getSecurityRule

Strata Cloud Manager v1.0.1, Nov 26 25

Strata Cloud Manager v1.0.1 published on Wednesday, Nov 26, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-scm

Strata Cloud Manager v1.0.1 published on Wednesday, Nov 26, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-scm

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as scm from "@pulumi/scm";

// 1. Fetch by ID (Best for direct lookup)
const standardWebAccessById = scm.getSecurityRule({
    id: "2a550f26-3e98-47d0-984f-b51e4ff367de",
});
export const fetchedStandardWebId = standardWebAccessById.then(standardWebAccessById => standardWebAccessById.id);
export const fetchedStandardWebName = standardWebAccessById.then(standardWebAccessById => standardWebAccessById.name);
export const fetchedStandardWebDescription = standardWebAccessById.then(standardWebAccessById => standardWebAccessById.description);

import pulumi
import pulumi_scm as scm

# 1. Fetch by ID (Best for direct lookup)
standard_web_access_by_id = scm.get_security_rule(id="2a550f26-3e98-47d0-984f-b51e4ff367de")
pulumi.export("fetchedStandardWebId", standard_web_access_by_id.id)
pulumi.export("fetchedStandardWebName", standard_web_access_by_id.name)
pulumi.export("fetchedStandardWebDescription", standard_web_access_by_id.description)

package main

import (
	"github.com/pulumi/pulumi-scm/sdk/go/scm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// 1. Fetch by ID (Best for direct lookup)
		standardWebAccessById, err := scm.LookupSecurityRule(ctx, &scm.LookupSecurityRuleArgs{
			Id: "2a550f26-3e98-47d0-984f-b51e4ff367de",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("fetchedStandardWebId", standardWebAccessById.Id)
		ctx.Export("fetchedStandardWebName", standardWebAccessById.Name)
		ctx.Export("fetchedStandardWebDescription", standardWebAccessById.Description)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Scm = Pulumi.Scm;

return await Deployment.RunAsync(() => 
{
    // 1. Fetch by ID (Best for direct lookup)
    var standardWebAccessById = Scm.GetSecurityRule.Invoke(new()
    {
        Id = "2a550f26-3e98-47d0-984f-b51e4ff367de",
    });

    return new Dictionary<string, object?>
    {
        ["fetchedStandardWebId"] = standardWebAccessById.Apply(getSecurityRuleResult => getSecurityRuleResult.Id),
        ["fetchedStandardWebName"] = standardWebAccessById.Apply(getSecurityRuleResult => getSecurityRuleResult.Name),
        ["fetchedStandardWebDescription"] = standardWebAccessById.Apply(getSecurityRuleResult => getSecurityRuleResult.Description),
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.scm.ScmFunctions;
import com.pulumi.scm.inputs.GetSecurityRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        // 1. Fetch by ID (Best for direct lookup)
        final var standardWebAccessById = ScmFunctions.getSecurityRule(GetSecurityRuleArgs.builder()
            .id("2a550f26-3e98-47d0-984f-b51e4ff367de")
            .build());

        ctx.export("fetchedStandardWebId", standardWebAccessById.id());
        ctx.export("fetchedStandardWebName", standardWebAccessById.name());
        ctx.export("fetchedStandardWebDescription", standardWebAccessById.description());
    }
}

variables:
  # 1. Fetch by ID (Best for direct lookup)
  standardWebAccessById:
    fn::invoke:
      function: scm:getSecurityRule
      arguments:
        id: 2a550f26-3e98-47d0-984f-b51e4ff367de
outputs:
  # --- Outputs to Verify Fetched Data ---
  fetchedStandardWebId: ${standardWebAccessById.id}
  fetchedStandardWebName: ${standardWebAccessById.name}
  fetchedStandardWebDescription: ${standardWebAccessById.description}

Using getSecurityRule

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSecurityRule(args: GetSecurityRuleArgs, opts?: InvokeOptions): Promise<GetSecurityRuleResult>
function getSecurityRuleOutput(args: GetSecurityRuleOutputArgs, opts?: InvokeOptions): Output<GetSecurityRuleResult>

def get_security_rule(id: Optional[str] = None,
                      name: Optional[str] = None,
                      opts: Optional[InvokeOptions] = None) -> GetSecurityRuleResult
def get_security_rule_output(id: Optional[pulumi.Input[str]] = None,
                      name: Optional[pulumi.Input[str]] = None,
                      opts: Optional[InvokeOptions] = None) -> Output[GetSecurityRuleResult]

func LookupSecurityRule(ctx *Context, args *LookupSecurityRuleArgs, opts ...InvokeOption) (*LookupSecurityRuleResult, error)
func LookupSecurityRuleOutput(ctx *Context, args *LookupSecurityRuleOutputArgs, opts ...InvokeOption) LookupSecurityRuleResultOutput

