Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
AuthenticationRule resource
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as scm from "@pulumi/scm";
const appAccessTag = new scm.Tag("app_access_tag", {
folder: "All",
name: "app-access-test_25",
color: "Blue",
});
// -----------------------------------------------------------------------------
// 2. ANCHOR RULE (Used for relative positioning by other rules)
// -----------------------------------------------------------------------------
const anchorRule = new scm.AuthenticationRule("anchor_rule", {
name: "test_anchor_rule_251",
description: "Base rule. Used to test 'before' and 'after' positioning",
position: "pre",
folder: "All",
destinations: ["any"],
froms: ["any"],
tos: ["any"],
sources: ["any"],
services: [
"service-http",
"service-https",
],
sourceUsers: ["any"],
timeout: 1200,
negateSource: false,
negateDestination: false,
tags: [appAccessTag.name],
categories: ["any"],
destinationHips: ["any"],
logAuthenticationTimeout: false,
disabled: false,
});
// # -----------------------------------------------------------------------------
// # 3. ABSOLUTE POSITIONING Examples ("top" and "bottom")
// # -----------------------------------------------------------------------------
const ruleTopOfList = new scm.AuthenticationRule("rule_top_of_list", {
name: "test_top_rule_25",
description: "Placed at the very top of the 'pre' rulebase.",
folder: "All",
position: "pre",
relativePosition: "top",
destinations: ["any"],
froms: ["untrust"],
tos: ["trust"],
sources: ["any"],
services: ["any"],
sourceUsers: ["any"],
});
const ruleBottomOfList = new scm.AuthenticationRule("rule_bottom_of_list", {
name: "test_bottom_rule_25",
description: "Placed at the very bottom of the 'pre' rulebase.",
folder: "All",
position: "pre",
relativePosition: "bottom",
destinations: ["any"],
froms: ["any"],
tos: ["any"],
sources: ["any"],
services: ["any"],
sourceUsers: ["any"],
});
// -----------------------------------------------------------------------------
// 4. RELATIVE POSITIONING Examples ("before" and "after")
// -----------------------------------------------------------------------------
const ruleBeforeAnchor = new scm.AuthenticationRule("rule_before_anchor", {
name: "test_before_rule_25_updating",
description: "Positioned immediately BEFORE the anchor_rule.",
folder: "All",
position: "pre",
relativePosition: "before",
targetRule: anchorRule.id,
destinations: ["any"],
froms: ["any"],
tos: ["any"],
sources: ["any"],
services: ["any"],
sourceUsers: ["any"],
});
const ruleAfterAnchor = new scm.AuthenticationRule("rule_after_anchor", {
name: "test_after_rule_25",
description: "Positioned immediately AFTER the anchor_rule.",
folder: "All",
position: "pre",
relativePosition: "after",
targetRule: anchorRule.id,
destinations: ["any"],
froms: ["any"],
tos: ["any"],
sources: ["any"],
services: ["any"],
sourceUsers: ["any"],
});
import pulumi
import pulumi_scm as scm
app_access_tag = scm.Tag("app_access_tag",
folder="All",
name="app-access-test_25",
color="Blue")
# -----------------------------------------------------------------------------
# 2. ANCHOR RULE (Used for relative positioning by other rules)
# -----------------------------------------------------------------------------
anchor_rule = scm.AuthenticationRule("anchor_rule",
name="test_anchor_rule_251",
description="Base rule. Used to test 'before' and 'after' positioning",
position="pre",
folder="All",
destinations=["any"],
froms=["any"],
tos=["any"],
sources=["any"],
services=[
"service-http",
"service-https",
],
source_users=["any"],
timeout=1200,
negate_source=False,
negate_destination=False,
tags=[app_access_tag.name],
categories=["any"],
destination_hips=["any"],
log_authentication_timeout=False,
disabled=False)
# # -----------------------------------------------------------------------------
# # 3. ABSOLUTE POSITIONING Examples ("top" and "bottom")
# # -----------------------------------------------------------------------------
rule_top_of_list = scm.AuthenticationRule("rule_top_of_list",
name="test_top_rule_25",
description="Placed at the very top of the 'pre' rulebase.",
folder="All",
position="pre",
relative_position="top",
destinations=["any"],
froms=["untrust"],
tos=["trust"],
sources=["any"],
services=["any"],
source_users=["any"])
rule_bottom_of_list = scm.AuthenticationRule("rule_bottom_of_list",
name="test_bottom_rule_25",
description="Placed at the very bottom of the 'pre' rulebase.",
folder="All",
position="pre",
relative_position="bottom",
destinations=["any"],
froms=["any"],
tos=["any"],
sources=["any"],
services=["any"],
source_users=["any"])
# -----------------------------------------------------------------------------
# 4. RELATIVE POSITIONING Examples ("before" and "after")
# -----------------------------------------------------------------------------
rule_before_anchor = scm.AuthenticationRule("rule_before_anchor",
name="test_before_rule_25_updating",
description="Positioned immediately BEFORE the anchor_rule.",
folder="All",
position="pre",
relative_position="before",
target_rule=anchor_rule.id,
destinations=["any"],
froms=["any"],
tos=["any"],
