Local
Manages a Palo Alto Local Rulestack Rule.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "rg-example",
location: "West Europe",
});
const exampleLocalRulestack = new azure.paloalto.LocalRulestack("example", {
name: "lrs-example",
resourceGroupName: example.name,
location: example.location,
});
const exampleLocalRulestackRule = new azure.paloalto.LocalRulestackRule("example", {
name: "example-rule",
rulestackId: exampleLocalRulestack.id,
priority: 1000,
action: "Allow",
protocol: "application-default",
applications: ["any"],
source: {
cidrs: ["10.0.0.0/8"],
},
destination: {
cidrs: ["192.168.16.0/24"],
},
});Content copied to clipboard
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="rg-example",
location="West Europe")
example_local_rulestack = azure.paloalto.LocalRulestack("example",
name="lrs-example",
resource_group_name=example.name,
location=example.location)
example_local_rulestack_rule = azure.paloalto.LocalRulestackRule("example",
name="example-rule",
rulestack_id=example_local_rulestack.id,
priority=1000,
action="Allow",
protocol="application-default",
applications=["any"],
source={
"cidrs": ["10.0.0.0/8"],
},
destination={
"cidrs": ["192.168.16.0/24"],
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "rg-example",
Location = "West Europe",
});
var exampleLocalRulestack = new Azure.PaloAlto.LocalRulestack("example", new()
{
Name = "lrs-example",
ResourceGroupName = example.Name,
Location = example.Location,
});
var exampleLocalRulestackRule = new Azure.PaloAlto.LocalRulestackRule("example", new()
{
Name = "example-rule",
RulestackId = exampleLocalRulestack.Id,
Priority = 1000,
Action = "Allow",
Protocol = "application-default",
Applications = new[]
{
"any",
},
Source = new Azure.PaloAlto.Inputs.LocalRulestackRuleSourceArgs
{
Cidrs = new[]
{
"10.0.0.0/8",
},
},
Destination = new Azure.PaloAlto.Inputs.LocalRulestackRuleDestinationArgs
{
Cidrs = new[]
{
"192.168.16.0/24",
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/paloalto"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("rg-example"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleLocalRulestack, err := paloalto.NewLocalRulestack(ctx, "example", &paloalto.LocalRulestackArgs{
Name: pulumi.String("lrs-example"),
ResourceGroupName: example.Name,
Location: example.Location,
})
if err != nil {
return err
}
_, err = paloalto.NewLocalRulestackRule(ctx, "example", &paloalto.LocalRulestackRuleArgs{
Name: pulumi.String("example-rule"),
RulestackId: exampleLocalRulestack.ID(),
Priority: pulumi.Int(1000),
Action: pulumi.String("Allow"),
Protocol: pulumi.String("application-default"),
Applications: pulumi.StringArray{
pulumi.String("any"),
},
Source: &paloalto.LocalRulestackRuleSourceArgs{
Cidrs: pulumi.StringArray{
pulumi.String("10.0.0.0/8"),
},
},
Destination: &paloalto.LocalRulestackRuleDestinationArgs{
Cidrs: pulumi.StringArray{
pulumi.String("192.168.16.0/24"),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.paloalto.LocalRulestack;
import com.pulumi.azure.paloalto.LocalRulestackArgs;
import com.pulumi.azure.paloalto.LocalRulestackRule;
import com.pulumi.azure.paloalto.LocalRulestackRuleArgs;
import com.pulumi.azure.paloalto.inputs.LocalRulestackRuleSourceArgs;
import com.pulumi.azure.paloalto.inputs.LocalRulestackRuleDestinationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("rg-example")
.location("West Europe")
.build());
var exampleLocalRulestack = new LocalRulestack("exampleLocalRulestack", LocalRulestackArgs.builder()
.name("lrs-example")
.resourceGroupName(example.name())
.location(example.location())
.build());
var exampleLocalRulestackRule = new LocalRulestackRule("exampleLocalRulestackRule", LocalRulestackRuleArgs.builder()
.name("example-rule")
.rulestackId(exampleLocalRulestack.id())
.priority(1000)
.action("Allow")
.protocol("application-default")
.applications("any")
.source(LocalRulestackRuleSourceArgs.builder()
.cidrs("10.0.0.0/8")
.build())
.destination(LocalRulestackRuleDestinationArgs.builder()
.cidrs("192.168.16.0/24")
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: azure:core:ResourceGroup
properties:
name: rg-example
location: West Europe
exampleLocalRulestack:
type: azure:paloalto:LocalRulestack
name: example
properties:
name: lrs-example
resourceGroupName: ${example.name}
location: ${example.location}
exampleLocalRulestackRule:
type: azure:paloalto:LocalRulestackRule
name: example
properties:
name: example-rule
rulestackId: ${exampleLocalRulestack.id}
priority: 1000
action: Allow
protocol: application-default
applications:
- any
source:
cidrs:
- 10.0.0.0/8
destination:
cidrs:
- 192.168.16.0/24Content copied to clipboard
API Providers
This resource uses the following Azure API Providers:
PaloAltoNetworks.Cloudngfw: 2022-08-29
Import
Palo Alto Local Rulestack Rules can be imported using the resource id, e.g.
$ pulumi import azure:paloalto/localRulestackRule:LocalRulestackRule example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/PaloAltoNetworks.Cloudngfw/localRulestacks/myLocalRulestack/localRules/myRule1Content copied to clipboard
Properties
Link copied to clipboard
Specifies a list of Applications.
Link copied to clipboard
The comment for Audit purposes.
Link copied to clipboard
A category block as defined below.
Link copied to clipboard
The type of Decryption to perform on the rule. Possible values include SSLInboundInspection, SSLOutboundInspection, and None. Defaults to None.
Link copied to clipboard
The description for the rule.
Link copied to clipboard
One or more destination blocks as defined below.
Link copied to clipboard
The ID of the certificate for inbound inspection. Only valid when decryption_rule_type is set to SSLInboundInspection.
Link copied to clipboard
Should Logging be enabled? Defaults to false.
Link copied to clipboard
Should the inverse of the Destination configuration be used. Defaults to false.
Link copied to clipboard
Should the inverse of the Source configuration be used. Defaults to false.
Link copied to clipboard
Specifies a list of Protocol:Port entries. E.g. [ "TCP:80", "UDP:5431" ]. Conflicts with protocol.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The ID of the Local Rulestack in which to create this Rule. Changing this forces a new Palo Alto Local Rulestack Rule to be created.
Link copied to clipboard
One or more source blocks as defined below.