pulumi-cloudngfwaws 0.2.0a1759529059__py3-none-any.whl → 1.0.0a1759959360__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pulumi-cloudngfwaws might be problematic. Click here for more details.
- pulumi_cloudngfwaws/_inputs.py +774 -107
- pulumi_cloudngfwaws/config/__init__.pyi +5 -2
- pulumi_cloudngfwaws/config/vars.py +7 -4
- pulumi_cloudngfwaws/get_ngfw.py +112 -36
- pulumi_cloudngfwaws/get_ngfw_log_profile.py +64 -8
- pulumi_cloudngfwaws/get_ngfws.py +23 -3
- pulumi_cloudngfwaws/ngfw.py +410 -119
- pulumi_cloudngfwaws/ngfw_log_profile.py +271 -108
- pulumi_cloudngfwaws/outputs.py +1131 -234
- pulumi_cloudngfwaws/provider.py +29 -16
- pulumi_cloudngfwaws/pulumi-plugin.json +1 -1
- {pulumi_cloudngfwaws-0.2.0a1759529059.dist-info → pulumi_cloudngfwaws-1.0.0a1759959360.dist-info}/METADATA +1 -1
- {pulumi_cloudngfwaws-0.2.0a1759529059.dist-info → pulumi_cloudngfwaws-1.0.0a1759959360.dist-info}/RECORD +15 -15
- {pulumi_cloudngfwaws-0.2.0a1759529059.dist-info → pulumi_cloudngfwaws-1.0.0a1759959360.dist-info}/WHEEL +0 -0
- {pulumi_cloudngfwaws-0.2.0a1759529059.dist-info → pulumi_cloudngfwaws-1.0.0a1759959360.dist-info}/top_level.txt +0 -0
pulumi_cloudngfwaws/outputs.py
CHANGED
|
@@ -16,19 +16,35 @@ from . import _utilities
|
|
|
16
16
|
from . import outputs
|
|
17
17
|
|
|
18
18
|
__all__ = [
|
|
19
|
+
'NgfwEgressNat',
|
|
20
|
+
'NgfwEgressNatSetting',
|
|
21
|
+
'NgfwEndpoint',
|
|
22
|
+
'NgfwEndpointPrefix',
|
|
23
|
+
'NgfwEndpointPrefixPrivatePrefix',
|
|
24
|
+
'NgfwLogProfileLogConfig',
|
|
19
25
|
'NgfwLogProfileLogDestination',
|
|
26
|
+
'NgfwPrivateAccess',
|
|
20
27
|
'NgfwStatus',
|
|
21
|
-
'NgfwStatusAttachment',
|
|
22
28
|
'NgfwSubnetMapping',
|
|
29
|
+
'NgfwUserId',
|
|
30
|
+
'NgfwUserIdCustomIncludeExcludeNetwork',
|
|
23
31
|
'RulestackProfileConfig',
|
|
24
32
|
'SecurityRuleCategory',
|
|
25
33
|
'SecurityRuleDestination',
|
|
26
34
|
'SecurityRuleSource',
|
|
27
35
|
'GetAccountsAccountDetailResult',
|
|
36
|
+
'GetNgfwEgressNatResult',
|
|
37
|
+
'GetNgfwEgressNatSettingResult',
|
|
38
|
+
'GetNgfwEndpointResult',
|
|
39
|
+
'GetNgfwEndpointPrefixResult',
|
|
40
|
+
'GetNgfwEndpointPrefixPrivatePrefixResult',
|
|
41
|
+
'GetNgfwLogProfileLogConfigResult',
|
|
28
42
|
'GetNgfwLogProfileLogDestinationResult',
|
|
43
|
+
'GetNgfwPrivateAccessResult',
|
|
29
44
|
'GetNgfwStatusResult',
|
|
30
|
-
'GetNgfwStatusAttachmentResult',
|
|
31
45
|
'GetNgfwSubnetMappingResult',
|
|
46
|
+
'GetNgfwUserIdResult',
|
|
47
|
+
'GetNgfwUserIdCustomIncludeExcludeNetworkResult',
|
|
32
48
|
'GetNgfwsInstanceResult',
|
|
33
49
|
'GetRulestackProfileConfigResult',
|
|
34
50
|
'GetSecurityRuleCategoryResult',
|
|
@@ -36,6 +52,365 @@ __all__ = [
|
|
|
36
52
|
'GetSecurityRuleSourceResult',
|
|
37
53
|
]
|
|
38
54
|
|
|
55
|
+
@pulumi.output_type
|
|
56
|
+
class NgfwEgressNat(dict):
|
|
57
|
+
def __init__(__self__, *,
|
|
58
|
+
enabled: _builtins.bool,
|
|
59
|
+
settings: Optional[Sequence['outputs.NgfwEgressNatSetting']] = None):
|
|
60
|
+
"""
|
|
61
|
+
:param _builtins.bool enabled: Enable egress NAT
|
|
62
|
+
"""
|
|
63
|
+
pulumi.set(__self__, "enabled", enabled)
|
|
64
|
+
if settings is not None:
|
|
65
|
+
pulumi.set(__self__, "settings", settings)
|
|
66
|
+
|
|
67
|
+
@_builtins.property
|
|
68
|
+
@pulumi.getter
|
|
69
|
+
def enabled(self) -> _builtins.bool:
|
|
70
|
+
"""
|
|
71
|
+
Enable egress NAT
|
|
72
|
+
"""
|
|
73
|
+
return pulumi.get(self, "enabled")
|
|
74
|
+
|
|
75
|
+
@_builtins.property
|
|
76
|
+
@pulumi.getter
|
|
77
|
+
def settings(self) -> Optional[Sequence['outputs.NgfwEgressNatSetting']]:
|
|
78
|
+
return pulumi.get(self, "settings")
|
|
79
|
+
|
|
80
|
+
|
|
81
|
+
@pulumi.output_type
|
|
82
|
+
class NgfwEgressNatSetting(dict):
|
|
83
|
+
@staticmethod
|
|
84
|
+
def __key_warning(key: str):
|
|
85
|
+
suggest = None
|
|
86
|
+
if key == "ipPoolType":
|
|
87
|
+
suggest = "ip_pool_type"
|
|
88
|
+
elif key == "ipamPoolId":
|
|
89
|
+
suggest = "ipam_pool_id"
|
|
90
|
+
|
|
91
|
+
if suggest:
|
|
92
|
+
pulumi.log.warn(f"Key '{key}' not found in NgfwEgressNatSetting. Access the value via the '{suggest}' property getter instead.")
|
|
93
|
+
|
|
94
|
+
def __getitem__(self, key: str) -> Any:
|
|
95
|
+
NgfwEgressNatSetting.__key_warning(key)
|
|
96
|
+
return super().__getitem__(key)
|
|
97
|
+
|
|
98
|
+
def get(self, key: str, default = None) -> Any:
|
|
99
|
+
NgfwEgressNatSetting.__key_warning(key)
|
|
100
|
+
return super().get(key, default)
|
|
101
|
+
|
|
102
|
+
def __init__(__self__, *,
|
|
103
|
+
ip_pool_type: Optional[_builtins.str] = None,
|
|
104
|
+
ipam_pool_id: Optional[_builtins.str] = None):
|
|
105
|
+
"""
|
|
106
|
+
:param _builtins.str ip_pool_type: Set ip pool type from the following options. Valid values are `AWSService` or `BYOIP`.
|
|
107
|
+
:param _builtins.str ipam_pool_id: The IP pool ID
|
|
108
|
+
"""
|
|
109
|
+
if ip_pool_type is not None:
|
|
110
|
+
pulumi.set(__self__, "ip_pool_type", ip_pool_type)
|
|
111
|
+
if ipam_pool_id is not None:
|
|
112
|
+
pulumi.set(__self__, "ipam_pool_id", ipam_pool_id)
|
|
113
|
+
|
|
114
|
+
@_builtins.property
|
|
115
|
+
@pulumi.getter(name="ipPoolType")
|
|
116
|
+
def ip_pool_type(self) -> Optional[_builtins.str]:
|
|
117
|
+
"""
|
|
118
|
+
Set ip pool type from the following options. Valid values are `AWSService` or `BYOIP`.
|
|
119
|
+
"""
|
|
120
|
+
return pulumi.get(self, "ip_pool_type")
|
|
121
|
+
|
|
122
|
+
@_builtins.property
|
|
123
|
+
@pulumi.getter(name="ipamPoolId")
|
|
124
|
+
def ipam_pool_id(self) -> Optional[_builtins.str]:
|
|
125
|
+
"""
|
|
126
|
+
The IP pool ID
|
|
127
|
+
"""
|
|
128
|
+
return pulumi.get(self, "ipam_pool_id")
|
|
129
|
+
|
|
130
|
+
|
|
131
|
+
@pulumi.output_type
|
|
132
|
+
class NgfwEndpoint(dict):
|
|
133
|
+
@staticmethod
|
|
134
|
+
def __key_warning(key: str):
|
|
135
|
+
suggest = None
|
|
136
|
+
if key == "accountId":
|
|
137
|
+
suggest = "account_id"
|
|
138
|
+
elif key == "egressNatEnabled":
|
|
139
|
+
suggest = "egress_nat_enabled"
|
|
140
|
+
elif key == "endpointId":
|
|
141
|
+
suggest = "endpoint_id"
|
|
142
|
+
elif key == "rejectedReason":
|
|
143
|
+
suggest = "rejected_reason"
|
|
144
|
+
elif key == "subnetId":
|
|
145
|
+
suggest = "subnet_id"
|
|
146
|
+
elif key == "vpcId":
|
|
147
|
+
suggest = "vpc_id"
|
|
148
|
+
elif key == "zoneId":
|
|
149
|
+
suggest = "zone_id"
|
|
150
|
+
|
|
151
|
+
if suggest:
|
|
152
|
+
pulumi.log.warn(f"Key '{key}' not found in NgfwEndpoint. Access the value via the '{suggest}' property getter instead.")
