Strata Cloud Manager v1.0.1 published on Wednesday, Nov 26, 2025 by Pulumi
Strata Cloud Manager v1.0.1 published on Wednesday, Nov 26, 2025 by Pulumi
DnsSecurityProfile resource
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as scm from "@pulumi/scm";
const scmDnsSecurityProfileBase = new scm.DnsSecurityProfile("scm_dns_security_profile_base", {
folder: "All",
name: "dns_base",
});
const scmDnsSecurityCategories = new scm.DnsSecurityProfile("scm_dns_security_categories", {
folder: "All",
name: "test_dns_sec_categories",
description: "dns security profile w/ dns security categories",
botnetDomains: {
dnsSecurityCategories: [
{
name: "pan-dns-sec-recent",
},
{
name: "pan-dns-sec-grayware",
action: "allow",
logLevel: "high",
packetCapture: "disable",
},
{
name: "pan-dns-sec-proxy",
action: "block",
logLevel: "default",
packetCapture: "single-packet",
},
{
name: "pan-dns-sec-phishing",
action: "sinkhole",
logLevel: "critical",
packetCapture: "extended-capture",
},
{
name: "pan-dns-sec-malware",
action: "default",
logLevel: "informational",
packetCapture: "disable",
},
],
},
});
const scmDnsLists = new scm.DnsSecurityProfile("scm_dns_lists", {
folder: "All",
name: "test_dns_lists",
description: "dns security profile w/ dns lists",
botnetDomains: {
dnsLists: [
{
name: "default-paloalto-dns",
packetCapture: "disable",
action: {
alert: {},
},
},
{
name: "update-edl",
packetCapture: "extended-capture",
action: {
allow: {},
},
},
],
},
});
const scmDnsSinkhole = new scm.DnsSecurityProfile("scm_dns_sinkhole", {
folder: "All",
name: "test_dns_sinkhole",
description: "dns security profile w/ sinkhole",
botnetDomains: {
sinkhole: {
ipv4Address: "127.0.0.1",
ipv6Address: "::1",
},
},
});
const scmDnsWhitelist = new scm.DnsSecurityProfile("scm_dns_whitelist", {
folder: "All",
name: "test_dns_whitelist",
description: "dns security profile w/ whitelist",
botnetDomains: {
whitelists: [
{
name: "example.com",
},
{
name: "example2.com",
description: "creating whitelist",
},
],
},
});
const scmDnsAll = new scm.DnsSecurityProfile("scm_dns_all", {
folder: "All",
name: "test_dns_all_test",
description: "dns security profile w/ all",
botnetDomains: {
dnsSecurityCategories: [{
name: "pan-dns-sec-ddns",
action: "block",
logLevel: "low",
packetCapture: "disable",
}],
dnsLists: [{
name: "scm_edl_1",
packetCapture: "single-packet",
action: {
block: {},
},
}],
sinkhole: {
ipv4Address: "pan-sinkhole-default-ip",
ipv6Address: "::1",
},
whitelists: [{
name: "ebay.com",
description: "creating whitelist",
}],
},
});
import pulumi
import pulumi_scm as scm
scm_dns_security_profile_base = scm.DnsSecurityProfile("scm_dns_security_profile_base",
folder="All",
name="dns_base")
scm_dns_security_categories = scm.DnsSecurityProfile("scm_dns_security_categories",
folder="All",
name="test_dns_sec_categories",
description="dns security profile w/ dns security categories",
botnet_domains={
"dns_security_categories": [
{
"name": "pan-dns-sec-recent",
},
{
"name": "pan-dns-sec-grayware",
"action": "allow",
"log_level": "high",
"packet_capture": "disable",
},
{
"name": "pan-dns-sec-proxy",
"action": "block",
"log_level": "default",
"packet_capture": "single-packet",
},
{
"name": "pan-dns-sec-phishing",
"action": "sinkhole",
"log_level": "critical",
"packet_capture": "extended-capture",
},
{
"name": "pan-dns-sec-malware",
"action": "default",
"log_level": "informational",
"packet_capture": "disable",
},
],
})
scm_dns_lists = scm.DnsSecurityProfile("scm_dns_lists",
folder="All",
name="test_dns_lists",
description="dns security profile w/ dns lists",
botnet_domains={
"dns_lists": [
{
"name": "default-paloalto-dns",
"packetCapture": "disable",
"action": {
"alert": {},
},
},
{
"name": "update-edl",
"packetCapture": "extended-capture",
"action": {
"allow": {},
},
},
],
})
scm_dns_sinkhole = scm.DnsSecurityProfile("scm_dns_sinkhole",
folder="All",
name="test_dns_sinkhole",
description="dns security profile w/ sinkhole",
botnet_domains={
"sinkhole": {
"ipv4_address": "127.0.0.1",
"ipv6_address": "::1",
},
})
scm_dns_whitelist = scm.DnsSecurityProfile("scm_dns_whitelist",
folder="All",
name="test_dns_whitelist",
description="dns security profile w/ whitelist",
botnet_domains={
"whitelists": [
{
"name": "example.com",
},
{
"name": "example2.com",
"description": "creating whitelist",
},
],
})
scm_dns_all = scm.DnsSecurityProfile("scm_dns_all",
folder="All",
name="test_dns_all_test",
