Strata Cloud Manager v1.0.1 published on Wednesday, Nov 26, 2025 by Pulumi
Strata Cloud Manager v1.0.1 published on Wednesday, Nov 26, 2025 by Pulumi
VulnerabilityProtectionProfile resource
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as scm from "@pulumi/scm";
const scmVpProfile1Test = new scm.VulnerabilityProtectionProfile("scm_vp_profile_1_test", {
folder: "Shared",
name: "vp-profile-1-test",
description: "basic profile",
});
const scmVpProfile2Test = new scm.VulnerabilityProtectionProfile("scm_vp_profile_2_test", {
folder: "Shared",
name: "vp-profile-2-test",
description: "rules: allow, alert, and drop",
rules: [
{
name: "Rule-Informational-Allow",
action: {
allow: {},
},
packetCapture: "extended-capture",
severity: ["informational"],
category: "scan",
cve: ["N/A"],
host: "client",
vendorId: ["Match Any Vendor"],
threatName: "30000",
},
{
name: "Rule-Medium-Alert",
action: {
alert: {},
},
packetCapture: "single-packet",
severity: ["medium"],
category: "info-leak",
cve: ["Match Any CVE"],
host: "server",
vendorId: ["MS08-037"],
threatName: "OpenSSL Threat",
},
{
name: "Rule-Critical-High-Drop",
action: {
drop: {},
},
packetCapture: "disable",
severity: [
"critical",
"high",
],
category: "overflow",
cve: ["CVE-2008-1147"],
host: "any",
vendorId: ["Match Any Vendor"],
threatName: "any",
},
],
});
const scmVpProfile3Test = new scm.VulnerabilityProtectionProfile("scm_vp_profile_3_test", {
folder: "Shared",
name: "vp-profile-3-test",
description: "rules: reset client, reset server, reset both",
rules: [
{
name: "Rule-Low-Reset_Client",
action: {
resetClient: {},
},
severity: ["low"],
category: "protocol-anomaly",
cve: [
"CVE-2010-3332",
"CVE-2019-14537",
],
host: "client",
vendorId: [
"MSO5-032",
"IZ18434",
],
threatName: "30261",
},
{
name: "Rule-Info-Low-Reset_Server",
action: {
resetServer: {},
},
packetCapture: "disable",
severity: [
"informational",
"low",
],
category: "insecure-credentials",
cve: ["N/A"],
host: "server",
vendorId: ["Match Any Vendor"],
threatName: "Zone Bypass",
},
{
name: "Rule-Medium-Reset_Both",
action: {
resetBoth: {},
},
packetCapture: "single-packet",
severity: ["medium"],
category: "brute-force",
cve: [
"CVE-2012-0175",
"CVE-2024-6387",
"CVE-2017-14473",
],
host: "any",
vendorId: [
"CORE-1009-0227",
"SHIRO-550",
"AST-2012-008",
],
threatName: "any",
},
],
});
const scmVpProfile4Test = new scm.VulnerabilityProtectionProfile("scm_vp_profile_4_test", {
folder: "Shared",
name: "vp-profile-4-test",
description: "rules: block ip",
rules: [
{
name: "Rule-High-Critical-Block_IP",
action: {
blockIp: {
duration: 3600,
trackBy: "source-and-destination",
},
},
severity: [
"high",
"critical",
],
category: "insecure-credentials",
cve: ["N/A"],
host: "server",
vendorId: ["Match Any Vendor"],
threatName: "Zone Credentials",
},
{
name: "Rule-Low-Medium-Block_IP",
action: {
blockIp: {
duration: 2400,
trackBy: "source-and-destination",
},
},
severity: [
"low",
"medium",
],
category: "command-execution",
cve: ["N/A"],
host: "server",
vendorId: ["Match Any Vendor"],
threatName: "any",
},
],
});
const scmVpProfile5Test = new scm.VulnerabilityProtectionProfile("scm_vp_profile_5_test", {
folder: "Shared",
name: "vp-profile-5-test",
description: "override",
threatExceptions: [{
name: "12345",
action: {
allow: {},
},
severity: ["informational"],
category: "command-execution",
exemptIp: [{
name: "192.14.3.100",
}],
timeAttribute: {
interval: 3600,
threshold: 24000,
trackBy: "source",
},
}],
});
const scmVpProfile6Test = new scm.VulnerabilityProtectionProfile("scm_vp_profile_6_test", {
folder: "Shared",
name: "vp-profile-6-test",
description: "mixed",
rules: [
{
name: "Rule-Info-Rest_Both",
action: {
allow: {},
},
packetCapture: "disable",
severity: ["informational"],
category: "exploit-kit",
cve: ["N/A"],
host: "client",
vendorId: ["Match Any Vendor"],
threatName: "30000",
},
{
name: "Rule-Low-Alert",
action: {
alert: {},
},
packetCapture: "single-packet",
severity: ["low"],
category: "dos",
cve: ["CVE-2020-8790"],
host: "server",
vendorId: ["MS09-036"],
threatName: "Memory Corruption",
},
{
name: "Rule-Medium-Drop",
action: {
drop: {},
},
packetCapture: "disable",
severity: [
"medium",
"high",
],
category: "insecure-credentials",
cve: ["N/A"],
host: "any",
vendorId: ["Match Any Vendor"],
threatName: "any",
},
],
threatExceptions: [{
name: "12345",
action: {
drop: {},
},
packetCapture: "single-packet",
host: "any",
category: "scan",
cve: [
"CVE-2011-2663",
"CVE-2016-9949",
],
exemptIp: [{
name: "192.14.3.100",
}],
}],
});
import pulumi
import pulumi_scm as scm
scm_vp_profile1_test = scm.VulnerabilityProtectionProfile("scm_vp_profile_1_test",
folder="Shared",
name="vp-profile-1-test",
description="basic profile")
scm_vp_profile2_test = scm.VulnerabilityProtectionProfile("scm_vp_profile_2_test",
folder="Shared",
name="vp-profile-2-test",
description="rules: allow, alert, and drop",
rules=[
{
"name": "Rule-Informational-Allow",
"action": {
"allow": {},
},
"packet_capture": "extended-capture",
"severity": ["informational"],
"category": "scan",
"cve": ["N/A"],
"host": "client",
"vendor_id": ["Match Any Vendor"],
"threat_name": "30000",
},
{
"name": "Rule-Medium-Alert",
"action": {
"alert": {},
},
"packet_capture": "single-packet",
"severity": ["medium"],
"category": "info-leak",
"cve": ["Match Any CVE"],
"host": "server",
"vendor_id": ["MS08-037"],
"threat_name": "OpenSSL Threat",
},
{
"name": "Rule-Critical-High-Drop",
"action": {
"drop": {},
},
"packet_capture": "disable",
"severity": [
"critical",
"high",
],
"category": "overflow",
"cve": ["CVE-2008-1147"],
"host": "any",
"vendor_id": ["Match Any Vendor"],
"threat_name": "any",
},
])
scm_vp_profile3_test = scm.VulnerabilityProtectionProfile("scm_vp_profile_3_test",
folder="Shared",
name="vp-profile-3-test",
description="rules: reset client, reset server, reset both",
rules=[
{
"name": "Rule-Low-Reset_Client",
"action": {
"reset_client": {},
},
"severity": ["low"],
"category": "protocol-anomaly",
"cve": [
"CVE-2010-3332",
"CVE-2019-14537",
],
"host": "client",
"vendor_id": [
"MSO5-032",
"IZ18434",
],
"threat_name": "30261",
},
{
"name": "Rule-Info-Low-Reset_Server",
"action": {
"reset_server": {},
},
"packet_capture": "disable",
"severity": [
"informational",
"low",
],
"category": "insecure-credentials",
"cve": ["N/A"],
"host": "server",
"vendor_id": ["Match Any Vendor"],
"threat_name": "Zone Bypass",
},
{
"name": "Rule-Medium-Reset_Both",
"action": {
"reset_both": {},
},
"packet_capture": "single-packet",
"severity": ["medium"],
"category": "brute-force",
"cve": [
"CVE-2012-0175",
"CVE-2024-6387",
"CVE-2017-14473",
],
"host": "any",
"vendor_id": [
"CORE-1009-0227",
"SHIRO-550",
"AST-2012-008",
],
"threat_name": "any",
},
])
scm_vp_profile4_test = scm.VulnerabilityProtectionProfile("scm_vp_profile_4_test",
folder="Shared",
name="vp-profile-4-test",
description="rules: block ip",
rules=[
{
"name": "Rule-High-Critical-Block_IP",
"action": {
"block_ip": {
"duration": 3600,
"track_by": "source-and-destination",
},
},
"severity": [
"high",
"critical",
],
"category": "insecure-credentials",
"cve": ["N/A"],
"host": "server",
"vendor_id": ["Match Any Vendor"],
"threat_name": "Zone Credentials",
},
{
"name": "Rule-Low-Medium-Block_IP",
"action": {
"block_ip": {
"duration": 2400,
"track_by": "source-and-destination",
},
},
"severity": [
"low",
"medium",
],
"category": "command-execution",
"cve": ["N/A"],
"host": "server",
"vendor_id": ["Match Any Vendor"],
"threat_name": "any",
},
])
scm_vp_profile5_test = scm.VulnerabilityProtectionProfile("scm_vp_profile_5_test",
folder="Shared",
name="vp-profile-5-test",
description="override",
threat_exceptions=[{
"name": "12345",
"action": {
"allow": {},
},
"severity": ["informational"],
"category": "command-execution",
"exempt_ip": [{
"name": "192.14.3.100",
}],
"time_attribute": {
"interval": 3600,
"threshold": 24000,
"track_by": "source",
},
}])
scm_vp_profile6_test = scm.VulnerabilityProtectionProfile("scm_vp_profile_6_test",
folder="Shared",
name="vp-profile-6-test",
description="mixed",
rules=[
{
"name": "Rule-Info-Rest_Both",
"action": {
"allow": {},
},
"packet_capture": "disable",
"severity": ["informational"],
"category": "exploit-kit",
"cve": ["N/A"],
"host": "client",
"vendor_id": ["Match Any Vendor"],
"threat_name": "30000",
},
{
"name": "Rule-Low-Alert",
"action": {
"alert": {},
},
"packet_capture": "single-packet",
"severity": ["low"],
"category": "dos",
"cve": ["CVE-2020-8790"],
"host": "server",
"vendor_id": ["MS09-036"],
"threat_name": "Memory Corruption",
},
{
"name": "Rule-Medium-Drop",
"action": {
