@pulumi/scm 0.4.2 → 0.4.3

package/authenticationRule.d.ts

@@ -1,6 +1,6 @@
 import * as pulumi from "@pulumi/pulumi";
 /**
- * Retrieves a config item.
+ * AuthenticationRule resource
  *
  * ## Example Usage
  *
@@ -8,7 +8,97 @@ import * as pulumi from "@pulumi/pulumi";
  * import * as pulumi from "@pulumi/pulumi";
  * import * as scm from "@pulumi/scm";
  *
- * const example = new scm.AuthenticationRule("example", {});
+ * const appAccessTag = new scm.Tag("app_access_tag", {
+ *     folder: "All",
+ *     name: "app-access-test_25",
+ *     color: "Blue",
+ * });
+ * // -----------------------------------------------------------------------------
+ * // 2. ANCHOR RULE (Used for relative positioning by other rules)
+ * // -----------------------------------------------------------------------------
+ * const anchorRule = new scm.AuthenticationRule("anchor_rule", {
+ *     name: "test_anchor_rule_251",
+ *     description: "Base rule. Used to test 'before' and 'after' positioning",
+ *     position: "pre",
+ *     folder: "All",
+ *     destinations: ["any"],
+ *     froms: ["any"],
+ *     tos: ["any"],
+ *     sources: ["any"],
+ *     services: [
+ *         "service-http",
+ *         "service-https",
+ *     ],
+ *     sourceUsers: ["any"],
+ *     timeout: 1200,
+ *     negateSource: false,
+ *     negateDestination: false,
+ *     tags: [appAccessTag.name],
+ *     categories: ["any"],
+ *     destinationHips: ["any"],
+ *     logAuthenticationTimeout: false,
+ *     disabled: false,
+ * });
+ * // # -----------------------------------------------------------------------------
+ * // # 3. ABSOLUTE POSITIONING Examples ("top" and "bottom")
+ * // # -----------------------------------------------------------------------------
+ * const ruleTopOfList = new scm.AuthenticationRule("rule_top_of_list", {
+ *     name: "test_top_rule_25",
+ *     description: "Placed at the very top of the 'pre' rulebase.",
+ *     folder: "All",
+ *     position: "pre",
+ *     relativePosition: "top",
+ *     destinations: ["any"],
+ *     froms: ["untrust"],
+ *     tos: ["trust"],
+ *     sources: ["any"],
+ *     services: ["any"],
+ *     sourceUsers: ["any"],
+ * });
+ * const ruleBottomOfList = new scm.AuthenticationRule("rule_bottom_of_list", {
+ *     name: "test_bottom_rule_25",
+ *     description: "Placed at the very bottom of the 'pre' rulebase.",
+ *     folder: "All",
+ *     position: "pre",
+ *     relativePosition: "bottom",
+ *     destinations: ["any"],
+ *     froms: ["any"],
+ *     tos: ["any"],
+ *     sources: ["any"],
+ *     services: ["any"],
+ *     sourceUsers: ["any"],
+ * });
+ * // -----------------------------------------------------------------------------
+ * // 4. RELATIVE POSITIONING Examples ("before" and "after")
+ * // -----------------------------------------------------------------------------
+ * const ruleBeforeAnchor = new scm.AuthenticationRule("rule_before_anchor", {
+ *     name: "test_before_rule_25_updating",
+ *     description: "Positioned immediately BEFORE the anchor_rule.",
+ *     folder: "All",
+ *     position: "pre",
+ *     relativePosition: "before",
+ *     targetRule: anchorRule.id,
+ *     destinations: ["any"],
+ *     froms: ["any"],
+ *     tos: ["any"],
+ *     sources: ["any"],
+ *     services: ["any"],
+ *     sourceUsers: ["any"],
+ * });
+ * const ruleAfterAnchor = new scm.AuthenticationRule("rule_after_anchor", {
+ *     name: "test_after_rule_25",
+ *     description: "Positioned immediately AFTER the anchor_rule.",
+ *     folder: "All",
+ *     position: "pre",
+ *     relativePosition: "after",
+ *     targetRule: anchorRule.id,
+ *     destinations: ["any"],
+ *     froms: ["any"],
+ *     tos: ["any"],
+ *     sources: ["any"],
+ *     services: ["any"],
+ *     sourceUsers: ["any"],
+ * });
  * ```
  */
 export declare class AuthenticationRule extends pulumi.CustomResource {
@@ -28,106 +118,114 @@ export declare class AuthenticationRule extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is AuthenticationRule;
     /**
-     * the authentication profile name to apply to authentication rule.
