pulumi-azure-native-kotlin/com.pulumi.azurenative.network.kotlin/AdminRuleArgs

AdminRuleArgs

data class AdminRuleArgs(val access: Output<Either<String, SecurityConfigurationRuleAccess>>? = null, val configurationName: Output<String>? = null, val description: Output<String>? = null, val destinationPortRanges: Output<List<String>>? = null, val destinations: Output<List<AddressPrefixItemArgs>>? = null, val direction: Output<Either<String, SecurityConfigurationRuleDirection>>? = null, val kind: Output<String>? = null, val networkManagerName: Output<String>? = null, val priority: Output<Int>? = null, val protocol: Output<Either<String, SecurityConfigurationRuleProtocol>>? = null, val resourceGroupName: Output<String>? = null, val ruleCollectionName: Output<String>? = null, val ruleName: Output<String>? = null, val sourcePortRanges: Output<List<String>>? = null, val sources: Output<List<AddressPrefixItemArgs>>? = null) : ConvertibleToJava<AdminRuleArgs>

Network admin rule. Uses Azure REST API version 2024-05-01. In version 2.x of the Azure Native provider, it used API version 2023-02-01. Other available API versions: 2021-02-01-preview, 2022-01-01, 2022-02-01-preview, 2022-04-01-preview, 2022-05-01, 2022-07-01, 2022-09-01, 2022-11-01, 2023-02-01, 2023-04-01, 2023-05-01, 2023-06-01, 2023-09-01, 2023-11-01, 2024-01-01, 2024-01-01-preview, 2024-03-01, 2024-07-01. These can be accessed by generating a local SDK package using the CLI command pulumi package add azure-native network [ApiVersion]. See the ../../../version-guide/#accessing-any-api-version-via-local-packages for details.

Example Usage

Create a admin rule with network group as source or destination

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var adminRule = new AzureNative.Network.AdminRule("adminRule", new()
    {
        Access = AzureNative.Network.SecurityConfigurationRuleAccess.Deny,
        ConfigurationName = "myTestSecurityConfig",
        Description = "This is Sample Admin Rule",
        DestinationPortRanges = new[]
        {
            "22",
        },
        Destinations = new[]
        {
            new AzureNative.Network.Inputs.AddressPrefixItemArgs
            {
                AddressPrefix = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/networkGroups/ng1",
                AddressPrefixType = "NetworkGroup",
            },
        },
        Direction = AzureNative.Network.SecurityConfigurationRuleDirection.Inbound,
        Kind = "Custom",
        NetworkManagerName = "testNetworkManager",
        Priority = 1,
        Protocol = AzureNative.Network.SecurityConfigurationRuleProtocol.Tcp,
        ResourceGroupName = "rg1",
        RuleCollectionName = "testRuleCollection",
        RuleName = "SampleAdminRule",
        SourcePortRanges = new[]
        {
            "0-65535",
        },
        Sources = new[]
        {
            new AzureNative.Network.Inputs.AddressPrefixItemArgs
            {
                AddressPrefix = "Internet",
                AddressPrefixType = AzureNative.Network.AddressPrefixType.ServiceTag,
            },
        },
    });
});

