGroups:
- isolationGroups:
- groupCategoryAssociatedEntityType: string
groupCategoryReferences:
- string
groupEntityGroupReference: string
twoEnvIsolationRuleSpecs:
- firstIsolationGroups:
- string
secondIsolationGroups:
- string
type: string
scope: string
state: string
type: string
vpcReferences:
- string
NetworkSecurityPolicyV2 Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The NetworkSecurityPolicyV2 resource accepts the following input properties:
- Type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- Description string
- A user defined annotation for a policy.
- Is
Hitlog boolEnabled - If Hitlog is enabled.
- Is
Ipv6Traffic boolAllowed - If Ipv6 Traffic is allowed.
- Name string
- Name of the Flow Network Security Policy.
- Rules
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule> - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- Scope string
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- State string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- Vpc
References List<string> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- Type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- Description string
- A user defined annotation for a policy.
- Is
Hitlog boolEnabled - If Hitlog is enabled.
- Is
Ipv6Traffic boolAllowed - If Ipv6 Traffic is allowed.
- Name string
- Name of the Flow Network Security Policy.
- Rules
[]Network
Security Policy V2Rule Args - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- Scope string
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- State string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- Vpc
References []string - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- description string
- A user defined annotation for a policy.
- is_
hitlog_ boolenabled - If Hitlog is enabled.
- is_
ipv6_ booltraffic_ allowed - If Ipv6 Traffic is allowed.
- name string
- Name of the Flow Network Security Policy.
- rules list(object)
- A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope string
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- state string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc_
references list(string) - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type String
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- description String
- A user defined annotation for a policy.
- is
Hitlog BooleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic BooleanAllowed - If Ipv6 Traffic is allowed.
- name String
- Name of the Flow Network Security Policy.
- rules
List<Network
Security Policy V2Rule> - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope String
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- state String
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc
References List<String> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- description string
- A user defined annotation for a policy.
- is
Hitlog booleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic booleanAllowed - If Ipv6 Traffic is allowed.
- name string
- Name of the Flow Network Security Policy.
- rules
Network
Security Policy V2Rule[] - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope string
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- state string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc
References string[] - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type str
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- description str
- A user defined annotation for a policy.
- is_
hitlog_ boolenabled - If Hitlog is enabled.
- is_
ipv6_ booltraffic_ allowed - If Ipv6 Traffic is allowed.
- name str
- Name of the Flow Network Security Policy.
- rules
Sequence[Network
Security Policy V2Rule Args] - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope str
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- state str
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc_
references Sequence[str] - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type String
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- description String
- A user defined annotation for a policy.
- is
Hitlog BooleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic BooleanAllowed - If Ipv6 Traffic is allowed.
- name String
- Name of the Flow Network Security Policy.
- rules List<Property Map>
- A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope String
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- state String
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc
References List<String> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
Outputs
All input properties are implicitly available as output properties. Additionally, the NetworkSecurityPolicyV2 resource produces the following output properties:
- Created
By string - created by.
- Creation
Time string - creation time of NSP
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
System boolDefined - Is system defined NSP
- Last
Update stringTime - last updated time
- Links
List<Piers
Karsenbarg. Nutanix. Outputs. Network Security Policy V2Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Secured
Groups List<string> - Uuids of the secured groups in the NSP.
- Tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- Created
By string - created by.
- Creation
Time string - creation time of NSP
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
System boolDefined - Is system defined NSP
- Last
Update stringTime - last updated time
- Links
[]Network
Security Policy V2Link - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Secured
Groups []string - Uuids of the secured groups in the NSP.
- Tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- created_
by string - created by.
- creation_
time string - creation time of NSP
- ext_
id string - A globally unique identifier of an instance that is suitable for external consumption.
- id string
- The provider-assigned unique ID for this managed resource.
- is_
system_ booldefined - Is system defined NSP
- last_
update_ stringtime - last updated time
- links list(object)
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured_
groups list(string) - Uuids of the secured groups in the NSP.
- tenant_
id string - A globally unique identifier that represents the tenant that owns this entity
- created
By String - created by.
- creation
Time String - creation time of NSP
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- id String
- The provider-assigned unique ID for this managed resource.
- is
System BooleanDefined - Is system defined NSP
- last
Update StringTime - last updated time
- links
List<Network
Security Policy V2Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured
Groups List<String> - Uuids of the secured groups in the NSP.
- tenant
Id String - A globally unique identifier that represents the tenant that owns this entity
- created
By string - created by.
- creation
Time string - creation time of NSP
- ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- id string
- The provider-assigned unique ID for this managed resource.
- is
System booleanDefined - Is system defined NSP
- last
Update stringTime - last updated time
- links
Network
Security Policy V2Link[] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured
Groups string[] - Uuids of the secured groups in the NSP.
- tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- created_
by str - created by.
- creation_
time str - creation time of NSP
- ext_
id str - A globally unique identifier of an instance that is suitable for external consumption.
- id str
- The provider-assigned unique ID for this managed resource.