sources=["any"],
services=["any"],
source_users=["any"])
rule_after_anchor = scm.AuthenticationRule("rule_after_anchor",
name="test_after_rule_25",
description="Positioned immediately AFTER the anchor_rule.",
folder="All",
position="pre",
relative_position="after",
target_rule=anchor_rule.id,
destinations=["any"],
froms=["any"],
tos=["any"],
sources=["any"],
services=["any"],
source_users=["any"])
package main
import (
"github.com/pulumi/pulumi-scm/sdk/go/scm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
appAccessTag, err := scm.NewTag(ctx, "app_access_tag", &scm.TagArgs{
Folder: pulumi.String("All"),
Name: pulumi.String("app-access-test_25"),
Color: pulumi.String("Blue"),
})
if err != nil {
return err
}
// -----------------------------------------------------------------------------
// 2. ANCHOR RULE (Used for relative positioning by other rules)
// -----------------------------------------------------------------------------
anchorRule, err := scm.NewAuthenticationRule(ctx, "anchor_rule", &scm.AuthenticationRuleArgs{
Name: pulumi.String("test_anchor_rule_251"),
Description: pulumi.String("Base rule. Used to test 'before' and 'after' positioning"),
Position: pulumi.String("pre"),
Folder: pulumi.String("All"),
Destinations: pulumi.StringArray{
pulumi.String("any"),
},
Froms: pulumi.StringArray{
pulumi.String("any"),
},
Tos: pulumi.StringArray{
pulumi.String("any"),
},
Sources: pulumi.StringArray{
pulumi.String("any"),
},
Services: pulumi.StringArray{
pulumi.String("service-http"),
pulumi.String("service-https"),
},
SourceUsers: pulumi.StringArray{
pulumi.String("any"),
},
Timeout: pulumi.Int(1200),
NegateSource: pulumi.Bool(false),
NegateDestination: pulumi.Bool(false),
Tags: pulumi.StringArray{
appAccessTag.Name,
},
Categories: pulumi.StringArray{
pulumi.String("any"),
},
DestinationHips: pulumi.StringArray{
pulumi.String("any"),
},
LogAuthenticationTimeout: pulumi.Bool(false),
Disabled: pulumi.Bool(false),
})
if err != nil {
return err
}
// # -----------------------------------------------------------------------------
// # 3. ABSOLUTE POSITIONING Examples ("top" and "bottom")
// # -----------------------------------------------------------------------------
_, err = scm.NewAuthenticationRule(ctx, "rule_top_of_list", &scm.AuthenticationRuleArgs{
Name: pulumi.String("test_top_rule_25"),
Description: pulumi.String("Placed at the very top of the 'pre' rulebase."),
Folder: pulumi.String("All"),
Position: pulumi.String("pre"),
RelativePosition: pulumi.String("top"),
Destinations: pulumi.StringArray{
pulumi.String("any"),
},
Froms: pulumi.StringArray{
pulumi.String("untrust"),
},
Tos: pulumi.StringArray{
pulumi.String("trust"),
},
Sources: pulumi.StringArray{
pulumi.String("any"),
},
Services: pulumi.StringArray{
pulumi.String("any"),
},
SourceUsers: pulumi.StringArray{
pulumi.String("any"),
},
})
if err != nil {
return err
}
_, err = scm.NewAuthenticationRule(ctx, "rule_bottom_of_list", &scm.AuthenticationRuleArgs{
Name: pulumi.String("test_bottom_rule_25"),
Description: pulumi.String("Placed at the very bottom of the 'pre' rulebase."),
Folder: pulumi.String("All"),
Position: pulumi.String("pre"),
RelativePosition: pulumi.String("bottom"),
Destinations: pulumi.StringArray{
pulumi.String("any"),
},
Froms: pulumi.StringArray{
pulumi.String("any"),
},
Tos: pulumi.StringArray{
pulumi.String("any"),
},
Sources: pulumi.StringArray{
pulumi.String("any"),
},
Services: pulumi.StringArray{
pulumi.String("any"),
},
SourceUsers: pulumi.StringArray{
pulumi.String("any"),
},
})
if err != nil {
return err
}
// -----------------------------------------------------------------------------
// 4. RELATIVE POSITIONING Examples ("before" and "after")
// -----------------------------------------------------------------------------
_, err = scm.NewAuthenticationRule(ctx, "rule_before_anchor", &scm.AuthenticationRuleArgs{
Name: pulumi.String("test_before_rule_25_updating"),
Description: pulumi.String("Positioned immediately BEFORE the anchor_rule."),
Folder: pulumi.String("All"),
Position: pulumi.String("pre"),
RelativePosition: pulumi.String("before"),
TargetRule: anchorRule.ID(),
Destinations: pulumi.StringArray{
pulumi.String("any"),
},
Froms: pulumi.StringArray{
pulumi.String("any"),
},
Tos: pulumi.StringArray{
pulumi.String("any"),
},
Sources: pulumi.StringArray{
pulumi.String("any"),
},
Services: pulumi.StringArray{
pulumi.String("any"),
},
SourceUsers: pulumi.StringArray{
pulumi.String("any"),
},
})
if err != nil {
return err
}
_, err = scm.NewAuthenticationRule(ctx, "rule_after_anchor", &scm.AuthenticationRuleArgs{
Name: pulumi.String("test_after_rule_25"),
Description: pulumi.String("Positioned immediately AFTER the anchor_rule."),
Folder: pulumi.String("All"),
Position: pulumi.String("pre"),
RelativePosition: pulumi.String("after"),
TargetRule: anchorRule.ID(),
Destinations: pulumi.StringArray{
pulumi.String("any"),
},
Froms: pulumi.StringArray{
pulumi.String("any"),
},
Tos: pulumi.StringArray{
pulumi.String("any"),
},
Sources: pulumi.StringArray{
pulumi.String("any"),
},
Services: pulumi.StringArray{
pulumi.String("any"),
},
SourceUsers: pulumi.StringArray{