"drop": {},
},
"packet_capture": "disable",
"severity": [
"medium",
"high",
],
"category": "insecure-credentials",
"cve": ["N/A"],
"host": "any",
"vendor_id": ["Match Any Vendor"],
"threat_name": "any",
},
],
threat_exceptions=[{
"name": "12345",
"action": {
"drop": {},
},
"packet_capture": "single-packet",
"host": "any",
"category": "scan",
"cve": [
"CVE-2011-2663",
"CVE-2016-9949",
],
"exempt_ip": [{
"name": "192.14.3.100",
}],
}])
package main
import (
"github.com/pulumi/pulumi-scm/sdk/go/scm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := scm.NewVulnerabilityProtectionProfile(ctx, "scm_vp_profile_1_test", &scm.VulnerabilityProtectionProfileArgs{
Folder: pulumi.String("Shared"),
Name: pulumi.String("vp-profile-1-test"),
Description: pulumi.String("basic profile"),
})
if err != nil {
return err
}
_, err = scm.NewVulnerabilityProtectionProfile(ctx, "scm_vp_profile_2_test", &scm.VulnerabilityProtectionProfileArgs{
Folder: pulumi.String("Shared"),
Name: pulumi.String("vp-profile-2-test"),
Description: pulumi.String("rules: allow, alert, and drop"),
Rules: scm.VulnerabilityProtectionProfileRuleArray{
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Informational-Allow"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
Allow: &scm.VulnerabilityProtectionProfileRuleActionAllowArgs{},
},
PacketCapture: pulumi.String("extended-capture"),
Severity: []string{
"informational",
},
Category: pulumi.String("scan"),
Cve: []string{
"N/A",
},
Host: pulumi.String("client"),
VendorId: []string{
"Match Any Vendor",
},
ThreatName: pulumi.String("30000"),
},
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Medium-Alert"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
Alert: &scm.VulnerabilityProtectionProfileRuleActionAlertArgs{},
},
PacketCapture: pulumi.String("single-packet"),
Severity: []string{
"medium",
},
Category: pulumi.String("info-leak"),
Cve: []string{
"Match Any CVE",
},
Host: pulumi.String("server"),
VendorId: []string{
"MS08-037",
},
ThreatName: pulumi.String("OpenSSL Threat"),
},
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Critical-High-Drop"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
Drop: &scm.VulnerabilityProtectionProfileRuleActionDropArgs{},
},
PacketCapture: pulumi.String("disable"),
Severity: []string{
"critical",
"high",
},
Category: pulumi.String("overflow"),
Cve: []string{
"CVE-2008-1147",
},
Host: pulumi.String("any"),
VendorId: []string{
"Match Any Vendor",
},
ThreatName: pulumi.String("any"),
},
},
})
if err != nil {
return err
}
_, err = scm.NewVulnerabilityProtectionProfile(ctx, "scm_vp_profile_3_test", &scm.VulnerabilityProtectionProfileArgs{
Folder: pulumi.String("Shared"),
Name: pulumi.String("vp-profile-3-test"),
Description: pulumi.String("rules: reset client, reset server, reset both"),
Rules: scm.VulnerabilityProtectionProfileRuleArray{
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Low-Reset_Client"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
ResetClient: &scm.VulnerabilityProtectionProfileRuleActionResetClientArgs{},
},
Severity: []string{
"low",
},
Category: pulumi.String("protocol-anomaly"),
Cve: []string{
"CVE-2010-3332",
"CVE-2019-14537",
},
Host: pulumi.String("client"),
VendorId: []string{
"MSO5-032",
"IZ18434",
},
ThreatName: pulumi.String("30261"),
},
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Info-Low-Reset_Server"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
ResetServer: &scm.VulnerabilityProtectionProfileRuleActionResetServerArgs{},
},
PacketCapture: pulumi.String("disable"),
Severity: []string{
"informational",
"low",
},
Category: pulumi.String("insecure-credentials"),
Cve: []string{
"N/A",
},
Host: pulumi.String("server"),
VendorId: []string{
"Match Any Vendor",
},
ThreatName: pulumi.String("Zone Bypass"),
},
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Medium-Reset_Both"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
ResetBoth: &scm.VulnerabilityProtectionProfileRuleActionResetBothArgs{},
},
PacketCapture: pulumi.String("single-packet"),
Severity: []string{
"medium",
},
Category: pulumi.String("brute-force"),
Cve: []string{
"CVE-2012-0175",
"CVE-2024-6387",
"CVE-2017-14473",
},
Host: pulumi.String("any"),
VendorId: []string{
"CORE-1009-0227",
"SHIRO-550",
"AST-2012-008",
},
ThreatName: pulumi.String("any"),
},
},
})
if err != nil {
return err
}
_, err = scm.NewVulnerabilityProtectionProfile(ctx, "scm_vp_profile_4_test", &scm.VulnerabilityProtectionProfileArgs{
Folder: pulumi.String("Shared"),
Name: pulumi.String("vp-profile-4-test"),
Description: pulumi.String("rules: block ip"),
Rules: scm.VulnerabilityProtectionProfileRuleArray{
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-High-Critical-Block_IP"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
BlockIp: &scm.VulnerabilityProtectionProfileRuleActionBlockIpArgs{
Duration: pulumi.Int(3600),
TrackBy: pulumi.String("source-and-destination"),
},
},
Severity: []string{
"high",
"critical",
},
Category: pulumi.String("insecure-credentials"),
Cve: []string{
"N/A",
},
Host: pulumi.String("server"),
VendorId: []string{
"Match Any Vendor",
},
ThreatName: pulumi.String("Zone Credentials"),
},
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Low-Medium-Block_IP"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
BlockIp: &scm.VulnerabilityProtectionProfileRuleActionBlockIpArgs{
Duration: pulumi.Int(2400),
TrackBy: pulumi.String("source-and-destination"),
},
},
Severity: []string{
"low",
"medium",
},
Category: pulumi.String("command-execution"),
Cve: []string{
"N/A",
},
Host: pulumi.String("server"),
VendorId: []string{
"Match Any Vendor",
},
ThreatName: pulumi.String("any"),
},
},
})
if err != nil {
return err
}
_, err = scm.NewVulnerabilityProtectionProfile(ctx, "scm_vp_profile_5_test", &scm.VulnerabilityProtectionProfileArgs{
Folder: pulumi.String("Shared"),
Name: pulumi.String("vp-profile-5-test"),
Description: pulumi.String("override"),
ThreatExceptions: scm.VulnerabilityProtectionProfileThreatExceptionArray{
&scm.VulnerabilityProtectionProfileThreatExceptionArgs{
Name: pulumi.String("12345"),
Action: &scm.VulnerabilityProtectionProfileThreatExceptionActionArgs{
Allow: &scm.VulnerabilityProtectionProfileThreatExceptionActionAllowArgs{},
},
Severity: []string{
"informational",
},
Category: "command-execution",
ExemptIp: []map[string]interface{}{
map[string]interface{}{
"name": "192.14.3.100",
},
},
TimeAttribute: &scm.VulnerabilityProtectionProfileThreatExceptionTimeAttributeArgs{
Interval: pulumi.Int(3600),
Threshold: pulumi.Int(24000),
TrackBy: pulumi.String("source"),
},
},
},
})
if err != nil {
return err
}
_, err = scm.NewVulnerabilityProtectionProfile(ctx, "scm_vp_profile_6_test", &scm.VulnerabilityProtectionProfileArgs{
Folder: pulumi.String("Shared"),
Name: pulumi.String("vp-profile-6-test"),
Description: pulumi.String("mixed"),
Rules: scm.VulnerabilityProtectionProfileRuleArray{
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Info-Rest_Both"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
Allow: &scm.VulnerabilityProtectionProfileRuleActionAllowArgs{},
},
PacketCapture: pulumi.String("disable"),
Severity: []string{
"informational",
},
Category: pulumi.String("exploit-kit"),
Cve: []string{
"N/A",
},
Host: pulumi.String("client"),
VendorId: []string{
"Match Any Vendor",
},
ThreatName: pulumi.String("30000"),
},
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Low-Alert"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
Alert: &scm.VulnerabilityProtectionProfileRuleActionAlertArgs{},
},
PacketCapture: pulumi.String("single-packet"),
Severity: []string{
"low",
},
Category: pulumi.String("dos"),
Cve: []string{
"CVE-2020-8790",
},
Host: pulumi.String("server"),
VendorId: []string{
"MS09-036",
},
ThreatName: pulumi.String("Memory Corruption"),
},
&scm.VulnerabilityProtectionProfileRuleArgs{
Name: pulumi.String("Rule-Medium-Drop"),
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
Drop: &scm.VulnerabilityProtectionProfileRuleActionDropArgs{},
},
PacketCapture: pulumi.String("disable"),
Severity: []string{
"medium",
"high",
},
Category: pulumi.String("insecure-credentials"),
Cve: []string{
"N/A",
},
Host: pulumi.String("any"),
VendorId: []string{
"Match Any Vendor",
},
ThreatName: pulumi.String("any"),
},
},
ThreatExceptions: scm.VulnerabilityProtectionProfileThreatExceptionArray{
&scm.VulnerabilityProtectionProfileThreatExceptionArgs{
Name: pulumi.String("12345"),
Action: &scm.VulnerabilityProtectionProfileThreatExceptionActionArgs{
Drop: &scm.VulnerabilityProtectionProfileThreatExceptionActionDropArgs{},