- is_
system_ booldefined - Is system defined NSP
- last_
update_ strtime - last updated time
- links
Sequence[Network
Security Policy V2Link] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured_
groups Sequence[str] - Uuids of the secured groups in the NSP.
- tenant_
id str - A globally unique identifier that represents the tenant that owns this entity
- created
By String - created by.
- creation
Time String - creation time of NSP
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- id String
- The provider-assigned unique ID for this managed resource.
- is
System BooleanDefined - Is system defined NSP
- last
Update StringTime - last updated time
- links List<Property Map>
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured
Groups List<String> - Uuids of the secured groups in the NSP.
- tenant
Id String - A globally unique identifier that represents the tenant that owns this entity
Look up Existing NetworkSecurityPolicyV2 Resource
Get an existing NetworkSecurityPolicyV2 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: NetworkSecurityPolicyV2State, opts?: CustomResourceOptions): NetworkSecurityPolicyV2@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created_by: Optional[str] = None,
creation_time: Optional[str] = None,
description: Optional[str] = None,
ext_id: Optional[str] = None,
is_hitlog_enabled: Optional[bool] = None,
is_ipv6_traffic_allowed: Optional[bool] = None,
is_system_defined: Optional[bool] = None,
last_update_time: Optional[str] = None,
links: Optional[Sequence[NetworkSecurityPolicyV2LinkArgs]] = None,
name: Optional[str] = None,
rules: Optional[Sequence[NetworkSecurityPolicyV2RuleArgs]] = None,
scope: Optional[str] = None,
secured_groups: Optional[Sequence[str]] = None,
state: Optional[str] = None,
tenant_id: Optional[str] = None,
type: Optional[str] = None,
vpc_references: Optional[Sequence[str]] = None) -> NetworkSecurityPolicyV2func GetNetworkSecurityPolicyV2(ctx *Context, name string, id IDInput, state *NetworkSecurityPolicyV2State, opts ...ResourceOption) (*NetworkSecurityPolicyV2, error)public static NetworkSecurityPolicyV2 Get(string name, Input<string> id, NetworkSecurityPolicyV2State? state, CustomResourceOptions? opts = null)public static NetworkSecurityPolicyV2 get(String name, Output<String> id, NetworkSecurityPolicyV2State state, CustomResourceOptions options)resources: _: type: nutanix:NetworkSecurityPolicyV2 get: id: ${id}import {
to = nutanix_networksecuritypolicyv2.example
id = "${id}"
}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Created
By string - created by.
- Creation
Time string - creation time of NSP
- Description string
- A user defined annotation for a policy.
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Is
Hitlog boolEnabled - If Hitlog is enabled.
- Is
Ipv6Traffic boolAllowed - If Ipv6 Traffic is allowed.
- Is
System boolDefined - Is system defined NSP
- Last
Update stringTime - last updated time
- Links
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Name string
- Name of the Flow Network Security Policy.
- Rules
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule> - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- Scope string
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- Secured
Groups List<string> - Uuids of the secured groups in the NSP.
- State string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- Tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- Type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- Vpc
References List<string> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- Created
By string - created by.
- Creation
Time string - creation time of NSP
- Description string
- A user defined annotation for a policy.
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Is
Hitlog boolEnabled - If Hitlog is enabled.
- Is
Ipv6Traffic boolAllowed - If Ipv6 Traffic is allowed.
- Is
System boolDefined - Is system defined NSP
- Last
Update stringTime - last updated time
- Links
[]Network
Security Policy V2Link Args - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Name string
- Name of the Flow Network Security Policy.
- Rules
[]Network
Security Policy V2Rule Args - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- Scope string
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- Secured
Groups []string - Uuids of the secured groups in the NSP.
- State string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- Tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- Type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- Vpc
References []string - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created_
by string - created by.
- creation_
time string - creation time of NSP
- description string
- A user defined annotation for a policy.
- ext_
id string - A globally unique identifier of an instance that is suitable for external consumption.
- is_
hitlog_ boolenabled - If Hitlog is enabled.
- is_
ipv6_ booltraffic_ allowed - If Ipv6 Traffic is allowed.
- is_
system_ booldefined - Is system defined NSP
- last_
update_ stringtime - last updated time
- links list(object)
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name string
- Name of the Flow Network Security Policy.
- rules list(object)
- A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope string
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- secured_
groups list(string) - Uuids of the secured groups in the NSP.
- state string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant_
id string - A globally unique identifier that represents the tenant that owns this entity
- type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- vpc_
references list(string) - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created
By String - created by.
- creation
Time String - creation time of NSP
- description String
- A user defined annotation for a policy.
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- is
Hitlog BooleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic BooleanAllowed - If Ipv6 Traffic is allowed.
- is
System BooleanDefined - Is system defined NSP
- last
Update StringTime - last updated time
- links
List<Network
Security Policy V2Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name String
- Name of the Flow Network Security Policy.
- rules
List<Network
Security Policy V2Rule> - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope String
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- secured
Groups List<String> - Uuids of the secured groups in the NSP.
- state String
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant
Id String - A globally unique identifier that represents the tenant that owns this entity
- type String
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- vpc
References List<String> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created
By string - created by.