pulumi.String("any"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Scm = Pulumi.Scm;
return await Deployment.RunAsync(() =>
{
var appAccessTag = new Scm.Tag("app_access_tag", new()
{
Folder = "All",
Name = "app-access-test_25",
Color = "Blue",
});
// -----------------------------------------------------------------------------
// 2. ANCHOR RULE (Used for relative positioning by other rules)
// -----------------------------------------------------------------------------
var anchorRule = new Scm.AuthenticationRule("anchor_rule", new()
{
Name = "test_anchor_rule_251",
Description = "Base rule. Used to test 'before' and 'after' positioning",
Position = "pre",
Folder = "All",
Destinations = new[]
{
"any",
},
Froms = new[]
{
"any",
},
Tos = new[]
{
"any",
},
Sources = new[]
{
"any",
},
Services = new[]
{
"service-http",
"service-https",
},
SourceUsers = new[]
{
"any",
},
Timeout = 1200,
NegateSource = false,
NegateDestination = false,
Tags = new[]
{
appAccessTag.Name,
},
Categories = new[]
{
"any",
},
DestinationHips = new[]
{
"any",
},
LogAuthenticationTimeout = false,
Disabled = false,
});
// # -----------------------------------------------------------------------------
// # 3. ABSOLUTE POSITIONING Examples ("top" and "bottom")
// # -----------------------------------------------------------------------------
var ruleTopOfList = new Scm.AuthenticationRule("rule_top_of_list", new()
{
Name = "test_top_rule_25",
Description = "Placed at the very top of the 'pre' rulebase.",
Folder = "All",
Position = "pre",
RelativePosition = "top",
Destinations = new[]
{
"any",
},
Froms = new[]
{
"untrust",
},
Tos = new[]
{
"trust",
},
Sources = new[]
{
"any",
},
Services = new[]
{
"any",
},
SourceUsers = new[]
{
"any",
},
});
var ruleBottomOfList = new Scm.AuthenticationRule("rule_bottom_of_list", new()
{
Name = "test_bottom_rule_25",
Description = "Placed at the very bottom of the 'pre' rulebase.",
Folder = "All",
Position = "pre",
RelativePosition = "bottom",
Destinations = new[]
{
"any",
},
Froms = new[]
{
"any",
},
Tos = new[]
{
"any",
},
Sources = new[]
{
"any",
},
Services = new[]
{
"any",
},
SourceUsers = new[]
{
"any",
},
});
// -----------------------------------------------------------------------------
// 4. RELATIVE POSITIONING Examples ("before" and "after")
// -----------------------------------------------------------------------------
var ruleBeforeAnchor = new Scm.AuthenticationRule("rule_before_anchor", new()
{
Name = "test_before_rule_25_updating",
Description = "Positioned immediately BEFORE the anchor_rule.",
Folder = "All",
Position = "pre",
RelativePosition = "before",
TargetRule = anchorRule.Id,
Destinations = new[]
{
"any",
},
Froms = new[]
{
"any",
},
Tos = new[]
{
"any",
},
Sources = new[]
{
"any",
},
Services = new[]
{
"any",
},
SourceUsers = new[]
{
"any",
},
});
var ruleAfterAnchor = new Scm.AuthenticationRule("rule_after_anchor", new()
{
Name = "test_after_rule_25",
Description = "Positioned immediately AFTER the anchor_rule.",
Folder = "All",
Position = "pre",
RelativePosition = "after",
TargetRule = anchorRule.Id,
Destinations = new[]
{
"any",
},
Froms = new[]
{
"any",
},
Tos = new[]
{
"any",
},
Sources = new[]
{
"any",
},
Services = new[]
{
"any",
},
SourceUsers = new[]
{
"any",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.scm.Tag;
import com.pulumi.scm.TagArgs;
import com.pulumi.scm.AuthenticationRule;
import com.pulumi.scm.AuthenticationRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var appAccessTag = new Tag("appAccessTag", TagArgs.builder()
.folder("All")
.name("app-access-test_25")
.color("Blue")
.build());
// -----------------------------------------------------------------------------
// 2. ANCHOR RULE (Used for relative positioning by other rules)
// -----------------------------------------------------------------------------
var anchorRule = new AuthenticationRule("anchorRule", AuthenticationRuleArgs.builder()
.name("test_anchor_rule_251")
.description("Base rule. Used to test 'before' and 'after' positioning")
.position("pre")
.folder("All")
.destinations("any")
.froms("any")
.tos("any")
.sources("any")
.services(
"service-http",
"service-https")
.sourceUsers("any")
.timeout(1200)
.negateSource(false)
.negateDestination(false)
.tags(appAccessTag.name())
.categories("any")
.destinationHips("any")
.logAuthenticationTimeout(false)
.disabled(false)
.build());
// # -----------------------------------------------------------------------------
// # 3. ABSOLUTE POSITIONING Examples ("top" and "bottom")
// # -----------------------------------------------------------------------------
var ruleTopOfList = new AuthenticationRule("ruleTopOfList", AuthenticationRuleArgs.builder()
.name("test_top_rule_25")
.description("Placed at the very top of the 'pre' rulebase.")
.folder("All")
.position("pre")
.relativePosition("top")
.destinations("any")
.froms("untrust")
.tos("trust")
.sources("any")
.services("any")
.sourceUsers("any")
.build());
var ruleBottomOfList = new AuthenticationRule("ruleBottomOfList", AuthenticationRuleArgs.builder()
.name("test_bottom_rule_25")
.description("Placed at the very bottom of the 'pre' rulebase.")