package main
import (
	network "github.com/pulumi/pulumi-azure-native-sdk/network/v3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := network.NewAdminRule(ctx, "adminRule", &network.AdminRuleArgs{
			Access:            pulumi.String(network.SecurityConfigurationRuleAccessDeny),
			ConfigurationName: pulumi.String("myTestSecurityConfig"),
			Description:       pulumi.String("This is Sample Admin Rule"),
			DestinationPortRanges: pulumi.StringArray{
				pulumi.String("22"),
			},
			Destinations: network.AddressPrefixItemArray{
				&network.AddressPrefixItemArgs{
					AddressPrefix:     pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/networkGroups/ng1"),
					AddressPrefixType: pulumi.String("NetworkGroup"),
				},
			},
			Direction:          pulumi.String(network.SecurityConfigurationRuleDirectionInbound),
			Kind:               pulumi.String("Custom"),
			NetworkManagerName: pulumi.String("testNetworkManager"),
			Priority:           pulumi.Int(1),
			Protocol:           pulumi.String(network.SecurityConfigurationRuleProtocolTcp),
			ResourceGroupName:  pulumi.String("rg1"),
			RuleCollectionName: pulumi.String("testRuleCollection"),
			RuleName:           pulumi.String("SampleAdminRule"),
			SourcePortRanges: pulumi.StringArray{
				pulumi.String("0-65535"),
			},
			Sources: network.AddressPrefixItemArray{
				&network.AddressPrefixItemArgs{
					AddressPrefix:     pulumi.String("Internet"),
					AddressPrefixType: pulumi.String(network.AddressPrefixTypeServiceTag),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.network.AdminRule;
import com.pulumi.azurenative.network.AdminRuleArgs;
import com.pulumi.azurenative.network.inputs.AddressPrefixItemArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var adminRule = new AdminRule("adminRule", AdminRuleArgs.builder()
            .access("Deny")
            .configurationName("myTestSecurityConfig")
            .description("This is Sample Admin Rule")
            .destinationPortRanges("22")
            .destinations(AddressPrefixItemArgs.builder()
                .addressPrefix("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/networkManagers/testNetworkManager/networkGroups/ng1")
                .addressPrefixType("NetworkGroup")
                .build())
            .direction("Inbound")
            .kind("Custom")
            .networkManagerName("testNetworkManager")
            .priority(1)
            .protocol("Tcp")
            .resourceGroupName("rg1")
            .ruleCollectionName("testRuleCollection")
            .ruleName("SampleAdminRule")
            .sourcePortRanges("0-65535")
            .sources(AddressPrefixItemArgs.builder()
                .addressPrefix("Internet")
                .addressPrefixType("ServiceTag")
                .build())
            .build());
    }
}

Create an admin rule

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var adminRule = new AzureNative.Network.AdminRule("adminRule", new()
    {
        Access = AzureNative.Network.SecurityConfigurationRuleAccess.Deny,
        ConfigurationName = "myTestSecurityConfig",
        Description = "This is Sample Admin Rule",
        DestinationPortRanges = new[]
        {
            "22",
        },
        Destinations = new[]
        {
            new AzureNative.Network.Inputs.AddressPrefixItemArgs
            {
                AddressPrefix = "*",
                AddressPrefixType = AzureNative.Network.AddressPrefixType.IPPrefix,
            },
        },
        Direction = AzureNative.Network.SecurityConfigurationRuleDirection.Inbound,
        Kind = "Custom",
        NetworkManagerName = "testNetworkManager",
        Priority = 1,
        Protocol = AzureNative.Network.SecurityConfigurationRuleProtocol.Tcp,
        ResourceGroupName = "rg1",
        RuleCollectionName = "testRuleCollection",
        RuleName = "SampleAdminRule",
        SourcePortRanges = new[]
        {
            "0-65535",
        },
        Sources = new[]
        {
            new AzureNative.Network.Inputs.AddressPrefixItemArgs
            {
                AddressPrefix = "Internet",
                AddressPrefixType = AzureNative.Network.AddressPrefixType.ServiceTag,
            },
        },
    });
});