- creation
Time string - creation time of NSP
- description string
- A user defined annotation for a policy.
- ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- is
Hitlog booleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic booleanAllowed - If Ipv6 Traffic is allowed.
- is
System booleanDefined - Is system defined NSP
- last
Update stringTime - last updated time
- links
Network
Security Policy V2Link[] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name string
- Name of the Flow Network Security Policy.
- rules
Network
Security Policy V2Rule[] - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope string
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- secured
Groups string[] - Uuids of the secured groups in the NSP.
- state string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- vpc
References string[] - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created_
by str - created by.
- creation_
time str - creation time of NSP
- description str
- A user defined annotation for a policy.
- ext_
id str - A globally unique identifier of an instance that is suitable for external consumption.
- is_
hitlog_ boolenabled - If Hitlog is enabled.
- is_
ipv6_ booltraffic_ allowed - If Ipv6 Traffic is allowed.
- is_
system_ booldefined - Is system defined NSP
- last_
update_ strtime - last updated time
- links
Sequence[Network
Security Policy V2Link Args] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name str
- Name of the Flow Network Security Policy.
- rules
Sequence[Network
Security Policy V2Rule Args] - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope str
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- secured_
groups Sequence[str] - Uuids of the secured groups in the NSP.
- state str
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant_
id str - A globally unique identifier that represents the tenant that owns this entity
- type str
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- vpc_
references Sequence[str] - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created
By String - created by.
- creation
Time String - creation time of NSP
- description String
- A user defined annotation for a policy.
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- is
Hitlog BooleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic BooleanAllowed - If Ipv6 Traffic is allowed.
- is
System BooleanDefined - Is system defined NSP
- last
Update StringTime - last updated time
- links List<Property Map>
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name String
- Name of the Flow Network Security Policy.
- rules List<Property Map>
- A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope String
- Defines the scope of the policy. Acceptable values are "ALL_VLAN", "ALL_VPC", "VPC_LIST", and "GLOBAL".
- secured
Groups List<String> - Uuids of the secured groups in the NSP.
- state String
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant
Id String - A globally unique identifier that represents the tenant that owns this entity
- type String
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION", "SHAREDSERVICE".
- vpc
References List<String> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
Supporting Types
NetworkSecurityPolicyV2Link, NetworkSecurityPolicyV2LinkArgs
NetworkSecurityPolicyV2Rule, NetworkSecurityPolicyV2RuleArgs
- Specs
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec> - Spec for rules.
- Type string
- The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP", "MULTI_ENV_ISOLATION", "SHARED_SERVICE".
- Description string
- A user defined annotation for a rule.
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Links
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Specs
[]Network
Security Policy V2Rule Spec - Spec for rules.
- Type string
- The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP", "MULTI_ENV_ISOLATION", "SHARED_SERVICE".
- Description string
- A user defined annotation for a rule.
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Links
[]Network
Security Policy V2Rule Link - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs list(object)
- Spec for rules.
- type string
- The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP", "MULTI_ENV_ISOLATION", "SHARED_SERVICE".
- description string
- A user defined annotation for a rule.
- ext_
id string - A globally unique identifier of an instance that is suitable for external consumption.
- links list(object)
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs
List<Network
Security Policy V2Rule Spec> - Spec for rules.
- type String
- The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP", "MULTI_ENV_ISOLATION", "SHARED_SERVICE".
- description String
- A user defined annotation for a rule.
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- links
List<Network
Security Policy V2Rule Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs
Network
Security Policy V2Rule Spec[] - Spec for rules.
- type string
- The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP", "MULTI_ENV_ISOLATION", "SHARED_SERVICE".
- description string
- A user defined annotation for a rule.
- ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- links
Network
Security Policy V2Rule Link[] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs
Sequence[Network
Security Policy V2Rule Spec] - Spec for rules.
- type str
- The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP", "MULTI_ENV_ISOLATION", "SHARED_SERVICE".
- description str
- A user defined annotation for a rule.
- ext_
id str - A globally unique identifier of an instance that is suitable for external consumption.
- links
Sequence[Network
Security Policy V2Rule Link] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs List<Property Map>
- Spec for rules.
- type String
- The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP", "MULTI_ENV_ISOLATION", "SHARED_SERVICE".
- description String
- A user defined annotation for a rule.
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- links List<Property Map>
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
NetworkSecurityPolicyV2RuleLink, NetworkSecurityPolicyV2RuleLinkArgs
NetworkSecurityPolicyV2RuleSpec, NetworkSecurityPolicyV2RuleSpecArgs
- Application
Rule List<PiersSpecs Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec> - Application Rule Spec.
- Intra
Entity List<PiersGroup Rule Specs Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Intra Entity Group Rule Spec> - Intra entity group Rule Spec
- Multi
Env List<PiersIsolation Rule Specs Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Multi Env Isolation Rule Spec> - Multi Environment Isolation Rule Spec.
- Two
Env List<PiersIsolation Rule Specs Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Two Env Isolation Rule Spec> - Two Environment Isolation Rule Spec.