.folder("All")
.position("pre")
.relativePosition("bottom")
.destinations("any")
.froms("any")
.tos("any")
.sources("any")
.services("any")
.sourceUsers("any")
.build());
// -----------------------------------------------------------------------------
// 4. RELATIVE POSITIONING Examples ("before" and "after")
// -----------------------------------------------------------------------------
var ruleBeforeAnchor = new AuthenticationRule("ruleBeforeAnchor", AuthenticationRuleArgs.builder()
.name("test_before_rule_25_updating")
.description("Positioned immediately BEFORE the anchor_rule.")
.folder("All")
.position("pre")
.relativePosition("before")
.targetRule(anchorRule.id())
.destinations("any")
.froms("any")
.tos("any")
.sources("any")
.services("any")
.sourceUsers("any")
.build());
var ruleAfterAnchor = new AuthenticationRule("ruleAfterAnchor", AuthenticationRuleArgs.builder()
.name("test_after_rule_25")
.description("Positioned immediately AFTER the anchor_rule.")
.folder("All")
.position("pre")
.relativePosition("after")
.targetRule(anchorRule.id())
.destinations("any")
.froms("any")
.tos("any")
.sources("any")
.services("any")
.sourceUsers("any")
.build());
}
}
resources:
appAccessTag:
type: scm:Tag
name: app_access_tag
properties:
folder: All
name: app-access-test_25
color: Blue
# -----------------------------------------------------------------------------
# 2. ANCHOR RULE (Used for relative positioning by other rules)
# -----------------------------------------------------------------------------
anchorRule:
type: scm:AuthenticationRule
name: anchor_rule
properties:
name: test_anchor_rule_251
description: Base rule. Used to test 'before' and 'after' positioning
position: pre
folder: All
destinations:
- any
froms:
- any
tos:
- any
sources:
- any
services:
- service-http
- service-https
sourceUsers:
- any
timeout: 1200
negateSource: false
negateDestination: false
tags:
- ${appAccessTag.name}
categories:
- any
destinationHips:
- any
logAuthenticationTimeout: false
disabled: false
# # -----------------------------------------------------------------------------
# # 3. ABSOLUTE POSITIONING Examples ("top" and "bottom")
# # -----------------------------------------------------------------------------
ruleTopOfList:
type: scm:AuthenticationRule
name: rule_top_of_list
properties:
name: test_top_rule_25
description: Placed at the very top of the 'pre' rulebase.
folder: All
position: pre
relativePosition: top
destinations:
- any
froms:
- untrust
tos:
- trust
sources:
- any
services:
- any
sourceUsers:
- any
ruleBottomOfList:
type: scm:AuthenticationRule
name: rule_bottom_of_list
properties:
name: test_bottom_rule_25
description: Placed at the very bottom of the 'pre' rulebase.
folder: All
position: pre
relativePosition: bottom
destinations:
- any
froms:
- any
tos:
- any
sources:
- any
services:
- any
sourceUsers:
- any
# -----------------------------------------------------------------------------
# 4. RELATIVE POSITIONING Examples ("before" and "after")
# -----------------------------------------------------------------------------
ruleBeforeAnchor:
type: scm:AuthenticationRule
name: rule_before_anchor
properties:
name: test_before_rule_25_updating
description: Positioned immediately BEFORE the anchor_rule.
folder: All
position: pre
relativePosition: before
targetRule: ${anchorRule.id}
destinations:
- any
froms:
- any
tos:
- any
sources:
- any
services:
- any
sourceUsers:
- any
ruleAfterAnchor:
type: scm:AuthenticationRule
name: rule_after_anchor
properties:
name: test_after_rule_25
description: Positioned immediately AFTER the anchor_rule.
folder: All
position: pre
relativePosition: after
targetRule: ${anchorRule.id}
destinations:
- any
froms:
- any
tos:
- any
sources:
- any
services:
- any
sourceUsers: # Example specific user
- any
Create AuthenticationRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AuthenticationRule(name: string, args: AuthenticationRuleArgs, opts?: CustomResourceOptions);@overload
def AuthenticationRule(resource_name: str,
args: AuthenticationRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AuthenticationRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
froms: Optional[Sequence[str]] = None,
tos: Optional[Sequence[str]] = None,
sources: Optional[Sequence[str]] = None,
services: Optional[Sequence[str]] = None,
destinations: Optional[Sequence[str]] = None,
disabled: Optional[bool] = None,
position: Optional[str] = None,
folder: Optional[str] = None,
device: Optional[str] = None,
group_tag: Optional[str] = None,
hip_profiles: Optional[Sequence[str]] = None,
log_authentication_timeout: Optional[bool] = None,
log_setting: Optional[str] = None,
name: Optional[str] = None,
negate_destination: Optional[bool] = None,
negate_source: Optional[bool] = None,
authentication_enforcement: Optional[str] = None,
relative_position: Optional[str] = None,
destination_hips: Optional[Sequence[str]] = None,
snippet: Optional[str] = None,
source_hips: Optional[Sequence[str]] = None,
source_users: Optional[Sequence[str]] = None,
description: Optional[str] = None,
tags: Optional[Sequence[str]] = None,
target_rule: Optional[str] = None,
timeout: Optional[int] = None,
categories: Optional[Sequence[str]] = None)func NewAuthenticationRule(ctx *Context, name string, args AuthenticationRuleArgs, opts ...ResourceOption) (*AuthenticationRule, error)public AuthenticationRule(string name, AuthenticationRuleArgs args, CustomResourceOptions? opts = null)
public AuthenticationRule(String name, AuthenticationRuleArgs args)
public AuthenticationRule(String name, AuthenticationRuleArgs args, CustomResourceOptions options)
