@pulumi/scm 0.4.2-alpha.1760375664 → 0.4.3

package/zoneProtectionProfile.d.ts

@@ -0,0 +1,523 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as inputs from "./types/input";
+import * as outputs from "./types/output";
+/**
+ * ZoneProtectionProfile resource
+ */
+export declare class ZoneProtectionProfile extends pulumi.CustomResource {
+    /**
+     * Get an existing ZoneProtectionProfile resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ZoneProtectionProfileState, opts?: pulumi.CustomResourceOptions): ZoneProtectionProfile;
+    /**
+     * Returns true if the given object is an instance of ZoneProtectionProfile.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is ZoneProtectionProfile;
+    /**
+     * Determine whether to drop or bypass packets that contain out-of-sync ACKs or out-of-window sequence numbers:
+     * * `global` — Use system-wide setting that is assigned through TCP Settings or the CLI.
+     * * `drop` — Drop packets that contain an asymmetric path.
+     * * `bypass` — Bypass scanning on packets that contain an asymmetric path.
+     */
+    readonly asymmetricPath: pulumi.Output<string | undefined>;
+    /**
+     * The description of the profile
+     */
+    readonly description: pulumi.Output<string | undefined>;
+    /**
+     * The device in which the resource is defined
+     */
+    readonly device: pulumi.Output<string | undefined>;
+    /**
+     * Discard ICMP packets that are embedded with an error message.
+     */
+    readonly discardIcmpEmbeddedError: pulumi.Output<boolean | undefined>;
+    /**
+     * Flood
+     */
+    readonly flood: pulumi.Output<outputs.ZoneProtectionProfileFlood | undefined>;
+    /**
+     * The folder in which the resource is defined
+     */
+    readonly folder: pulumi.Output<string | undefined>;
+    /**
+     * Discard fragmented IP packets.
+     */
+    readonly fragmentedTrafficDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Discard packets that consist of ICMP fragments.
+     */
+    readonly icmpFragDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Discard ICMP packets that are larger than 1024 bytes.
+     */
+    readonly icmpLargePacketDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Discard packets if the ICMP ping packet has an identifier value of 0.
+     */
+    readonly icmpPingZeroIdDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Ipv6
+     */
+    readonly ipv6: pulumi.Output<outputs.ZoneProtectionProfileIpv6 | undefined>;
+    /**
+     * L2 sec group tag protection
+     */
+    readonly l2SecGroupTagProtection: pulumi.Output<outputs.ZoneProtectionProfileL2SecGroupTagProtection | undefined>;
+    /**
+     * Discard packets with the Loose Source Routing IP option set. Loose Source Routing is an option whereby a source of a datagram provides routing information and a gateway or host is allowed to choose any route of a number of intermediate gateways to get the datagram to the next address in the route.
+     */
+    readonly looseSourceRoutingDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Discard packets if they have incorrect combinations of class, number, and length based on RFCs 791, 1108, 1393, and 2113.
+     */
+    readonly malformedOptionDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Drop packets with mismatched overlapping TCP segments.
+     */
+    readonly mismatchedOverlappingTcpSegmentDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * MPTCP is an extension of TCP that allows a client to maintain a connection by simultaneously using multiple paths to connect to the destination host. By default, MPTCP support is disabled, based on the global MPTCP setting.  Review or adjust the MPTCP settings for the security zones associated with this profile:
+     * * `no` — Enable MPTCP support (do not strip the MPTCP option).
+     * * `yes` — Disable MPTCP support (strip the MPTCP option). With this configured, MPTCP connections are converted to standard TCP connections, as MPTCP is backwards compatible with TCP.
+     * * `global` — Support MPTCP based on the global MPTCP setting. By default, the global MPTCP setting is set to yes so that MPTCP is disabled (the MPTCP option is stripped from the packet).
+     */
+    readonly mptcpOptionStrip: pulumi.Output<string>;
+    /**
+     * The profile name
+     */
+    readonly name: pulumi.Output<string>;
+    /**
+     * Non ip protocol
+     */
+    readonly nonIpProtocol: pulumi.Output<outputs.ZoneProtectionProfileNonIpProtocol | undefined>;
+    /**
+     * Discard packets with the Record Route IP option set. When a datagram has this option, each router that routes the datagram adds its own IP address to the header, thus providing the path to the recipient.