> Note: This function is named LookupSecurityRule in the Go SDK.

public static class GetSecurityRule 
{
    public static Task<GetSecurityRuleResult> InvokeAsync(GetSecurityRuleArgs args, InvokeOptions? opts = null)
    public static Output<GetSecurityRuleResult> Invoke(GetSecurityRuleInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSecurityRuleResult> getSecurityRule(GetSecurityRuleArgs args, InvokeOptions options)
public static Output<GetSecurityRuleResult> getSecurityRule(GetSecurityRuleArgs args, InvokeOptions options)

fn::invoke:
  function: scm:index/getSecurityRule:getSecurityRule
  arguments:
    # arguments dictionary

The following arguments are supported:

Id string: The UUID of the security rule
Name string: The name of the security rule

Id string: The UUID of the security rule
Name string: The name of the security rule

id String: The UUID of the security rule
name String: The name of the security rule

id string: The UUID of the security rule
name string: The name of the security rule

id str: The UUID of the security rule
name str: The name of the security rule

id String: The UUID of the security rule
name String: The name of the security rule

getSecurityRule Result

The following output properties are available:

Action string: The action to be taken when the rule is matched
AllowUrlCategories List<GetSecurityRuleAllowUrlCategory>: Allow url category
AllowWebApplications List<GetSecurityRuleAllowWebApplication>: Allow web application
Applications List<string>: The application(s) being accessed
BlockUrlCategories List<string>: Block url category
BlockWebApplications List<string>: Block web application
Categories List<string>: The URL categories being accessed
DefaultProfileSettings GetSecurityRuleDefaultProfileSettings: Default profile settings
Description string: The description of the security rule
DestinationHips List<string>: The destination Host Integrity Profile(s)
Destinations List<string>: The destination address(es)
Device string: The device in which the resource is defined
Devices List<string>: Devices
Disabled bool: Is the security rule disabled?
Folder string: The folder in which the resource is defined
Froms List<string>: The source security zone(s)
Id string: The UUID of the security rule
LogEnd bool: Log at session end?
LogSetting string: The external log forwarding profile
LogSettings GetSecurityRuleLogSettings: Log settings
LogStart bool: Log at session start?
Name string: The name of the security rule
NegateDestination bool: Negate the destination addresses(es)?
NegateSource bool: Negate the source address(es)?
NegateUser bool: Negate user
PolicyType string: Policy type
Position string: The position of a security rule
ProfileSetting GetSecurityRuleProfileSetting: The security profile object
RelativePosition string: Relative positioning rule. String must be one of these: "before", "after", "top", "bottom". If not specified, rule is created at the bottom of the ruleset.
Schedule string: Schedule in which this rule will be applied
SecuritySettings GetSecurityRuleSecuritySettings: Security settings
Services List<string>: The service(s) being accessed
Snippet string: The snippet in which the resource is defined
SourceHips List<string>: The source Host Integrity Profile(s)
SourceUsers List<string>: List of source users and/or groups. Reserved words include any, pre-login, known-user, and unknown.
Sources List<string>: The source addresses(es)
Tags List<string>: The tags associated with the security rule
TargetRule string: The name or UUID of the rule to position this rule relative to. Required when relative_position is "before" or "after".
TenantRestrictions List<string>: Tenant restrictions
Tfid string
Tos List<string>: The destination security zone(s)

Action string: The action to be taken when the rule is matched
AllowUrlCategories []GetSecurityRuleAllowUrlCategory: Allow url category
AllowWebApplications []GetSecurityRuleAllowWebApplication: Allow web application
Applications []string: The application(s) being accessed
BlockUrlCategories []string: Block url category
BlockWebApplications []string: Block web application
Categories []string: The URL categories being accessed
DefaultProfileSettings GetSecurityRuleDefaultProfileSettings: Default profile settings
Description string: The description of the security rule
DestinationHips []string: The destination Host Integrity Profile(s)
Destinations []string: The destination address(es)
Device string: The device in which the resource is defined
Devices []string: Devices
Disabled bool: Is the security rule disabled?
Folder string: The folder in which the resource is defined
Froms []string: The source security zone(s)
Id string: The UUID of the security rule
LogEnd bool: Log at session end?
LogSetting string: The external log forwarding profile
LogSettings GetSecurityRuleLogSettings: Log settings
LogStart bool: Log at session start?
Name string: The name of the security rule
NegateDestination bool: Negate the destination addresses(es)?
NegateSource bool: Negate the source address(es)?
NegateUser bool: Negate user
PolicyType string: Policy type
Position string: The position of a security rule
ProfileSetting GetSecurityRuleProfileSetting: The security profile object
RelativePosition string: Relative positioning rule. String must be one of these: "before", "after", "top", "bottom". If not specified, rule is created at the bottom of the ruleset.
Schedule string: Schedule in which this rule will be applied
SecuritySettings GetSecurityRuleSecuritySettings: Security settings
Services []string: The service(s) being accessed
Snippet string: The snippet in which the resource is defined
SourceHips []string: The source Host Integrity Profile(s)
SourceUsers []string: List of source users and/or groups. Reserved words include any, pre-login, known-user, and unknown.
Sources []string: The source addresses(es)
Tags []string: The tags associated with the security rule
TargetRule string: The name or UUID of the rule to position this rule relative to. Required when relative_position is "before" or "after".
TenantRestrictions []string: Tenant restrictions
Tfid string
Tos []string: The destination security zone(s)