|
|
153
|
+
|
|
154
|
+
def __getitem__(self, key: str) -> Any:
|
|
155
|
+
NgfwEndpoint.__key_warning(key)
|
|
156
|
+
return super().__getitem__(key)
|
|
157
|
+
|
|
158
|
+
def get(self, key: str, default = None) -> Any:
|
|
159
|
+
NgfwEndpoint.__key_warning(key)
|
|
160
|
+
return super().get(key, default)
|
|
161
|
+
|
|
162
|
+
def __init__(__self__, *,
|
|
163
|
+
mode: _builtins.str,
|
|
164
|
+
account_id: Optional[_builtins.str] = None,
|
|
165
|
+
egress_nat_enabled: Optional[_builtins.bool] = None,
|
|
166
|
+
endpoint_id: Optional[_builtins.str] = None,
|
|
167
|
+
prefixes: Optional[Sequence['outputs.NgfwEndpointPrefix']] = None,
|
|
168
|
+
rejected_reason: Optional[_builtins.str] = None,
|
|
169
|
+
status: Optional[_builtins.str] = None,
|
|
170
|
+
subnet_id: Optional[_builtins.str] = None,
|
|
171
|
+
vpc_id: Optional[_builtins.str] = None,
|
|
172
|
+
zone_id: Optional[_builtins.str] = None):
|
|
173
|
+
"""
|
|
174
|
+
:param _builtins.str mode: The endpoint mode. Valid values are `ServiceManaged` or `CustomerManaged`.
|
|
175
|
+
:param _builtins.str account_id: The account id.
|
|
176
|
+
:param _builtins.bool egress_nat_enabled: Enable egress NAT
|
|
177
|
+
:param _builtins.str endpoint_id: Endpoint ID of the security zone
|
|
178
|
+
:param _builtins.str rejected_reason: The rejected reason.
|
|
179
|
+
:param _builtins.str status: The attachment status.
|
|
180
|
+
:param _builtins.str subnet_id: The subnet id.
|
|
181
|
+
:param _builtins.str vpc_id: The vpc id.
|
|
182
|
+
:param _builtins.str zone_id: The AZ id.
|
|
183
|
+
"""
|
|
184
|
+
pulumi.set(__self__, "mode", mode)
|
|
185
|
+
if account_id is not None:
|
|
186
|
+
pulumi.set(__self__, "account_id", account_id)
|
|
187
|
+
if egress_nat_enabled is not None:
|
|
188
|
+
pulumi.set(__self__, "egress_nat_enabled", egress_nat_enabled)
|
|
189
|
+
if endpoint_id is not None:
|
|
190
|
+
pulumi.set(__self__, "endpoint_id", endpoint_id)
|
|
191
|
+
if prefixes is not None:
|
|
192
|
+
pulumi.set(__self__, "prefixes", prefixes)
|
|
193
|
+
if rejected_reason is not None:
|
|
194
|
+
pulumi.set(__self__, "rejected_reason", rejected_reason)
|
|
195
|
+
if status is not None:
|
|
196
|
+
pulumi.set(__self__, "status", status)
|
|
197
|
+
if subnet_id is not None:
|
|
198
|
+
pulumi.set(__self__, "subnet_id", subnet_id)
|
|
199
|
+
if vpc_id is not None:
|
|
200
|
+
pulumi.set(__self__, "vpc_id", vpc_id)
|
|
201
|
+
if zone_id is not None:
|
|
202
|
+
pulumi.set(__self__, "zone_id", zone_id)
|
|
203
|
+
|
|
204
|
+
@_builtins.property
|
|
205
|
+
@pulumi.getter
|
|
206
|
+
def mode(self) -> _builtins.str:
|
|
207
|
+
"""
|
|
208
|
+
The endpoint mode. Valid values are `ServiceManaged` or `CustomerManaged`.
|
|
209
|
+
"""
|
|
210
|
+
return pulumi.get(self, "mode")
|
|
211
|
+
|
|
212
|
+
@_builtins.property
|
|
213
|
+
@pulumi.getter(name="accountId")
|
|
214
|
+
def account_id(self) -> Optional[_builtins.str]:
|
|
215
|
+
"""
|
|
216
|
+
The account id.
|
|
217
|
+
"""
|
|
218
|
+
return pulumi.get(self, "account_id")
|
|
219
|
+
|
|
220
|
+
@_builtins.property
|
|
221
|
+
@pulumi.getter(name="egressNatEnabled")
|
|
222
|
+
def egress_nat_enabled(self) -> Optional[_builtins.bool]:
|
|
223
|
+
"""
|
|
224
|
+
Enable egress NAT
|
|
225
|
+
"""
|
|
226
|
+
return pulumi.get(self, "egress_nat_enabled")
|
|
227
|
+
|
|
228
|
+
@_builtins.property
|
|
229
|
+
@pulumi.getter(name="endpointId")
|
|
230
|
+
def endpoint_id(self) -> Optional[_builtins.str]:
|
|
231
|
+
"""
|
|
232
|
+
Endpoint ID of the security zone
|
|
233
|
+
"""
|
|
234
|
+
return pulumi.get(self, "endpoint_id")
|
|
235
|
+
|
|
236
|
+
@_builtins.property
|
|
237
|
+
@pulumi.getter
|
|
238
|
+
def prefixes(self) -> Optional[Sequence['outputs.NgfwEndpointPrefix']]:
|
|
239
|
+
return pulumi.get(self, "prefixes")
|
|
240
|
+
|
|
241
|
+
@_builtins.property
|
|
242
|
+
@pulumi.getter(name="rejectedReason")
|
|
243
|
+
def rejected_reason(self) -> Optional[_builtins.str]:
|
|
244
|
+
"""
|
|
245
|
+
The rejected reason.
|
|
246
|
+
"""
|
|
247
|
+
return pulumi.get(self, "rejected_reason")
|
|
248
|
+
|
|
249
|
+
@_builtins.property
|
|
250
|
+
@pulumi.getter
|
|
251
|
+
def status(self) -> Optional[_builtins.str]:
|
|
252
|
+
"""
|
|
253
|
+
The attachment status.
|
|
254
|
+
"""
|
|
255
|
+
return pulumi.get(self, "status")
|
|
256
|
+
|
|
257
|
+
@_builtins.property
|
|
258
|
+
@pulumi.getter(name="subnetId")
|
|
259
|
+
def subnet_id(self) -> Optional[_builtins.str]:
|
|
260
|
+
"""
|
|
261
|
+
The subnet id.
|
|
262
|
+
"""
|
|
263
|
+
return pulumi.get(self, "subnet_id")
|
|
264
|
+
|
|
265
|
+
@_builtins.property
|
|
266
|
+
@pulumi.getter(name="vpcId")
|
|
267
|
+
def vpc_id(self) -> Optional[_builtins.str]:
|
|
268
|
+
"""
|
|
269
|
+
The vpc id.
|
|
270
|
+
"""
|
|
271
|
+
return pulumi.get(self, "vpc_id")
|
|
272
|
+
|
|
273
|
+
@_builtins.property
|
|
274
|
+
@pulumi.getter(name="zoneId")
|
|
275
|
+
def zone_id(self) -> Optional[_builtins.str]:
|
|
276
|
+
"""
|
|
277
|
+
The AZ id.
|
|
278
|
+
"""
|
|
279
|
+
return pulumi.get(self, "zone_id")
|
|
280
|
+
|
|
281
|
+
|
|
282
|
+
@pulumi.output_type
|
|
283
|
+
class NgfwEndpointPrefix(dict):
|
|
284
|
+
@staticmethod
|
|
285
|
+
def __key_warning(key: str):
|
|
286
|
+
suggest = None
|
|
287
|
+
if key == "privatePrefixes":
|
|
288
|
+
suggest = "private_prefixes"
|
|
289
|
+
|
|
290
|
+
if suggest:
|
|
291
|
+
pulumi.log.warn(f"Key '{key}' not found in NgfwEndpointPrefix. Access the value via the '{suggest}' property getter instead.")
|
|
292
|
+
|
|
293
|
+
def __getitem__(self, key: str) -> Any:
|
|
294
|
+
NgfwEndpointPrefix.__key_warning(key)
|
|
295
|
+
return super().__getitem__(key)
|
|
296
|
+
|
|
297
|
+
def get(self, key: str, default = None) -> Any:
|
|
298
|
+
NgfwEndpointPrefix.__key_warning(key)
|
|
299
|
+
return super().get(key, default)
|
|
300
|
+
|
|
301
|
+
def __init__(__self__, *,
|
|
302
|
+
private_prefixes: Optional[Sequence['outputs.NgfwEndpointPrefixPrivatePrefix']] = None):
|
|
303
|
+
if private_prefixes is not None:
|
|
304
|
+
pulumi.set(__self__, "private_prefixes", private_prefixes)
|
|
305
|
+
|
|
306
|
+
@_builtins.property
|
|
307
|
+
@pulumi.getter(name="privatePrefixes")
|
|
308
|
+
def private_prefixes(self) -> Optional[Sequence['outputs.NgfwEndpointPrefixPrivatePrefix']]:
|
|
309
|
+
return pulumi.get(self, "private_prefixes")
|
|
310
|
+
|
|
311
|
+
|
|
312
|
+
@pulumi.output_type
|
|
313
|
+
class NgfwEndpointPrefixPrivatePrefix(dict):
|
|
314
|
+
def __init__(__self__, *,
|
|
315
|
+
cidrs: Optional[Sequence[_builtins.str]] = None):
|
|
316
|
+
if cidrs is not None:
|
|
317
|
+
pulumi.set(__self__, "cidrs", cidrs)
|
|
318
|
+
|
|
319
|
+
@_builtins.property
|
|
320
|
+
@pulumi.getter
|
|
321
|
+
def cidrs(self) -> Optional[Sequence[_builtins.str]]:
|
|
322
|
+
return pulumi.get(self, "cidrs")
|
|
323
|
+
|
|
324
|
+
|
|
325
|
+
@pulumi.output_type
|
|
326
|
+
class NgfwLogProfileLogConfig(dict):
|
|
327
|
+
@staticmethod
|
|
328
|
+
def __key_warning(key: str):
|
|
329
|
+
suggest = None
|
|
330
|
+
if key == "logDestination":
|
|
331
|
+
suggest = "log_destination"
|
|
332
|
+
elif key == "logDestinationType":
|
|
333
|
+
suggest = "log_destination_type"
|
|
334
|
+
elif key == "logTypes":
|
|
335
|
+
suggest = "log_types"
|
|
336
|
+
elif key == "accountId":
|
|
337
|
+
suggest = "account_id"
|
|
338
|
+
elif key == "roleType":
|
|
339
|
+
suggest = "role_type"
|
|
340
|
+
|
|
341
|
+
if suggest:
|
|
342
|
+
pulumi.log.warn(f"Key '{key}' not found in NgfwLogProfileLogConfig. Access the value via the '{suggest}' property getter instead.")