+     */
+    readonly recordRouteDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Determine whether to reject the packet if the first packet for the TCP session setup is not a SYN packet:
+     * * `global` — Use system-wide setting that is assigned through the CLI.
+     * * `yes` — Reject non-SYN TCP.
+     * * `no` — Accept non-SYN TCP.
+     */
+    readonly rejectNonSynTcp: pulumi.Output<string | undefined>;
+    /**
+     * Scan white list
+     */
+    readonly scanWhiteLists: pulumi.Output<outputs.ZoneProtectionProfileScanWhiteList[] | undefined>;
+    /**
+     * Scan
+     */
+    readonly scans: pulumi.Output<outputs.ZoneProtectionProfileScan[] | undefined>;
+    /**
+     * Discard packets if the security option is defined.
+     */
+    readonly securityDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * The snippet in which the resource is defined
+     */
+    readonly snippet: pulumi.Output<string | undefined>;
+    /**
+     * Check that the source IP address of the ingress packet is routable and the routing interface is in the same zone as the ingress interface. If either condition is not true, discard the packet.
+     */
+    readonly spoofedIpDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Discard packets if the Stream ID option is defined.
+     */
+    readonly streamIdDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Check that both conditions are true:
+     * * The source IP address is not the subnet broadcast IP address of the ingress interface.
+     * * The source IP address is routable over the exact ingress interface.
+     * If either condition is not true, discard the packet.
+     */
+    readonly strictIpCheck: pulumi.Output<boolean | undefined>;
+    /**
+     * Discard packets with the Strict Source Routing IP option set. Strict Source Routing is an option whereby a source of a datagram provides routing information through which a gateway or host must send the datagram.
+     */
+    readonly strictSourceRoutingDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Stop sending ICMP fragmentation needed messages in response to packets that exceed the interface MTU and have the do not fragment (DF) bit set. This setting will interfere with the PMTUD process performed by hosts behind the firewall.
+     */
+    readonly suppressIcmpNeedfrag: pulumi.Output<boolean | undefined>;
+    /**
+     * Stop sending ICMP TTL expired messages.
+     */
+    readonly suppressIcmpTimeexceeded: pulumi.Output<boolean | undefined>;
+    /**
+     * Strip the TCP Fast Open option (and data payload, if any) from the TCP SYN or SYN-ACK packet during a TCP three-way handshake.
+     */
+    readonly tcpFastOpenAndDataStrip: pulumi.Output<boolean | undefined>;
+    /**
+     * Drop packets with split handshakes.
+     */
+    readonly tcpHandshakeDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Prevent a TCP session from being established if the TCP SYN packet contains data during a three-way handshake.
+     */
+    readonly tcpSynWithDataDiscard: pulumi.Output<boolean>;
+    /**
+     * Prevent a TCP session from being established if the TCP SYN-ACK packet contains data during a three-way handshake.
+     */
+    readonly tcpSynackWithDataDiscard: pulumi.Output<boolean>;
+    /**
+     * Determine whether the packet has a TCP timestamp in the header and, if it does, strip the timestamp from the header.
+     */
+    readonly tcpTimestampStrip: pulumi.Output<boolean | undefined>;
+    readonly tfid: pulumi.Output<string>;
+    /**
+     * Discard packets with the Timestamp IP option set.
+     */
+    readonly timestampDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Discard packets if the class and number are unknown.
+     */
+    readonly unknownOptionDiscard: pulumi.Output<boolean | undefined>;
+    /**
+     * Create a ZoneProtectionProfile resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args?: ZoneProtectionProfileArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering ZoneProtectionProfile resources.
+ */
+export interface ZoneProtectionProfileState {
+    /**
+     * Determine whether to drop or bypass packets that contain out-of-sync ACKs or out-of-window sequence numbers:
+     * * `global` — Use system-wide setting that is assigned through TCP Settings or the CLI.
+     * * `drop` — Drop packets that contain an asymmetric path.