description="dns security profile w/ all",
botnet_domains={
"dns_security_categories": [{
"name": "pan-dns-sec-ddns",
"action": "block",
"log_level": "low",
"packet_capture": "disable",
}],
"dns_lists": [{
"name": "scm_edl_1",
"packetCapture": "single-packet",
"action": {
"block": {},
},
}],
"sinkhole": {
"ipv4_address": "pan-sinkhole-default-ip",
"ipv6_address": "::1",
},
"whitelists": [{
"name": "ebay.com",
"description": "creating whitelist",
}],
})
package main
import (
"github.com/pulumi/pulumi-scm/sdk/go/scm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := scm.NewDnsSecurityProfile(ctx, "scm_dns_security_profile_base", &scm.DnsSecurityProfileArgs{
Folder: pulumi.String("All"),
Name: pulumi.String("dns_base"),
})
if err != nil {
return err
}
_, err = scm.NewDnsSecurityProfile(ctx, "scm_dns_security_categories", &scm.DnsSecurityProfileArgs{
Folder: pulumi.String("All"),
Name: pulumi.String("test_dns_sec_categories"),
Description: pulumi.String("dns security profile w/ dns security categories"),
BotnetDomains: &scm.DnsSecurityProfileBotnetDomainsArgs{
DnsSecurityCategories: scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArray{
&scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs{
Name: pulumi.String("pan-dns-sec-recent"),
},
&scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs{
Name: pulumi.String("pan-dns-sec-grayware"),
Action: pulumi.String("allow"),
LogLevel: pulumi.String("high"),
PacketCapture: pulumi.String("disable"),
},
&scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs{
Name: pulumi.String("pan-dns-sec-proxy"),
Action: pulumi.String("block"),
LogLevel: pulumi.String("default"),
PacketCapture: pulumi.String("single-packet"),
},
&scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs{
Name: pulumi.String("pan-dns-sec-phishing"),
Action: pulumi.String("sinkhole"),
LogLevel: pulumi.String("critical"),
PacketCapture: pulumi.String("extended-capture"),
},
&scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs{
Name: pulumi.String("pan-dns-sec-malware"),
Action: pulumi.String("default"),
LogLevel: pulumi.String("informational"),
PacketCapture: pulumi.String("disable"),
},
},
},
})
if err != nil {
return err
}
_, err = scm.NewDnsSecurityProfile(ctx, "scm_dns_lists", &scm.DnsSecurityProfileArgs{
Folder: pulumi.String("All"),
Name: pulumi.String("test_dns_lists"),
Description: pulumi.String("dns security profile w/ dns lists"),
BotnetDomains: &scm.DnsSecurityProfileBotnetDomainsArgs{
DnsLists: []interface{}{
map[string]interface{}{
"name": "default-paloalto-dns",
"packetCapture": "disable",
"action": map[string]interface{}{
"alert": map[string]interface{}{},
},
},
map[string]interface{}{
"name": "update-edl",
"packetCapture": "extended-capture",
"action": map[string]interface{}{
"allow": map[string]interface{}{},
},
},
},
},
})
if err != nil {
return err
}
_, err = scm.NewDnsSecurityProfile(ctx, "scm_dns_sinkhole", &scm.DnsSecurityProfileArgs{
Folder: pulumi.String("All"),
Name: pulumi.String("test_dns_sinkhole"),
Description: pulumi.String("dns security profile w/ sinkhole"),
BotnetDomains: &scm.DnsSecurityProfileBotnetDomainsArgs{
Sinkhole: &scm.DnsSecurityProfileBotnetDomainsSinkholeArgs{
Ipv4Address: pulumi.String("127.0.0.1"),
Ipv6Address: pulumi.String("::1"),
},
},
})
if err != nil {
return err
}
_, err = scm.NewDnsSecurityProfile(ctx, "scm_dns_whitelist", &scm.DnsSecurityProfileArgs{
Folder: pulumi.String("All"),
Name: pulumi.String("test_dns_whitelist"),
Description: pulumi.String("dns security profile w/ whitelist"),
BotnetDomains: &scm.DnsSecurityProfileBotnetDomainsArgs{
Whitelists: scm.DnsSecurityProfileBotnetDomainsWhitelistArray{
&scm.DnsSecurityProfileBotnetDomainsWhitelistArgs{
Name: pulumi.String("example.com"),
},
&scm.DnsSecurityProfileBotnetDomainsWhitelistArgs{
Name: pulumi.String("example2.com"),
Description: pulumi.String("creating whitelist"),
},
},
},
})
if err != nil {
return err
}
_, err = scm.NewDnsSecurityProfile(ctx, "scm_dns_all", &scm.DnsSecurityProfileArgs{
Folder: pulumi.String("All"),
Name: pulumi.String("test_dns_all_test"),
Description: pulumi.String("dns security profile w/ all"),
BotnetDomains: &scm.DnsSecurityProfileBotnetDomainsArgs{
DnsSecurityCategories: scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArray{
&scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs{
Name: pulumi.String("pan-dns-sec-ddns"),
Action: pulumi.String("block"),