},
PacketCapture: pulumi.String("single-packet"),
Host: "any",
Category: "scan",
Cve: []string{
"CVE-2011-2663",
"CVE-2016-9949",
},
ExemptIp: []map[string]interface{}{
map[string]interface{}{
"name": "192.14.3.100",
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Scm = Pulumi.Scm;
return await Deployment.RunAsync(() =>
{
var scmVpProfile1Test = new Scm.VulnerabilityProtectionProfile("scm_vp_profile_1_test", new()
{
Folder = "Shared",
Name = "vp-profile-1-test",
Description = "basic profile",
});
var scmVpProfile2Test = new Scm.VulnerabilityProtectionProfile("scm_vp_profile_2_test", new()
{
Folder = "Shared",
Name = "vp-profile-2-test",
Description = "rules: allow, alert, and drop",
Rules = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Informational-Allow",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
Allow = null,
},
PacketCapture = "extended-capture",
Severity = new[]
{
"informational",
},
Category = "scan",
Cve = new[]
{
"N/A",
},
Host = "client",
VendorId = new[]
{
"Match Any Vendor",
},
ThreatName = "30000",
},
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Medium-Alert",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
Alert = null,
},
PacketCapture = "single-packet",
Severity = new[]
{
"medium",
},
Category = "info-leak",
Cve = new[]
{
"Match Any CVE",
},
Host = "server",
VendorId = new[]
{
"MS08-037",
},
ThreatName = "OpenSSL Threat",
},
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Critical-High-Drop",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
Drop = null,
},
PacketCapture = "disable",
Severity = new[]
{
"critical",
"high",
},
Category = "overflow",
Cve = new[]
{
"CVE-2008-1147",
},
Host = "any",
VendorId = new[]
{
"Match Any Vendor",
},
ThreatName = "any",
},
},
});
var scmVpProfile3Test = new Scm.VulnerabilityProtectionProfile("scm_vp_profile_3_test", new()
{
Folder = "Shared",
Name = "vp-profile-3-test",
Description = "rules: reset client, reset server, reset both",
Rules = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Low-Reset_Client",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
ResetClient = null,
},
Severity = new[]
{
"low",
},
Category = "protocol-anomaly",
Cve = new[]
{
"CVE-2010-3332",
"CVE-2019-14537",
},
Host = "client",
VendorId = new[]
{
"MSO5-032",
"IZ18434",
},
ThreatName = "30261",
},
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Info-Low-Reset_Server",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
ResetServer = null,
},
PacketCapture = "disable",
Severity = new[]
{
"informational",
"low",
},
Category = "insecure-credentials",
Cve = new[]
{
"N/A",
},
Host = "server",
VendorId = new[]
{
"Match Any Vendor",
},
ThreatName = "Zone Bypass",
},
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Medium-Reset_Both",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
ResetBoth = null,
},
PacketCapture = "single-packet",
Severity = new[]
{
"medium",
},
Category = "brute-force",
Cve = new[]
{
"CVE-2012-0175",
"CVE-2024-6387",
"CVE-2017-14473",
},
Host = "any",
VendorId = new[]
{
"CORE-1009-0227",
"SHIRO-550",
"AST-2012-008",
},
ThreatName = "any",
},
},
});
var scmVpProfile4Test = new Scm.VulnerabilityProtectionProfile("scm_vp_profile_4_test", new()
{
Folder = "Shared",
Name = "vp-profile-4-test",
Description = "rules: block ip",
Rules = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-High-Critical-Block_IP",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
BlockIp = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionBlockIpArgs
{
Duration = 3600,
TrackBy = "source-and-destination",
},
},
Severity = new[]
{
"high",
"critical",
},
Category = "insecure-credentials",
Cve = new[]
{
"N/A",
},
Host = "server",
VendorId = new[]
{
"Match Any Vendor",
},
ThreatName = "Zone Credentials",
},
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Low-Medium-Block_IP",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
BlockIp = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionBlockIpArgs
{
Duration = 2400,
TrackBy = "source-and-destination",
},
},
Severity = new[]
{
"low",
"medium",
},
Category = "command-execution",
Cve = new[]
{
"N/A",
},
Host = "server",
VendorId = new[]
{
"Match Any Vendor",
},
ThreatName = "any",
},
},
});
var scmVpProfile5Test = new Scm.VulnerabilityProtectionProfile("scm_vp_profile_5_test", new()
{
Folder = "Shared",
Name = "vp-profile-5-test",
Description = "override",
ThreatExceptions = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionArgs
{
Name = "12345",
Action = new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionActionArgs
{
Allow = null,
},
Severity = new[]
{
"informational",
},
Category = "command-execution",
ExemptIp = new[]
{
{
{ "name", "192.14.3.100" },
},
},
TimeAttribute = new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionTimeAttributeArgs
{
Interval = 3600,
Threshold = 24000,
TrackBy = "source",
},
},
},
});
var scmVpProfile6Test = new Scm.VulnerabilityProtectionProfile("scm_vp_profile_6_test", new()
{
Folder = "Shared",
Name = "vp-profile-6-test",
Description = "mixed",
Rules = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Info-Rest_Both",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
Allow = null,
},
PacketCapture = "disable",
Severity = new[]
{
"informational",
},
Category = "exploit-kit",
Cve = new[]
{
"N/A",
},
Host = "client",
VendorId = new[]
{
"Match Any Vendor",
},
ThreatName = "30000",
},
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Low-Alert",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
Alert = null,
},
PacketCapture = "single-packet",
Severity = new[]
{
"low",
},
Category = "dos",
Cve = new[]
{
"CVE-2020-8790",
},
Host = "server",
VendorId = new[]
{
"MS09-036",
},
ThreatName = "Memory Corruption",
},
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Name = "Rule-Medium-Drop",
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
Drop = null,
},
PacketCapture = "disable",
Severity = new[]
{
"medium",
"high",
},
Category = "insecure-credentials",
Cve = new[]
{
"N/A",
},
Host = "any",
VendorId = new[]
{
"Match Any Vendor",
},
ThreatName = "any",
},
},
ThreatExceptions = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionArgs
{
Name = "12345",
Action = new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionActionArgs
{
Drop = null,
},
PacketCapture = "single-packet",
Host = "any",
Category = "scan",
Cve = new[]
{
"CVE-2011-2663",
"CVE-2016-9949",
},
ExemptIp = new[]
{
{
{ "name", "192.14.3.100" },
},
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.scm.VulnerabilityProtectionProfile;
import com.pulumi.scm.VulnerabilityProtectionProfileArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleActionArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleActionAllowArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleActionAlertArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleActionDropArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleActionResetClientArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleActionResetServerArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleActionResetBothArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileRuleActionBlockIpArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileThreatExceptionArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileThreatExceptionActionArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileThreatExceptionActionAllowArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileThreatExceptionTimeAttributeArgs;
import com.pulumi.scm.inputs.VulnerabilityProtectionProfileThreatExceptionActionDropArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var scmVpProfile1Test = new VulnerabilityProtectionProfile("scmVpProfile1Test", VulnerabilityProtectionProfileArgs.builder()
.folder("Shared")
.name("vp-profile-1-test")
.description("basic profile")
.build());
var scmVpProfile2Test = new VulnerabilityProtectionProfile("scmVpProfile2Test", VulnerabilityProtectionProfileArgs.builder()
.folder("Shared")
.name("vp-profile-2-test")
.description("rules: allow, alert, and drop")
.rules(
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Informational-Allow")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.allow(VulnerabilityProtectionProfileRuleActionAllowArgs.builder()
.build())
.build())
.packetCapture("extended-capture")
.severity(List.of("informational"))
.category("scan")
.cve(List.of("N/A"))
.host("client")
.vendorId(List.of("Match Any Vendor"))
.threatName("30000")
.build(),
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Medium-Alert")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.alert(VulnerabilityProtectionProfileRuleActionAlertArgs.builder()