|
|
343
|
+
|
|
344
|
+
def __getitem__(self, key: str) -> Any:
|
|
345
|
+
NgfwLogProfileLogConfig.__key_warning(key)
|
|
346
|
+
return super().__getitem__(key)
|
|
347
|
+
|
|
348
|
+
def get(self, key: str, default = None) -> Any:
|
|
349
|
+
NgfwLogProfileLogConfig.__key_warning(key)
|
|
350
|
+
return super().get(key, default)
|
|
351
|
+
|
|
352
|
+
def __init__(__self__, *,
|
|
353
|
+
log_destination: _builtins.str,
|
|
354
|
+
log_destination_type: _builtins.str,
|
|
355
|
+
log_types: Sequence[_builtins.str],
|
|
356
|
+
account_id: Optional[_builtins.str] = None,
|
|
357
|
+
role_type: Optional[_builtins.str] = None):
|
|
358
|
+
"""
|
|
359
|
+
:param _builtins.str log_destination: The log destination details.
|
|
360
|
+
:param _builtins.str log_destination_type: The log destination type. Valid values are `S3`, `CloudWatchLogs`, or `KinesisDataFirehose`.
|
|
361
|
+
:param Sequence[_builtins.str] log_types: The list of different log types that are wanted
|
|
362
|
+
:param _builtins.str account_id: Type of Role for log configuration
|
|
363
|
+
:param _builtins.str role_type: Type of Role for log configuration
|
|
364
|
+
"""
|
|
365
|
+
pulumi.set(__self__, "log_destination", log_destination)
|
|
366
|
+
pulumi.set(__self__, "log_destination_type", log_destination_type)
|
|
367
|
+
pulumi.set(__self__, "log_types", log_types)
|
|
368
|
+
if account_id is not None:
|
|
369
|
+
pulumi.set(__self__, "account_id", account_id)
|
|
370
|
+
if role_type is not None:
|
|
371
|
+
pulumi.set(__self__, "role_type", role_type)
|
|
372
|
+
|
|
373
|
+
@_builtins.property
|
|
374
|
+
@pulumi.getter(name="logDestination")
|
|
375
|
+
def log_destination(self) -> _builtins.str:
|
|
376
|
+
"""
|
|
377
|
+
The log destination details.
|
|
378
|
+
"""
|
|
379
|
+
return pulumi.get(self, "log_destination")
|
|
380
|
+
|
|
381
|
+
@_builtins.property
|
|
382
|
+
@pulumi.getter(name="logDestinationType")
|
|
383
|
+
def log_destination_type(self) -> _builtins.str:
|
|
384
|
+
"""
|
|
385
|
+
The log destination type. Valid values are `S3`, `CloudWatchLogs`, or `KinesisDataFirehose`.
|
|
386
|
+
"""
|
|
387
|
+
return pulumi.get(self, "log_destination_type")
|
|
388
|
+
|
|
389
|
+
@_builtins.property
|
|
390
|
+
@pulumi.getter(name="logTypes")
|
|
391
|
+
def log_types(self) -> Sequence[_builtins.str]:
|
|
392
|
+
"""
|
|
393
|
+
The list of different log types that are wanted
|
|
394
|
+
"""
|
|
395
|
+
return pulumi.get(self, "log_types")
|
|
396
|
+
|
|
397
|
+
@_builtins.property
|
|
398
|
+
@pulumi.getter(name="accountId")
|
|
399
|
+
def account_id(self) -> Optional[_builtins.str]:
|
|
400
|
+
"""
|
|
401
|
+
Type of Role for log configuration
|
|
402
|
+
"""
|
|
403
|
+
return pulumi.get(self, "account_id")
|
|
404
|
+
|
|
405
|
+
@_builtins.property
|
|
406
|
+
@pulumi.getter(name="roleType")
|
|
407
|
+
def role_type(self) -> Optional[_builtins.str]:
|
|
408
|
+
"""
|
|
409
|
+
Type of Role for log configuration
|
|
410
|
+
"""
|
|
411
|
+
return pulumi.get(self, "role_type")
|
|
412
|
+
|
|
413
|
+
|
|
39
414
|
@pulumi.output_type
|
|
40
415
|
class NgfwLogProfileLogDestination(dict):
|
|
41
416
|
@staticmethod
|
|
@@ -98,12 +473,60 @@ class NgfwLogProfileLogDestination(dict):
|
|
|
98
473
|
return pulumi.get(self, "log_type")
|
|
99
474
|
|
|
100
475
|
|
|
476
|
+
@pulumi.output_type
|
|
477
|
+
class NgfwPrivateAccess(dict):
|
|
478
|
+
@staticmethod
|
|
479
|
+
def __key_warning(key: str):
|
|
480
|
+
suggest = None
|
|
481
|
+
if key == "resourceId":
|
|
482
|
+
suggest = "resource_id"
|
|
483
|
+
|
|
484
|
+
if suggest:
|
|
485
|
+
pulumi.log.warn(f"Key '{key}' not found in NgfwPrivateAccess. Access the value via the '{suggest}' property getter instead.")
|
|
486
|
+
|
|
487
|
+
def __getitem__(self, key: str) -> Any:
|
|
488
|
+
NgfwPrivateAccess.__key_warning(key)
|
|
489
|
+
return super().__getitem__(key)
|
|
490
|
+
|
|
491
|
+
def get(self, key: str, default = None) -> Any:
|
|
492
|
+
NgfwPrivateAccess.__key_warning(key)
|
|
493
|
+
return super().get(key, default)
|
|
494
|
+
|
|
495
|
+
def __init__(__self__, *,
|
|
496
|
+
resource_id: _builtins.str,
|
|
497
|
+
type: _builtins.str):
|
|
498
|
+
"""
|
|
499
|
+
:param _builtins.str resource_id: AWS ResourceID
|
|
500
|
+
:param _builtins.str type: Type of Private Access
|
|
501
|
+
"""
|
|
502
|
+
pulumi.set(__self__, "resource_id", resource_id)
|
|
503
|
+
pulumi.set(__self__, "type", type)
|
|
504
|
+
|
|
505
|
+
@_builtins.property
|
|
506
|
+
@pulumi.getter(name="resourceId")
|
|
507
|
+
def resource_id(self) -> _builtins.str:
|
|
508
|
+
"""
|
|
509
|
+
AWS ResourceID
|
|
510
|
+
"""
|
|
511
|
+
return pulumi.get(self, "resource_id")
|
|
512
|
+
|
|
513
|
+
@_builtins.property
|
|
514
|
+
@pulumi.getter
|
|
515
|
+
def type(self) -> _builtins.str:
|
|
516
|
+
"""
|
|
517
|
+
Type of Private Access
|
|
518
|
+
"""
|
|
519
|
+
return pulumi.get(self, "type")
|
|
520
|
+
|
|
521
|
+
|
|
101
522
|
@pulumi.output_type
|
|
102
523
|
class NgfwStatus(dict):
|
|
103
524
|
@staticmethod
|
|
104
525
|
def __key_warning(key: str):
|
|
105
526
|
suggest = None
|
|
106
|
-
if key == "
|
|
527
|
+
if key == "deviceRulestackCommitStatus":
|
|
528
|
+
suggest = "device_rulestack_commit_status"
|
|
529
|
+
elif key == "failureReason":
|
|
107
530
|
suggest = "failure_reason"
|
|
108
531
|
elif key == "firewallStatus":
|
|
109
532
|
suggest = "firewall_status"
|
|
@@ -122,18 +545,18 @@ class NgfwStatus(dict):
|
|
|
122
545
|
return super().get(key, default)
|
|
123
546
|
|
|
124
547
|
def __init__(__self__, *,
|
|
125
|
-
|
|
548
|
+
device_rulestack_commit_status: Optional[_builtins.str] = None,
|
|
126
549
|
failure_reason: Optional[_builtins.str] = None,
|
|
127
550
|
firewall_status: Optional[_builtins.str] = None,
|
|
128
551
|
rulestack_status: Optional[_builtins.str] = None):
|
|
129
552
|
"""
|
|
130
|
-
:param
|
|
553
|
+
:param _builtins.str device_rulestack_commit_status: The device rulestack commit status.
|
|
131
554
|
:param _builtins.str failure_reason: The firewall failure reason.
|
|
132
555
|
:param _builtins.str firewall_status: The firewall status.
|
|
133
556
|
:param _builtins.str rulestack_status: The rulestack status.