+     * * `bypass` — Bypass scanning on packets that contain an asymmetric path.
+     */
+    asymmetricPath?: pulumi.Input<string>;
+    /**
+     * The description of the profile
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * The device in which the resource is defined
+     */
+    device?: pulumi.Input<string>;
+    /**
+     * Discard ICMP packets that are embedded with an error message.
+     */
+    discardIcmpEmbeddedError?: pulumi.Input<boolean>;
+    /**
+     * Flood
+     */
+    flood?: pulumi.Input<inputs.ZoneProtectionProfileFlood>;
+    /**
+     * The folder in which the resource is defined
+     */
+    folder?: pulumi.Input<string>;
+    /**
+     * Discard fragmented IP packets.
+     */
+    fragmentedTrafficDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets that consist of ICMP fragments.
+     */
+    icmpFragDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard ICMP packets that are larger than 1024 bytes.
+     */
+    icmpLargePacketDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets if the ICMP ping packet has an identifier value of 0.
+     */
+    icmpPingZeroIdDiscard?: pulumi.Input<boolean>;
+    /**
+     * Ipv6
+     */
+    ipv6?: pulumi.Input<inputs.ZoneProtectionProfileIpv6>;
+    /**
+     * L2 sec group tag protection
+     */
+    l2SecGroupTagProtection?: pulumi.Input<inputs.ZoneProtectionProfileL2SecGroupTagProtection>;
+    /**
+     * Discard packets with the Loose Source Routing IP option set. Loose Source Routing is an option whereby a source of a datagram provides routing information and a gateway or host is allowed to choose any route of a number of intermediate gateways to get the datagram to the next address in the route.
+     */
+    looseSourceRoutingDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets if they have incorrect combinations of class, number, and length based on RFCs 791, 1108, 1393, and 2113.
+     */
+    malformedOptionDiscard?: pulumi.Input<boolean>;
+    /**
+     * Drop packets with mismatched overlapping TCP segments.
+     */
+    mismatchedOverlappingTcpSegmentDiscard?: pulumi.Input<boolean>;
+    /**
+     * MPTCP is an extension of TCP that allows a client to maintain a connection by simultaneously using multiple paths to connect to the destination host. By default, MPTCP support is disabled, based on the global MPTCP setting.  Review or adjust the MPTCP settings for the security zones associated with this profile:
+     * * `no` — Enable MPTCP support (do not strip the MPTCP option).
+     * * `yes` — Disable MPTCP support (strip the MPTCP option). With this configured, MPTCP connections are converted to standard TCP connections, as MPTCP is backwards compatible with TCP.
+     * * `global` — Support MPTCP based on the global MPTCP setting. By default, the global MPTCP setting is set to yes so that MPTCP is disabled (the MPTCP option is stripped from the packet).
+     */
+    mptcpOptionStrip?: pulumi.Input<string>;
+    /**
+     * The profile name
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * Non ip protocol
+     */
+    nonIpProtocol?: pulumi.Input<inputs.ZoneProtectionProfileNonIpProtocol>;
+    /**
+     * Discard packets with the Record Route IP option set. When a datagram has this option, each router that routes the datagram adds its own IP address to the header, thus providing the path to the recipient.
+     */
+    recordRouteDiscard?: pulumi.Input<boolean>;
+    /**
+     * Determine whether to reject the packet if the first packet for the TCP session setup is not a SYN packet:
+     * * `global` — Use system-wide setting that is assigned through the CLI.
+     * * `yes` — Reject non-SYN TCP.
+     * * `no` — Accept non-SYN TCP.
+     */
+    rejectNonSynTcp?: pulumi.Input<string>;
+    /**
+     * Scan white list
+     */
+    scanWhiteLists?: pulumi.Input<pulumi.Input<inputs.ZoneProtectionProfileScanWhiteList>[]>;
+    /**
+     * Scan
+     */
+    scans?: pulumi.Input<pulumi.Input<inputs.ZoneProtectionProfileScan>[]>;
+    /**
+     * Discard packets if the security option is defined.