- Application
Rule []NetworkSpecs Security Policy V2Rule Spec Application Rule Spec - Application Rule Spec.
- Intra
Entity []NetworkGroup Rule Specs Security Policy V2Rule Spec Intra Entity Group Rule Spec - Intra entity group Rule Spec
- Multi
Env []NetworkIsolation Rule Specs Security Policy V2Rule Spec Multi Env Isolation Rule Spec - Multi Environment Isolation Rule Spec.
- Two
Env []NetworkIsolation Rule Specs Security Policy V2Rule Spec Two Env Isolation Rule Spec - Two Environment Isolation Rule Spec.
- application_
rule_ list(object)specs - Application Rule Spec.
- intra_
entity_ list(object)group_ rule_ specs - Intra entity group Rule Spec
- multi_
env_ list(object)isolation_ rule_ specs - Multi Environment Isolation Rule Spec.
- two_
env_ list(object)isolation_ rule_ specs - Two Environment Isolation Rule Spec.
- application
Rule List<NetworkSpecs Security Policy V2Rule Spec Application Rule Spec> - Application Rule Spec.
- intra
Entity List<NetworkGroup Rule Specs Security Policy V2Rule Spec Intra Entity Group Rule Spec> - Intra entity group Rule Spec
- multi
Env List<NetworkIsolation Rule Specs Security Policy V2Rule Spec Multi Env Isolation Rule Spec> - Multi Environment Isolation Rule Spec.
- two
Env List<NetworkIsolation Rule Specs Security Policy V2Rule Spec Two Env Isolation Rule Spec> - Two Environment Isolation Rule Spec.
- application
Rule NetworkSpecs Security Policy V2Rule Spec Application Rule Spec[] - Application Rule Spec.
- intra
Entity NetworkGroup Rule Specs Security Policy V2Rule Spec Intra Entity Group Rule Spec[] - Intra entity group Rule Spec
- multi
Env NetworkIsolation Rule Specs Security Policy V2Rule Spec Multi Env Isolation Rule Spec[] - Multi Environment Isolation Rule Spec.
- two
Env NetworkIsolation Rule Specs Security Policy V2Rule Spec Two Env Isolation Rule Spec[] - Two Environment Isolation Rule Spec.
- application_
rule_ Sequence[Networkspecs Security Policy V2Rule Spec Application Rule Spec] - Application Rule Spec.
- intra_
entity_ Sequence[Networkgroup_ rule_ specs Security Policy V2Rule Spec Intra Entity Group Rule Spec] - Intra entity group Rule Spec
- multi_
env_ Sequence[Networkisolation_ rule_ specs Security Policy V2Rule Spec Multi Env Isolation Rule Spec] - Multi Environment Isolation Rule Spec.
- two_
env_ Sequence[Networkisolation_ rule_ specs Security Policy V2Rule Spec Two Env Isolation Rule Spec] - Two Environment Isolation Rule Spec.
- application
Rule List<Property Map>Specs - Application Rule Spec.
- intra
Entity List<Property Map>Group Rule Specs - Intra entity group Rule Spec
- multi
Env List<Property Map>Isolation Rule Specs - Multi Environment Isolation Rule Spec.
- two
Env List<Property Map>Isolation Rule Specs - Two Environment Isolation Rule Spec.
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpec, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs
- Secured
Group List<string>Category References - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- Dest
Address List<string>Group References - A list of address group references.
- Dest
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- Dest
Category stringAssociated Entity Type - Entity type for the destination category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Dest
Category List<string>References - List of categories that define a set of network endpoints as outbound.
- Dest
Entity stringGroup Reference - Reference to the destination entity group.
- Dest
Subnets List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Dest Subnet> - destination subnet value
- Icmp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Icmp Service> - icmp services
- Is
All boolProtocol Allowed - Denotes if rule allows traffic for all protocol.
- Network
Function stringChain Reference - A reference to the network function chain in the rule.
- Network
Function stringReference - A reference to the network function in the rule.
- Secured
Group stringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Secured
Group stringEntity Group Reference - Reference to the secured group entity group.
- Service
Group List<string>References - A list of service group references.
- Src
Address List<string>Group References - A list of address group references.
- Src
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- Src
Category stringAssociated Entity Type - Entity type for the source category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Src
Category List<string>References - List of categories that define a set of network endpoints as inbound.
- Src
Entity stringGroup Reference - Reference to the source entity group.
- Src
Subnets List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Src Subnet> - source subnet value
- Tcp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Tcp Service> - tcp services
- Udp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Udp Service> - udp services
- Secured
Group []stringCategory References - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- Dest
Address []stringGroup References - A list of address group references.
- Dest
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- Dest
Category stringAssociated Entity Type - Entity type for the destination category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Dest
Category []stringReferences - List of categories that define a set of network endpoints as outbound.
- Dest
Entity stringGroup Reference - Reference to the destination entity group.