LogLevel: pulumi.String("low"),
PacketCapture: pulumi.String("disable"),
},
},
DnsLists: []map[string]interface{}{
map[string]interface{}{
"name": "scm_edl_1",
"packetCapture": "single-packet",
"action": map[string]interface{}{
"block": map[string]interface{}{},
},
},
},
Sinkhole: &scm.DnsSecurityProfileBotnetDomainsSinkholeArgs{
Ipv4Address: pulumi.String("pan-sinkhole-default-ip"),
Ipv6Address: pulumi.String("::1"),
},
Whitelists: scm.DnsSecurityProfileBotnetDomainsWhitelistArray{
&scm.DnsSecurityProfileBotnetDomainsWhitelistArgs{
Name: pulumi.String("ebay.com"),
Description: pulumi.String("creating whitelist"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Scm = Pulumi.Scm;
return await Deployment.RunAsync(() =>
{
var scmDnsSecurityProfileBase = new Scm.DnsSecurityProfile("scm_dns_security_profile_base", new()
{
Folder = "All",
Name = "dns_base",
});
var scmDnsSecurityCategories = new Scm.DnsSecurityProfile("scm_dns_security_categories", new()
{
Folder = "All",
Name = "test_dns_sec_categories",
Description = "dns security profile w/ dns security categories",
BotnetDomains = new Scm.Inputs.DnsSecurityProfileBotnetDomainsArgs
{
DnsSecurityCategories = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
{
Name = "pan-dns-sec-recent",
},
new Scm.Inputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
{
Name = "pan-dns-sec-grayware",
Action = "allow",
LogLevel = "high",
PacketCapture = "disable",
},
new Scm.Inputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
{
Name = "pan-dns-sec-proxy",
Action = "block",
LogLevel = "default",
PacketCapture = "single-packet",
},
new Scm.Inputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
{
Name = "pan-dns-sec-phishing",
Action = "sinkhole",
LogLevel = "critical",
PacketCapture = "extended-capture",
},
new Scm.Inputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
{
Name = "pan-dns-sec-malware",
Action = "default",
LogLevel = "informational",
PacketCapture = "disable",
},
},
},
});
var scmDnsLists = new Scm.DnsSecurityProfile("scm_dns_lists", new()
{
Folder = "All",
Name = "test_dns_lists",
Description = "dns security profile w/ dns lists",
BotnetDomains = new Scm.Inputs.DnsSecurityProfileBotnetDomainsArgs
{
DnsLists = new[]
{
{
{ "name", "default-paloalto-dns" },
{ "packetCapture", "disable" },
{ "action",
{
{ "alert", null },
} },
},
{
{ "name", "update-edl" },
{ "packetCapture", "extended-capture" },
{ "action",
{
{ "allow", null },
} },
},
},
},
});
var scmDnsSinkhole = new Scm.DnsSecurityProfile("scm_dns_sinkhole", new()
{
Folder = "All",
Name = "test_dns_sinkhole",
Description = "dns security profile w/ sinkhole",
BotnetDomains = new Scm.Inputs.DnsSecurityProfileBotnetDomainsArgs
{
Sinkhole = new Scm.Inputs.DnsSecurityProfileBotnetDomainsSinkholeArgs
{
Ipv4Address = "127.0.0.1",
Ipv6Address = "::1",
},
},
});
var scmDnsWhitelist = new Scm.DnsSecurityProfile("scm_dns_whitelist", new()
{
Folder = "All",
Name = "test_dns_whitelist",
Description = "dns security profile w/ whitelist",
BotnetDomains = new Scm.Inputs.DnsSecurityProfileBotnetDomainsArgs
{
Whitelists = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsWhitelistArgs
{
Name = "example.com",
},
new Scm.Inputs.DnsSecurityProfileBotnetDomainsWhitelistArgs
{
Name = "example2.com",
Description = "creating whitelist",
},
},
},
});
var scmDnsAll = new Scm.DnsSecurityProfile("scm_dns_all", new()
{
Folder = "All",
Name = "test_dns_all_test",
Description = "dns security profile w/ all",
BotnetDomains = new Scm.Inputs.DnsSecurityProfileBotnetDomainsArgs
{
DnsSecurityCategories = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
{
Name = "pan-dns-sec-ddns",
Action = "block",
LogLevel = "low",
PacketCapture = "disable",
},
},
DnsLists = new[]
{
{
{ "name", "scm_edl_1" },
{ "packetCapture", "single-packet" },
{ "action",
{
{ "block", null },
} },
},
},
Sinkhole = new Scm.Inputs.DnsSecurityProfileBotnetDomainsSinkholeArgs
{
Ipv4Address = "pan-sinkhole-default-ip",
Ipv6Address = "::1",
},
Whitelists = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsWhitelistArgs
{
Name = "ebay.com",
Description = "creating whitelist",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.scm.DnsSecurityProfile;
import com.pulumi.scm.DnsSecurityProfileArgs;
import com.pulumi.scm.inputs.DnsSecurityProfileBotnetDomainsArgs;