+     */
+    securityDiscard?: pulumi.Input<boolean>;
+    /**
+     * The snippet in which the resource is defined
+     */
+    snippet?: pulumi.Input<string>;
+    /**
+     * Check that the source IP address of the ingress packet is routable and the routing interface is in the same zone as the ingress interface. If either condition is not true, discard the packet.
+     */
+    spoofedIpDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets if the Stream ID option is defined.
+     */
+    streamIdDiscard?: pulumi.Input<boolean>;
+    /**
+     * Check that both conditions are true:
+     * * The source IP address is not the subnet broadcast IP address of the ingress interface.
+     * * The source IP address is routable over the exact ingress interface.
+     * If either condition is not true, discard the packet.
+     */
+    strictIpCheck?: pulumi.Input<boolean>;
+    /**
+     * Discard packets with the Strict Source Routing IP option set. Strict Source Routing is an option whereby a source of a datagram provides routing information through which a gateway or host must send the datagram.
+     */
+    strictSourceRoutingDiscard?: pulumi.Input<boolean>;
+    /**
+     * Stop sending ICMP fragmentation needed messages in response to packets that exceed the interface MTU and have the do not fragment (DF) bit set. This setting will interfere with the PMTUD process performed by hosts behind the firewall.
+     */
+    suppressIcmpNeedfrag?: pulumi.Input<boolean>;
+    /**
+     * Stop sending ICMP TTL expired messages.
+     */
+    suppressIcmpTimeexceeded?: pulumi.Input<boolean>;
+    /**
+     * Strip the TCP Fast Open option (and data payload, if any) from the TCP SYN or SYN-ACK packet during a TCP three-way handshake.
+     */
+    tcpFastOpenAndDataStrip?: pulumi.Input<boolean>;
+    /**
+     * Drop packets with split handshakes.
+     */
+    tcpHandshakeDiscard?: pulumi.Input<boolean>;
+    /**
+     * Prevent a TCP session from being established if the TCP SYN packet contains data during a three-way handshake.
+     */
+    tcpSynWithDataDiscard?: pulumi.Input<boolean>;
+    /**
+     * Prevent a TCP session from being established if the TCP SYN-ACK packet contains data during a three-way handshake.
+     */
+    tcpSynackWithDataDiscard?: pulumi.Input<boolean>;
+    /**
+     * Determine whether the packet has a TCP timestamp in the header and, if it does, strip the timestamp from the header.
+     */
+    tcpTimestampStrip?: pulumi.Input<boolean>;
+    tfid?: pulumi.Input<string>;
+    /**
+     * Discard packets with the Timestamp IP option set.
+     */
+    timestampDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets if the class and number are unknown.
+     */
+    unknownOptionDiscard?: pulumi.Input<boolean>;
+}
+/**
+ * The set of arguments for constructing a ZoneProtectionProfile resource.
+ */
+export interface ZoneProtectionProfileArgs {
+    /**
+     * Determine whether to drop or bypass packets that contain out-of-sync ACKs or out-of-window sequence numbers:
+     * * `global` — Use system-wide setting that is assigned through TCP Settings or the CLI.
+     * * `drop` — Drop packets that contain an asymmetric path.
+     * * `bypass` — Bypass scanning on packets that contain an asymmetric path.
+     */
+    asymmetricPath?: pulumi.Input<string>;
+    /**
+     * The description of the profile
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * The device in which the resource is defined
+     */
+    device?: pulumi.Input<string>;
+    /**
+     * Discard ICMP packets that are embedded with an error message.
+     */
+    discardIcmpEmbeddedError?: pulumi.Input<boolean>;
+    /**
+     * Flood
+     */
+    flood?: pulumi.Input<inputs.ZoneProtectionProfileFlood>;
+    /**
+     * The folder in which the resource is defined
+     */
+    folder?: pulumi.Input<string>;
+    /**
+     * Discard fragmented IP packets.
+     */
+    fragmentedTrafficDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets that consist of ICMP fragments.
+     */
+    icmpFragDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard ICMP packets that are larger than 1024 bytes.
+     */
+    icmpLargePacketDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets if the ICMP ping packet has an identifier value of 0.