|
|
134
557
|
"""
|
|
135
|
-
if
|
|
136
|
-
pulumi.set(__self__, "
|
|
558
|
+
if device_rulestack_commit_status is not None:
|
|
559
|
+
pulumi.set(__self__, "device_rulestack_commit_status", device_rulestack_commit_status)
|
|
137
560
|
if failure_reason is not None:
|
|
138
561
|
pulumi.set(__self__, "failure_reason", failure_reason)
|
|
139
562
|
if firewall_status is not None:
|
|
@@ -142,12 +565,12 @@ class NgfwStatus(dict):
|
|
|
142
565
|
pulumi.set(__self__, "rulestack_status", rulestack_status)
|
|
143
566
|
|
|
144
567
|
@_builtins.property
|
|
145
|
-
@pulumi.getter
|
|
146
|
-
def
|
|
568
|
+
@pulumi.getter(name="deviceRulestackCommitStatus")
|
|
569
|
+
def device_rulestack_commit_status(self) -> Optional[_builtins.str]:
|
|
147
570
|
"""
|
|
148
|
-
The
|
|
571
|
+
The device rulestack commit status.
|
|
149
572
|
"""
|
|
150
|
-
return pulumi.get(self, "
|
|
573
|
+
return pulumi.get(self, "device_rulestack_commit_status")
|
|
151
574
|
|
|
152
575
|
@_builtins.property
|
|
153
576
|
@pulumi.getter(name="failureReason")
|
|
@@ -175,143 +598,251 @@ class NgfwStatus(dict):
|
|
|
175
598
|
|
|
176
599
|
|
|
177
600
|
@pulumi.output_type
|
|
178
|
-
class
|
|
601
|
+
class NgfwSubnetMapping(dict):
|
|
179
602
|
@staticmethod
|
|
180
603
|
def __key_warning(key: str):
|
|
181
604
|
suggest = None
|
|
182
|
-
if key == "
|
|
183
|
-
suggest = "
|
|
184
|
-
elif key == "
|
|
185
|
-
suggest = "
|
|
605
|
+
if key == "availabilityZone":
|
|
606
|
+
suggest = "availability_zone"
|
|
607
|
+
elif key == "availabilityZoneId":
|
|
608
|
+
suggest = "availability_zone_id"
|
|
186
609
|
elif key == "subnetId":
|
|
187
610
|
suggest = "subnet_id"
|
|
188
611
|
|
|
189
612
|
if suggest:
|
|
190
|
-
pulumi.log.warn(f"Key '{key}' not found in
|
|
613
|
+
pulumi.log.warn(f"Key '{key}' not found in NgfwSubnetMapping. Access the value via the '{suggest}' property getter instead.")
|
|
191
614
|
|
|
192
615
|
def __getitem__(self, key: str) -> Any:
|
|
193
|
-
|
|
616
|
+
NgfwSubnetMapping.__key_warning(key)
|
|
194
617
|
return super().__getitem__(key)
|
|
195
618
|
|
|
196
619
|
def get(self, key: str, default = None) -> Any:
|
|
197
|
-
|
|
620
|
+
NgfwSubnetMapping.__key_warning(key)
|
|
198
621
|
return super().get(key, default)
|
|
199
622
|
|
|
200
623
|
def __init__(__self__, *,
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
status: Optional[_builtins.str] = None,
|
|
624
|
+
availability_zone: Optional[_builtins.str] = None,
|
|
625
|
+
availability_zone_id: Optional[_builtins.str] = None,
|
|
204
626
|
subnet_id: Optional[_builtins.str] = None):
|
|
205
627
|
"""
|
|
206
|
-
:param _builtins.str
|
|
207
|
-
:param _builtins.str
|
|
208
|
-
:param _builtins.str
|
|
209
|
-
|
|
628
|
+
:param _builtins.str availability_zone: The availability zone, for when the endpoint mode is customer managed.
|
|
629
|
+
:param _builtins.str availability_zone_id: The availability zone ID, for when the endpoint mode is customer managed.
|
|
630
|
+
:param _builtins.str subnet_id: The subnet id, for when the endpoint mode is service managed.
|
|
631
|
+
"""
|
|
632
|
+
if availability_zone is not None:
|
|
633
|
+
pulumi.set(__self__, "availability_zone", availability_zone)
|
|
634
|
+
if availability_zone_id is not None:
|
|
635
|
+
pulumi.set(__self__, "availability_zone_id", availability_zone_id)
|
|
636
|
+
if subnet_id is not None:
|
|
637
|
+
pulumi.set(__self__, "subnet_id", subnet_id)
|
|
638
|
+
|
|
639
|
+
@_builtins.property
|
|
640
|
+
@pulumi.getter(name="availabilityZone")
|
|
641
|
+
def availability_zone(self) -> Optional[_builtins.str]:
|
|
642
|
+
"""
|
|
643
|
+
The availability zone, for when the endpoint mode is customer managed.
|
|
644
|
+
"""
|
|
645
|
+
return pulumi.get(self, "availability_zone")
|
|
646
|
+
|
|
647
|
+
@_builtins.property
|
|
648
|
+
@pulumi.getter(name="availabilityZoneId")
|
|
649
|
+
def availability_zone_id(self) -> Optional[_builtins.str]:
|
|
650
|
+
"""
|
|
651
|
+
The availability zone ID, for when the endpoint mode is customer managed.
|
|
652
|
+
"""
|
|
653
|
+
return pulumi.get(self, "availability_zone_id")
|
|
654
|
+
|
|
655
|
+
@_builtins.property
|
|
656
|
+
@pulumi.getter(name="subnetId")
|
|
657
|
+
def subnet_id(self) -> Optional[_builtins.str]:
|
|
658
|
+
"""
|
|
659
|
+
The subnet id, for when the endpoint mode is service managed.
|
|
660
|
+
"""
|
|
661
|
+
return pulumi.get(self, "subnet_id")
|
|
662
|
+
|
|
663
|
+
|
|
664
|
+
@pulumi.output_type
|
|
665
|
+
class NgfwUserId(dict):
|
|
666
|
+
@staticmethod
|
|
667
|
+
def __key_warning(key: str):
|
|
668
|
+
suggest = None
|
|
669
|
+
if key == "agentName":
|
|
670
|
+
suggest = "agent_name"
|
|
671
|
+
elif key == "collectorName":
|
|
672
|
+
suggest = "collector_name"
|
|
673
|
+
elif key == "customIncludeExcludeNetworks":
|
|
674
|
+
suggest = "custom_include_exclude_networks"
|
|
675
|
+
elif key == "secretKeyArn":
|
|
676
|
+
suggest = "secret_key_arn"
|
|
677
|
+
elif key == "userIdStatus":
|
|
678
|
+
suggest = "user_id_status"
|
|
679
|
+
|
|
680
|
+
if suggest:
|
|
681
|
+
pulumi.log.warn(f"Key '{key}' not found in NgfwUserId. Access the value via the '{suggest}' property getter instead.")
