pulumi-azure-kotlin/com.pulumi.azure.paloalto.kotlin/LocalRulestackRuleArgs

LocalRulestackRuleArgs

data class LocalRulestackRuleArgs(val action: Output<String>? = null, val applications: Output<List<String>>? = null, val auditComment: Output<String>? = null, val category: Output<LocalRulestackRuleCategoryArgs>? = null, val decryptionRuleType: Output<String>? = null, val description: Output<String>? = null, val destination: Output<LocalRulestackRuleDestinationArgs>? = null, val enabled: Output<Boolean>? = null, val inspectionCertificateId: Output<String>? = null, val loggingEnabled: Output<Boolean>? = null, val name: Output<String>? = null, val negateDestination: Output<Boolean>? = null, val negateSource: Output<Boolean>? = null, val priority: Output<Int>? = null, val protocol: Output<String>? = null, val protocolPorts: Output<List<String>>? = null, val rulestackId: Output<String>? = null, val source: Output<LocalRulestackRuleSourceArgs>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<LocalRulestackRuleArgs>

Manages a Palo Alto Local Rulestack Rule.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
    name: "rg-example",
    location: "West Europe",
});
const exampleLocalRulestack = new azure.paloalto.LocalRulestack("example", {
    name: "lrs-example",
    resourceGroupName: example.name,
    location: example.location,
});
const exampleLocalRulestackRule = new azure.paloalto.LocalRulestackRule("example", {
    name: "example-rule",
    rulestackId: exampleLocalRulestack.id,
    priority: 1000,
    action: "Allow",
    protocol: "application-default",
    applications: ["any"],
    source: {
        cidrs: ["10&#46;0&#46;0&#46;0/8"],
    },
    destination: {
        cidrs: ["192&#46;168&#46;16&#46;0/24"],
    },
});
Content copied to clipboard
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
    name="rg-example",
    location="West Europe")
example_local_rulestack = azure.paloalto.LocalRulestack("example",
    name="lrs-example",
    resource_group_name=example.name,
    location=example.location)
example_local_rulestack_rule = azure.paloalto.LocalRulestackRule("example",
    name="example-rule",
    rulestack_id=example_local_rulestack.id,
    priority=1000,
    action="Allow",
    protocol="application-default",
    applications=["any"],
    source={
        "cidrs": ["10&#46;0&#46;0&#46;0/8"],
    },
    destination={
        "cidrs": ["192&#46;168&#46;16&#46;0/24"],
    })
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
    var example = new Azure.Core.ResourceGroup("example", new()
    {
        Name = "rg-example",
        Location = "West Europe",
    });
    var exampleLocalRulestack = new Azure.PaloAlto.LocalRulestack("example", new()
    {
        Name = "lrs-example",
        ResourceGroupName = example.Name,
        Location = example.Location,
    });
    var exampleLocalRulestackRule = new Azure.PaloAlto.LocalRulestackRule("example", new()
    {
        Name = "example-rule",
        RulestackId = exampleLocalRulestack.Id,
        Priority = 1000,
        Action = "Allow",
        Protocol = "application-default",
        Applications = new[]
        {
            "any",
        },
        Source = new Azure.PaloAlto.Inputs.LocalRulestackRuleSourceArgs
        {
            Cidrs = new[]
            {
                "10.0.0.0/8",
            },
        },
        Destination = new Azure.PaloAlto.Inputs.LocalRulestackRuleDestinationArgs
        {
            Cidrs = new[]
            {
                "192.168.16.0/24",
            },
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/paloalto"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
			Name:     pulumi.String("rg-example"),
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleLocalRulestack, err := paloalto.NewLocalRulestack(ctx, "example", &paloalto.LocalRulestackArgs{
			Name:              pulumi.String("lrs-example"),
			ResourceGroupName: example.Name,
			Location:          example.Location,
		})
		if err != nil {
			return err
		}
		_, err = paloalto.NewLocalRulestackRule(ctx, "example", &paloalto.LocalRulestackRuleArgs{
			Name:        pulumi.String("example-rule"),
			RulestackId: exampleLocalRulestack.ID(),
			Priority:    pulumi.Int(1000),
			Action:      pulumi.String("Allow"),
			Protocol:    pulumi.String("application-default"),
			Applications: pulumi.StringArray{
				pulumi.String("any"),
			},
			Source: &paloalto.LocalRulestackRuleSourceArgs{
				Cidrs: pulumi.StringArray{
					pulumi.String("10.0.0.0/8"),
				},
			},
			Destination: &paloalto.LocalRulestackRuleDestinationArgs{
				Cidrs: pulumi.StringArray{
					pulumi.String("192.168.16.0/24"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.paloalto.LocalRulestack;
import com.pulumi.azure.paloalto.LocalRulestackArgs;
import com.pulumi.azure.paloalto.LocalRulestackRule;
import com.pulumi.azure.paloalto.LocalRulestackRuleArgs;
import com.pulumi.azure.paloalto.inputs.LocalRulestackRuleSourceArgs;
import com.pulumi.azure.paloalto.inputs.LocalRulestackRuleDestinationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("rg-example")
            .location("West Europe")
            .build());
        var exampleLocalRulestack = new LocalRulestack("exampleLocalRulestack", LocalRulestackArgs.builder()
            .name("lrs-example")
            .resourceGroupName(example.name())
            .location(example.location())
            .build());
        var exampleLocalRulestackRule = new LocalRulestackRule("exampleLocalRulestackRule", LocalRulestackRuleArgs.builder()
            .name("example-rule")
            .rulestackId(exampleLocalRulestack.id())
            .priority(1000)
            .action("Allow")
            .protocol("application-default")
            .applications("any")
            .source(LocalRulestackRuleSourceArgs.builder()
                .cidrs("10.0.0.0/8")
                .build())
            .destination(LocalRulestackRuleDestinationArgs.builder()
                .cidrs("192.168.16.0/24")
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      name: rg-example
      location: West Europe
  exampleLocalRulestack:
    type: azure:paloalto:LocalRulestack
    name: example
    properties:
      name: lrs-example
      resourceGroupName: ${example.name}
      location: ${example.location}
  exampleLocalRulestackRule:
    type: azure:paloalto:LocalRulestackRule
    name: example
    properties:
      name: example-rule
      rulestackId: ${exampleLocalRulestack.id}
      priority: 1000
      action: Allow
      protocol: application-default
      applications:
        - any
      source:
        cidrs:
          - 10.0.0.0/8
      destination:
        cidrs:
          - 192.168.16.0/24
Content copied to clipboard