.build())
.build())
.packetCapture("single-packet")
.severity(List.of("medium"))
.category("info-leak")
.cve(List.of("Match Any CVE"))
.host("server")
.vendorId(List.of("MS08-037"))
.threatName("OpenSSL Threat")
.build(),
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Critical-High-Drop")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.drop(VulnerabilityProtectionProfileRuleActionDropArgs.builder()
.build())
.build())
.packetCapture("disable")
.severity(List.of(
"critical",
"high"))
.category("overflow")
.cve(List.of("CVE-2008-1147"))
.host("any")
.vendorId(List.of("Match Any Vendor"))
.threatName("any")
.build())
.build());
var scmVpProfile3Test = new VulnerabilityProtectionProfile("scmVpProfile3Test", VulnerabilityProtectionProfileArgs.builder()
.folder("Shared")
.name("vp-profile-3-test")
.description("rules: reset client, reset server, reset both")
.rules(
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Low-Reset_Client")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.resetClient(VulnerabilityProtectionProfileRuleActionResetClientArgs.builder()
.build())
.build())
.severity(List.of("low"))
.category("protocol-anomaly")
.cve(List.of(
"CVE-2010-3332",
"CVE-2019-14537"))
.host("client")
.vendorId(List.of(
"MSO5-032",
"IZ18434"))
.threatName("30261")
.build(),
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Info-Low-Reset_Server")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.resetServer(VulnerabilityProtectionProfileRuleActionResetServerArgs.builder()
.build())
.build())
.packetCapture("disable")
.severity(List.of(
"informational",
"low"))
.category("insecure-credentials")
.cve(List.of("N/A"))
.host("server")
.vendorId(List.of("Match Any Vendor"))
.threatName("Zone Bypass")
.build(),
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Medium-Reset_Both")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.resetBoth(VulnerabilityProtectionProfileRuleActionResetBothArgs.builder()
.build())
.build())
.packetCapture("single-packet")
.severity(List.of("medium"))
.category("brute-force")
.cve(List.of(
"CVE-2012-0175",
"CVE-2024-6387",
"CVE-2017-14473"))
.host("any")
.vendorId(List.of(
"CORE-1009-0227",
"SHIRO-550",
"AST-2012-008"))
.threatName("any")
.build())
.build());
var scmVpProfile4Test = new VulnerabilityProtectionProfile("scmVpProfile4Test", VulnerabilityProtectionProfileArgs.builder()
.folder("Shared")
.name("vp-profile-4-test")
.description("rules: block ip")
.rules(
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-High-Critical-Block_IP")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.blockIp(VulnerabilityProtectionProfileRuleActionBlockIpArgs.builder()
.duration(3600)
.trackBy("source-and-destination")
.build())
.build())
.severity(List.of(
"high",
"critical"))
.category("insecure-credentials")
.cve(List.of("N/A"))
.host("server")
.vendorId(List.of("Match Any Vendor"))
.threatName("Zone Credentials")
.build(),
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Low-Medium-Block_IP")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.blockIp(VulnerabilityProtectionProfileRuleActionBlockIpArgs.builder()
.duration(2400)
.trackBy("source-and-destination")
.build())
.build())
.severity(List.of(
"low",
"medium"))
.category("command-execution")
.cve(List.of("N/A"))
.host("server")
.vendorId(List.of("Match Any Vendor"))
.threatName("any")
.build())
.build());
var scmVpProfile5Test = new VulnerabilityProtectionProfile("scmVpProfile5Test", VulnerabilityProtectionProfileArgs.builder()
.folder("Shared")
.name("vp-profile-5-test")
.description("override")
.threatExceptions(VulnerabilityProtectionProfileThreatExceptionArgs.builder()
.name("12345")
.action(VulnerabilityProtectionProfileThreatExceptionActionArgs.builder()
.allow(VulnerabilityProtectionProfileThreatExceptionActionAllowArgs.builder()
.build())
.build())
.severity(List.of("informational"))
.category("command-execution")
.exemptIp(List.of(Map.of("name", "192.14.3.100")))
.timeAttribute(VulnerabilityProtectionProfileThreatExceptionTimeAttributeArgs.builder()
.interval(3600)
.threshold(24000)
.trackBy("source")
.build())
.build())
.build());
var scmVpProfile6Test = new VulnerabilityProtectionProfile("scmVpProfile6Test", VulnerabilityProtectionProfileArgs.builder()
.folder("Shared")
.name("vp-profile-6-test")
.description("mixed")
.rules(
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Info-Rest_Both")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.allow(VulnerabilityProtectionProfileRuleActionAllowArgs.builder()
.build())
.build())
.packetCapture("disable")
.severity(List.of("informational"))
.category("exploit-kit")
.cve(List.of("N/A"))
.host("client")
.vendorId(List.of("Match Any Vendor"))
.threatName("30000")
.build(),
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Low-Alert")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.alert(VulnerabilityProtectionProfileRuleActionAlertArgs.builder()
.build())
.build())
.packetCapture("single-packet")
.severity(List.of("low"))
.category("dos")
.cve(List.of("CVE-2020-8790"))
.host("server")
.vendorId(List.of("MS09-036"))
.threatName("Memory Corruption")
.build(),
VulnerabilityProtectionProfileRuleArgs.builder()
.name("Rule-Medium-Drop")
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.drop(VulnerabilityProtectionProfileRuleActionDropArgs.builder()
.build())
.build())
.packetCapture("disable")
.severity(List.of(
"medium",
"high"))
.category("insecure-credentials")
.cve(List.of("N/A"))
.host("any")
.vendorId(List.of("Match Any Vendor"))
.threatName("any")
.build())
.threatExceptions(VulnerabilityProtectionProfileThreatExceptionArgs.builder()
.name("12345")
.action(VulnerabilityProtectionProfileThreatExceptionActionArgs.builder()
.drop(VulnerabilityProtectionProfileThreatExceptionActionDropArgs.builder()
.build())
.build())
.packetCapture("single-packet")
.host("any")
.category("scan")
.cve(List.of(
"CVE-2011-2663",
"CVE-2016-9949"))
.exemptIp(List.of(Map.of("name", "192.14.3.100")))
.build())
.build());
}
}
resources:
scmVpProfile1Test:
type: scm:VulnerabilityProtectionProfile
name: scm_vp_profile_1_test
properties:
folder: Shared
name: vp-profile-1-test
description: basic profile
scmVpProfile2Test:
type: scm:VulnerabilityProtectionProfile
name: scm_vp_profile_2_test
properties:
folder: Shared
name: vp-profile-2-test
description: 'rules: allow, alert, and drop'
rules:
- name: Rule-Informational-Allow
action:
allow: {}
packetCapture: extended-capture
severity:
- informational
category: scan
cve:
- N/A
host: client
vendorId:
- Match Any Vendor
threatName: '30000'
- name: Rule-Medium-Alert
action:
alert: {}
packetCapture: single-packet
severity:
- medium
category: info-leak
cve:
- Match Any CVE
host: server
vendorId:
- MS08-037
threatName: OpenSSL Threat
- name: Rule-Critical-High-Drop
action:
drop: {}
packetCapture: disable
severity:
- critical
- high
category: overflow
cve:
- CVE-2008-1147
host: any
vendorId:
- Match Any Vendor
threatName: any
scmVpProfile3Test:
type: scm:VulnerabilityProtectionProfile
name: scm_vp_profile_3_test
properties:
folder: Shared
name: vp-profile-3-test
description: 'rules: reset client, reset server, reset both'
rules:
- name: Rule-Low-Reset_Client
action:
resetClient: {}
severity:
- low
category: protocol-anomaly
cve:
- CVE-2010-3332
- CVE-2019-14537
host: client
vendorId:
- MSO5-032
- IZ18434
threatName: '30261'
- name: Rule-Info-Low-Reset_Server
action:
resetServer: {}
packetCapture: disable
severity:
- informational
- low
category: insecure-credentials
cve:
- N/A
host: server
vendorId:
- Match Any Vendor
threatName: Zone Bypass
- name: Rule-Medium-Reset_Both
action:
resetBoth: {}
packetCapture: single-packet
severity:
- medium
category: brute-force
cve:
- CVE-2012-0175
- CVE-2024-6387
- CVE-2017-14473
host: any
vendorId:
- CORE-1009-0227
- SHIRO-550
- AST-2012-008
threatName: any
scmVpProfile4Test:
type: scm:VulnerabilityProtectionProfile
name: scm_vp_profile_4_test
properties:
folder: Shared
name: vp-profile-4-test
description: 'rules: block ip'
rules:
- name: Rule-High-Critical-Block_IP
action:
blockIp:
duration: 3600
trackBy: source-and-destination
severity:
- high
- critical
category: insecure-credentials
cve:
- N/A
host: server
vendorId:
- Match Any Vendor
threatName: Zone Credentials
- name: Rule-Low-Medium-Block_IP
action:
blockIp:
duration: 2400
trackBy: source-and-destination
severity:
- low
- medium
category: command-execution
cve:
- N/A
host: server
vendorId:
- Match Any Vendor
threatName: any
scmVpProfile5Test:
type: scm:VulnerabilityProtectionProfile
name: scm_vp_profile_5_test
properties:
folder: Shared
name: vp-profile-5-test
description: override
threatExceptions:
- name: '12345'
action:
allow: {}
severity:
- informational
category: command-execution
exemptIp:
- name: 192.14.3.100
timeAttribute:
interval: 3600
threshold: 24000
trackBy: source
scmVpProfile6Test:
type: scm:VulnerabilityProtectionProfile
name: scm_vp_profile_6_test
properties:
folder: Shared
name: vp-profile-6-test
description: mixed
rules:
- name: Rule-Info-Rest_Both
action:
allow: {}
packetCapture: disable
severity:
- informational
category: exploit-kit
cve:
- N/A
host: client
vendorId:
- Match Any Vendor
threatName: '30000'
- name: Rule-Low-Alert
action:
alert: {}
packetCapture: single-packet
severity:
- low
category: dos
cve:
- CVE-2020-8790
host: server
vendorId:
- MS09-036
threatName: Memory Corruption
- name: Rule-Medium-Drop
action:
drop: {}
packetCapture: disable
severity:
- medium
- high
category: insecure-credentials
cve:
- N/A
host: any
vendorId:
- Match Any Vendor
threatName: any
threatExceptions:
- name: '12345'
action:
drop: {}
packetCapture: single-packet
host: any
category: scan
cve:
- CVE-2011-2663
- CVE-2016-9949
exemptIp:
- name: 192.14.3.100
Create VulnerabilityProtectionProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VulnerabilityProtectionProfile(name: string, args?: VulnerabilityProtectionProfileArgs, opts?: CustomResourceOptions);@overload
def VulnerabilityProtectionProfile(resource_name: str,
args: Optional[VulnerabilityProtectionProfileArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def VulnerabilityProtectionProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
device: Optional[str] = None,
folder: Optional[str] = None,
name: Optional[str] = None,
rules: Optional[Sequence[VulnerabilityProtectionProfileRuleArgs]] = None,
snippet: Optional[str] = None,
threat_exceptions: Optional[Sequence[VulnerabilityProtectionProfileThreatExceptionArgs]] = None)func NewVulnerabilityProtectionProfile(ctx *Context, name string, args *VulnerabilityProtectionProfileArgs, opts ...ResourceOption) (*VulnerabilityProtectionProfile, error)public VulnerabilityProtectionProfile(string name, VulnerabilityProtectionProfileArgs? args = null, CustomResourceOptions? opts = null)
public VulnerabilityProtectionProfile(String name, VulnerabilityProtectionProfileArgs args)
public VulnerabilityProtectionProfile(String name, VulnerabilityProtectionProfileArgs args, CustomResourceOptions options)
type: scm:VulnerabilityProtectionProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VulnerabilityProtectionProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VulnerabilityProtectionProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VulnerabilityProtectionProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VulnerabilityProtectionProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VulnerabilityProtectionProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vulnerabilityProtectionProfileResource = new Scm.VulnerabilityProtectionProfile("vulnerabilityProtectionProfileResource", new()
{
Description = "string",
Device = "string",
Folder = "string",
Name = "string",
Rules = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileRuleArgs
{
Action = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionArgs
{
Alert = null,
Allow = null,
BlockIp = new Scm.Inputs.VulnerabilityProtectionProfileRuleActionBlockIpArgs
{
Duration = 0,
TrackBy = "string",
},
Default = null,
Drop = null,
ResetBoth = null,
ResetClient = null,
ResetServer = null,
},
Category = "string",
Cves = new[]
{
"string",
},
Host = "string",
Name = "string",
PacketCapture = "string",
Severities = new[]
{
"string",
},
ThreatName = "string",
VendorIds = new[]
{
"string",
},
},
},
Snippet = "string",
ThreatExceptions = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionArgs
{
Action = new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionActionArgs
{
Alert = null,
Allow = null,
BlockIp = new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionActionBlockIpArgs
{
Duration = 0,
TrackBy = "string",
},
Default = null,
Drop = null,
ResetBoth = null,
ResetClient = null,
ResetServer = null,
},
ExemptIps = new[]
{
new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionExemptIpArgs
{
Name = "string",
},
},
Name = "string",
Notes = "string",
PacketCapture = "string",
TimeAttribute = new Scm.Inputs.VulnerabilityProtectionProfileThreatExceptionTimeAttributeArgs
{
Interval = 0,
Threshold = 0,
TrackBy = "string",
},
},
},
});
example, err := scm.NewVulnerabilityProtectionProfile(ctx, "vulnerabilityProtectionProfileResource", &scm.VulnerabilityProtectionProfileArgs{
Description: pulumi.String("string"),
Device: pulumi.String("string"),
Folder: pulumi.String("string"),
Name: pulumi.String("string"),
Rules: scm.VulnerabilityProtectionProfileRuleArray{
&scm.VulnerabilityProtectionProfileRuleArgs{
Action: &scm.VulnerabilityProtectionProfileRuleActionArgs{
Alert: &scm.VulnerabilityProtectionProfileRuleActionAlertArgs{},
Allow: &scm.VulnerabilityProtectionProfileRuleActionAllowArgs{},
BlockIp: &scm.VulnerabilityProtectionProfileRuleActionBlockIpArgs{
Duration: pulumi.Int(0),
TrackBy: pulumi.String("string"),
},
Default: &scm.VulnerabilityProtectionProfileRuleActionDefaultArgs{},
Drop: &scm.VulnerabilityProtectionProfileRuleActionDropArgs{},
ResetBoth: &scm.VulnerabilityProtectionProfileRuleActionResetBothArgs{},
ResetClient: &scm.VulnerabilityProtectionProfileRuleActionResetClientArgs{},
ResetServer: &scm.VulnerabilityProtectionProfileRuleActionResetServerArgs{},
},
Category: pulumi.String("string"),
Cves: pulumi.StringArray{
pulumi.String("string"),
},
Host: pulumi.String("string"),
Name: pulumi.String("string"),
PacketCapture: pulumi.String("string"),
Severities: pulumi.StringArray{
pulumi.String("string"),
},
ThreatName: pulumi.String("string"),
VendorIds: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Snippet: pulumi.String("string"),
ThreatExceptions: scm.VulnerabilityProtectionProfileThreatExceptionArray{
&scm.VulnerabilityProtectionProfileThreatExceptionArgs{
Action: &scm.VulnerabilityProtectionProfileThreatExceptionActionArgs{
Alert: &scm.VulnerabilityProtectionProfileThreatExceptionActionAlertArgs{},
Allow: &scm.VulnerabilityProtectionProfileThreatExceptionActionAllowArgs{},
BlockIp: &scm.VulnerabilityProtectionProfileThreatExceptionActionBlockIpArgs{
Duration: pulumi.Int(0),
TrackBy: pulumi.String("string"),
},
Default: &scm.VulnerabilityProtectionProfileThreatExceptionActionDefaultArgs{},
Drop: &scm.VulnerabilityProtectionProfileThreatExceptionActionDropArgs{},
ResetBoth: &scm.VulnerabilityProtectionProfileThreatExceptionActionResetBothArgs{},
ResetClient: &scm.VulnerabilityProtectionProfileThreatExceptionActionResetClientArgs{},
ResetServer: &scm.VulnerabilityProtectionProfileThreatExceptionActionResetServerArgs{},
},
ExemptIps: scm.VulnerabilityProtectionProfileThreatExceptionExemptIpArray{
&scm.VulnerabilityProtectionProfileThreatExceptionExemptIpArgs{
Name: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
Notes: pulumi.String("string"),
PacketCapture: pulumi.String("string"),
TimeAttribute: &scm.VulnerabilityProtectionProfileThreatExceptionTimeAttributeArgs{
Interval: pulumi.Int(0),
Threshold: pulumi.Int(0),
TrackBy: pulumi.String("string"),
},
},
},
})
var vulnerabilityProtectionProfileResource = new VulnerabilityProtectionProfile("vulnerabilityProtectionProfileResource", VulnerabilityProtectionProfileArgs.builder()
.description("string")
.device("string")
.folder("string")
.name("string")
.rules(VulnerabilityProtectionProfileRuleArgs.builder()
.action(VulnerabilityProtectionProfileRuleActionArgs.builder()
.alert(VulnerabilityProtectionProfileRuleActionAlertArgs.builder()
.build())
.allow(VulnerabilityProtectionProfileRuleActionAllowArgs.builder()
.build())
.blockIp(VulnerabilityProtectionProfileRuleActionBlockIpArgs.builder()
.duration(0)
.trackBy("string")
.build())
.default_(VulnerabilityProtectionProfileRuleActionDefaultArgs.builder()
.build())
.drop(VulnerabilityProtectionProfileRuleActionDropArgs.builder()
.build())
.resetBoth(VulnerabilityProtectionProfileRuleActionResetBothArgs.builder()
.build())
.resetClient(VulnerabilityProtectionProfileRuleActionResetClientArgs.builder()
.build())
.resetServer(VulnerabilityProtectionProfileRuleActionResetServerArgs.builder()
.build())
.build())
.category("string")
.cves("string")
.host("string")
.name("string")
.packetCapture("string")
.severities("string")
.threatName("string")
.vendorIds("string")
.build())