- Dest
Subnets []NetworkSecurity Policy V2Rule Spec Application Rule Spec Dest Subnet - destination subnet value
- Icmp
Services []NetworkSecurity Policy V2Rule Spec Application Rule Spec Icmp Service - icmp services
- Is
All boolProtocol Allowed - Denotes if rule allows traffic for all protocol.
- Network
Function stringChain Reference - A reference to the network function chain in the rule.
- Network
Function stringReference - A reference to the network function in the rule.
- Secured
Group stringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Secured
Group stringEntity Group Reference - Reference to the secured group entity group.
- Service
Group []stringReferences - A list of service group references.
- Src
Address []stringGroup References - A list of address group references.
- Src
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- Src
Category stringAssociated Entity Type - Entity type for the source category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Src
Category []stringReferences - List of categories that define a set of network endpoints as inbound.
- Src
Entity stringGroup Reference - Reference to the source entity group.
- Src
Subnets []NetworkSecurity Policy V2Rule Spec Application Rule Spec Src Subnet - source subnet value
- Tcp
Services []NetworkSecurity Policy V2Rule Spec Application Rule Spec Tcp Service - tcp services
- Udp
Services []NetworkSecurity Policy V2Rule Spec Application Rule Spec Udp Service - udp services
- secured_
group_ list(string)category_ references - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest_
address_ list(string)group_ references - A list of address group references.
- dest_
allow_ stringspec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest_
category_ stringassociated_ entity_ type - Entity type for the destination category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- dest_
category_ list(string)references - List of categories that define a set of network endpoints as outbound.
- dest_
entity_ stringgroup_ reference - Reference to the destination entity group.
- dest_
subnets list(object) - destination subnet value
- icmp_
services list(object) - icmp services
- is_
all_ boolprotocol_ allowed - Denotes if rule allows traffic for all protocol.
- network_
function_ stringchain_ reference - A reference to the network function chain in the rule.
- network_
function_ stringreference - A reference to the network function in the rule.
- secured_
group_ stringcategory_ associated_ entity_ type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured_
group_ stringentity_ group_ reference - Reference to the secured group entity group.
- service_
group_ list(string)references - A list of service group references.
- src_
address_ list(string)group_ references - A list of address group references.
- src_
allow_ stringspec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src_
category_ stringassociated_ entity_ type - Entity type for the source category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- src_
category_ list(string)references - List of categories that define a set of network endpoints as inbound.
- src_
entity_ stringgroup_ reference - Reference to the source entity group.
- src_
subnets list(object) - source subnet value
- tcp_
services list(object) - tcp services
- udp_
services list(object) - udp services
- secured
Group List<String>Category References - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest
Address List<String>Group References - A list of address group references.
- dest
Allow StringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest
Category StringAssociated Entity Type - Entity type for the destination category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- dest
Category List<String>References - List of categories that define a set of network endpoints as outbound.
- dest
Entity StringGroup Reference - Reference to the destination entity group.
- dest
Subnets List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Dest Subnet> - destination subnet value
- icmp
Services List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Icmp Service> - icmp services
- is
All BooleanProtocol Allowed - Denotes if rule allows traffic for all protocol.
- network
Function StringChain Reference - A reference to the network function chain in the rule.
- network
Function StringReference - A reference to the network function in the rule.
- secured
Group StringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured
Group StringEntity Group Reference - Reference to the secured group entity group.
- service
Group List<String>References - A list of service group references.
- src
Address List<String>Group References - A list of address group references.
- src
Allow StringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src
Category StringAssociated Entity Type - Entity type for the source category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- src
Category List<String>References - List of categories that define a set of network endpoints as inbound.
- src
Entity StringGroup Reference - Reference to the source entity group.
- src
Subnets List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Src Subnet> - source subnet value
- tcp
Services List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Tcp Service> - tcp services
- udp
Services List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Udp Service> - udp services
- secured
Group string[]Category References - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest
Address string[]Group References - A list of address group references.
- dest
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest
Category stringAssociated Entity Type - Entity type for the destination category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- dest
Category string[]References - List of categories that define a set of network endpoints as outbound.
- dest
Entity stringGroup Reference - Reference to the destination entity group.
- dest
Subnets NetworkSecurity Policy V2Rule Spec Application Rule Spec Dest Subnet[] - destination subnet value
- icmp
Services NetworkSecurity Policy V2Rule Spec Application Rule Spec Icmp Service[] - icmp services
- is
All booleanProtocol Allowed - Denotes if rule allows traffic for all protocol.
- network
Function stringChain Reference - A reference to the network function chain in the rule.
- network
Function stringReference - A reference to the network function in the rule.
- secured
Group stringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured
Group stringEntity Group Reference - Reference to the secured group entity group.
- service
Group string[]References - A list of service group references.
- src
Address string[]Group References - A list of address group references.
- src
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src
Category stringAssociated Entity Type - Entity type for the source category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- src
Category string[]References - List of categories that define a set of network endpoints as inbound.
- src
Entity stringGroup Reference - Reference to the source entity group.