+     */
+    icmpPingZeroIdDiscard?: pulumi.Input<boolean>;
+    /**
+     * Ipv6
+     */
+    ipv6?: pulumi.Input<inputs.ZoneProtectionProfileIpv6>;
+    /**
+     * L2 sec group tag protection
+     */
+    l2SecGroupTagProtection?: pulumi.Input<inputs.ZoneProtectionProfileL2SecGroupTagProtection>;
+    /**
+     * Discard packets with the Loose Source Routing IP option set. Loose Source Routing is an option whereby a source of a datagram provides routing information and a gateway or host is allowed to choose any route of a number of intermediate gateways to get the datagram to the next address in the route.
+     */
+    looseSourceRoutingDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets if they have incorrect combinations of class, number, and length based on RFCs 791, 1108, 1393, and 2113.
+     */
+    malformedOptionDiscard?: pulumi.Input<boolean>;
+    /**
+     * Drop packets with mismatched overlapping TCP segments.
+     */
+    mismatchedOverlappingTcpSegmentDiscard?: pulumi.Input<boolean>;
+    /**
+     * MPTCP is an extension of TCP that allows a client to maintain a connection by simultaneously using multiple paths to connect to the destination host. By default, MPTCP support is disabled, based on the global MPTCP setting.  Review or adjust the MPTCP settings for the security zones associated with this profile:
+     * * `no` — Enable MPTCP support (do not strip the MPTCP option).
+     * * `yes` — Disable MPTCP support (strip the MPTCP option). With this configured, MPTCP connections are converted to standard TCP connections, as MPTCP is backwards compatible with TCP.
+     * * `global` — Support MPTCP based on the global MPTCP setting. By default, the global MPTCP setting is set to yes so that MPTCP is disabled (the MPTCP option is stripped from the packet).
+     */
+    mptcpOptionStrip?: pulumi.Input<string>;
+    /**
+     * The profile name
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * Non ip protocol
+     */
+    nonIpProtocol?: pulumi.Input<inputs.ZoneProtectionProfileNonIpProtocol>;
+    /**
+     * Discard packets with the Record Route IP option set. When a datagram has this option, each router that routes the datagram adds its own IP address to the header, thus providing the path to the recipient.
+     */
+    recordRouteDiscard?: pulumi.Input<boolean>;
+    /**
+     * Determine whether to reject the packet if the first packet for the TCP session setup is not a SYN packet:
+     * * `global` — Use system-wide setting that is assigned through the CLI.
+     * * `yes` — Reject non-SYN TCP.
+     * * `no` — Accept non-SYN TCP.
+     */
+    rejectNonSynTcp?: pulumi.Input<string>;
+    /**
+     * Scan white list
+     */
+    scanWhiteLists?: pulumi.Input<pulumi.Input<inputs.ZoneProtectionProfileScanWhiteList>[]>;
+    /**
+     * Scan
+     */
+    scans?: pulumi.Input<pulumi.Input<inputs.ZoneProtectionProfileScan>[]>;
+    /**
+     * Discard packets if the security option is defined.
+     */
+    securityDiscard?: pulumi.Input<boolean>;
+    /**
+     * The snippet in which the resource is defined
+     */
+    snippet?: pulumi.Input<string>;
+    /**
+     * Check that the source IP address of the ingress packet is routable and the routing interface is in the same zone as the ingress interface. If either condition is not true, discard the packet.
+     */
+    spoofedIpDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets if the Stream ID option is defined.
+     */
+    streamIdDiscard?: pulumi.Input<boolean>;
+    /**
+     * Check that both conditions are true:
+     * * The source IP address is not the subnet broadcast IP address of the ingress interface.
+     * * The source IP address is routable over the exact ingress interface.
+     * If either condition is not true, discard the packet.
+     */
+    strictIpCheck?: pulumi.Input<boolean>;
+    /**
+     * Discard packets with the Strict Source Routing IP option set. Strict Source Routing is an option whereby a source of a datagram provides routing information through which a gateway or host must send the datagram.