|
|
682
|
+
|
|
683
|
+
def __getitem__(self, key: str) -> Any:
|
|
684
|
+
NgfwUserId.__key_warning(key)
|
|
685
|
+
return super().__getitem__(key)
|
|
686
|
+
|
|
687
|
+
def get(self, key: str, default = None) -> Any:
|
|
688
|
+
NgfwUserId.__key_warning(key)
|
|
689
|
+
return super().get(key, default)
|
|
690
|
+
|
|
691
|
+
def __init__(__self__, *,
|
|
692
|
+
enabled: _builtins.bool,
|
|
693
|
+
port: _builtins.int,
|
|
694
|
+
agent_name: Optional[_builtins.str] = None,
|
|
695
|
+
collector_name: Optional[_builtins.str] = None,
|
|
696
|
+
custom_include_exclude_networks: Optional[Sequence['outputs.NgfwUserIdCustomIncludeExcludeNetwork']] = None,
|
|
697
|
+
secret_key_arn: Optional[_builtins.str] = None,
|
|
698
|
+
user_id_status: Optional[_builtins.str] = None):
|
|
699
|
+
"""
|
|
700
|
+
:param _builtins.bool enabled: Enable UserID Config
|
|
701
|
+
:param _builtins.int port: The Port
|
|
702
|
+
:param _builtins.str agent_name: Agent Name for UserID
|
|
703
|
+
:param _builtins.str collector_name: The Collector Name
|
|
704
|
+
:param Sequence['NgfwUserIdCustomIncludeExcludeNetworkArgs'] custom_include_exclude_networks: List of Custom Include Exclude Networks
|
|
705
|
+
:param _builtins.str secret_key_arn: AWS Secret Key ARN
|
|
706
|
+
:param _builtins.str user_id_status: Status and State of UserID Configuration
|
|
707
|
+
"""
|
|
708
|
+
pulumi.set(__self__, "enabled", enabled)
|
|
709
|
+
pulumi.set(__self__, "port", port)
|
|
710
|
+
if agent_name is not None:
|
|
711
|
+
pulumi.set(__self__, "agent_name", agent_name)
|
|
712
|
+
if collector_name is not None:
|
|
713
|
+
pulumi.set(__self__, "collector_name", collector_name)
|
|
714
|
+
if custom_include_exclude_networks is not None:
|
|
715
|
+
pulumi.set(__self__, "custom_include_exclude_networks", custom_include_exclude_networks)
|
|
716
|
+
if secret_key_arn is not None:
|
|
717
|
+
pulumi.set(__self__, "secret_key_arn", secret_key_arn)
|
|
718
|
+
if user_id_status is not None:
|
|
719
|
+
pulumi.set(__self__, "user_id_status", user_id_status)
|
|
720
|
+
|
|
721
|
+
@_builtins.property
|
|
722
|
+
@pulumi.getter
|
|
723
|
+
def enabled(self) -> _builtins.bool:
|
|
724
|
+
"""
|
|
725
|
+
Enable UserID Config
|
|
726
|
+
"""
|
|
727
|
+
return pulumi.get(self, "enabled")
|
|
728
|
+
|
|
729
|
+
@_builtins.property
|
|
730
|
+
@pulumi.getter
|
|
731
|
+
def port(self) -> _builtins.int:
|
|
732
|
+
"""
|
|
733
|
+
The Port
|
|
734
|
+
"""
|
|
735
|
+
return pulumi.get(self, "port")
|
|
736
|
+
|
|
737
|
+
@_builtins.property
|
|
738
|
+
@pulumi.getter(name="agentName")
|
|
739
|
+
def agent_name(self) -> Optional[_builtins.str]:
|
|
210
740
|
"""
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
pulumi.set(__self__, "rejected_reason", rejected_reason)
|
|
215
|
-
if status is not None:
|
|
216
|
-
pulumi.set(__self__, "status", status)
|
|
217
|
-
if subnet_id is not None:
|
|
218
|
-
pulumi.set(__self__, "subnet_id", subnet_id)
|
|
741
|
+
Agent Name for UserID
|
|
742
|
+
"""
|
|
743
|
+
return pulumi.get(self, "agent_name")
|
|
219
744
|
|
|
220
745
|
@_builtins.property
|
|
221
|
-
@pulumi.getter(name="
|
|
222
|
-
def
|
|
746
|
+
@pulumi.getter(name="collectorName")
|
|
747
|
+
def collector_name(self) -> Optional[_builtins.str]:
|
|
223
748
|
"""
|
|
224
|
-
The
|
|
749
|
+
The Collector Name
|
|
225
750
|
"""
|
|
226
|
-
return pulumi.get(self, "
|
|
751
|
+
return pulumi.get(self, "collector_name")
|
|
227
752
|
|
|
228
753
|
@_builtins.property
|
|
229
|
-
@pulumi.getter(name="
|
|
230
|
-
def
|
|
754
|
+
@pulumi.getter(name="customIncludeExcludeNetworks")
|
|
755
|
+
def custom_include_exclude_networks(self) -> Optional[Sequence['outputs.NgfwUserIdCustomIncludeExcludeNetwork']]:
|
|
231
756
|
"""
|
|
232
|
-
|
|
757
|
+
List of Custom Include Exclude Networks
|
|
233
758
|
"""
|
|
234
|
-
return pulumi.get(self, "
|
|
759
|
+
return pulumi.get(self, "custom_include_exclude_networks")
|
|
235
760
|
|
|
236
761
|
@_builtins.property
|
|
237
|
-
@pulumi.getter
|
|
238
|
-
def
|
|
762
|
+
@pulumi.getter(name="secretKeyArn")
|
|
763
|
+
def secret_key_arn(self) -> Optional[_builtins.str]:
|
|
239
764
|
"""
|
|
240
|
-
|
|
765
|
+
AWS Secret Key ARN
|
|
241
766
|
"""
|
|
242
|
-
return pulumi.get(self, "
|
|
767
|
+
return pulumi.get(self, "secret_key_arn")
|
|
243
768
|
|
|
244
769
|
@_builtins.property
|
|
245
|
-
@pulumi.getter(name="
|
|
246
|
-
def
|
|
770
|
+
@pulumi.getter(name="userIdStatus")
|
|
771
|
+
def user_id_status(self) -> Optional[_builtins.str]:
|
|
247
772
|
"""
|
|
248
|
-
|
|
773
|
+
Status and State of UserID Configuration
|
|
249
774
|
"""
|
|
250
|
-
return pulumi.get(self, "
|
|
775
|
+
return pulumi.get(self, "user_id_status")
|
|
251
776
|
|
|
252
777
|
|
|
253
778
|
@pulumi.output_type
|
|
254
|
-
class
|
|
779
|
+
class NgfwUserIdCustomIncludeExcludeNetwork(dict):
|
|
255
780
|
@staticmethod
|
|
256
781
|
def __key_warning(key: str):
|
|
257
782
|
suggest = None
|
|
258
|
-
if key == "
|
|
259
|
-
suggest = "
|
|
260
|
-
elif key == "
|
|
261
|
-
suggest = "
|
|
262
|
-
elif key == "subnetId":
|
|
263
|
-
suggest = "subnet_id"
|
|
783
|
+
if key == "discoveryInclude":
|
|
784
|
+
suggest = "discovery_include"
|
|
785
|
+
elif key == "networkAddress":
|
|
786
|
+
suggest = "network_address"
|
|
264
787
|
|
|
265
788
|
if suggest:
|
|
266
|
-
pulumi.log.warn(f"Key '{key}' not found in
|
|
789
|
+
pulumi.log.warn(f"Key '{key}' not found in NgfwUserIdCustomIncludeExcludeNetwork. Access the value via the '{suggest}' property getter instead.")
|
|
267
790
|
|
|
268
791
|
def __getitem__(self, key: str) -> Any:
|
|
269
|
-
|
|
792
|
+
NgfwUserIdCustomIncludeExcludeNetwork.__key_warning(key)
|
|
270
793
|
return super().__getitem__(key)
|
|
271
794
|
|
|
272
795
|
def get(self, key: str, default = None) -> Any:
|
|
273
|
-
|
|
796
|
+
NgfwUserIdCustomIncludeExcludeNetwork.__key_warning(key)
|
|
274
797
|
return super().get(key, default)
|
|
275
798
|
|
|
276
799
|
def __init__(__self__, *,
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
800
|
+
discovery_include: _builtins.bool,
|
|
801
|
+
enabled: _builtins.bool,
|
|
802
|
+
name: _builtins.str,
|
|
803
|
+
network_address: _builtins.str):
|
|
804
|
+
"""
|
|
805
|
+
:param _builtins.bool discovery_include: Include or exclude this subnet from user-id configuration
|
|
806
|
+
:param _builtins.bool enabled: Enable this specific custom include/exclude network
|
|
807
|
+
:param _builtins.str name: Name of subnet filter
|
|
808
|
+
:param _builtins.str network_address: Network IP address of the subnet filter
|
|
809
|
+
"""
|
|
810
|
+
pulumi.set(__self__, "discovery_include", discovery_include)
|
|
811
|
+
pulumi.set(__self__, "enabled", enabled)
|
|
812
|
+
pulumi.set(__self__, "name", name)
|
|
813
|
+
pulumi.set(__self__, "network_address", network_address)
|
|
814
|
+
|
|
815
|
+
@_builtins.property
|
|
816
|
+
@pulumi.getter(name="discoveryInclude")
|
|
817
|
+
def discovery_include(self) -> _builtins.bool:
|
|
280
818
|
"""
|
|
281
|
-
|
|
282
|
-
:param _builtins.str availability_zone_id: The availability zone ID, for when the endpoint mode is customer managed.
|
|
283
|
-
:param _builtins.str subnet_id: The subnet id, for when the endpoint mode is service managed.
|
|
819
|
+
Include or exclude this subnet from user-id configuration
|
|
284
820
|
"""
|
|
285
|
-
|
|
286
|
-
pulumi.set(__self__, "availability_zone", availability_zone)
|
|
287
|
-
if availability_zone_id is not None:
|
|
288
|
-
pulumi.set(__self__, "availability_zone_id", availability_zone_id)
|
|
289
|
-
if subnet_id is not None:
|
|
290
|
-
pulumi.set(__self__, "subnet_id", subnet_id)
|
|
821
|
+
return pulumi.get(self, "discovery_include")
|
|
291
822
|
|
|
292
823
|
@_builtins.property
|
|
293
|
-
@pulumi.getter
|
|
294
|
-
def
|
|
824
|
+
@pulumi.getter
|
|
825
|
+
def enabled(self) -> _builtins.bool:
|
|
295
826
|
"""
|
|
296
|
-
|
|
827
|
+
Enable this specific custom include/exclude network
|
|
297
828
|
"""
|
|
298
|
-
return pulumi.get(self, "
|
|
829
|
+
return pulumi.get(self, "enabled")
|
|
299
830
|
|
|
300
831
|
@_builtins.property
|
|
301
|
-
@pulumi.getter
|
|
302
|
-
def
|
|
832
|
+
@pulumi.getter
|
|
833
|
+
def name(self) -> _builtins.str:
|
|
303
834
|
"""
|
|
304
|
-
|
|
835
|
+
Name of subnet filter
|
|
305
836
|
"""
|
|
306
|
-
return pulumi.get(self, "
|
|
837
|
+
return pulumi.get(self, "name")
|
|
307
838
|
|
|
308
839
|
@_builtins.property
|
|
309
|
-
@pulumi.getter(name="
|
|
310
|
-
def
|
|
840
|
+
@pulumi.getter(name="networkAddress")
|
|
841
|
+
def network_address(self) -> _builtins.str:
|
|
311
842
|
"""
|
|
312
|
-
|
|
843
|
+
Network IP address of the subnet filter
|
|
313
844
|
"""
|
|
314
|
-
return pulumi.get(self, "
|
|
845
|
+
return pulumi.get(self, "network_address")
|
|
315
846
|
|
|
316
847
|
|
|
317
848
|
@pulumi.output_type
|
|
@@ -537,145 +1068,398 @@ class SecurityRuleDestination(dict):
|
|
|
537
1068
|
@pulumi.getter
|
|
538
1069
|
def countries(self) -> Optional[Sequence[_builtins.str]]:
|
|
539
1070
|
"""
|
|
540
|
-
List of countries.
|
|
1071
|
+
List of countries.
|
|
1072
|
+
"""
|
|
1073
|
+
return pulumi.get(self, "countries")
|
|
1074
|
+
|
|
1075
|
+
@_builtins.property
|
|
1076
|
+
@pulumi.getter
|
|
1077
|
+
def feeds(self) -> Optional[Sequence[_builtins.str]]:
|
|
1078
|
+
"""
|
|
1079
|
+
List of feeds.