type: scm:AuthenticationRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AuthenticationRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AuthenticationRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AuthenticationRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthenticationRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AuthenticationRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var authenticationRuleResource = new Scm.AuthenticationRule("authenticationRuleResource", new()
{
Froms = new[]
{
"string",
},
Tos = new[]
{
"string",
},
Sources = new[]
{
"string",
},
Services = new[]
{
"string",
},
Destinations = new[]
{
"string",
},
Disabled = false,
Position = "string",
Folder = "string",
Device = "string",
GroupTag = "string",
HipProfiles = new[]
{
"string",
},
LogAuthenticationTimeout = false,
LogSetting = "string",
Name = "string",
NegateDestination = false,
NegateSource = false,
AuthenticationEnforcement = "string",
RelativePosition = "string",
DestinationHips = new[]
{
"string",
},
Snippet = "string",
SourceHips = new[]
{
"string",
},
SourceUsers = new[]
{
"string",
},
Description = "string",
Tags = new[]
{
"string",
},
TargetRule = "string",
Timeout = 0,
Categories = new[]
{
"string",
},
});
example, err := scm.NewAuthenticationRule(ctx, "authenticationRuleResource", &scm.AuthenticationRuleArgs{
Froms: pulumi.StringArray{
pulumi.String("string"),
},
Tos: pulumi.StringArray{
pulumi.String("string"),
},
Sources: pulumi.StringArray{
pulumi.String("string"),
},
Services: pulumi.StringArray{
pulumi.String("string"),
},
Destinations: pulumi.StringArray{
pulumi.String("string"),
},
Disabled: pulumi.Bool(false),
Position: pulumi.String("string"),
Folder: pulumi.String("string"),
Device: pulumi.String("string"),
GroupTag: pulumi.String("string"),
HipProfiles: pulumi.StringArray{
pulumi.String("string"),
},
LogAuthenticationTimeout: pulumi.Bool(false),
LogSetting: pulumi.String("string"),
Name: pulumi.String("string"),
NegateDestination: pulumi.Bool(false),
NegateSource: pulumi.Bool(false),
AuthenticationEnforcement: pulumi.String("string"),
RelativePosition: pulumi.String("string"),
DestinationHips: pulumi.StringArray{
pulumi.String("string"),
},
Snippet: pulumi.String("string"),
SourceHips: pulumi.StringArray{
pulumi.String("string"),
},
SourceUsers: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
Tags: pulumi.StringArray{
pulumi.String("string"),
},
TargetRule: pulumi.String("string"),
Timeout: pulumi.Int(0),
Categories: pulumi.StringArray{
pulumi.String("string"),
},
})
var authenticationRuleResource = new AuthenticationRule("authenticationRuleResource", AuthenticationRuleArgs.builder()
.froms("string")
.tos("string")
.sources("string")
.services("string")
.destinations("string")
.disabled(false)
.position("string")
.folder("string")
.device("string")
.groupTag("string")
.hipProfiles("string")
.logAuthenticationTimeout(false)
.logSetting("string")
.name("string")
.negateDestination(false)
.negateSource(false)
.authenticationEnforcement("string")
.relativePosition("string")
.destinationHips("string")
.snippet("string")
.sourceHips("string")
.sourceUsers("string")
.description("string")
.tags("string")
.targetRule("string")
.timeout(0)
.categories("string")
.build());
authentication_rule_resource = scm.AuthenticationRule("authenticationRuleResource",
froms=["string"],
tos=["string"],
sources=["string"],
services=["string"],
destinations=["string"],
disabled=False,
position="string",
folder="string",
device="string",
group_tag="string",
hip_profiles=["string"],
log_authentication_timeout=False,
log_setting="string",
name="string",
negate_destination=False,
negate_source=False,
authentication_enforcement="string",
relative_position="string",
destination_hips=["string"],
snippet="string",
source_hips=["string"],
source_users=["string"],
description="string",
tags=["string"],
target_rule="string",
timeout=0,
categories=["string"])
const authenticationRuleResource = new scm.AuthenticationRule("authenticationRuleResource", {
froms: ["string"],
tos: ["string"],
sources: ["string"],
services: ["string"],
destinations: ["string"],
disabled: false,
position: "string",
folder: "string",
device: "string",
groupTag: "string",
hipProfiles: ["string"],
logAuthenticationTimeout: false,
logSetting: "string",
name: "string",
negateDestination: false,
negateSource: false,
authenticationEnforcement: "string",
relativePosition: "string",
destinationHips: ["string"],
snippet: "string",
sourceHips: ["string"],
sourceUsers: ["string"],
description: "string",
tags: ["string"],
targetRule: "string",
timeout: 0,
categories: ["string"],
});
type: scm:AuthenticationRule
properties:
authenticationEnforcement: string
categories:
- string
description: string
destinationHips:
- string
destinations:
- string
device: string
disabled: false
folder: string
froms:
- string
groupTag: string
hipProfiles:
- string
logAuthenticationTimeout: false
logSetting: string
name: string
negateDestination: false
negateSource: false
position: string
relativePosition: string
services:
- string
snippet: string
sourceHips:
- string
sourceUsers:
- string
sources:
- string
tags:
- string
targetRule: string
timeout: 0
tos:
- string
AuthenticationRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AuthenticationRule resource accepts the following input properties:
- Destinations List<string>
- The destination addresses
- Froms List<string>
- The source security zones
- Services List<string>
- The destination ports
- Sources List<string>
- The source addresses
- Tos List<string>
- The destination security zones
- Authentication
Enforcement string - The authentication profile name
- Categories List<string>
- The destination URL categories
- Description string
- The description of the authentication rule
- Destination
Hips List<string> - The destination Host Integrity Profile (HIP)
- Device string
- Device
- Disabled bool
- Is the authentication rule disabled?