import com.pulumi.scm.inputs.DnsSecurityProfileBotnetDomainsSinkholeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var scmDnsSecurityProfileBase = new DnsSecurityProfile("scmDnsSecurityProfileBase", DnsSecurityProfileArgs.builder()
.folder("All")
.name("dns_base")
.build());
var scmDnsSecurityCategories = new DnsSecurityProfile("scmDnsSecurityCategories", DnsSecurityProfileArgs.builder()
.folder("All")
.name("test_dns_sec_categories")
.description("dns security profile w/ dns security categories")
.botnetDomains(DnsSecurityProfileBotnetDomainsArgs.builder()
.dnsSecurityCategories(
DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs.builder()
.name("pan-dns-sec-recent")
.build(),
DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs.builder()
.name("pan-dns-sec-grayware")
.action("allow")
.logLevel("high")
.packetCapture("disable")
.build(),
DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs.builder()
.name("pan-dns-sec-proxy")
.action("block")
.logLevel("default")
.packetCapture("single-packet")
.build(),
DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs.builder()
.name("pan-dns-sec-phishing")
.action("sinkhole")
.logLevel("critical")
.packetCapture("extended-capture")
.build(),
DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs.builder()
.name("pan-dns-sec-malware")
.action("default")
.logLevel("informational")
.packetCapture("disable")
.build())
.build())
.build());
var scmDnsLists = new DnsSecurityProfile("scmDnsLists", DnsSecurityProfileArgs.builder()
.folder("All")
.name("test_dns_lists")
.description("dns security profile w/ dns lists")
.botnetDomains(DnsSecurityProfileBotnetDomainsArgs.builder()
.dnsLists(List.of(
Map.ofEntries(
Map.entry("name", "default-paloalto-dns"),
Map.entry("packetCapture", "disable"),
Map.entry("action", Map.of("alert", Map.ofEntries(
)))
),
Map.ofEntries(
Map.entry("name", "update-edl"),
Map.entry("packetCapture", "extended-capture"),
Map.entry("action", Map.of("allow", Map.ofEntries(
)))
)))
.build())
.build());
var scmDnsSinkhole = new DnsSecurityProfile("scmDnsSinkhole", DnsSecurityProfileArgs.builder()
.folder("All")
.name("test_dns_sinkhole")
.description("dns security profile w/ sinkhole")
.botnetDomains(DnsSecurityProfileBotnetDomainsArgs.builder()
.sinkhole(DnsSecurityProfileBotnetDomainsSinkholeArgs.builder()
.ipv4Address("127.0.0.1")
.ipv6Address("::1")
.build())
.build())
.build());
var scmDnsWhitelist = new DnsSecurityProfile("scmDnsWhitelist", DnsSecurityProfileArgs.builder()
.folder("All")
.name("test_dns_whitelist")
.description("dns security profile w/ whitelist")
.botnetDomains(DnsSecurityProfileBotnetDomainsArgs.builder()
.whitelists(
DnsSecurityProfileBotnetDomainsWhitelistArgs.builder()
.name("example.com")
.build(),
DnsSecurityProfileBotnetDomainsWhitelistArgs.builder()
.name("example2.com")
.description("creating whitelist")
.build())
.build())
.build());
var scmDnsAll = new DnsSecurityProfile("scmDnsAll", DnsSecurityProfileArgs.builder()
.folder("All")
.name("test_dns_all_test")
.description("dns security profile w/ all")
.botnetDomains(DnsSecurityProfileBotnetDomainsArgs.builder()
.dnsSecurityCategories(DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs.builder()
.name("pan-dns-sec-ddns")
.action("block")
.logLevel("low")
.packetCapture("disable")
.build())
.dnsLists(List.of(Map.ofEntries(
Map.entry("name", "scm_edl_1"),
Map.entry("packetCapture", "single-packet"),
Map.entry("action", Map.of("block", Map.ofEntries(
)))
)))
.sinkhole(DnsSecurityProfileBotnetDomainsSinkholeArgs.builder()
.ipv4Address("pan-sinkhole-default-ip")
.ipv6Address("::1")
.build())
.whitelists(DnsSecurityProfileBotnetDomainsWhitelistArgs.builder()
.name("ebay.com")
.description("creating whitelist")
.build())
.build())
.build());
}
}
resources:
scmDnsSecurityProfileBase:
type: scm:DnsSecurityProfile
name: scm_dns_security_profile_base
properties:
folder: All
name: dns_base
scmDnsSecurityCategories:
type: scm:DnsSecurityProfile
name: scm_dns_security_categories
properties:
folder: All
name: test_dns_sec_categories
description: dns security profile w/ dns security categories
botnetDomains:
dnsSecurityCategories:
- name: pan-dns-sec-recent
- name: pan-dns-sec-grayware
action: allow
logLevel: high
packetCapture: disable
- name: pan-dns-sec-proxy
action: block
logLevel: default
packetCapture: single-packet
- name: pan-dns-sec-phishing
action: sinkhole
logLevel: critical
packetCapture: extended-capture
- name: pan-dns-sec-malware
action: default
logLevel: informational