|
|
1080
|
+
"""
|
|
1081
|
+
return pulumi.get(self, "feeds")
|
|
1082
|
+
|
|
1083
|
+
@_builtins.property
|
|
1084
|
+
@pulumi.getter(name="fqdnLists")
|
|
1085
|
+
def fqdn_lists(self) -> Optional[Sequence[_builtins.str]]:
|
|
1086
|
+
"""
|
|
1087
|
+
List of FQDN lists.
|
|
1088
|
+
"""
|
|
1089
|
+
return pulumi.get(self, "fqdn_lists")
|
|
1090
|
+
|
|
1091
|
+
@_builtins.property
|
|
1092
|
+
@pulumi.getter(name="prefixLists")
|
|
1093
|
+
def prefix_lists(self) -> Optional[Sequence[_builtins.str]]:
|
|
1094
|
+
"""
|
|
1095
|
+
List of prefix list.
|
|
1096
|
+
"""
|
|
1097
|
+
return pulumi.get(self, "prefix_lists")
|
|
1098
|
+
|
|
1099
|
+
|
|
1100
|
+
@pulumi.output_type
|
|
1101
|
+
class SecurityRuleSource(dict):
|
|
1102
|
+
@staticmethod
|
|
1103
|
+
def __key_warning(key: str):
|
|
1104
|
+
suggest = None
|
|
1105
|
+
if key == "prefixLists":
|
|
1106
|
+
suggest = "prefix_lists"
|
|
1107
|
+
|
|
1108
|
+
if suggest:
|
|
1109
|
+
pulumi.log.warn(f"Key '{key}' not found in SecurityRuleSource. Access the value via the '{suggest}' property getter instead.")
|
|
1110
|
+
|
|
1111
|
+
def __getitem__(self, key: str) -> Any:
|
|
1112
|
+
SecurityRuleSource.__key_warning(key)
|
|
1113
|
+
return super().__getitem__(key)
|
|
1114
|
+
|
|
1115
|
+
def get(self, key: str, default = None) -> Any:
|
|
1116
|
+
SecurityRuleSource.__key_warning(key)
|
|
1117
|
+
return super().get(key, default)
|
|
1118
|
+
|
|
1119
|
+
def __init__(__self__, *,
|
|
1120
|
+
cidrs: Optional[Sequence[_builtins.str]] = None,
|
|
1121
|
+
countries: Optional[Sequence[_builtins.str]] = None,
|
|
1122
|
+
feeds: Optional[Sequence[_builtins.str]] = None,
|
|
1123
|
+
prefix_lists: Optional[Sequence[_builtins.str]] = None):
|
|
1124
|
+
"""
|
|
1125
|
+
:param Sequence[_builtins.str] cidrs: List of CIDRs.
|
|
1126
|
+
:param Sequence[_builtins.str] countries: List of countries.
|
|
1127
|
+
:param Sequence[_builtins.str] feeds: List of feeds.
|
|
1128
|
+
:param Sequence[_builtins.str] prefix_lists: List of prefix list.
|
|
1129
|
+
"""
|
|
1130
|
+
if cidrs is not None:
|
|
1131
|
+
pulumi.set(__self__, "cidrs", cidrs)
|
|
1132
|
+
if countries is not None:
|
|
1133
|
+
pulumi.set(__self__, "countries", countries)
|
|
1134
|
+
if feeds is not None:
|
|
1135
|
+
pulumi.set(__self__, "feeds", feeds)
|
|
1136
|
+
if prefix_lists is not None:
|
|
1137
|
+
pulumi.set(__self__, "prefix_lists", prefix_lists)
|
|
1138
|
+
|
|
1139
|
+
@_builtins.property
|
|
1140
|
+
@pulumi.getter
|
|
1141
|
+
def cidrs(self) -> Optional[Sequence[_builtins.str]]:
|
|
1142
|
+
"""
|
|
1143
|
+
List of CIDRs.
|
|
1144
|
+
"""
|
|
1145
|
+
return pulumi.get(self, "cidrs")
|
|
1146
|
+
|
|
1147
|
+
@_builtins.property
|
|
1148
|
+
@pulumi.getter
|
|
1149
|
+
def countries(self) -> Optional[Sequence[_builtins.str]]:
|
|
1150
|
+
"""
|
|
1151
|
+
List of countries.
|
|
1152
|
+
"""
|
|
1153
|
+
return pulumi.get(self, "countries")
|
|
1154
|
+
|
|
1155
|
+
@_builtins.property
|
|
1156
|
+
@pulumi.getter
|
|
1157
|
+
def feeds(self) -> Optional[Sequence[_builtins.str]]:
|
|
1158
|
+
"""
|
|
1159
|
+
List of feeds.
|
|
1160
|
+
"""
|
|
1161
|
+
return pulumi.get(self, "feeds")
|
|
1162
|
+
|
|
1163
|
+
@_builtins.property
|
|
1164
|
+
@pulumi.getter(name="prefixLists")
|
|
1165
|
+
def prefix_lists(self) -> Optional[Sequence[_builtins.str]]:
|
|
1166
|
+
"""
|
|
1167
|
+
List of prefix list.
|
|
1168
|
+
"""
|
|
1169
|
+
return pulumi.get(self, "prefix_lists")
|
|
1170
|
+
|
|
1171
|
+
|
|
1172
|
+
@pulumi.output_type
|
|
1173
|
+
class GetAccountsAccountDetailResult(dict):
|
|
1174
|
+
def __init__(__self__, *,
|
|
1175
|
+
account_id: _builtins.str,
|
|
1176
|
+
external_id: _builtins.str,
|
|
1177
|
+
onboarding_status: _builtins.str):
|
|
1178
|
+
"""
|
|
1179
|
+
:param _builtins.str account_id: The account id.
|
|
1180
|
+
:param _builtins.str external_id: External Id of the onboarded account
|
|
1181
|
+
:param _builtins.str onboarding_status: Onboarding status of the account.
|
|
1182
|
+
"""
|
|
1183
|
+
pulumi.set(__self__, "account_id", account_id)
|
|
1184
|
+
pulumi.set(__self__, "external_id", external_id)
|
|
1185
|
+
pulumi.set(__self__, "onboarding_status", onboarding_status)
|
|
1186
|
+
|
|
1187
|
+
@_builtins.property
|
|
1188
|
+
@pulumi.getter(name="accountId")
|
|
1189
|
+
def account_id(self) -> _builtins.str:
|
|
1190
|
+
"""
|
|
1191
|
+
The account id.
|
|
1192
|
+
"""
|
|
1193
|
+
return pulumi.get(self, "account_id")
|
|
1194
|
+
|
|
1195
|
+
@_builtins.property
|
|
1196
|
+
@pulumi.getter(name="externalId")
|
|
1197
|
+
def external_id(self) -> _builtins.str:
|
|
1198
|
+
"""
|
|
1199
|
+
External Id of the onboarded account
|
|
1200
|
+
"""
|
|
1201
|
+
return pulumi.get(self, "external_id")
|
|
1202
|
+
|
|
1203
|
+
@_builtins.property
|
|
1204
|
+
@pulumi.getter(name="onboardingStatus")
|
|
1205
|
+
def onboarding_status(self) -> _builtins.str:
|
|
1206
|
+
"""
|
|
1207
|
+
Onboarding status of the account.
|
|
1208
|
+
"""
|
|
1209
|
+
return pulumi.get(self, "onboarding_status")
|
|
1210
|
+
|
|
1211
|
+
|
|
1212
|
+
@pulumi.output_type
|
|
1213
|
+
class GetNgfwEgressNatResult(dict):
|
|
1214
|
+
def __init__(__self__, *,
|
|
1215
|
+
enabled: _builtins.bool,
|
|
1216
|
+
settings: Sequence['outputs.GetNgfwEgressNatSettingResult']):
|
|
1217
|
+
"""
|
|
1218
|
+
:param _builtins.bool enabled: Enable egress NAT
|
|
1219
|
+
"""
|
|
1220
|
+
pulumi.set(__self__, "enabled", enabled)
|
|
1221
|
+
pulumi.set(__self__, "settings", settings)
|
|
1222
|
+
|
|
1223
|
+
@_builtins.property
|
|
1224
|
+
@pulumi.getter
|
|
1225
|
+
def enabled(self) -> _builtins.bool:
|
|
1226
|
+
"""
|
|
1227
|
+
Enable egress NAT
|
|
1228
|
+
"""
|
|
1229
|
+
return pulumi.get(self, "enabled")
|
|
1230
|
+
|
|
1231
|
+
@_builtins.property
|
|
1232
|
+
@pulumi.getter
|
|
1233
|
+
def settings(self) -> Sequence['outputs.GetNgfwEgressNatSettingResult']:
|
|
1234
|
+
return pulumi.get(self, "settings")
|
|
1235
|
+
|
|
1236
|
+
|
|
1237
|
+
@pulumi.output_type
|
|
1238
|
+
class GetNgfwEgressNatSettingResult(dict):
|
|
1239
|
+
def __init__(__self__, *,
|
|
1240
|
+
ip_pool_type: _builtins.str,
|
|
1241
|
+
ipam_pool_id: _builtins.str):
|
|
1242
|
+
"""
|
|
1243
|
+
:param _builtins.str ip_pool_type: Set ip pool type from the following options. Valid values are `AWSService` or `BYOIP`.