- src
Subnets NetworkSecurity Policy V2Rule Spec Application Rule Spec Src Subnet[] - source subnet value
- tcp
Services NetworkSecurity Policy V2Rule Spec Application Rule Spec Tcp Service[] - tcp services
- udp
Services NetworkSecurity Policy V2Rule Spec Application Rule Spec Udp Service[] - udp services
- secured_
group_ Sequence[str]category_ references - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest_
address_ Sequence[str]group_ references - A list of address group references.
- dest_
allow_ strspec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest_
category_ strassociated_ entity_ type - Entity type for the destination category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- dest_
category_ Sequence[str]references - List of categories that define a set of network endpoints as outbound.
- dest_
entity_ strgroup_ reference - Reference to the destination entity group.
- dest_
subnets Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Dest Subnet] - destination subnet value
- icmp_
services Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Icmp Service] - icmp services
- is_
all_ boolprotocol_ allowed - Denotes if rule allows traffic for all protocol.
- network_
function_ strchain_ reference - A reference to the network function chain in the rule.
- network_
function_ strreference - A reference to the network function in the rule.
- secured_
group_ strcategory_ associated_ entity_ type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured_
group_ strentity_ group_ reference - Reference to the secured group entity group.
- service_
group_ Sequence[str]references - A list of service group references.
- src_
address_ Sequence[str]group_ references - A list of address group references.
- src_
allow_ strspec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src_
category_ strassociated_ entity_ type - Entity type for the source category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- src_
category_ Sequence[str]references - List of categories that define a set of network endpoints as inbound.
- src_
entity_ strgroup_ reference - Reference to the source entity group.
- src_
subnets Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Src Subnet] - source subnet value
- tcp_
services Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Tcp Service] - tcp services
- udp_
services Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Udp Service] - udp services
- secured
Group List<String>Category References - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest
Address List<String>Group References - A list of address group references.
- dest
Allow StringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest
Category StringAssociated Entity Type - Entity type for the destination category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- dest
Category List<String>References - List of categories that define a set of network endpoints as outbound.
- dest
Entity StringGroup Reference - Reference to the destination entity group.
- dest
Subnets List<Property Map> - destination subnet value
- icmp
Services List<Property Map> - icmp services
- is
All BooleanProtocol Allowed - Denotes if rule allows traffic for all protocol.
- network
Function StringChain Reference - A reference to the network function chain in the rule.
- network
Function StringReference - A reference to the network function in the rule.
- secured
Group StringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured
Group StringEntity Group Reference - Reference to the secured group entity group.
- service
Group List<String>References - A list of service group references.
- src
Address List<String>Group References - A list of address group references.
- src
Allow StringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src
Category StringAssociated Entity Type - Entity type for the source category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- src
Category List<String>References - List of categories that define a set of network endpoints as inbound.
- src
Entity StringGroup Reference - Reference to the source entity group.
- src
Subnets List<Property Map> - source subnet value
- tcp
Services List<Property Map> - tcp services
- udp
Services List<Property Map> - udp services
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnet, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs
- Prefix
Length int - Value string
- Prefix
Length int - Value string
- prefix_
length number - value string
- prefix
Length Integer - value String
- prefix
Length number - value string
- prefix_
length int - value str
- prefix
Length Number - value String
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpService, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs
- Code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- Is
All boolAllowed - Set this field to true if both Type and Code is ANY.
- Type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- Code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- Is
All boolAllowed - Set this field to true if both Type and Code is ANY.
- Type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- code number
- Icmp service Code. Ignore this field if Code has to be ANY.
- is_
all_ boolallowed - Set this field to true if both Type and Code is ANY.
- type number
- Icmp service Type. Ignore this field if Type has to be ANY.
- code Integer
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All BooleanAllowed - Set this field to true if both Type and Code is ANY.
- type Integer
- Icmp service Type. Ignore this field if Type has to be ANY.
- code number
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All booleanAllowed - Set this field to true if both Type and Code is ANY.
- type number
- Icmp service Type. Ignore this field if Type has to be ANY.
- code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- is_
all_ boolallowed - Set this field to true if both Type and Code is ANY.
- type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- code Number
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All BooleanAllowed - Set this field to true if both Type and Code is ANY.
- type Number
- Icmp service Type. Ignore this field if Type has to be ANY.
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnet, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs
- Prefix
Length int - Value string
- Prefix
Length int - Value string
- prefix_
length number - value string
- prefix
Length Integer - value String
- prefix
Length number - value string
- prefix_
length int - value str
- prefix
Length Number - value String
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpService, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs
- end_
port number - end port
- start_
port number - start port
- end_
port int - end port
- start_
port int - start port
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpService, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs
- end_
port number - end port
- start_
port number - start port
- end_
port int - end port
- start_
port int - start port
NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpec, NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs
- Secured
Group stringAction - Whether traffic between intra secured group entities should be allowed or denied. Acceptable values are "ALLOW", "DENY".
- Icmp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Intra Entity Group Rule Spec Icmp Service> - ICMP type/code for the rule.
- Secured
Group stringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Secured
Group List<string>Category References - List of category references for the secured group.
- Secured
Group stringEntity Group Reference - Reference to the secured group entity group.
- Secured
Group List<string>Service References - List of service group references for the secured group.