action String: The action to be taken when the rule is matched
allowUrlCategories List<GetSecurityRuleAllowUrlCategory>: Allow url category
allowWebApplications List<GetSecurityRuleAllowWebApplication>: Allow web application
applications List<String>: The application(s) being accessed
blockUrlCategories List<String>: Block url category
blockWebApplications List<String>: Block web application
categories List<String>: The URL categories being accessed
defaultProfileSettings GetSecurityRuleDefaultProfileSettings: Default profile settings
description String: The description of the security rule
destinationHips List<String>: The destination Host Integrity Profile(s)
destinations List<String>: The destination address(es)
device String: The device in which the resource is defined
devices List<String>: Devices
disabled Boolean: Is the security rule disabled?
folder String: The folder in which the resource is defined
froms List<String>: The source security zone(s)
id String: The UUID of the security rule
logEnd Boolean: Log at session end?
logSetting String: The external log forwarding profile
logSettings GetSecurityRuleLogSettings: Log settings
logStart Boolean: Log at session start?
name String: The name of the security rule
negateDestination Boolean: Negate the destination addresses(es)?
negateSource Boolean: Negate the source address(es)?
negateUser Boolean: Negate user
policyType String: Policy type
position String: The position of a security rule
profileSetting GetSecurityRuleProfileSetting: The security profile object
relativePosition String: Relative positioning rule. String must be one of these: "before", "after", "top", "bottom". If not specified, rule is created at the bottom of the ruleset.
schedule String: Schedule in which this rule will be applied
securitySettings GetSecurityRuleSecuritySettings: Security settings
services List<String>: The service(s) being accessed
snippet String: The snippet in which the resource is defined
sourceHips List<String>: The source Host Integrity Profile(s)
sourceUsers List<String>: List of source users and/or groups. Reserved words include any, pre-login, known-user, and unknown.
sources List<String>: The source addresses(es)
tags List<String>: The tags associated with the security rule
targetRule String: The name or UUID of the rule to position this rule relative to. Required when relative_position is "before" or "after".
tenantRestrictions List<String>: Tenant restrictions
tfid String
tos List<String>: The destination security zone(s)

action string: The action to be taken when the rule is matched
allowUrlCategories GetSecurityRuleAllowUrlCategory[]: Allow url category
allowWebApplications GetSecurityRuleAllowWebApplication[]: Allow web application
applications string[]: The application(s) being accessed
blockUrlCategories string[]: Block url category
blockWebApplications string[]: Block web application
categories string[]: The URL categories being accessed
defaultProfileSettings GetSecurityRuleDefaultProfileSettings: Default profile settings
description string: The description of the security rule
destinationHips string[]: The destination Host Integrity Profile(s)
destinations string[]: The destination address(es)
device string: The device in which the resource is defined
devices string[]: Devices
disabled boolean: Is the security rule disabled?
folder string: The folder in which the resource is defined
froms string[]: The source security zone(s)
id string: The UUID of the security rule
logEnd boolean: Log at session end?
logSetting string: The external log forwarding profile
logSettings GetSecurityRuleLogSettings: Log settings
logStart boolean: Log at session start?
name string: The name of the security rule
negateDestination boolean: Negate the destination addresses(es)?
negateSource boolean: Negate the source address(es)?
negateUser boolean: Negate user
policyType string: Policy type
position string: The position of a security rule
profileSetting GetSecurityRuleProfileSetting: The security profile object
relativePosition string: Relative positioning rule. String must be one of these: "before", "after", "top", "bottom". If not specified, rule is created at the bottom of the ruleset.
schedule string: Schedule in which this rule will be applied
securitySettings GetSecurityRuleSecuritySettings: Security settings
services string[]: The service(s) being accessed
snippet string: The snippet in which the resource is defined
sourceHips string[]: The source Host Integrity Profile(s)
sourceUsers string[]: List of source users and/or groups. Reserved words include any, pre-login, known-user, and unknown.
sources string[]: The source addresses(es)
tags string[]: The tags associated with the security rule
targetRule string: The name or UUID of the rule to position this rule relative to. Required when relative_position is "before" or "after".
tenantRestrictions string[]: Tenant restrictions
tfid string
tos string[]: The destination security zone(s)