|
|
1244
|
+
:param _builtins.str ipam_pool_id: The IP pool ID
|
|
1245
|
+
"""
|
|
1246
|
+
pulumi.set(__self__, "ip_pool_type", ip_pool_type)
|
|
1247
|
+
pulumi.set(__self__, "ipam_pool_id", ipam_pool_id)
|
|
1248
|
+
|
|
1249
|
+
@_builtins.property
|
|
1250
|
+
@pulumi.getter(name="ipPoolType")
|
|
1251
|
+
def ip_pool_type(self) -> _builtins.str:
|
|
1252
|
+
"""
|
|
1253
|
+
Set ip pool type from the following options. Valid values are `AWSService` or `BYOIP`.
|
|
1254
|
+
"""
|
|
1255
|
+
return pulumi.get(self, "ip_pool_type")
|
|
1256
|
+
|
|
1257
|
+
@_builtins.property
|
|
1258
|
+
@pulumi.getter(name="ipamPoolId")
|
|
1259
|
+
def ipam_pool_id(self) -> _builtins.str:
|
|
1260
|
+
"""
|
|
1261
|
+
The IP pool ID
|
|
1262
|
+
"""
|
|
1263
|
+
return pulumi.get(self, "ipam_pool_id")
|
|
1264
|
+
|
|
1265
|
+
|
|
1266
|
+
@pulumi.output_type
|
|
1267
|
+
class GetNgfwEndpointResult(dict):
|
|
1268
|
+
def __init__(__self__, *,
|
|
1269
|
+
account_id: _builtins.str,
|
|
1270
|
+
egress_nat_enabled: _builtins.bool,
|
|
1271
|
+
endpoint_id: _builtins.str,
|
|
1272
|
+
mode: _builtins.str,
|
|
1273
|
+
prefixes: Sequence['outputs.GetNgfwEndpointPrefixResult'],
|
|
1274
|
+
rejected_reason: _builtins.str,
|
|
1275
|
+
status: _builtins.str,
|
|
1276
|
+
subnet_id: _builtins.str,
|
|
1277
|
+
vpc_id: _builtins.str,
|
|
1278
|
+
zone_id: _builtins.str):
|
|
1279
|
+
"""
|
|
1280
|
+
:param _builtins.str account_id: The account id.
|
|
1281
|
+
:param _builtins.bool egress_nat_enabled: Enable egress NAT
|
|
1282
|
+
:param _builtins.str endpoint_id: Endpoint ID of the security zone
|
|
1283
|
+
:param _builtins.str mode: The endpoint mode. Valid values are `ServiceManaged` or `CustomerManaged`.
|
|
1284
|
+
:param _builtins.str rejected_reason: The rejected reason.
|
|
1285
|
+
:param _builtins.str status: The attachment status.
|
|
1286
|
+
:param _builtins.str subnet_id: The subnet id.
|
|
1287
|
+
:param _builtins.str vpc_id: The vpc id.
|
|
1288
|
+
:param _builtins.str zone_id: The AZ id.
|
|
1289
|
+
"""
|
|
1290
|
+
pulumi.set(__self__, "account_id", account_id)
|
|
1291
|
+
pulumi.set(__self__, "egress_nat_enabled", egress_nat_enabled)
|
|
1292
|
+
pulumi.set(__self__, "endpoint_id", endpoint_id)
|
|
1293
|
+
pulumi.set(__self__, "mode", mode)
|
|
1294
|
+
pulumi.set(__self__, "prefixes", prefixes)
|
|
1295
|
+
pulumi.set(__self__, "rejected_reason", rejected_reason)
|
|
1296
|
+
pulumi.set(__self__, "status", status)
|
|
1297
|
+
pulumi.set(__self__, "subnet_id", subnet_id)
|
|
1298
|
+
pulumi.set(__self__, "vpc_id", vpc_id)
|
|
1299
|
+
pulumi.set(__self__, "zone_id", zone_id)
|
|
1300
|
+
|
|
1301
|
+
@_builtins.property
|
|
1302
|
+
@pulumi.getter(name="accountId")
|
|
1303
|
+
def account_id(self) -> _builtins.str:
|
|
1304
|
+
"""
|
|
1305
|
+
The account id.
|
|
541
1306
|
"""
|
|
542
|
-
return pulumi.get(self, "
|
|
1307
|
+
return pulumi.get(self, "account_id")
|
|
543
1308
|
|
|
544
1309
|
@_builtins.property
|
|
545
|
-
@pulumi.getter
|
|
546
|
-
def
|
|
1310
|
+
@pulumi.getter(name="egressNatEnabled")
|
|
1311
|
+
def egress_nat_enabled(self) -> _builtins.bool:
|
|
547
1312
|
"""
|
|
548
|
-
|
|
1313
|
+
Enable egress NAT
|
|
549
1314
|
"""
|
|
550
|
-
return pulumi.get(self, "
|
|
1315
|
+
return pulumi.get(self, "egress_nat_enabled")
|
|
551
1316
|
|
|
552
1317
|
@_builtins.property
|
|
553
|
-
@pulumi.getter(name="
|
|
554
|
-
def
|
|
1318
|
+
@pulumi.getter(name="endpointId")
|
|
1319
|
+
def endpoint_id(self) -> _builtins.str:
|
|
555
1320
|
"""
|
|
556
|
-
|
|
1321
|
+
Endpoint ID of the security zone
|
|
557
1322
|
"""
|
|
558
|
-
return pulumi.get(self, "
|
|
1323
|
+
return pulumi.get(self, "endpoint_id")
|
|
559
1324
|
|
|
560
1325
|
@_builtins.property
|
|
561
|
-
@pulumi.getter
|
|
562
|
-
def
|
|
1326
|
+
@pulumi.getter
|
|
1327
|
+
def mode(self) -> _builtins.str:
|
|
563
1328
|
"""
|
|
564
|
-
|
|
1329
|
+
The endpoint mode. Valid values are `ServiceManaged` or `CustomerManaged`.
|
|
565
1330
|
"""
|
|
566
|
-
return pulumi.get(self, "
|
|
567
|
-
|
|
568
|
-
|
|
569
|
-
@pulumi.output_type
|
|
570
|
-
class SecurityRuleSource(dict):
|
|
571
|
-
@staticmethod
|
|
572
|
-
def __key_warning(key: str):
|
|
573
|
-
suggest = None
|
|
574
|
-
if key == "prefixLists":
|
|
575
|
-
suggest = "prefix_lists"
|
|
576
|
-
|
|
577
|
-
if suggest:
|
|
578
|
-
pulumi.log.warn(f"Key '{key}' not found in SecurityRuleSource. Access the value via the '{suggest}' property getter instead.")
|
|
579
|
-
|
|
580
|
-
def __getitem__(self, key: str) -> Any:
|
|
581
|
-
SecurityRuleSource.__key_warning(key)
|
|
582
|
-
return super().__getitem__(key)
|
|
1331
|
+
return pulumi.get(self, "mode")
|
|
583
1332
|
|
|
584
|
-
|
|
585
|
-
|
|
586
|
-
|
|
1333
|
+
@_builtins.property
|
|
1334
|
+
@pulumi.getter
|
|
1335
|
+
def prefixes(self) -> Sequence['outputs.GetNgfwEndpointPrefixResult']:
|
|
1336
|
+
return pulumi.get(self, "prefixes")
|
|
587
1337
|
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
feeds: Optional[Sequence[_builtins.str]] = None,
|
|
592
|
-
prefix_lists: Optional[Sequence[_builtins.str]] = None):
|
|
1338
|
+
@_builtins.property
|
|
1339
|
+
@pulumi.getter(name="rejectedReason")
|
|
1340
|
+
def rejected_reason(self) -> _builtins.str:
|
|
593
1341
|
"""
|
|
594
|
-
|
|
595
|
-
:param Sequence[_builtins.str] countries: List of countries.
|
|
596
|
-
:param Sequence[_builtins.str] feeds: List of feeds.
|
|
597
|
-
:param Sequence[_builtins.str] prefix_lists: List of prefix list.
|
|
1342
|
+
The rejected reason.
|
|
598
1343
|
"""
|
|
599
|
-
|
|
600
|
-
pulumi.set(__self__, "cidrs", cidrs)
|
|
601
|
-
if countries is not None:
|
|
602
|
-
pulumi.set(__self__, "countries", countries)
|
|
603
|
-
if feeds is not None:
|
|
604
|
-
pulumi.set(__self__, "feeds", feeds)
|
|
605
|
-
if prefix_lists is not None:
|
|
606
|
-
pulumi.set(__self__, "prefix_lists", prefix_lists)
|
|
1344
|
+
return pulumi.get(self, "rejected_reason")
|
|
607
1345
|
|
|
608
1346
|
@_builtins.property
|
|
609
1347
|
@pulumi.getter
|
|
610
|
-
def
|
|
1348
|
+
def status(self) -> _builtins.str:
|
|
611
1349
|
"""
|
|
612
|
-
|
|
1350
|
+
The attachment status.
|
|
613
1351
|
"""
|
|
614
|
-
return pulumi.get(self, "
|
|
1352
|
+
return pulumi.get(self, "status")
|
|
615
1353
|
|
|
616
1354
|
@_builtins.property
|
|
617
|
-
@pulumi.getter
|
|
618
|
-
def
|
|
1355
|
+
@pulumi.getter(name="subnetId")
|
|
1356
|
+
def subnet_id(self) -> _builtins.str:
|
|
619
1357
|
"""
|
|
620
|
-
|
|
1358
|
+
The subnet id.
|
|
621
1359
|
"""
|
|
622
|
-
return pulumi.get(self, "
|
|
1360
|
+
return pulumi.get(self, "subnet_id")
|
|
623
1361
|
|
|
624
1362
|
@_builtins.property
|
|
625
|
-
@pulumi.getter
|
|
626
|
-
def
|
|
1363
|
+
@pulumi.getter(name="vpcId")
|
|
1364
|
+
def vpc_id(self) -> _builtins.str:
|
|
627
1365
|
"""
|
|
628
|
-
|
|
1366
|
+
The vpc id.