- Folder string
- Folder
- Group
Tag string - Group tag
- Hip
Profiles List<string> - The source Host Integrity Profile (HIP)
- Log
Authentication boolTimeout - Log authentication timeouts?
- Log
Setting string - The log forwarding profile name
- Name string
- The name of the authentication rule
- Negate
Destination bool - Are the destination addresses negated?
- Negate
Source bool - Are the source addresses negated?
- Position string
- The relative position of the rule
- Relative
Position string - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - Snippet string
- Snippet
- Source
Hips List<string> - The source Host Integrity Profile (HIP)
- Source
Users List<string> - The source users
- List<string>
- The authentication rule tags
- Target
Rule string - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - Timeout int
- The authentication session timeout (seconds)
- Destinations []string
- The destination addresses
- Froms []string
- The source security zones
- Services []string
- The destination ports
- Sources []string
- The source addresses
- Tos []string
- The destination security zones
- Authentication
Enforcement string - The authentication profile name
- Categories []string
- The destination URL categories
- Description string
- The description of the authentication rule
- Destination
Hips []string - The destination Host Integrity Profile (HIP)
- Device string
- Device
- Disabled bool
- Is the authentication rule disabled?
- Folder string
- Folder
- Group
Tag string - Group tag
- Hip
Profiles []string - The source Host Integrity Profile (HIP)
- Log
Authentication boolTimeout - Log authentication timeouts?
- Log
Setting string - The log forwarding profile name
- Name string
- The name of the authentication rule
- Negate
Destination bool - Are the destination addresses negated?
- Negate
Source bool - Are the source addresses negated?
- Position string
- The relative position of the rule
- Relative
Position string - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - Snippet string
- Snippet
- Source
Hips []string - The source Host Integrity Profile (HIP)
- Source
Users []string - The source users
- []string
- The authentication rule tags
- Target
Rule string - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - Timeout int
- The authentication session timeout (seconds)
- destinations List<String>
- The destination addresses
- froms List<String>
- The source security zones
- services List<String>
- The destination ports
- sources List<String>
- The source addresses
- tos List<String>
- The destination security zones
- authentication
Enforcement String - The authentication profile name
- categories List<String>
- The destination URL categories
- description String
- The description of the authentication rule
- destination
Hips List<String> - The destination Host Integrity Profile (HIP)
- device String
- Device
- disabled Boolean
- Is the authentication rule disabled?
- folder String
- Folder
- group
Tag String - Group tag
- hip
Profiles List<String> - The source Host Integrity Profile (HIP)
- log
Authentication BooleanTimeout - Log authentication timeouts?
- log
Setting String - The log forwarding profile name
- name String
- The name of the authentication rule
- negate
Destination Boolean - Are the destination addresses negated?
- negate
Source Boolean - Are the source addresses negated?
- position String
- The relative position of the rule
- relative
Position String - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - snippet String
- Snippet
- source
Hips List<String> - The source Host Integrity Profile (HIP)
- source
Users List<String> - The source users
- List<String>
- The authentication rule tags
- target
Rule String - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - timeout Integer
- The authentication session timeout (seconds)
- destinations string[]
- The destination addresses
- froms string[]
- The source security zones
- services string[]
- The destination ports
- sources string[]
- The source addresses
- tos string[]
- The destination security zones
- authentication
Enforcement string - The authentication profile name
- categories string[]
- The destination URL categories
- description string
- The description of the authentication rule
- destination
Hips string[] - The destination Host Integrity Profile (HIP)
- device string
- Device
- disabled boolean
- Is the authentication rule disabled?
- folder string
- Folder
- group
Tag string - Group tag
- hip
Profiles string[] - The source Host Integrity Profile (HIP)
- log
Authentication booleanTimeout - Log authentication timeouts?
- log
Setting string - The log forwarding profile name
- name string
- The name of the authentication rule
- negate
Destination boolean - Are the destination addresses negated?
- negate
Source boolean - Are the source addresses negated?
- position string
- The relative position of the rule
- relative
Position string - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - snippet string
- Snippet
- source
Hips string[] - The source Host Integrity Profile (HIP)
- source
Users string[] - The source users
- string[]
- The authentication rule tags
- target
Rule string - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - timeout number
- The authentication session timeout (seconds)
- destinations Sequence[str]
- The destination addresses
- froms Sequence[str]
- The source security zones
- services Sequence[str]
- The destination ports
- sources Sequence[str]
- The source addresses
- tos Sequence[str]
- The destination security zones
- authentication_
enforcement str - The authentication profile name
- categories Sequence[str]
- The destination URL categories
- description str
- The description of the authentication rule
- destination_
hips Sequence[str] - The destination Host Integrity Profile (HIP)
- device str
- Device
- disabled bool
- Is the authentication rule disabled?
- folder str
- Folder
- group_
tag str - Group tag
- hip_
profiles Sequence[str] - The source Host Integrity Profile (HIP)
- log_
authentication_ booltimeout - Log authentication timeouts?
- log_
setting str - The log forwarding profile name
- name str
- The name of the authentication rule
- negate_
destination bool - Are the destination addresses negated?