action str: The action to be taken when the rule is matched
allow_url_categories Sequence[GetSecurityRuleAllowUrlCategory]: Allow url category
allow_web_applications Sequence[GetSecurityRuleAllowWebApplication]: Allow web application
applications Sequence[str]: The application(s) being accessed
block_url_categories Sequence[str]: Block url category
block_web_applications Sequence[str]: Block web application
categories Sequence[str]: The URL categories being accessed
default_profile_settings GetSecurityRuleDefaultProfileSettings: Default profile settings
description str: The description of the security rule
destination_hips Sequence[str]: The destination Host Integrity Profile(s)
destinations Sequence[str]: The destination address(es)
device str: The device in which the resource is defined
devices Sequence[str]: Devices
disabled bool: Is the security rule disabled?
folder str: The folder in which the resource is defined
froms Sequence[str]: The source security zone(s)
id str: The UUID of the security rule
log_end bool: Log at session end?
log_setting str: The external log forwarding profile
log_settings GetSecurityRuleLogSettings: Log settings
log_start bool: Log at session start?
name str: The name of the security rule
negate_destination bool: Negate the destination addresses(es)?
negate_source bool: Negate the source address(es)?
negate_user bool: Negate user
policy_type str: Policy type
position str: The position of a security rule
profile_setting GetSecurityRuleProfileSetting: The security profile object
relative_position str: Relative positioning rule. String must be one of these: "before", "after", "top", "bottom". If not specified, rule is created at the bottom of the ruleset.
schedule str: Schedule in which this rule will be applied
security_settings GetSecurityRuleSecuritySettings: Security settings
services Sequence[str]: The service(s) being accessed
snippet str: The snippet in which the resource is defined
source_hips Sequence[str]: The source Host Integrity Profile(s)
source_users Sequence[str]: List of source users and/or groups. Reserved words include any, pre-login, known-user, and unknown.
sources Sequence[str]: The source addresses(es)
tags Sequence[str]: The tags associated with the security rule
target_rule str: The name or UUID of the rule to position this rule relative to. Required when relative_position is "before" or "after".
tenant_restrictions Sequence[str]: Tenant restrictions
tfid str
tos Sequence[str]: The destination security zone(s)

action String: The action to be taken when the rule is matched
allowUrlCategories List<Property Map>: Allow url category
allowWebApplications List<Property Map>: Allow web application
applications List<String>: The application(s) being accessed
blockUrlCategories List<String>: Block url category
blockWebApplications List<String>: Block web application
categories List<String>: The URL categories being accessed
defaultProfileSettings Property Map: Default profile settings
description String: The description of the security rule
destinationHips List<String>: The destination Host Integrity Profile(s)
destinations List<String>: The destination address(es)
device String: The device in which the resource is defined
devices List<String>: Devices
disabled Boolean: Is the security rule disabled?
folder String: The folder in which the resource is defined
froms List<String>: The source security zone(s)
id String: The UUID of the security rule
logEnd Boolean: Log at session end?
logSetting String: The external log forwarding profile
logSettings Property Map: Log settings
logStart Boolean: Log at session start?
name String: The name of the security rule
negateDestination Boolean: Negate the destination addresses(es)?
negateSource Boolean: Negate the source address(es)?
negateUser Boolean: Negate user
policyType String: Policy type
position String: The position of a security rule
profileSetting Property Map: The security profile object
relativePosition String: Relative positioning rule. String must be one of these: "before", "after", "top", "bottom". If not specified, rule is created at the bottom of the ruleset.
schedule String: Schedule in which this rule will be applied
securitySettings Property Map: Security settings
services List<String>: The service(s) being accessed
snippet String: The snippet in which the resource is defined
sourceHips List<String>: The source Host Integrity Profile(s)
sourceUsers List<String>: List of source users and/or groups. Reserved words include any, pre-login, known-user, and unknown.
sources List<String>: The source addresses(es)
tags List<String>: The tags associated with the security rule
targetRule String: The name or UUID of the rule to position this rule relative to. Required when relative_position is "before" or "after".
tenantRestrictions List<String>: Tenant restrictions
tfid String
tos List<String>: The destination security zone(s)