+     * The authentication profile name
      */
     readonly authenticationEnforcement: pulumi.Output<string | undefined>;
     /**
-     * The Categories param.
+     * The destination URL categories
      */
     readonly categories: pulumi.Output<string[] | undefined>;
     /**
-     * The Description param.
+     * The description of the authentication rule
      */
     readonly description: pulumi.Output<string | undefined>;
     /**
-     * The DestinationHips param.
+     * The destination Host Integrity Profile (HIP)
      */
     readonly destinationHips: pulumi.Output<string[] | undefined>;
     /**
-     * The Destinations param.
+     * The destination addresses
      */
-    readonly destinations: pulumi.Output<string[] | undefined>;
+    readonly destinations: pulumi.Output<string[]>;
     /**
-     * The Device param.
+     * Device
      */
     readonly device: pulumi.Output<string | undefined>;
     /**
-     * The Disabled param. Default: `false`.
+     * Is the authentication rule disabled?
      */
     readonly disabled: pulumi.Output<boolean>;
     /**
-     * The Folder param.
+     * Folder
      */
     readonly folder: pulumi.Output<string | undefined>;
     /**
-     * The Froms param.
+     * The source security zones
      */
-    readonly froms: pulumi.Output<string[] | undefined>;
+    readonly froms: pulumi.Output<string[]>;
     /**
-     * The GroupTag param.
+     * Group tag
      */
     readonly groupTag: pulumi.Output<string | undefined>;
     /**
-     * The HipProfiles param.
+     * The source Host Integrity Profile (HIP)
      */
     readonly hipProfiles: pulumi.Output<string[] | undefined>;
     /**
-     * The LogAuthenticationTimeout param. Default: `false`.
+     * Log authentication timeouts?
      */
     readonly logAuthenticationTimeout: pulumi.Output<boolean>;
     /**
-     * The LogSetting param.
+     * The log forwarding profile name
      */
     readonly logSetting: pulumi.Output<string | undefined>;
     /**
-     * The Name param.
+     * The name of the authentication rule
      */
     readonly name: pulumi.Output<string>;
     /**
-     * The NegateDestination param. Default: `false`.
+     * Are the destination addresses negated?
      */
     readonly negateDestination: pulumi.Output<boolean>;
     /**
-     * The NegateSource param. Default: `false`.
+     * Are the source addresses negated?
      */
     readonly negateSource: pulumi.Output<boolean>;
     /**
-     * The Position param. String must be one of these: `"pre"`, `"post"`. Default: `"pre"`.
+     * The relative position of the rule
      */
     readonly position: pulumi.Output<string>;
     /**
-     * The Services param.
+     * Relative positioning rule. String must be one of these: `"before"`, `"after"`, `"top"`, `"bottom"`. If not specified, rule is created at the bottom of the ruleset.
      */
-    readonly services: pulumi.Output<string[] | undefined>;
+    readonly relativePosition: pulumi.Output<string | undefined>;
     /**
-     * The Snippet param.
+     * The destination ports
+     */
+    readonly services: pulumi.Output<string[]>;
+    /**
+     * Snippet
      */
     readonly snippet: pulumi.Output<string | undefined>;
     /**
-     * The SourceHips param.
+     * The source Host Integrity Profile (HIP)
      */
     readonly sourceHips: pulumi.Output<string[] | undefined>;
     /**
-     * The SourceUsers param.
+     * The source users
      */
     readonly sourceUsers: pulumi.Output<string[] | undefined>;
     /**
-     * The Sources param.
+     * The source addresses
      */
-    readonly sources: pulumi.Output<string[] | undefined>;
+    readonly sources: pulumi.Output<string[]>;
     /**
-     * The Tags param.
+     * The authentication rule tags
      */
     readonly tags: pulumi.Output<string[] | undefined>;
+    /**
+     * The name or UUID of the rule to position this rule relative to. Required when `relativePosition` is `"before"` or `"after"`.