- Tcp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Intra Entity Group Rule Spec Tcp Service> - TCP port ranges for the rule.
- Udp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Intra Entity Group Rule Spec Udp Service> - UDP port ranges for the rule.
- Secured
Group stringAction - Whether traffic between intra secured group entities should be allowed or denied. Acceptable values are "ALLOW", "DENY".
- Icmp
Services []NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Icmp Service - ICMP type/code for the rule.
- Secured
Group stringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Secured
Group []stringCategory References - List of category references for the secured group.
- Secured
Group stringEntity Group Reference - Reference to the secured group entity group.
- Secured
Group []stringService References - List of service group references for the secured group.
- Tcp
Services []NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Tcp Service - TCP port ranges for the rule.
- Udp
Services []NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Udp Service - UDP port ranges for the rule.
- secured_
group_ stringaction - Whether traffic between intra secured group entities should be allowed or denied. Acceptable values are "ALLOW", "DENY".
- icmp_
services list(object) - ICMP type/code for the rule.
- secured_
group_ stringcategory_ associated_ entity_ type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured_
group_ list(string)category_ references - List of category references for the secured group.
- secured_
group_ stringentity_ group_ reference - Reference to the secured group entity group.
- secured_
group_ list(string)service_ references - List of service group references for the secured group.
- tcp_
services list(object) - TCP port ranges for the rule.
- udp_
services list(object) - UDP port ranges for the rule.
- secured
Group StringAction - Whether traffic between intra secured group entities should be allowed or denied. Acceptable values are "ALLOW", "DENY".
- icmp
Services List<NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Icmp Service> - ICMP type/code for the rule.
- secured
Group StringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured
Group List<String>Category References - List of category references for the secured group.
- secured
Group StringEntity Group Reference - Reference to the secured group entity group.
- secured
Group List<String>Service References - List of service group references for the secured group.
- tcp
Services List<NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Tcp Service> - TCP port ranges for the rule.
- udp
Services List<NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Udp Service> - UDP port ranges for the rule.
- secured
Group stringAction - Whether traffic between intra secured group entities should be allowed or denied. Acceptable values are "ALLOW", "DENY".
- icmp
Services NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Icmp Service[] - ICMP type/code for the rule.
- secured
Group stringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured
Group string[]Category References - List of category references for the secured group.
- secured
Group stringEntity Group Reference - Reference to the secured group entity group.
- secured
Group string[]Service References - List of service group references for the secured group.
- tcp
Services NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Tcp Service[] - TCP port ranges for the rule.
- udp
Services NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Udp Service[] - UDP port ranges for the rule.
- secured_
group_ straction - Whether traffic between intra secured group entities should be allowed or denied. Acceptable values are "ALLOW", "DENY".
- icmp_
services Sequence[NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Icmp Service] - ICMP type/code for the rule.
- secured_
group_ strcategory_ associated_ entity_ type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured_
group_ Sequence[str]category_ references - List of category references for the secured group.
- secured_
group_ strentity_ group_ reference - Reference to the secured group entity group.
- secured_
group_ Sequence[str]service_ references - List of service group references for the secured group.
- tcp_
services Sequence[NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Tcp Service] - TCP port ranges for the rule.
- udp_
services Sequence[NetworkSecurity Policy V2Rule Spec Intra Entity Group Rule Spec Udp Service] - UDP port ranges for the rule.
- secured
Group StringAction - Whether traffic between intra secured group entities should be allowed or denied. Acceptable values are "ALLOW", "DENY".
- icmp
Services List<Property Map> - ICMP type/code for the rule.
- secured
Group StringCategory Associated Entity Type - Entity type for the secured group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- secured
Group List<String>Category References - List of category references for the secured group.
- secured
Group StringEntity Group Reference - Reference to the secured group entity group.
- secured
Group List<String>Service References - List of service group references for the secured group.
- tcp
Services List<Property Map> - TCP port ranges for the rule.
- udp
Services List<Property Map> - UDP port ranges for the rule.
NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecIcmpService, NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecIcmpServiceArgs
- Code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- Is
All boolAllowed - Set this field to true if both Type and Code is ANY.
- Type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- Code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- Is
All boolAllowed - Set this field to true if both Type and Code is ANY.
- Type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- code number
- Icmp service Code. Ignore this field if Code has to be ANY.
- is_
all_ boolallowed - Set this field to true if both Type and Code is ANY.
- type number
- Icmp service Type. Ignore this field if Type has to be ANY.
- code Integer
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All BooleanAllowed - Set this field to true if both Type and Code is ANY.
- type Integer
- Icmp service Type. Ignore this field if Type has to be ANY.
- code number
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All booleanAllowed - Set this field to true if both Type and Code is ANY.
- type number
- Icmp service Type. Ignore this field if Type has to be ANY.
- code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- is_
all_ boolallowed - Set this field to true if both Type and Code is ANY.
- type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- code Number
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All BooleanAllowed - Set this field to true if both Type and Code is ANY.
- type Number
- Icmp service Type. Ignore this field if Type has to be ANY.
NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecTcpService, NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecTcpServiceArgs
- end_
port number - end port
- start_
port number - start port
- end_
port int - end port
- start_
port int - start port
NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecUdpService, NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecUdpServiceArgs
- end_
port number - end port
- start_
port number - start port
- end_
port int - end port
- start_
port int - start port
NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpec, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs
- Specs
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec> - Multi Environment Isolation Rule Spec.
- Specs
[]Network
Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec - Multi Environment Isolation Rule Spec.
- specs list(object)
- Multi Environment Isolation Rule Spec.
- specs
List<Network
Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec> - Multi Environment Isolation Rule Spec.
- specs
Network
Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec[] - Multi Environment Isolation Rule Spec.
- specs
Sequence[Network
Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec] - Multi Environment Isolation Rule Spec.
- specs List<Property Map>
- Multi Environment Isolation Rule Spec.
NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpec, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs
- All
To []NetworkAll Isolation Groups Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group - all to all isolation groups
- all_
to_ list(object)all_ isolation_ groups - all to all isolation groups
- all
To List<NetworkAll Isolation Groups Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group> - all to all isolation groups
- all
To NetworkAll Isolation Groups Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group[] - all to all isolation groups
- all
To List<Property Map>All Isolation Groups - all to all isolation groups
NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroup, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs
- Isolation
Groups List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group> - Denotes the list of secured groups that will be used in All to All mutual isolation.
- Isolation
Groups []NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation_
groups list(object) - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation
Groups List<NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group> - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation
Groups NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group[] - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation_
groups Sequence[NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group] - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation
Groups List<Property Map> - Denotes the list of secured groups that will be used in All to All mutual isolation.
NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroup, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs
- Group
Category List<string>References - External identifiers of categories belonging to the isolation group.
- Group
Category stringAssociated Entity Type - Entity type for the group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Group
Entity stringGroup Reference - Reference to the entity group for the isolation group.
- Group
Category []stringReferences - External identifiers of categories belonging to the isolation group.
- Group
Category stringAssociated Entity Type - Entity type for the group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- Group
Entity stringGroup Reference - Reference to the entity group for the isolation group.
- group_
category_ list(string)references - External identifiers of categories belonging to the isolation group.
- group_
category_ stringassociated_ entity_ type - Entity type for the group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- group_
entity_ stringgroup_ reference - Reference to the entity group for the isolation group.
- group
Category List<String>References - External identifiers of categories belonging to the isolation group.
- group
Category StringAssociated Entity Type - Entity type for the group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- group
Entity StringGroup Reference - Reference to the entity group for the isolation group.
- group
Category string[]References - External identifiers of categories belonging to the isolation group.
- group
Category stringAssociated Entity Type - Entity type for the group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- group
Entity stringGroup Reference - Reference to the entity group for the isolation group.
- group_
category_ Sequence[str]references - External identifiers of categories belonging to the isolation group.
- group_
category_ strassociated_ entity_ type - Entity type for the group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- group_
entity_ strgroup_ reference - Reference to the entity group for the isolation group.
- group
Category List<String>References - External identifiers of categories belonging to the isolation group.
- group
Category StringAssociated Entity Type - Entity type for the group category. Acceptable values are "SUBNET", "VM", "VPC". Default is "VM".
- group
Entity StringGroup Reference - Reference to the entity group for the isolation group.
NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpec, NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs
- First
Isolation List<string>Groups - Denotes the first group of category uuids that will be used in an isolation policy.
- Second
Isolation List<string>Groups - Denotes the second group of category uuids that will be used in an isolation policy.
- First
Isolation []stringGroups - Denotes the first group of category uuids that will be used in an isolation policy.
- Second
Isolation []stringGroups - Denotes the second group of category uuids that will be used in an isolation policy.
- first_
isolation_ list(string)groups - Denotes the first group of category uuids that will be used in an isolation policy.
- second_
isolation_ list(string)groups - Denotes the second group of category uuids that will be used in an isolation policy.
- first
Isolation List<String>Groups - Denotes the first group of category uuids that will be used in an isolation policy.
- second
Isolation List<String>Groups - Denotes the second group of category uuids that will be used in an isolation policy.
- first
Isolation string[]Groups - Denotes the first group of category uuids that will be used in an isolation policy.
- second
Isolation string[]Groups - Denotes the second group of category uuids that will be used in an isolation policy.
- first_
isolation_ Sequence[str]groups - Denotes the first group of category uuids that will be used in an isolation policy.
- second_
isolation_ Sequence[str]groups - Denotes the second group of category uuids that will be used in an isolation policy.
- first
Isolation List<String>Groups - Denotes the first group of category uuids that will be used in an isolation policy.
- second
Isolation List<String>Groups - Denotes the second group of category uuids that will be used in an isolation policy.
Package Details
- Repository
- nutanix pierskarsenbarg/pulumi-nutanix
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
nutanixTerraform Provider.
Viewing docs for Nutanix v0.16.0
published on Tuesday, May 26, 2026 by Piers Karsenbarg
published on Tuesday, May 26, 2026 by Piers Karsenbarg