.snippet("string")
.threatExceptions(VulnerabilityProtectionProfileThreatExceptionArgs.builder()
.action(VulnerabilityProtectionProfileThreatExceptionActionArgs.builder()
.alert(VulnerabilityProtectionProfileThreatExceptionActionAlertArgs.builder()
.build())
.allow(VulnerabilityProtectionProfileThreatExceptionActionAllowArgs.builder()
.build())
.blockIp(VulnerabilityProtectionProfileThreatExceptionActionBlockIpArgs.builder()
.duration(0)
.trackBy("string")
.build())
.default_(VulnerabilityProtectionProfileThreatExceptionActionDefaultArgs.builder()
.build())
.drop(VulnerabilityProtectionProfileThreatExceptionActionDropArgs.builder()
.build())
.resetBoth(VulnerabilityProtectionProfileThreatExceptionActionResetBothArgs.builder()
.build())
.resetClient(VulnerabilityProtectionProfileThreatExceptionActionResetClientArgs.builder()
.build())
.resetServer(VulnerabilityProtectionProfileThreatExceptionActionResetServerArgs.builder()
.build())
.build())
.exemptIps(VulnerabilityProtectionProfileThreatExceptionExemptIpArgs.builder()
.name("string")
.build())
.name("string")
.notes("string")
.packetCapture("string")
.timeAttribute(VulnerabilityProtectionProfileThreatExceptionTimeAttributeArgs.builder()
.interval(0)
.threshold(0)
.trackBy("string")
.build())
.build())
.build());
vulnerability_protection_profile_resource = scm.VulnerabilityProtectionProfile("vulnerabilityProtectionProfileResource",
description="string",
device="string",
folder="string",
name="string",
rules=[{
"action": {
"alert": {},
"allow": {},
"block_ip": {
"duration": 0,
"track_by": "string",
},
"default": {},
"drop": {},
"reset_both": {},
"reset_client": {},
"reset_server": {},
},
"category": "string",
"cves": ["string"],
"host": "string",
"name": "string",
"packet_capture": "string",
"severities": ["string"],
"threat_name": "string",
"vendor_ids": ["string"],
}],
snippet="string",
threat_exceptions=[{
"action": {
"alert": {},
"allow": {},
"block_ip": {
"duration": 0,
"track_by": "string",
},
"default": {},
"drop": {},
"reset_both": {},
"reset_client": {},
"reset_server": {},
},
"exempt_ips": [{
"name": "string",
}],
"name": "string",
"notes": "string",
"packet_capture": "string",
"time_attribute": {
"interval": 0,
"threshold": 0,
"track_by": "string",
},
}])
const vulnerabilityProtectionProfileResource = new scm.VulnerabilityProtectionProfile("vulnerabilityProtectionProfileResource", {
description: "string",
device: "string",
folder: "string",
name: "string",
rules: [{
action: {
alert: {},
allow: {},
blockIp: {
duration: 0,
trackBy: "string",
},
"default": {},
drop: {},
resetBoth: {},
resetClient: {},
resetServer: {},
},
category: "string",
cves: ["string"],
host: "string",
name: "string",
packetCapture: "string",
severities: ["string"],
threatName: "string",
vendorIds: ["string"],
}],
snippet: "string",
threatExceptions: [{
action: {
alert: {},
allow: {},
blockIp: {
duration: 0,
trackBy: "string",
},
"default": {},
drop: {},
resetBoth: {},
resetClient: {},
resetServer: {},
},
exemptIps: [{
name: "string",
}],
name: "string",
notes: "string",
packetCapture: "string",
timeAttribute: {
interval: 0,
threshold: 0,
trackBy: "string",
},
}],
});
type: scm:VulnerabilityProtectionProfile
properties:
description: string
device: string
folder: string
name: string
rules:
- action:
alert: {}
allow: {}
blockIp:
duration: 0
trackBy: string
default: {}
drop: {}
resetBoth: {}
resetClient: {}
resetServer: {}
category: string
cves:
- string
host: string
name: string
packetCapture: string
severities:
- string
threatName: string
vendorIds:
- string
snippet: string
threatExceptions:
- action:
alert: {}
allow: {}
blockIp:
duration: 0
trackBy: string
default: {}
drop: {}
resetBoth: {}
resetClient: {}
resetServer: {}
exemptIps:
- name: string
name: string
notes: string
packetCapture: string
timeAttribute:
interval: 0
threshold: 0
trackBy: string
VulnerabilityProtectionProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VulnerabilityProtectionProfile resource accepts the following input properties:
- Description string
- Description
- Device string
- The device in which the resource is defined
- Folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Name string
- Name
- Rules
List<Vulnerability
Protection Profile Rule> - Rules
- Snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Threat
Exceptions List<VulnerabilityProtection Profile Threat Exception> - Threat exception
- Description string
- Description
- Device string
- The device in which the resource is defined
- Folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Name string
- Name
- Rules
[]Vulnerability
Protection Profile Rule Args - Rules
- Snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Threat
Exceptions []VulnerabilityProtection Profile Threat Exception Args - Threat exception
- description String
- Description
- device String
- The device in which the resource is defined
- folder String
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name String
- Name
- rules
List<Vulnerability
Protection Profile Rule> - Rules
- snippet String
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- threat
Exceptions List<VulnerabilityProtection Profile Threat Exception> - Threat exception
- description string
- Description
- device string
- The device in which the resource is defined
- folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name string
- Name
- rules
Vulnerability
Protection Profile Rule[] - Rules
- snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- threat
Exceptions VulnerabilityProtection Profile Threat Exception[] - Threat exception
- description str
- Description
- device str
- The device in which the resource is defined
- folder str
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name str
- Name
- rules
Sequence[Vulnerability
Protection Profile Rule Args] - Rules
- snippet str
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- threat_
exceptions Sequence[VulnerabilityProtection Profile Threat Exception Args] - Threat exception
- description String
- Description
- device String
- The device in which the resource is defined
- folder String
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name String
- Name
- rules List<Property Map>
- Rules
- snippet String
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- threat
Exceptions List<Property Map> - Threat exception
Outputs
All input properties are implicitly available as output properties. Additionally, the VulnerabilityProtectionProfile resource produces the following output properties:
Look up Existing VulnerabilityProtectionProfile Resource
Get an existing VulnerabilityProtectionProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VulnerabilityProtectionProfileState, opts?: CustomResourceOptions): VulnerabilityProtectionProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
device: Optional[str] = None,
folder: Optional[str] = None,
name: Optional[str] = None,
rules: Optional[Sequence[VulnerabilityProtectionProfileRuleArgs]] = None,
snippet: Optional[str] = None,
tfid: Optional[str] = None,
threat_exceptions: Optional[Sequence[VulnerabilityProtectionProfileThreatExceptionArgs]] = None) -> VulnerabilityProtectionProfilefunc GetVulnerabilityProtectionProfile(ctx *Context, name string, id IDInput, state *VulnerabilityProtectionProfileState, opts ...ResourceOption) (*VulnerabilityProtectionProfile, error)public static VulnerabilityProtectionProfile Get(string name, Input<string> id, VulnerabilityProtectionProfileState? state, CustomResourceOptions? opts = null)public static VulnerabilityProtectionProfile get(String name, Output<String> id, VulnerabilityProtectionProfileState state, CustomResourceOptions options)resources: _: type: scm:VulnerabilityProtectionProfile get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- Description
- Device string
- The device in which the resource is defined
- Folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Name string
- Name
- Rules
List<Vulnerability
Protection Profile Rule> - Rules
- Snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Tfid string
- Threat
Exceptions List<VulnerabilityProtection Profile Threat Exception> - Threat exception
- Description string
- Description
- Device string
- The device in which the resource is defined
- Folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Name string
- Name
- Rules
[]Vulnerability
Protection Profile Rule Args - Rules
- Snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- Tfid string
- Threat
Exceptions []VulnerabilityProtection Profile Threat Exception Args - Threat exception
- description String