packetCapture: disable
scmDnsLists:
type: scm:DnsSecurityProfile
name: scm_dns_lists
properties:
folder: All
name: test_dns_lists
description: dns security profile w/ dns lists
botnetDomains:
dnsLists:
- name: default-paloalto-dns
packetCapture: disable
action:
alert: {}
- name: update-edl
packetCapture: extended-capture
action:
allow: {}
scmDnsSinkhole:
type: scm:DnsSecurityProfile
name: scm_dns_sinkhole
properties:
folder: All
name: test_dns_sinkhole
description: dns security profile w/ sinkhole
botnetDomains:
sinkhole:
ipv4Address: 127.0.0.1
ipv6Address: ::1
scmDnsWhitelist:
type: scm:DnsSecurityProfile
name: scm_dns_whitelist
properties:
folder: All
name: test_dns_whitelist
description: dns security profile w/ whitelist
botnetDomains:
whitelists:
- name: example.com
- name: example2.com
description: creating whitelist
scmDnsAll:
type: scm:DnsSecurityProfile
name: scm_dns_all
properties:
folder: All
name: test_dns_all_test
description: dns security profile w/ all
botnetDomains:
dnsSecurityCategories:
- name: pan-dns-sec-ddns
action: block
logLevel: low
packetCapture: disable
dnsLists:
- name: scm_edl_1
packetCapture: single-packet
action:
block: {}
sinkhole:
ipv4Address: pan-sinkhole-default-ip
ipv6Address: ::1
whitelists:
- name: ebay.com
description: creating whitelist
Create DnsSecurityProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DnsSecurityProfile(name: string, args?: DnsSecurityProfileArgs, opts?: CustomResourceOptions);@overload
def DnsSecurityProfile(resource_name: str,
args: Optional[DnsSecurityProfileArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def DnsSecurityProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
botnet_domains: Optional[DnsSecurityProfileBotnetDomainsArgs] = None,
description: Optional[str] = None,
device: Optional[str] = None,
folder: Optional[str] = None,
name: Optional[str] = None,
snippet: Optional[str] = None)func NewDnsSecurityProfile(ctx *Context, name string, args *DnsSecurityProfileArgs, opts ...ResourceOption) (*DnsSecurityProfile, error)public DnsSecurityProfile(string name, DnsSecurityProfileArgs? args = null, CustomResourceOptions? opts = null)
public DnsSecurityProfile(String name, DnsSecurityProfileArgs args)
public DnsSecurityProfile(String name, DnsSecurityProfileArgs args, CustomResourceOptions options)
type: scm:DnsSecurityProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var dnsSecurityProfileResource = new Scm.DnsSecurityProfile("dnsSecurityProfileResource", new()
{
BotnetDomains = new Scm.Inputs.DnsSecurityProfileBotnetDomainsArgs
{
DnsSecurityCategories = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
{
Action = "string",
LogLevel = "string",
Name = "string",
PacketCapture = "string",
},
},
Lists = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsListArgs
{
Name = "string",
Action = new Scm.Inputs.DnsSecurityProfileBotnetDomainsListActionArgs
{
Alert = null,
Allow = null,
Block = null,
Sinkhole = null,
},
PacketCapture = "string",
},
},
Sinkhole = new Scm.Inputs.DnsSecurityProfileBotnetDomainsSinkholeArgs
{
Ipv4Address = "string",
Ipv6Address = "string",
},
Whitelists = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsWhitelistArgs
{
Name = "string",
Description = "string",
},
},
},
Description = "string",
Device = "string",
Folder = "string",
Name = "string",
Snippet = "string",
});
example, err := scm.NewDnsSecurityProfile(ctx, "dnsSecurityProfileResource", &scm.DnsSecurityProfileArgs{
BotnetDomains: &scm.DnsSecurityProfileBotnetDomainsArgs{
DnsSecurityCategories: scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArray{
&scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs{
Action: pulumi.String("string"),
LogLevel: pulumi.String("string"),
Name: pulumi.String("string"),
PacketCapture: pulumi.String("string"),
},
},
Lists: scm.DnsSecurityProfileBotnetDomainsListArray{
&scm.DnsSecurityProfileBotnetDomainsListArgs{
Name: pulumi.String("string"),
Action: &scm.DnsSecurityProfileBotnetDomainsListActionArgs{
Alert: &scm.DnsSecurityProfileBotnetDomainsListActionAlertArgs{},
Allow: &scm.DnsSecurityProfileBotnetDomainsListActionAllowArgs{},
Block: &scm.DnsSecurityProfileBotnetDomainsListActionBlockArgs{},
Sinkhole: &scm.DnsSecurityProfileBotnetDomainsListActionSinkholeArgs{},
},
PacketCapture: pulumi.String("string"),
},
},
Sinkhole: &scm.DnsSecurityProfileBotnetDomainsSinkholeArgs{
Ipv4Address: pulumi.String("string"),