+     */
+    strictSourceRoutingDiscard?: pulumi.Input<boolean>;
+    /**
+     * Stop sending ICMP fragmentation needed messages in response to packets that exceed the interface MTU and have the do not fragment (DF) bit set. This setting will interfere with the PMTUD process performed by hosts behind the firewall.
+     */
+    suppressIcmpNeedfrag?: pulumi.Input<boolean>;
+    /**
+     * Stop sending ICMP TTL expired messages.
+     */
+    suppressIcmpTimeexceeded?: pulumi.Input<boolean>;
+    /**
+     * Strip the TCP Fast Open option (and data payload, if any) from the TCP SYN or SYN-ACK packet during a TCP three-way handshake.
+     */
+    tcpFastOpenAndDataStrip?: pulumi.Input<boolean>;
+    /**
+     * Drop packets with split handshakes.
+     */
+    tcpHandshakeDiscard?: pulumi.Input<boolean>;
+    /**
+     * Prevent a TCP session from being established if the TCP SYN packet contains data during a three-way handshake.
+     */
+    tcpSynWithDataDiscard?: pulumi.Input<boolean>;
+    /**
+     * Prevent a TCP session from being established if the TCP SYN-ACK packet contains data during a three-way handshake.
+     */
+    tcpSynackWithDataDiscard?: pulumi.Input<boolean>;
+    /**
+     * Determine whether the packet has a TCP timestamp in the header and, if it does, strip the timestamp from the header.
+     */
+    tcpTimestampStrip?: pulumi.Input<boolean>;
+    /**
+     * Discard packets with the Timestamp IP option set.
+     */
+    timestampDiscard?: pulumi.Input<boolean>;
+    /**
+     * Discard packets if the class and number are unknown.
+     */
+    unknownOptionDiscard?: pulumi.Input<boolean>;
+}

package/zoneProtectionProfile.js

@@ -0,0 +1,126 @@
+"use strict";
+// *** WARNING: this file was generated by pulumi-language-nodejs. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ZoneProtectionProfile = void 0;
+const pulumi = require("@pulumi/pulumi");
+const utilities = require("./utilities");
+/**
+ * ZoneProtectionProfile resource
+ */
+class ZoneProtectionProfile extends pulumi.CustomResource {
+    /**
+     * Get an existing ZoneProtectionProfile resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name, id, state, opts) {
+        return new ZoneProtectionProfile(name, state, { ...opts, id: id });
+    }
+    /**
+     * Returns true if the given object is an instance of ZoneProtectionProfile.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj) {
+        if (obj === undefined || obj === null) {
+            return false;
+        }
+        return obj['__pulumiType'] === ZoneProtectionProfile.__pulumiType;
+    }
+    constructor(name, argsOrState, opts) {
+        let resourceInputs = {};
+        opts = opts || {};
+        if (opts.id) {
+            const state = argsOrState;
+            resourceInputs["asymmetricPath"] = state?.asymmetricPath;
+            resourceInputs["description"] = state?.description;
+            resourceInputs["device"] = state?.device;
+            resourceInputs["discardIcmpEmbeddedError"] = state?.discardIcmpEmbeddedError;
+            resourceInputs["flood"] = state?.flood;
+            resourceInputs["folder"] = state?.folder;
+            resourceInputs["fragmentedTrafficDiscard"] = state?.fragmentedTrafficDiscard;
+            resourceInputs["icmpFragDiscard"] = state?.icmpFragDiscard;
+            resourceInputs["icmpLargePacketDiscard"] = state?.icmpLargePacketDiscard;
+            resourceInputs["icmpPingZeroIdDiscard"] = state?.icmpPingZeroIdDiscard;
+            resourceInputs["ipv6"] = state?.ipv6;
+            resourceInputs["l2SecGroupTagProtection"] = state?.l2SecGroupTagProtection;
+            resourceInputs["looseSourceRoutingDiscard"] = state?.looseSourceRoutingDiscard;
+            resourceInputs["malformedOptionDiscard"] = state?.malformedOptionDiscard;