+     */
+    readonly targetRule: pulumi.Output<string | undefined>;
     readonly tfid: pulumi.Output<string>;
     /**
-     * The Timeout param. Value must be between 1 and 1440.
+     * The authentication session timeout (seconds)
      */
     readonly timeout: pulumi.Output<number | undefined>;
     /**
-     * The Tos param.
+     * The destination security zones
      */
-    readonly tos: pulumi.Output<string[] | undefined>;
+    readonly tos: pulumi.Output<string[]>;
     /**
      * Create a AuthenticationRule resource with the given unique name, arguments, and options.
      *
@@ -135,111 +233,119 @@ export declare class AuthenticationRule extends pulumi.CustomResource {
      * @param args The arguments to use to populate this resource's properties.
      * @param opts A bag of options that control this resource's behavior.
      */
-    constructor(name: string, args?: AuthenticationRuleArgs, opts?: pulumi.CustomResourceOptions);
+    constructor(name: string, args: AuthenticationRuleArgs, opts?: pulumi.CustomResourceOptions);
 }
 /**
  * Input properties used for looking up and filtering AuthenticationRule resources.
  */
 export interface AuthenticationRuleState {
     /**
-     * the authentication profile name to apply to authentication rule.
+     * The authentication profile name
      */
     authenticationEnforcement?: pulumi.Input<string>;
     /**
-     * The Categories param.
+     * The destination URL categories
      */
     categories?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Description param.
+     * The description of the authentication rule
      */
     description?: pulumi.Input<string>;
     /**
-     * The DestinationHips param.
+     * The destination Host Integrity Profile (HIP)
      */
     destinationHips?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Destinations param.
+     * The destination addresses
      */
     destinations?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Device param.
+     * Device
      */
     device?: pulumi.Input<string>;
     /**
-     * The Disabled param. Default: `false`.
+     * Is the authentication rule disabled?
      */
     disabled?: pulumi.Input<boolean>;
     /**
-     * The Folder param.
+     * Folder
      */
     folder?: pulumi.Input<string>;
     /**
-     * The Froms param.
+     * The source security zones
      */
     froms?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The GroupTag param.
+     * Group tag
      */
     groupTag?: pulumi.Input<string>;
     /**
-     * The HipProfiles param.
+     * The source Host Integrity Profile (HIP)
      */
     hipProfiles?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The LogAuthenticationTimeout param. Default: `false`.
+     * Log authentication timeouts?
      */
     logAuthenticationTimeout?: pulumi.Input<boolean>;
     /**
-     * The LogSetting param.
+     * The log forwarding profile name
      */
     logSetting?: pulumi.Input<string>;
     /**
-     * The Name param.
+     * The name of the authentication rule
      */
     name?: pulumi.Input<string>;
     /**
-     * The NegateDestination param. Default: `false`.
+     * Are the destination addresses negated?
      */
     negateDestination?: pulumi.Input<boolean>;
     /**
-     * The NegateSource param. Default: `false`.
+     * Are the source addresses negated?
      */
     negateSource?: pulumi.Input<boolean>;
     /**
-     * The Position param. String must be one of these: `"pre"`, `"post"`. Default: `"pre"`.
+     * The relative position of the rule
      */
     position?: pulumi.Input<string>;
     /**
-     * The Services param.
+     * Relative positioning rule. String must be one of these: `"before"`, `"after"`, `"top"`, `"bottom"`. If not specified, rule is created at the bottom of the ruleset.
+     */
+    relativePosition?: pulumi.Input<string>;
+    /**
+     * The destination ports
      */
     services?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Snippet param.
+     * Snippet
      */
     snippet?: pulumi.Input<string>;
     /**
-     * The SourceHips param.
+     * The source Host Integrity Profile (HIP)
      */
     sourceHips?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The SourceUsers param.
+     * The source users
      */
     sourceUsers?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Sources param.
+     * The source addresses
      */
     sources?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Tags param.
+     * The authentication rule tags
      */
     tags?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The name or UUID of the rule to position this rule relative to. Required when `relativePosition` is `"before"` or `"after"`.