- Description
- device String
- The device in which the resource is defined
- folder String
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name String
- Name
- rules
List<Vulnerability
Protection Profile Rule> - Rules
- snippet String
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- tfid String
- threat
Exceptions List<VulnerabilityProtection Profile Threat Exception> - Threat exception
- description string
- Description
- device string
- The device in which the resource is defined
- folder string
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name string
- Name
- rules
Vulnerability
Protection Profile Rule[] - Rules
- snippet string
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- tfid string
- threat
Exceptions VulnerabilityProtection Profile Threat Exception[] - Threat exception
- description str
- Description
- device str
- The device in which the resource is defined
- folder str
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name str
- Name
- rules
Sequence[Vulnerability
Protection Profile Rule Args] - Rules
- snippet str
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- tfid str
- threat_
exceptions Sequence[VulnerabilityProtection Profile Threat Exception Args] - Threat exception
- description String
- Description
- device String
- The device in which the resource is defined
- folder String
The folder in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- name String
- Name
- rules List<Property Map>
- Rules
- snippet String
The snippet in which the resource is defined
ℹ️ Note: You must specify exactly one of
device,folder, andsnippet.- tfid String
- threat
Exceptions List<Property Map> - Threat exception
Supporting Types
VulnerabilityProtectionProfileRule, VulnerabilityProtectionProfileRuleArgs
- Action
Vulnerability
Protection Profile Rule Action - vulnerability profiles threat exception default action
- Category string
- Category
- Cves List<string>
- Cve
- Host string
- Host
- Name string
- Name
- Packet
Capture string - Packet capture
- Severities List<string>
- Severity
- Threat
Name string - Threat name
- Vendor
Ids List<string> - Vendor id
- Action
Vulnerability
Protection Profile Rule Action - vulnerability profiles threat exception default action
- Category string
- Category
- Cves []string
- Cve
- Host string
- Host
- Name string
- Name
- Packet
Capture string - Packet capture
- Severities []string
- Severity
- Threat
Name string - Threat name
- Vendor
Ids []string - Vendor id
- action
Vulnerability
Protection Profile Rule Action - vulnerability profiles threat exception default action
- category String
- Category
- cves List<String>
- Cve
- host String
- Host
- name String
- Name
- packet
Capture String - Packet capture
- severities List<String>
- Severity
- threat
Name String - Threat name
- vendor
Ids List<String> - Vendor id
- action
Vulnerability
Protection Profile Rule Action - vulnerability profiles threat exception default action
- category string
- Category
- cves string[]
- Cve
- host string
- Host
- name string
- Name
- packet
Capture string - Packet capture
- severities string[]
- Severity
- threat
Name string - Threat name
- vendor
Ids string[] - Vendor id
- action
Vulnerability
Protection Profile Rule Action - vulnerability profiles threat exception default action
- category str
- Category
- cves Sequence[str]
- Cve
- host str
- Host
- name str
- Name
- packet_
capture str - Packet capture
- severities Sequence[str]
- Severity
- threat_
name str - Threat name
- vendor_
ids Sequence[str] - Vendor id
- action Property Map
- vulnerability profiles threat exception default action
- category String
- Category
- cves List<String>
- Cve
- host String
- Host
- name String
- Name
- packet
Capture String - Packet capture
- severities List<String>
- Severity
- threat
Name String - Threat name
- vendor
Ids List<String> - Vendor id
VulnerabilityProtectionProfileRuleAction, VulnerabilityProtectionProfileRuleActionArgs
- Alert
Vulnerability
Protection Profile Rule Action Alert - Alert
- Allow
Vulnerability
Protection Profile Rule Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Block
Ip VulnerabilityProtection Profile Rule Action Block Ip vulnerability protection block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Default
Vulnerability
Protection Profile Rule Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Drop
Vulnerability
Protection Profile Rule Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Both VulnerabilityProtection Profile Rule Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Client VulnerabilityProtection Profile Rule Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Server VulnerabilityProtection Profile Rule Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- Alert
Vulnerability
Protection Profile Rule Action Alert - Alert
- Allow
Vulnerability
Protection Profile Rule Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Block
Ip VulnerabilityProtection Profile Rule Action Block Ip vulnerability protection block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Default
Vulnerability
Protection Profile Rule Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Drop
Vulnerability
Protection Profile Rule Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Both VulnerabilityProtection Profile Rule Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Client VulnerabilityProtection Profile Rule Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Server VulnerabilityProtection Profile Rule Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- alert
Vulnerability
Protection Profile Rule Action Alert - Alert
- allow
Vulnerability
Protection Profile Rule Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- block
Ip VulnerabilityProtection Profile Rule Action Block Ip vulnerability protection block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- default_
Vulnerability
Protection Profile Rule Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- drop
Vulnerability
Protection Profile Rule Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Both VulnerabilityProtection Profile Rule Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Client VulnerabilityProtection Profile Rule Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Server VulnerabilityProtection Profile Rule Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- alert
Vulnerability
Protection Profile Rule Action Alert - Alert
- allow
Vulnerability
Protection Profile Rule Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- block
Ip VulnerabilityProtection Profile Rule Action Block Ip vulnerability protection block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- default
Vulnerability
Protection Profile Rule Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- drop
Vulnerability
Protection Profile Rule Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Both VulnerabilityProtection Profile Rule Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Client VulnerabilityProtection Profile Rule Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Server VulnerabilityProtection Profile Rule Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- alert
Vulnerability
Protection Profile Rule Action Alert - Alert
- allow
Vulnerability
Protection Profile Rule Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- block_
ip VulnerabilityProtection Profile Rule Action Block Ip vulnerability protection block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- default
Vulnerability
Protection Profile Rule Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- drop
Vulnerability
Protection Profile Rule Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset_
both VulnerabilityProtection Profile Rule Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset_
client VulnerabilityProtection Profile Rule Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset_
server VulnerabilityProtection Profile Rule Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- alert Property Map
- Alert
- allow Property Map
Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- block
Ip Property Map vulnerability protection block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- default Property Map
Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- drop Property Map
Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Both Property Map Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Client Property Map Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Server Property Map Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
VulnerabilityProtectionProfileRuleActionBlockIp, VulnerabilityProtectionProfileRuleActionBlockIpArgs