- negate_
source bool - Are the source addresses negated?
- position str
- The relative position of the rule
- relative_
position str - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - snippet str
- Snippet
- source_
hips Sequence[str] - The source Host Integrity Profile (HIP)
- source_
users Sequence[str] - The source users
- Sequence[str]
- The authentication rule tags
- target_
rule str - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - timeout int
- The authentication session timeout (seconds)
- destinations List<String>
- The destination addresses
- froms List<String>
- The source security zones
- services List<String>
- The destination ports
- sources List<String>
- The source addresses
- tos List<String>
- The destination security zones
- authentication
Enforcement String - The authentication profile name
- categories List<String>
- The destination URL categories
- description String
- The description of the authentication rule
- destination
Hips List<String> - The destination Host Integrity Profile (HIP)
- device String
- Device
- disabled Boolean
- Is the authentication rule disabled?
- folder String
- Folder
- group
Tag String - Group tag
- hip
Profiles List<String> - The source Host Integrity Profile (HIP)
- log
Authentication BooleanTimeout - Log authentication timeouts?
- log
Setting String - The log forwarding profile name
- name String
- The name of the authentication rule
- negate
Destination Boolean - Are the destination addresses negated?
- negate
Source Boolean - Are the source addresses negated?
- position String
- The relative position of the rule
- relative
Position String - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - snippet String
- Snippet
- source
Hips List<String> - The source Host Integrity Profile (HIP)
- source
Users List<String> - The source users
- List<String>
- The authentication rule tags
- target
Rule String - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - timeout Number
- The authentication session timeout (seconds)
Outputs
All input properties are implicitly available as output properties. Additionally, the AuthenticationRule resource produces the following output properties:
Look up Existing AuthenticationRule Resource
Get an existing AuthenticationRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AuthenticationRuleState, opts?: CustomResourceOptions): AuthenticationRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authentication_enforcement: Optional[str] = None,
categories: Optional[Sequence[str]] = None,
description: Optional[str] = None,
destination_hips: Optional[Sequence[str]] = None,
destinations: Optional[Sequence[str]] = None,
device: Optional[str] = None,
disabled: Optional[bool] = None,
folder: Optional[str] = None,
froms: Optional[Sequence[str]] = None,
group_tag: Optional[str] = None,
hip_profiles: Optional[Sequence[str]] = None,
log_authentication_timeout: Optional[bool] = None,
log_setting: Optional[str] = None,
name: Optional[str] = None,
negate_destination: Optional[bool] = None,
negate_source: Optional[bool] = None,
position: Optional[str] = None,
relative_position: Optional[str] = None,
services: Optional[Sequence[str]] = None,
snippet: Optional[str] = None,
source_hips: Optional[Sequence[str]] = None,
source_users: Optional[Sequence[str]] = None,
sources: Optional[Sequence[str]] = None,
tags: Optional[Sequence[str]] = None,
target_rule: Optional[str] = None,
tfid: Optional[str] = None,
timeout: Optional[int] = None,
tos: Optional[Sequence[str]] = None) -> AuthenticationRulefunc GetAuthenticationRule(ctx *Context, name string, id IDInput, state *AuthenticationRuleState, opts ...ResourceOption) (*AuthenticationRule, error)public static AuthenticationRule Get(string name, Input<string> id, AuthenticationRuleState? state, CustomResourceOptions? opts = null)public static AuthenticationRule get(String name, Output<String> id, AuthenticationRuleState state, CustomResourceOptions options)resources: _: type: scm:AuthenticationRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Authentication
Enforcement string - The authentication profile name
- Categories List<string>
- The destination URL categories
- Description string
- The description of the authentication rule
- Destination
Hips List<string> - The destination Host Integrity Profile (HIP)
- Destinations List<string>
- The destination addresses
- Device string
- Device
- Disabled bool
- Is the authentication rule disabled?
- Folder string
- Folder
- Froms List<string>
- The source security zones
- Group
Tag string - Group tag
- Hip
Profiles List<string> - The source Host Integrity Profile (HIP)
- Log
Authentication boolTimeout - Log authentication timeouts?
- Log
Setting string - The log forwarding profile name
- Name string
- The name of the authentication rule
- Negate
Destination bool - Are the destination addresses negated?
- Negate
Source bool - Are the source addresses negated?
- Position string
- The relative position of the rule
- Relative
Position string - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - Services List<string>
- The destination ports
- Snippet string
- Snippet
- Source
Hips List<string> - The source Host Integrity Profile (HIP)
- Source
Users List<string> - The source users
- Sources List<string>
- The source addresses
- List<string>
- The authentication rule tags
- Target
Rule string - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - Tfid string
- Timeout int
- The authentication session timeout (seconds)
- Tos List<string>
- The destination security zones
- Authentication
Enforcement string - The authentication profile name
- Categories []string
- The destination URL categories
- Description string
- The description of the authentication rule
- Destination
Hips []string - The destination Host Integrity Profile (HIP)
- Destinations []string
- The destination addresses
- Device string
- Device
- Disabled bool
- Is the authentication rule disabled?
- Folder string
- Folder
- Froms []string
- The source security zones
- Group
Tag string - Group tag
- Hip
Profiles []string - The source Host Integrity Profile (HIP)
- Log
Authentication boolTimeout - Log authentication timeouts?
- Log
Setting string - The log forwarding profile name
- Name string
- The name of the authentication rule
- Negate
Destination bool - Are the destination addresses negated?
- Negate
Source bool - Are the source addresses negated?