+            resourceInputs["mismatchedOverlappingTcpSegmentDiscard"] = state?.mismatchedOverlappingTcpSegmentDiscard;
+            resourceInputs["mptcpOptionStrip"] = state?.mptcpOptionStrip;
+            resourceInputs["name"] = state?.name;
+            resourceInputs["nonIpProtocol"] = state?.nonIpProtocol;
+            resourceInputs["recordRouteDiscard"] = state?.recordRouteDiscard;
+            resourceInputs["rejectNonSynTcp"] = state?.rejectNonSynTcp;
+            resourceInputs["scanWhiteLists"] = state?.scanWhiteLists;
+            resourceInputs["scans"] = state?.scans;
+            resourceInputs["securityDiscard"] = state?.securityDiscard;
+            resourceInputs["snippet"] = state?.snippet;
+            resourceInputs["spoofedIpDiscard"] = state?.spoofedIpDiscard;
+            resourceInputs["streamIdDiscard"] = state?.streamIdDiscard;
+            resourceInputs["strictIpCheck"] = state?.strictIpCheck;
+            resourceInputs["strictSourceRoutingDiscard"] = state?.strictSourceRoutingDiscard;
+            resourceInputs["suppressIcmpNeedfrag"] = state?.suppressIcmpNeedfrag;
+            resourceInputs["suppressIcmpTimeexceeded"] = state?.suppressIcmpTimeexceeded;
+            resourceInputs["tcpFastOpenAndDataStrip"] = state?.tcpFastOpenAndDataStrip;
+            resourceInputs["tcpHandshakeDiscard"] = state?.tcpHandshakeDiscard;
+            resourceInputs["tcpSynWithDataDiscard"] = state?.tcpSynWithDataDiscard;
+            resourceInputs["tcpSynackWithDataDiscard"] = state?.tcpSynackWithDataDiscard;
+            resourceInputs["tcpTimestampStrip"] = state?.tcpTimestampStrip;
+            resourceInputs["tfid"] = state?.tfid;
+            resourceInputs["timestampDiscard"] = state?.timestampDiscard;
+            resourceInputs["unknownOptionDiscard"] = state?.unknownOptionDiscard;
+        }
+        else {
+            const args = argsOrState;
+            resourceInputs["asymmetricPath"] = args?.asymmetricPath;
+            resourceInputs["description"] = args?.description;
+            resourceInputs["device"] = args?.device;
+            resourceInputs["discardIcmpEmbeddedError"] = args?.discardIcmpEmbeddedError;
+            resourceInputs["flood"] = args?.flood;
+            resourceInputs["folder"] = args?.folder;
+            resourceInputs["fragmentedTrafficDiscard"] = args?.fragmentedTrafficDiscard;
+            resourceInputs["icmpFragDiscard"] = args?.icmpFragDiscard;
+            resourceInputs["icmpLargePacketDiscard"] = args?.icmpLargePacketDiscard;
+            resourceInputs["icmpPingZeroIdDiscard"] = args?.icmpPingZeroIdDiscard;
+            resourceInputs["ipv6"] = args?.ipv6;
+            resourceInputs["l2SecGroupTagProtection"] = args?.l2SecGroupTagProtection;
+            resourceInputs["looseSourceRoutingDiscard"] = args?.looseSourceRoutingDiscard;
+            resourceInputs["malformedOptionDiscard"] = args?.malformedOptionDiscard;
+            resourceInputs["mismatchedOverlappingTcpSegmentDiscard"] = args?.mismatchedOverlappingTcpSegmentDiscard;
+            resourceInputs["mptcpOptionStrip"] = args?.mptcpOptionStrip;
+            resourceInputs["name"] = args?.name;
+            resourceInputs["nonIpProtocol"] = args?.nonIpProtocol;
+            resourceInputs["recordRouteDiscard"] = args?.recordRouteDiscard;
+            resourceInputs["rejectNonSynTcp"] = args?.rejectNonSynTcp;
+            resourceInputs["scanWhiteLists"] = args?.scanWhiteLists;
+            resourceInputs["scans"] = args?.scans;
+            resourceInputs["securityDiscard"] = args?.securityDiscard;
+            resourceInputs["snippet"] = args?.snippet;
+            resourceInputs["spoofedIpDiscard"] = args?.spoofedIpDiscard;
+            resourceInputs["streamIdDiscard"] = args?.streamIdDiscard;