Ipv6Address: pulumi.String("string"),
},
Whitelists: scm.DnsSecurityProfileBotnetDomainsWhitelistArray{
&scm.DnsSecurityProfileBotnetDomainsWhitelistArgs{
Name: pulumi.String("string"),
Description: pulumi.String("string"),
},
},
},
Description: pulumi.String("string"),
Device: pulumi.String("string"),
Folder: pulumi.String("string"),
Name: pulumi.String("string"),
Snippet: pulumi.String("string"),
})
var dnsSecurityProfileResource = new DnsSecurityProfile("dnsSecurityProfileResource", DnsSecurityProfileArgs.builder()
.botnetDomains(DnsSecurityProfileBotnetDomainsArgs.builder()
.dnsSecurityCategories(DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs.builder()
.action("string")
.logLevel("string")
.name("string")
.packetCapture("string")
.build())
.lists(DnsSecurityProfileBotnetDomainsListArgs.builder()
.name("string")
.action(DnsSecurityProfileBotnetDomainsListActionArgs.builder()
.alert(DnsSecurityProfileBotnetDomainsListActionAlertArgs.builder()
.build())
.allow(DnsSecurityProfileBotnetDomainsListActionAllowArgs.builder()
.build())
.block(DnsSecurityProfileBotnetDomainsListActionBlockArgs.builder()
.build())
.sinkhole(DnsSecurityProfileBotnetDomainsListActionSinkholeArgs.builder()
.build())
.build())
.packetCapture("string")
.build())
.sinkhole(DnsSecurityProfileBotnetDomainsSinkholeArgs.builder()
.ipv4Address("string")
.ipv6Address("string")
.build())
.whitelists(DnsSecurityProfileBotnetDomainsWhitelistArgs.builder()
.name("string")
.description("string")
.build())
.build())
.description("string")
.device("string")
.folder("string")
.name("string")
.snippet("string")
.build());
dns_security_profile_resource = scm.DnsSecurityProfile("dnsSecurityProfileResource",
botnet_domains={
"dns_security_categories": [{
"action": "string",
"log_level": "string",
"name": "string",
"packet_capture": "string",
}],
"lists": [{
"name": "string",
"action": {
"alert": {},
"allow": {},
"block": {},
"sinkhole": {},
},
"packet_capture": "string",
}],
"sinkhole": {
"ipv4_address": "string",
"ipv6_address": "string",
},
"whitelists": [{
"name": "string",
"description": "string",
}],
},
description="string",
device="string",
folder="string",
name="string",
snippet="string")
const dnsSecurityProfileResource = new scm.DnsSecurityProfile("dnsSecurityProfileResource", {
botnetDomains: {
dnsSecurityCategories: [{
action: "string",
logLevel: "string",
name: "string",
packetCapture: "string",
}],
lists: [{
name: "string",
action: {
alert: {},
allow: {},
block: {},
sinkhole: {},
},
packetCapture: "string",
}],
sinkhole: {
ipv4Address: "string",
ipv6Address: "string",
},
whitelists: [{
name: "string",
description: "string",
}],
},
description: "string",
device: "string",
folder: "string",
name: "string",
snippet: "string",
});
type: scm:DnsSecurityProfile
properties:
botnetDomains:
dnsSecurityCategories:
- action: string
logLevel: string
name: string
packetCapture: string
lists:
- action:
alert: {}
allow: {}
block: {}
sinkhole: {}
name: string
packetCapture: string
sinkhole:
ipv4Address: string
ipv6Address: string
whitelists:
- description: string
name: string
description: string
device: string
folder: string
name: string
snippet: string
DnsSecurityProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DnsSecurityProfile resource accepts the following input properties:
- Botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- Description string
- The description of the DNS security profile
- Device string
- The device in which the resource is defined
- Folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Name string
- The name of the DNS security profile
- Snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.
- Botnet
Domains DnsSecurity Profile Botnet Domains Args - Botnet domains
- Description string
- The description of the DNS security profile
- Device string
- The device in which the resource is defined
- Folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Name string
- The name of the DNS security profile
- Snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.
- botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- description String
- The description of the DNS security profile
- device String
- The device in which the resource is defined
- folder String
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name String
- The name of the DNS security profile
- snippet String
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.
- botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- description string
- The description of the DNS security profile
- device string
- The device in which the resource is defined
- folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name string
- The name of the DNS security profile
- snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.
- botnet_
domains DnsSecurity Profile Botnet Domains Args - Botnet domains
- description str
- The description of the DNS security profile
- device str
- The device in which the resource is defined
- folder str
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name str
- The name of the DNS security profile
- snippet str
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.
- botnet
Domains Property Map - Botnet domains
- description String
- The description of the DNS security profile
- device String
- The device in which the resource is defined
- folder String
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name String
- The name of the DNS security profile
- snippet String
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.
Outputs
All input properties are implicitly available as output properties. Additionally, the DnsSecurityProfile resource produces the following output properties:
Look up Existing DnsSecurityProfile Resource
Get an existing DnsSecurityProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DnsSecurityProfileState, opts?: CustomResourceOptions): DnsSecurityProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
botnet_domains: Optional[DnsSecurityProfileBotnetDomainsArgs] = None,
description: Optional[str] = None,
device: Optional[str] = None,
folder: Optional[str] = None,
name: Optional[str] = None,
snippet: Optional[str] = None,
tfid: Optional[str] = None) -> DnsSecurityProfilefunc GetDnsSecurityProfile(ctx *Context, name string, id IDInput, state *DnsSecurityProfileState, opts ...ResourceOption) (*DnsSecurityProfile, error)public static DnsSecurityProfile Get(string name, Input<string> id, DnsSecurityProfileState? state, CustomResourceOptions? opts = null)public static DnsSecurityProfile get(String name, Output<String> id, DnsSecurityProfileState state, CustomResourceOptions options)resources: _: type: scm:DnsSecurityProfile get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- Description string
- The description of the DNS security profile
- Device string
- The device in which the resource is defined
- Folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Name string
- The name of the DNS security profile
- Snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Tfid string
- Botnet
Domains DnsSecurity Profile Botnet Domains Args - Botnet domains
- Description string
- The description of the DNS security profile
- Device string
- The device in which the resource is defined
- Folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Name string
- The name of the DNS security profile
- Snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Tfid string
- botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- description String
- The description of the DNS security profile
- device String
- The device in which the resource is defined
- folder String
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name String
- The name of the DNS security profile
- snippet String
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- tfid String
- botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- description string
- The description of the DNS security profile
- device string
- The device in which the resource is defined
- folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name string
- The name of the DNS security profile
- snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- tfid string
- botnet_
domains DnsSecurity Profile Botnet Domains Args - Botnet domains
- description str
- The description of the DNS security profile
- device str
- The device in which the resource is defined
- folder str
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name str
- The name of the DNS security profile
- snippet str
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- tfid str
- botnet
Domains Property Map - Botnet domains
- description String
- The description of the DNS security profile
- device String
- The device in which the resource is defined
- folder String
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name String
- The name of the DNS security profile
- snippet String
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- tfid String
Supporting Types
DnsSecurityProfileBotnetDomains, DnsSecurityProfileBotnetDomainsArgs
- Dns
Security List<DnsCategories Security Profile Botnet Domains Dns Security Category> - DNS categories
- Lists
List<Dns
Security Profile Botnet Domains List> - Dynamic lists of DNS domains
- Sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- Whitelists
List<Dns
Security Profile Botnet Domains Whitelist> - DNS security overrides
- Dns
Security []DnsCategories Security Profile Botnet Domains Dns Security Category - DNS categories
- Lists
[]Dns
Security Profile Botnet Domains List - Dynamic lists of DNS domains
- Sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- Whitelists
[]Dns
Security Profile Botnet Domains Whitelist - DNS security overrides
- dns
Security List<DnsCategories Security Profile Botnet Domains Dns Security Category> - DNS categories
- lists
List<Dns
Security Profile Botnet Domains List> - Dynamic lists of DNS domains
- sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- whitelists
List<Dns
Security Profile Botnet Domains Whitelist> - DNS security overrides
- dns
Security DnsCategories Security Profile Botnet Domains Dns Security Category[] - DNS categories
- lists
Dns
Security Profile Botnet Domains List[] - Dynamic lists of DNS domains
- sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- whitelists
Dns
Security Profile Botnet Domains Whitelist[] - DNS security overrides
- dns_