VulnerabilityProtectionProfileThreatException, VulnerabilityProtectionProfileThreatExceptionArgs
- Action
Vulnerability
Protection Profile Threat Exception Action - vulnerability threat exception default action
- Exempt
Ips List<VulnerabilityProtection Profile Threat Exception Exempt Ip> - Exempt ip
- Name string
- Name
- Notes string
- Notes
- Packet
Capture string - Packet capture
- Time
Attribute VulnerabilityProtection Profile Threat Exception Time Attribute - vulnerability time attribute
- Action
Vulnerability
Protection Profile Threat Exception Action - vulnerability threat exception default action
- Exempt
Ips []VulnerabilityProtection Profile Threat Exception Exempt Ip - Exempt ip
- Name string
- Name
- Notes string
- Notes
- Packet
Capture string - Packet capture
- Time
Attribute VulnerabilityProtection Profile Threat Exception Time Attribute - vulnerability time attribute
- action
Vulnerability
Protection Profile Threat Exception Action - vulnerability threat exception default action
- exempt
Ips List<VulnerabilityProtection Profile Threat Exception Exempt Ip> - Exempt ip
- name String
- Name
- notes String
- Notes
- packet
Capture String - Packet capture
- time
Attribute VulnerabilityProtection Profile Threat Exception Time Attribute - vulnerability time attribute
- action
Vulnerability
Protection Profile Threat Exception Action - vulnerability threat exception default action
- exempt
Ips VulnerabilityProtection Profile Threat Exception Exempt Ip[] - Exempt ip
- name string
- Name
- notes string
- Notes
- packet
Capture string - Packet capture
- time
Attribute VulnerabilityProtection Profile Threat Exception Time Attribute - vulnerability time attribute
- action
Vulnerability
Protection Profile Threat Exception Action - vulnerability threat exception default action
- exempt_
ips Sequence[VulnerabilityProtection Profile Threat Exception Exempt Ip] - Exempt ip
- name str
- Name
- notes str
- Notes
- packet_
capture str - Packet capture
- time_
attribute VulnerabilityProtection Profile Threat Exception Time Attribute - vulnerability time attribute
- action Property Map
- vulnerability threat exception default action
- exempt
Ips List<Property Map> - Exempt ip
- name String
- Name
- notes String
- Notes
- packet
Capture String - Packet capture
- time
Attribute Property Map - vulnerability time attribute
VulnerabilityProtectionProfileThreatExceptionAction, VulnerabilityProtectionProfileThreatExceptionActionArgs
- Alert
Vulnerability
Protection Profile Threat Exception Action Alert - Alert
- Allow
Vulnerability
Protection Profile Threat Exception Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Block
Ip VulnerabilityProtection Profile Threat Exception Action Block Ip vulnerability protection threat exception block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Default
Vulnerability
Protection Profile Threat Exception Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Drop
Vulnerability
Protection Profile Threat Exception Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Both VulnerabilityProtection Profile Threat Exception Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Client VulnerabilityProtection Profile Threat Exception Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Server VulnerabilityProtection Profile Threat Exception Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- Alert
Vulnerability
Protection Profile Threat Exception Action Alert - Alert
- Allow
Vulnerability
Protection Profile Threat Exception Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Block
Ip VulnerabilityProtection Profile Threat Exception Action Block Ip vulnerability protection threat exception block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Default
Vulnerability
Protection Profile Threat Exception Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Drop
Vulnerability
Protection Profile Threat Exception Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Both VulnerabilityProtection Profile Threat Exception Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Client VulnerabilityProtection Profile Threat Exception Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- Reset
Server VulnerabilityProtection Profile Threat Exception Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- alert
Vulnerability
Protection Profile Threat Exception Action Alert - Alert
- allow
Vulnerability
Protection Profile Threat Exception Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- block
Ip VulnerabilityProtection Profile Threat Exception Action Block Ip vulnerability protection threat exception block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- default_
Vulnerability
Protection Profile Threat Exception Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- drop
Vulnerability
Protection Profile Threat Exception Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Both VulnerabilityProtection Profile Threat Exception Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Client VulnerabilityProtection Profile Threat Exception Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Server VulnerabilityProtection Profile Threat Exception Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- alert
Vulnerability
Protection Profile Threat Exception Action Alert - Alert
- allow
Vulnerability
Protection Profile Threat Exception Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- block
Ip VulnerabilityProtection Profile Threat Exception Action Block Ip vulnerability protection threat exception block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- default
Vulnerability
Protection Profile Threat Exception Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- drop
Vulnerability
Protection Profile Threat Exception Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Both VulnerabilityProtection Profile Threat Exception Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Client VulnerabilityProtection Profile Threat Exception Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Server VulnerabilityProtection Profile Threat Exception Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- alert
Vulnerability
Protection Profile Threat Exception Action Alert - Alert
- allow
Vulnerability
Protection Profile Threat Exception Action Allow Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- block_
ip VulnerabilityProtection Profile Threat Exception Action Block Ip vulnerability protection threat exception block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- default
Vulnerability
Protection Profile Threat Exception Action Default Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- drop
Vulnerability
Protection Profile Threat Exception Action Drop Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset_
both VulnerabilityProtection Profile Threat Exception Action Reset Both Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset_
client VulnerabilityProtection Profile Threat Exception Action Reset Client Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset_
server VulnerabilityProtection Profile Threat Exception Action Reset Server Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
- alert Property Map
- Alert
- allow Property Map
Allow
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- block
Ip Property Map vulnerability protection threat exception block ip
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- default Property Map
Default
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- drop Property Map
Drop
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Both Property Map Reset both
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Client Property Map Reset client
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.- reset
Server Property Map Reset server
ℹ️ Note: You must specify exactly one of
alert,allow,block_ip,default,drop,reset_both,reset_client, andreset_server.
VulnerabilityProtectionProfileThreatExceptionActionBlockIp, VulnerabilityProtectionProfileThreatExceptionActionBlockIpArgs
VulnerabilityProtectionProfileThreatExceptionExemptIp, VulnerabilityProtectionProfileThreatExceptionExemptIpArgs
- Name string
- Name
- Name string
- Name
- name String
- Name
- name string
- Name
- name str
- Name
- name String
- Name
VulnerabilityProtectionProfileThreatExceptionTimeAttribute, VulnerabilityProtectionProfileThreatExceptionTimeAttributeArgs
Package Details
- Repository
- scm pulumi/pulumi-scm
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
scmTerraform Provider.
Strata Cloud Manager v1.0.1 published on Wednesday, Nov 26, 2025 by Pulumi