- Position string
- The relative position of the rule
- Relative
Position string - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - Services []string
- The destination ports
- Snippet string
- Snippet
- Source
Hips []string - The source Host Integrity Profile (HIP)
- Source
Users []string - The source users
- Sources []string
- The source addresses
- []string
- The authentication rule tags
- Target
Rule string - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - Tfid string
- Timeout int
- The authentication session timeout (seconds)
- Tos []string
- The destination security zones
- authentication
Enforcement String - The authentication profile name
- categories List<String>
- The destination URL categories
- description String
- The description of the authentication rule
- destination
Hips List<String> - The destination Host Integrity Profile (HIP)
- destinations List<String>
- The destination addresses
- device String
- Device
- disabled Boolean
- Is the authentication rule disabled?
- folder String
- Folder
- froms List<String>
- The source security zones
- group
Tag String - Group tag
- hip
Profiles List<String> - The source Host Integrity Profile (HIP)
- log
Authentication BooleanTimeout - Log authentication timeouts?
- log
Setting String - The log forwarding profile name
- name String
- The name of the authentication rule
- negate
Destination Boolean - Are the destination addresses negated?
- negate
Source Boolean - Are the source addresses negated?
- position String
- The relative position of the rule
- relative
Position String - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - services List<String>
- The destination ports
- snippet String
- Snippet
- source
Hips List<String> - The source Host Integrity Profile (HIP)
- source
Users List<String> - The source users
- sources List<String>
- The source addresses
- List<String>
- The authentication rule tags
- target
Rule String - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - tfid String
- timeout Integer
- The authentication session timeout (seconds)
- tos List<String>
- The destination security zones
- authentication
Enforcement string - The authentication profile name
- categories string[]
- The destination URL categories
- description string
- The description of the authentication rule
- destination
Hips string[] - The destination Host Integrity Profile (HIP)
- destinations string[]
- The destination addresses
- device string
- Device
- disabled boolean
- Is the authentication rule disabled?
- folder string
- Folder
- froms string[]
- The source security zones
- group
Tag string - Group tag
- hip
Profiles string[] - The source Host Integrity Profile (HIP)
- log
Authentication booleanTimeout - Log authentication timeouts?
- log
Setting string - The log forwarding profile name
- name string
- The name of the authentication rule
- negate
Destination boolean - Are the destination addresses negated?
- negate
Source boolean - Are the source addresses negated?
- position string
- The relative position of the rule
- relative
Position string - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - services string[]
- The destination ports
- snippet string
- Snippet
- source
Hips string[] - The source Host Integrity Profile (HIP)
- source
Users string[] - The source users
- sources string[]
- The source addresses
- string[]
- The authentication rule tags
- target
Rule string - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - tfid string
- timeout number
- The authentication session timeout (seconds)
- tos string[]
- The destination security zones
- authentication_
enforcement str - The authentication profile name
- categories Sequence[str]
- The destination URL categories
- description str
- The description of the authentication rule
- destination_
hips Sequence[str] - The destination Host Integrity Profile (HIP)
- destinations Sequence[str]
- The destination addresses
- device str
- Device
- disabled bool
- Is the authentication rule disabled?
- folder str
- Folder
- froms Sequence[str]
- The source security zones
- group_
tag str - Group tag
- hip_
profiles Sequence[str] - The source Host Integrity Profile (HIP)
- log_
authentication_ booltimeout - Log authentication timeouts?
- log_
setting str - The log forwarding profile name
- name str
- The name of the authentication rule
- negate_
destination bool - Are the destination addresses negated?
- negate_
source bool - Are the source addresses negated?
- position str
- The relative position of the rule
- relative_
position str - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - services Sequence[str]
- The destination ports
- snippet str
- Snippet
- source_
hips Sequence[str] - The source Host Integrity Profile (HIP)
- source_
users Sequence[str] - The source users
- sources Sequence[str]
- The source addresses
- Sequence[str]
- The authentication rule tags
- target_
rule str - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - tfid str
- timeout int
- The authentication session timeout (seconds)
- tos Sequence[str]
- The destination security zones
- authentication
Enforcement String - The authentication profile name
- categories List<String>
- The destination URL categories
- description String
- The description of the authentication rule
- destination
Hips List<String> - The destination Host Integrity Profile (HIP)
- destinations List<String>
- The destination addresses
- device String
- Device
- disabled Boolean
- Is the authentication rule disabled?
- folder String
- Folder
- froms List<String>
- The source security zones
- group
Tag String - Group tag
- hip
Profiles List<String> - The source Host Integrity Profile (HIP)
- log
Authentication BooleanTimeout - Log authentication timeouts?
- log
Setting String - The log forwarding profile name
- name String
- The name of the authentication rule
- negate
Destination Boolean - Are the destination addresses negated?
- negate
Source Boolean - Are the source addresses negated?
- position String
- The relative position of the rule
- relative
Position String - Relative positioning rule. String must be one of these:
"before","after","top","bottom". If not specified, rule is created at the bottom of the ruleset. - services List<String>
- The destination ports
- snippet String
- Snippet
- source
Hips List<String> - The source Host Integrity Profile (HIP)
- source
Users List<String> - The source users
- sources List<String>
- The source addresses
- List<String>
- The authentication rule tags
- target
Rule String - The name or UUID of the rule to position this rule relative to. Required when
relative_positionis"before"or"after". - tfid String
- timeout Number
- The authentication session timeout (seconds)
- tos List<String>
- The destination security zones
Package Details
- Repository
- scm pulumi/pulumi-scm
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
scmTerraform Provider.
Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