+            resourceInputs["strictIpCheck"] = args?.strictIpCheck;
+            resourceInputs["strictSourceRoutingDiscard"] = args?.strictSourceRoutingDiscard;
+            resourceInputs["suppressIcmpNeedfrag"] = args?.suppressIcmpNeedfrag;
+            resourceInputs["suppressIcmpTimeexceeded"] = args?.suppressIcmpTimeexceeded;
+            resourceInputs["tcpFastOpenAndDataStrip"] = args?.tcpFastOpenAndDataStrip;
+            resourceInputs["tcpHandshakeDiscard"] = args?.tcpHandshakeDiscard;
+            resourceInputs["tcpSynWithDataDiscard"] = args?.tcpSynWithDataDiscard;
+            resourceInputs["tcpSynackWithDataDiscard"] = args?.tcpSynackWithDataDiscard;
+            resourceInputs["tcpTimestampStrip"] = args?.tcpTimestampStrip;
+            resourceInputs["timestampDiscard"] = args?.timestampDiscard;
+            resourceInputs["unknownOptionDiscard"] = args?.unknownOptionDiscard;
+            resourceInputs["tfid"] = undefined /*out*/;
+        }
+        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
+        super(ZoneProtectionProfile.__pulumiType, name, resourceInputs, opts);
+    }
+}
+exports.ZoneProtectionProfile = ZoneProtectionProfile;
+/** @internal */
+ZoneProtectionProfile.__pulumiType = 'scm:index/zoneProtectionProfile:ZoneProtectionProfile';
+//# sourceMappingURL=zoneProtectionProfile.js.map

package/zoneProtectionProfile.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"zoneProtectionProfile.js","sourceRoot":"","sources":["../zoneProtectionProfile.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;GAEG;AACH,MAAa,qBAAsB,SAAQ,MAAM,CAAC,cAAc;IAC5D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAkC,EAAE,IAAmC;QAChI,OAAO,IAAI,qBAAqB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC5E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,qBAAqB,CAAC,YAAY,CAAC;IACtE,CAAC;IA4KD,YAAY,IAAY,EAAE,WAAoE,EAAE,IAAmC;QAC/H,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAqD,CAAC;YACpE,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,EAAE,uBAAuB,CAAC;YAC3E,cAAc,CAAC,2BAA2B,CAAC,GAAG,KAAK,EAAE,yBAAyB,CAAC;YAC/E,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,wCAAwC,CAAC,GAAG,KAAK,EAAE,sCAAsC,CAAC;YACzG,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,EAAE,kBAAkB,CAAC;YACjE,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,4BAA4B,CAAC,GAAG,KAAK,EAAE,0BAA0B,CAAC;YACjF,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,EAAE,oBAAoB,CAAC;YACrE,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,EAAE,uBAAuB,CAAC;YAC3E,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,EAAE,mBAAmB,CAAC;YACnE,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,EAAE,oBAAoB,CAAC;SACxE;aAAM;YACH,MAAM,IAAI,GAAG,WAAoD,CAAC;YAClE,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,EAAE,KAAK,CAAC;YACtC,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,EAAE,uBAAuB,CAAC;YAC1E,cAAc,CAAC,2BAA2B,CAAC,GAAG,IAAI,EAAE,yBAAyB,CAAC;YAC9E,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,wCAAwC,CAAC,GAAG,IAAI,EAAE,sCAAsC,CAAC;YACxG,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,EAAE,kBAAkB,CAAC;YAChE,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,EAAE,KAAK,CAAC;YACtC,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,4BAA4B,CAAC,GAAG,IAAI,EAAE,0BAA0B,CAAC;YAChF,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,EAAE,oBAAoB,CAAC;YACpE,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,EAAE,uBAAuB,CAAC;YAC1E,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,EAAE,mBAAmB,CAAC;YAClE,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,EAAE,oBAAoB,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC9C;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,qBAAqB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC1E,CAAC;;AA5RL,sDA6RC;AA/QG,gBAAgB;AACO,kCAAY,GAAG,uDAAuD,CAAC"}