Docs
PackagesOracle Cloud Infrastructure v1.34.0 published on Friday, May 3, 2024 by Pulumi
oci.NetworkFirewall.getNetworkFirewallPolicyDecryptionProfile
Explore with Pulumi AI
This data source provides details about a specific Network Firewall Policy Decryption Profile resource in Oracle Cloud Infrastructure Network Firewall service.
Get Decryption Profile by the given name in the context of network firewall policy.
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.NetworkFirewall.NetworkFirewallFunctions;
import com.pulumi.oci.NetworkFirewall.inputs.GetNetworkFirewallPolicyDecryptionProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testNetworkFirewallPolicyDecryptionProfile = NetworkFirewallFunctions.getNetworkFirewallPolicyDecryptionProfile(GetNetworkFirewallPolicyDecryptionProfileArgs.builder()
.decryptionProfileName(ociNetworkFirewallNetworkFirewallPolicyDecryptionProfileName)
.networkFirewallPolicyId(testNetworkFirewallPolicy.id())
.build());
}
}
variables:
testNetworkFirewallPolicyDecryptionProfile:
fn::invoke:
Function: oci:NetworkFirewall:getNetworkFirewallPolicyDecryptionProfile
Arguments:
decryptionProfileName: ${ociNetworkFirewallNetworkFirewallPolicyDecryptionProfileName}
networkFirewallPolicyId: ${testNetworkFirewallPolicy.id}
Using getNetworkFirewallPolicyDecryptionProfile
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getNetworkFirewallPolicyDecryptionProfile(args: GetNetworkFirewallPolicyDecryptionProfileArgs, opts?: InvokeOptions): Promise<GetNetworkFirewallPolicyDecryptionProfileResult>
function getNetworkFirewallPolicyDecryptionProfileOutput(args: GetNetworkFirewallPolicyDecryptionProfileOutputArgs, opts?: InvokeOptions): Output<GetNetworkFirewallPolicyDecryptionProfileResult>def get_network_firewall_policy_decryption_profile(name: Optional[str] = None,
network_firewall_policy_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetNetworkFirewallPolicyDecryptionProfileResult
def get_network_firewall_policy_decryption_profile_output(name: Optional[pulumi.Input[str]] = None,
network_firewall_policy_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetNetworkFirewallPolicyDecryptionProfileResult]func GetNetworkFirewallPolicyDecryptionProfile(ctx *Context, args *GetNetworkFirewallPolicyDecryptionProfileArgs, opts ...InvokeOption) (*GetNetworkFirewallPolicyDecryptionProfileResult, error)
func GetNetworkFirewallPolicyDecryptionProfileOutput(ctx *Context, args *GetNetworkFirewallPolicyDecryptionProfileOutputArgs, opts ...InvokeOption) GetNetworkFirewallPolicyDecryptionProfileResultOutput> Note: This function is named GetNetworkFirewallPolicyDecryptionProfile in the Go SDK.
public static class GetNetworkFirewallPolicyDecryptionProfile
{
public static Task<GetNetworkFirewallPolicyDecryptionProfileResult> InvokeAsync(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions? opts = null)
public static Output<GetNetworkFirewallPolicyDecryptionProfileResult> Invoke(GetNetworkFirewallPolicyDecryptionProfileInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetNetworkFirewallPolicyDecryptionProfileResult> getNetworkFirewallPolicyDecryptionProfile(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: oci:NetworkFirewall/getNetworkFirewallPolicyDecryptionProfile:getNetworkFirewallPolicyDecryptionProfile
arguments:
# arguments dictionaryThe following arguments are supported:
- Name string
- Unique Name of the decryption profile.
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Name string
- Unique Name of the decryption profile.
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- name String
- Unique Name of the decryption profile.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- name string
- Unique Name of the decryption profile.
- network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- name str
- Unique Name of the decryption profile.
- network_
firewall_ strpolicy_ id - Unique Network Firewall Policy identifier
- name String
- Unique Name of the decryption profile.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
getNetworkFirewallPolicyDecryptionProfile Result
The following output properties are available:
- Are
Certificate boolExtensions Restricted - Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
- Id string
- Is
Auto boolInclude Alt Name - Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
- Is
Expired boolCertificate Blocked - Whether to block sessions if server's certificate is expired.
- Is
Out boolOf Capacity Blocked - Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
- Is
Revocation boolStatus Timeout Blocked - Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
- Is
Unknown boolRevocation Status Blocked - Whether to block sessions if the revocation status check for server's certificate results in "unknown".
- Is
Unsupported boolCipher Blocked - Whether to block sessions if SSL cipher suite is not supported.
- Is
Unsupported boolVersion Blocked - Whether to block sessions if SSL version is not supported.
- Is
Untrusted boolIssuer Blocked - Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
- Name string
- Unique Name of the decryption profile.