security_ Sequence[Dnscategories Security Profile Botnet Domains Dns Security Category] - DNS categories
- lists
Sequence[Dns
Security Profile Botnet Domains List] - Dynamic lists of DNS domains
- sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- whitelists
Sequence[Dns
Security Profile Botnet Domains Whitelist] - DNS security overrides
- dns
Security List<Property Map>Categories - DNS categories
- lists List<Property Map>
- Dynamic lists of DNS domains
- sinkhole Property Map
- DNS sinkhole settings
- whitelists List<Property Map>
- DNS security overrides
DnsSecurityProfileBotnetDomainsDnsSecurityCategory, DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
- Action string
- Action
- Log
Level string - Log level
- Name string
- Name
- Packet
Capture string - Packet capture
- Action string
- Action
- Log
Level string - Log level
- Name string
- Name
- Packet
Capture string - Packet capture
- action String
- Action
- log
Level String - Log level
- name String
- Name
- packet
Capture String - Packet capture
- action string
- Action
- log
Level string - Log level
- name string
- Name
- packet
Capture string - Packet capture
- action str
- Action
- log_
level str - Log level
- name str
- Name
- packet_
capture str - Packet capture
- action String
- Action
- log
Level String - Log level
- name String
- Name
- packet
Capture String - Packet capture
DnsSecurityProfileBotnetDomainsList, DnsSecurityProfileBotnetDomainsListArgs
- Name string
- Name
- Action
Dns
Security Profile Botnet Domains List Action - Action
- Packet
Capture string - Packet capture
- Name string
- Name
- Action
Dns
Security Profile Botnet Domains List Action - Action
- Packet
Capture string - Packet capture
- name String
- Name
- action
Dns
Security Profile Botnet Domains List Action - Action
- packet
Capture String - Packet capture
- name string
- Name
- action
Dns
Security Profile Botnet Domains List Action - Action
- packet
Capture string - Packet capture
- name str
- Name
- action
Dns
Security Profile Botnet Domains List Action - Action
- packet_
capture str - Packet capture
- name String
- Name
- action Property Map
- Action
- packet
Capture String - Packet capture
DnsSecurityProfileBotnetDomainsListAction, DnsSecurityProfileBotnetDomainsListActionArgs
- Alert
Dns
Security Profile Botnet Domains List Action Alert - Alert
- Allow
Dns
Security Profile Botnet Domains List Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- Block
Dns
Security Profile Botnet Domains List Action Block Block
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- Sinkhole
Dns
Security Profile Botnet Domains List Action Sinkhole Sinkhole
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.
- Alert
Dns
Security Profile Botnet Domains List Action Alert - Alert
- Allow
Dns
Security Profile Botnet Domains List Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- Block
Dns
Security Profile Botnet Domains List Action Block Block
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- Sinkhole
Dns
Security Profile Botnet Domains List Action Sinkhole Sinkhole
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.
- alert
Dns
Security Profile Botnet Domains List Action Alert - Alert
- allow
Dns
Security Profile Botnet Domains List Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- block
Dns
Security Profile Botnet Domains List Action Block Block
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- sinkhole
Dns
Security Profile Botnet Domains List Action Sinkhole Sinkhole
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.
- alert
Dns
Security Profile Botnet Domains List Action Alert - Alert
- allow
Dns
Security Profile Botnet Domains List Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- block
Dns
Security Profile Botnet Domains List Action Block Block
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- sinkhole
Dns
Security Profile Botnet Domains List Action Sinkhole Sinkhole
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.
- alert
Dns
Security Profile Botnet Domains List Action Alert - Alert
- allow
Dns
Security Profile Botnet Domains List Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- block
Dns
Security Profile Botnet Domains List Action Block Block
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- sinkhole
Dns
Security Profile Botnet Domains List Action Sinkhole Sinkhole
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.
- alert Property Map
- Alert
- allow Property Map
Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- block Property Map
Block
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.- sinkhole Property Map
Sinkhole
ℹ️ Note: You must specify exactly one of
alert,allow,block, andsinkhole.
DnsSecurityProfileBotnetDomainsSinkhole, DnsSecurityProfileBotnetDomainsSinkholeArgs
- Ipv4Address string
- Ipv4 address
- Ipv6Address string
- Ipv6 address
- Ipv4Address string
- Ipv4 address
- Ipv6Address string
- Ipv6 address
- ipv4Address String
- Ipv4 address
- ipv6Address String
- Ipv6 address
- ipv4Address string
- Ipv4 address
- ipv6Address string
- Ipv6 address
- ipv4_
address str - Ipv4 address
- ipv6_
address str - Ipv6 address
- ipv4Address String
- Ipv4 address
- ipv6Address String
- Ipv6 address
DnsSecurityProfileBotnetDomainsWhitelist, DnsSecurityProfileBotnetDomainsWhitelistArgs
- Name string
- DNS domain or FQDN to be whitelisted
- Description string
- Description
- Name string
- DNS domain or FQDN to be whitelisted
- Description string
- Description
- name String
- DNS domain or FQDN to be whitelisted
- description String
- Description
- name string
- DNS domain or FQDN to be whitelisted
- description string
- Description
- name str
- DNS domain or FQDN to be whitelisted
- description str
- Description
- name String
- DNS domain or FQDN to be whitelisted
- description String
- Description
Package Details
- Repository
- scm pulumi/pulumi-scm
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
scmTerraform Provider.
Strata Cloud Manager v1.0.1 published on Wednesday, Nov 26, 2025 by Pulumi