+     */
+    targetRule?: pulumi.Input<string>;
     tfid?: pulumi.Input<string>;
     /**
-     * The Timeout param. Value must be between 1 and 1440.
+     * The authentication session timeout (seconds)
      */
     timeout?: pulumi.Input<number>;
     /**
-     * The Tos param.
+     * The destination security zones
      */
     tos?: pulumi.Input<pulumi.Input<string>[]>;
 }
@@ -248,103 +354,111 @@ export interface AuthenticationRuleState {
  */
 export interface AuthenticationRuleArgs {
     /**
-     * the authentication profile name to apply to authentication rule.
+     * The authentication profile name
      */
     authenticationEnforcement?: pulumi.Input<string>;
     /**
-     * The Categories param.
+     * The destination URL categories
      */
     categories?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Description param.
+     * The description of the authentication rule
      */
     description?: pulumi.Input<string>;
     /**
-     * The DestinationHips param.
+     * The destination Host Integrity Profile (HIP)
      */
     destinationHips?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Destinations param.
+     * The destination addresses
      */
-    destinations?: pulumi.Input<pulumi.Input<string>[]>;
+    destinations: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Device param.
+     * Device
      */
     device?: pulumi.Input<string>;
     /**
-     * The Disabled param. Default: `false`.
+     * Is the authentication rule disabled?
      */
     disabled?: pulumi.Input<boolean>;
     /**
-     * The Folder param.
+     * Folder
      */
     folder?: pulumi.Input<string>;
     /**
-     * The Froms param.
+     * The source security zones
      */
-    froms?: pulumi.Input<pulumi.Input<string>[]>;
+    froms: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The GroupTag param.
+     * Group tag
      */
     groupTag?: pulumi.Input<string>;
     /**
-     * The HipProfiles param.
+     * The source Host Integrity Profile (HIP)
      */
     hipProfiles?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The LogAuthenticationTimeout param. Default: `false`.
+     * Log authentication timeouts?
      */
     logAuthenticationTimeout?: pulumi.Input<boolean>;
     /**
-     * The LogSetting param.
+     * The log forwarding profile name
      */
     logSetting?: pulumi.Input<string>;
     /**
-     * The Name param.
+     * The name of the authentication rule
      */
     name?: pulumi.Input<string>;
     /**
-     * The NegateDestination param. Default: `false`.
+     * Are the destination addresses negated?
      */
     negateDestination?: pulumi.Input<boolean>;
     /**
-     * The NegateSource param. Default: `false`.
+     * Are the source addresses negated?
      */
     negateSource?: pulumi.Input<boolean>;
     /**
-     * The Position param. String must be one of these: `"pre"`, `"post"`. Default: `"pre"`.
+     * The relative position of the rule
      */
     position?: pulumi.Input<string>;
     /**
-     * The Services param.
+     * Relative positioning rule. String must be one of these: `"before"`, `"after"`, `"top"`, `"bottom"`. If not specified, rule is created at the bottom of the ruleset.
      */
-    services?: pulumi.Input<pulumi.Input<string>[]>;
+    relativePosition?: pulumi.Input<string>;
+    /**
+     * The destination ports
+     */
+    services: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Snippet param.
+     * Snippet
      */
     snippet?: pulumi.Input<string>;
     /**
-     * The SourceHips param.
+     * The source Host Integrity Profile (HIP)
      */
     sourceHips?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The SourceUsers param.
+     * The source users
      */
     sourceUsers?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Sources param.
+     * The source addresses
      */
-    sources?: pulumi.Input<pulumi.Input<string>[]>;
+    sources: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Tags param.
+     * The authentication rule tags
      */
     tags?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * The Timeout param. Value must be between 1 and 1440.
+     * The name or UUID of the rule to position this rule relative to. Required when `relativePosition` is `"before"` or `"after"`.
+     */
+    targetRule?: pulumi.Input<string>;
+    /**
+     * The authentication session timeout (seconds)
      */
     timeout?: pulumi.Input<number>;
     /**
-     * The Tos param.
+     * The destination security zones
      */
-    tos?: pulumi.Input<pulumi.Input<string>[]>;
+    tos: pulumi.Input<pulumi.Input<string>[]>;
 }