- Network
Firewall stringPolicy Id - Parent
Resource stringId - OCID of the Network Firewall Policy this decryption profile belongs to.
- Type string
- Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
- Are
Certificate boolExtensions Restricted - Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
- Id string
- Is
Auto boolInclude Alt Name - Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
- Is
Expired boolCertificate Blocked - Whether to block sessions if server's certificate is expired.
- Is
Out boolOf Capacity Blocked - Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
- Is
Revocation boolStatus Timeout Blocked - Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
- Is
Unknown boolRevocation Status Blocked - Whether to block sessions if the revocation status check for server's certificate results in "unknown".
- Is
Unsupported boolCipher Blocked - Whether to block sessions if SSL cipher suite is not supported.
- Is
Unsupported boolVersion Blocked - Whether to block sessions if SSL version is not supported.
- Is
Untrusted boolIssuer Blocked - Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
- Name string
- Unique Name of the decryption profile.
- Network
Firewall stringPolicy Id - Parent
Resource stringId - OCID of the Network Firewall Policy this decryption profile belongs to.
- Type string
- Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
- are
Certificate BooleanExtensions Restricted - Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
- id String
- is
Auto BooleanInclude Alt Name - Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
- is
Expired BooleanCertificate Blocked - Whether to block sessions if server's certificate is expired.
- is
Out BooleanOf Capacity Blocked - Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
- is
Revocation BooleanStatus Timeout Blocked - Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
- is
Unknown BooleanRevocation Status Blocked - Whether to block sessions if the revocation status check for server's certificate results in "unknown".
- is
Unsupported BooleanCipher Blocked - Whether to block sessions if SSL cipher suite is not supported.
- is
Unsupported BooleanVersion Blocked - Whether to block sessions if SSL version is not supported.
- is
Untrusted BooleanIssuer Blocked - Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
- name String
- Unique Name of the decryption profile.
- network
Firewall StringPolicy Id - parent
Resource StringId - OCID of the Network Firewall Policy this decryption profile belongs to.
- type String
- Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
- are
Certificate booleanExtensions Restricted - Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
- id string
- is
Auto booleanInclude Alt Name - Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
- is
Expired booleanCertificate Blocked - Whether to block sessions if server's certificate is expired.
- is
Out booleanOf Capacity Blocked - Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
- is
Revocation booleanStatus Timeout Blocked - Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
- is
Unknown booleanRevocation Status Blocked - Whether to block sessions if the revocation status check for server's certificate results in "unknown".
- is
Unsupported booleanCipher Blocked - Whether to block sessions if SSL cipher suite is not supported.
- is
Unsupported booleanVersion Blocked - Whether to block sessions if SSL version is not supported.
- is
Untrusted booleanIssuer Blocked - Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
- name string
- Unique Name of the decryption profile.
- network
Firewall stringPolicy Id - parent
Resource stringId - OCID of the Network Firewall Policy this decryption profile belongs to.
- type string
- Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
- are_
certificate_ boolextensions_ restricted - Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
- id str
- is_
auto_ boolinclude_ alt_ name - Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
- is_
expired_ boolcertificate_ blocked - Whether to block sessions if server's certificate is expired.
- is_
out_ boolof_ capacity_ blocked - Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
- is_
revocation_ boolstatus_ timeout_ blocked - Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
- is_
unknown_ boolrevocation_ status_ blocked - Whether to block sessions if the revocation status check for server's certificate results in "unknown".
- is_
unsupported_ boolcipher_ blocked - Whether to block sessions if SSL cipher suite is not supported.
- is_
unsupported_ boolversion_ blocked - Whether to block sessions if SSL version is not supported.
- is_
untrusted_ boolissuer_ blocked - Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
- name str
- Unique Name of the decryption profile.
- network_
firewall_ strpolicy_ id - parent_
resource_ strid - OCID of the Network Firewall Policy this decryption profile belongs to.
- type str
- Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
- are
Certificate BooleanExtensions Restricted - Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
- id String
- is
Auto BooleanInclude Alt Name - Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
- is
Expired BooleanCertificate Blocked - Whether to block sessions if server's certificate is expired.
- is
Out BooleanOf Capacity Blocked - Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
- is
Revocation BooleanStatus Timeout Blocked - Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
- is
Unknown BooleanRevocation Status Blocked - Whether to block sessions if the revocation status check for server's certificate results in "unknown".
- is
Unsupported BooleanCipher Blocked - Whether to block sessions if SSL cipher suite is not supported.
- is
Unsupported BooleanVersion Blocked - Whether to block sessions if SSL version is not supported.
- is
Untrusted BooleanIssuer Blocked - Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
- name String
- Unique Name of the decryption profile.
- network
Firewall StringPolicy Id - parent
Resource StringId - OCID of the Network Firewall Policy this decryption profile belongs to.
- type String
- Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.