Import

Palo Alto Local Rulestack Rules can be imported using the resource id, e.g.

$ pulumi import azure:paloalto/localRulestackRule:LocalRulestackRule example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/PaloAltoNetworks.Cloudngfw/localRulestacks/myLocalRulestack/localRules/myRule1
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(action: Output<String>? = null, applications: Output<List<String>>? = null, auditComment: Output<String>? = null, category: Output<LocalRulestackRuleCategoryArgs>? = null, decryptionRuleType: Output<String>? = null, description: Output<String>? = null, destination: Output<LocalRulestackRuleDestinationArgs>? = null, enabled: Output<Boolean>? = null, inspectionCertificateId: Output<String>? = null, loggingEnabled: Output<Boolean>? = null, name: Output<String>? = null, negateDestination: Output<Boolean>? = null, negateSource: Output<Boolean>? = null, priority: Output<Int>? = null, protocol: Output<String>? = null, protocolPorts: Output<List<String>>? = null, rulestackId: Output<String>? = null, source: Output<LocalRulestackRuleSourceArgs>? = null, tags: Output<Map<String, String>>? = null)

Properties

Link copied to clipboard
val action: Output<String>? = null

The action to take on the rule being triggered. Possible values are Allow, DenyResetBoth, DenyResetServer and DenySilent.

Link copied to clipboard
val applications: Output<List<String>>? = null

Specifies a list of Applications.

Link copied to clipboard
val auditComment: Output<String>? = null

The comment for Audit purposes.

Link copied to clipboard
val category: Output<LocalRulestackRuleCategoryArgs>? = null

A category block as defined below.

Link copied to clipboard
val decryptionRuleType: Output<String>? = null

The type of Decryption to perform on the rule. Possible values include SSLInboundInspection, SSLOutboundInspection, and None. Defaults to None.

Link copied to clipboard
val description: Output<String>? = null

The description for the rule.

Link copied to clipboard
val destination: Output<LocalRulestackRuleDestinationArgs>? = null

One or more destination blocks as defined below.

Link copied to clipboard
val enabled: Output<Boolean>? = null

Should this Rule be enabled? Defaults to true.

Link copied to clipboard
val inspectionCertificateId: Output<String>? = null

The ID of the certificate for inbound inspection. Only valid when decryption_rule_type is set to SSLInboundInspection.

Link copied to clipboard
val loggingEnabled: Output<Boolean>? = null

Should Logging be enabled? Defaults to false.

Link copied to clipboard
val name: Output<String>? = null

The name which should be used for this Palo Alto Local Rulestack Rule.

Link copied to clipboard
val negateDestination: Output<Boolean>? = null

Should the inverse of the Destination configuration be used. Defaults to false.

Link copied to clipboard
val negateSource: Output<Boolean>? = null

Should the inverse of the Source configuration be used. Defaults to false.

Link copied to clipboard
val priority: Output<Int>? = null

The Priority of this rule. Rules are executed in numerical order. Changing this forces a new Palo Alto Local Rulestack Rule to be created.

Link copied to clipboard
val protocol: Output<String>? = null

The Protocol and port to use in the form [protocol]:[port_number] e.g. TCP:8080 or UDP:53. Conflicts with protocol_ports. Defaults to application-default.

Link copied to clipboard
val protocolPorts: Output<List<String>>? = null

Specifies a list of Protocol:Port entries. E.g. [ "TCP:80", "UDP:5431" ]. Conflicts with protocol.

Link copied to clipboard
val rulestackId: Output<String>? = null

The ID of the Local Rulestack in which to create this Rule. Changing this forces a new Palo Alto Local Rulestack Rule to be created.

Link copied to clipboard
val source: Output<LocalRulestackRuleSourceArgs>? = null

One or more source blocks as defined below.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

A mapping of tags which should be assigned to the Palo Alto Local Rulestack Rule.

Functions

Link copied to clipboard
open override fun toJava(): LocalRulestackRuleArgs