package main
import (
	network "github.com/pulumi/pulumi-azure-native-sdk/network/v3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := network.NewAdminRule(ctx, "adminRule", &network.AdminRuleArgs{
			Access:            pulumi.String(network.SecurityConfigurationRuleAccessDeny),
			ConfigurationName: pulumi.String("myTestSecurityConfig"),
			Description:       pulumi.String("This is Sample Admin Rule"),
			DestinationPortRanges: pulumi.StringArray{
				pulumi.String("22"),
			},
			Destinations: network.AddressPrefixItemArray{
				&network.AddressPrefixItemArgs{
					AddressPrefix:     pulumi.String("*"),
					AddressPrefixType: pulumi.String(network.AddressPrefixTypeIPPrefix),
				},
			},
			Direction:          pulumi.String(network.SecurityConfigurationRuleDirectionInbound),
			Kind:               pulumi.String("Custom"),
			NetworkManagerName: pulumi.String("testNetworkManager"),
			Priority:           pulumi.Int(1),
			Protocol:           pulumi.String(network.SecurityConfigurationRuleProtocolTcp),
			ResourceGroupName:  pulumi.String("rg1"),
			RuleCollectionName: pulumi.String("testRuleCollection"),
			RuleName:           pulumi.String("SampleAdminRule"),
			SourcePortRanges: pulumi.StringArray{
				pulumi.String("0-65535"),
			},
			Sources: network.AddressPrefixItemArray{
				&network.AddressPrefixItemArgs{
					AddressPrefix:     pulumi.String("Internet"),
					AddressPrefixType: pulumi.String(network.AddressPrefixTypeServiceTag),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.network.AdminRule;
import com.pulumi.azurenative.network.AdminRuleArgs;
import com.pulumi.azurenative.network.inputs.AddressPrefixItemArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var adminRule = new AdminRule("adminRule", AdminRuleArgs.builder()
            .access("Deny")
            .configurationName("myTestSecurityConfig")
            .description("This is Sample Admin Rule")
            .destinationPortRanges("22")
            .destinations(AddressPrefixItemArgs.builder()
                .addressPrefix("*")
                .addressPrefixType("IPPrefix")
                .build())
            .direction("Inbound")
            .kind("Custom")
            .networkManagerName("testNetworkManager")
            .priority(1)
            .protocol("Tcp")
            .resourceGroupName("rg1")
            .ruleCollectionName("testRuleCollection")
            .ruleName("SampleAdminRule")
            .sourcePortRanges("0-65535")
            .sources(AddressPrefixItemArgs.builder()
                .addressPrefix("Internet")
                .addressPrefixType("ServiceTag")
                .build())
            .build());
    }
}

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:network:AdminRule SampleAdminRule /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityAdminConfigurations/{configurationName}/ruleCollections/{ruleCollectionName}/rules/{ruleName}

Constructors

AdminRuleArgs

constructor(access: Output<Either<String, SecurityConfigurationRuleAccess>>? = null, configurationName: Output<String>? = null, description: Output<String>? = null, destinationPortRanges: Output<List<String>>? = null, destinations: Output<List<AddressPrefixItemArgs>>? = null, direction: Output<Either<String, SecurityConfigurationRuleDirection>>? = null, kind: Output<String>? = null, networkManagerName: Output<String>? = null, priority: Output<Int>? = null, protocol: Output<Either<String, SecurityConfigurationRuleProtocol>>? = null, resourceGroupName: Output<String>? = null, ruleCollectionName: Output<String>? = null, ruleName: Output<String>? = null, sourcePortRanges: Output<List<String>>? = null, sources: Output<List<AddressPrefixItemArgs>>? = null)

Properties

access

val access: Output<Either<String, SecurityConfigurationRuleAccess>>? = null

Indicates the access allowed for this particular rule

configurationName

val configurationName: Output<String>? = null

The name of the network manager Security Configuration.

description

val description: Output<String>? = null

A description for this rule. Restricted to 140 chars.

destinationPortRanges

val destinationPortRanges: Output<List<String>>? = null

The destination port ranges.

destinations

val destinations: Output<List<AddressPrefixItemArgs>>? = null

The destination address prefixes. CIDR or destination IP ranges.

direction

val direction: Output<Either<String, SecurityConfigurationRuleDirection>>? = null

Indicates if the traffic matched against the rule in inbound or outbound.

kind

val kind: Output<String>? = null

Whether the rule is custom or default. Expected value is 'Custom'.

networkManagerName

val networkManagerName: Output<String>? = null

The name of the network manager.

priority

val priority: Output<Int>? = null

The priority of the rule. The value can be between 1 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.

protocol