|
|
629
1367
|
"""
|
|
630
|
-
return pulumi.get(self, "
|
|
1368
|
+
return pulumi.get(self, "vpc_id")
|
|
631
1369
|
|
|
632
1370
|
@_builtins.property
|
|
633
|
-
@pulumi.getter(name="
|
|
634
|
-
def
|
|
1371
|
+
@pulumi.getter(name="zoneId")
|
|
1372
|
+
def zone_id(self) -> _builtins.str:
|
|
635
1373
|
"""
|
|
636
|
-
|
|
1374
|
+
The AZ id.
|
|
637
1375
|
"""
|
|
638
|
-
return pulumi.get(self, "
|
|
1376
|
+
return pulumi.get(self, "zone_id")
|
|
639
1377
|
|
|
640
1378
|
|
|
641
1379
|
@pulumi.output_type
|
|
642
|
-
class
|
|
1380
|
+
class GetNgfwEndpointPrefixResult(dict):
|
|
1381
|
+
def __init__(__self__, *,
|
|
1382
|
+
private_prefixes: Sequence['outputs.GetNgfwEndpointPrefixPrivatePrefixResult']):
|
|
1383
|
+
pulumi.set(__self__, "private_prefixes", private_prefixes)
|
|
1384
|
+
|
|
1385
|
+
@_builtins.property
|
|
1386
|
+
@pulumi.getter(name="privatePrefixes")
|
|
1387
|
+
def private_prefixes(self) -> Sequence['outputs.GetNgfwEndpointPrefixPrivatePrefixResult']:
|
|
1388
|
+
return pulumi.get(self, "private_prefixes")
|
|
1389
|
+
|
|
1390
|
+
|
|
1391
|
+
@pulumi.output_type
|
|
1392
|
+
class GetNgfwEndpointPrefixPrivatePrefixResult(dict):
|
|
1393
|
+
def __init__(__self__, *,
|
|
1394
|
+
cidrs: Sequence[_builtins.str]):
|
|
1395
|
+
pulumi.set(__self__, "cidrs", cidrs)
|
|
1396
|
+
|
|
1397
|
+
@_builtins.property
|
|
1398
|
+
@pulumi.getter
|
|
1399
|
+
def cidrs(self) -> Sequence[_builtins.str]:
|
|
1400
|
+
return pulumi.get(self, "cidrs")
|
|
1401
|
+
|
|
1402
|
+
|
|
1403
|
+
@pulumi.output_type
|
|
1404
|
+
class GetNgfwLogProfileLogConfigResult(dict):
|
|
643
1405
|
def __init__(__self__, *,
|
|
644
1406
|
account_id: _builtins.str,
|
|
645
|
-
|
|
646
|
-
|
|
1407
|
+
log_destination: _builtins.str,
|
|
1408
|
+
log_destination_type: _builtins.str,
|
|
1409
|
+
log_types: Sequence[_builtins.str],
|
|
1410
|
+
role_type: _builtins.str):
|
|
647
1411
|
"""
|
|
648
|
-
:param _builtins.str account_id:
|
|
649
|
-
:param _builtins.str
|
|
650
|
-
:param _builtins.str
|
|
1412
|
+
:param _builtins.str account_id: Type of Role for log configuration
|
|
1413
|
+
:param _builtins.str log_destination: The log destination details.
|
|
1414
|
+
:param _builtins.str log_destination_type: The log destination type. Valid values are `S3`, `CloudWatchLogs`, or `KinesisDataFirehose`.
|
|
1415
|
+
:param Sequence[_builtins.str] log_types: The list of different log types that are wanted
|
|
1416
|
+
:param _builtins.str role_type: Type of Role for log configuration
|
|
651
1417
|
"""
|
|
652
1418
|
pulumi.set(__self__, "account_id", account_id)
|
|
653
|
-
pulumi.set(__self__, "
|
|
654
|
-
pulumi.set(__self__, "
|
|
1419
|
+
pulumi.set(__self__, "log_destination", log_destination)
|
|
1420
|
+
pulumi.set(__self__, "log_destination_type", log_destination_type)
|
|
1421
|
+
pulumi.set(__self__, "log_types", log_types)
|
|
1422
|
+
pulumi.set(__self__, "role_type", role_type)
|
|
655
1423
|
|
|
656
1424
|
@_builtins.property
|
|
657
1425
|
@pulumi.getter(name="accountId")
|
|
658
1426
|
def account_id(self) -> _builtins.str:
|
|
659
1427
|
"""
|
|
660
|
-
|
|
1428
|
+
Type of Role for log configuration
|
|
661
1429
|
"""
|
|
662
1430
|
return pulumi.get(self, "account_id")
|
|
663
1431
|
|
|
664
1432
|
@_builtins.property
|
|
665
|
-
@pulumi.getter(name="
|
|
666
|
-
def
|
|
1433
|
+
@pulumi.getter(name="logDestination")
|
|
1434
|
+
def log_destination(self) -> _builtins.str:
|
|
667
1435
|
"""
|
|
668
|
-
|
|
1436
|
+
The log destination details.
|
|
669
1437
|
"""
|
|
670
|
-
return pulumi.get(self, "
|
|
1438
|
+
return pulumi.get(self, "log_destination")
|
|
671
1439
|
|
|
672
1440
|
@_builtins.property
|
|
673
|
-
@pulumi.getter(name="
|
|
674
|
-
def
|
|
1441
|
+
@pulumi.getter(name="logDestinationType")
|
|
1442
|
+
def log_destination_type(self) -> _builtins.str:
|
|
675
1443
|
"""
|
|
676
|
-
|
|
1444
|
+
The log destination type. Valid values are `S3`, `CloudWatchLogs`, or `KinesisDataFirehose`.
|
|
677
1445
|
"""
|
|
678
|
-
return pulumi.get(self, "
|
|
1446
|
+
return pulumi.get(self, "log_destination_type")
|
|
1447
|
+
|
|
1448
|
+
@_builtins.property
|
|
1449
|
+
@pulumi.getter(name="logTypes")
|
|
1450
|
+
def log_types(self) -> Sequence[_builtins.str]:
|
|
1451
|
+
"""
|
|
1452
|
+
The list of different log types that are wanted
|
|
1453
|
+
"""
|
|
1454
|
+
return pulumi.get(self, "log_types")
|
|
1455
|
+
|
|
1456
|
+
@_builtins.property
|
|
1457
|
+
@pulumi.getter(name="roleType")
|
|
1458
|
+
def role_type(self) -> _builtins.str:
|
|
1459
|
+
"""
|
|
1460
|
+
Type of Role for log configuration
|
|
1461
|
+
"""
|
|
1462
|
+
return pulumi.get(self, "role_type")
|
|
679
1463
|
|
|
680
1464
|
|
|
681
1465
|
@pulumi.output_type
|
|
@@ -718,31 +1502,60 @@ class GetNgfwLogProfileLogDestinationResult(dict):
|
|
|
718
1502
|
return pulumi.get(self, "log_type")
|
|
719
1503
|
|
|
720
1504
|
|
|
1505
|
+
@pulumi.output_type
|
|
1506
|
+
class GetNgfwPrivateAccessResult(dict):
|
|
1507
|
+
def __init__(__self__, *,
|
|
1508
|
+
resource_id: _builtins.str,
|
|
1509
|
+
type: _builtins.str):
|
|
1510
|
+
"""
|
|
1511
|
+
:param _builtins.str resource_id: AWS ResourceID
|
|
1512
|
+
:param _builtins.str type: Type of Private Access
|
|
1513
|
+
"""
|
|
1514
|
+
pulumi.set(__self__, "resource_id", resource_id)
|
|
1515
|
+
pulumi.set(__self__, "type", type)
|
|
1516
|
+
|
|
1517
|
+
@_builtins.property
|
|
1518
|
+
@pulumi.getter(name="resourceId")
|
|
1519
|
+
def resource_id(self) -> _builtins.str:
|
|
1520
|
+
"""
|
|
1521
|
+
AWS ResourceID
|
|
1522
|
+
"""
|
|
1523
|
+
return pulumi.get(self, "resource_id")
|
|
1524
|
+
|
|
1525
|
+
@_builtins.property
|
|
1526
|
+
@pulumi.getter
|
|
1527
|
+
def type(self) -> _builtins.str:
|
|
1528
|
+
"""
|
|
1529
|
+
Type of Private Access
|
|
1530
|
+
"""
|
|
1531
|
+
return pulumi.get(self, "type")
|
|
1532
|
+
|
|
1533
|
+
|
|
721
1534
|
@pulumi.output_type
|
|
722
1535
|
class GetNgfwStatusResult(dict):
|
|
723
1536
|
def __init__(__self__, *,
|
|
724
|
-
|
|
1537
|
+
device_rulestack_commit_status: _builtins.str,
|
|
725
1538
|
failure_reason: _builtins.str,
|
|
726
1539
|
firewall_status: _builtins.str,
|
|
727
1540
|
rulestack_status: _builtins.str):
|
|
728
1541
|
"""
|
|
729
|
-
:param
|
|
1542
|
+
:param _builtins.str device_rulestack_commit_status: The device rulestack commit status.
|
|
730
1543
|
:param _builtins.str failure_reason: The firewall failure reason.
|
|
731
1544
|
:param _builtins.str firewall_status: The firewall status.
|
|
732
1545
|
:param _builtins.str rulestack_status: The rulestack status.
|
|
733
1546
|
"""
|
|
734
|
-
pulumi.set(__self__, "
|
|
1547
|
+
pulumi.set(__self__, "device_rulestack_commit_status", device_rulestack_commit_status)
|
|
735
1548
|
pulumi.set(__self__, "failure_reason", failure_reason)
|
|
736
1549
|
pulumi.set(__self__, "firewall_status", firewall_status)
|
|
737
1550
|
pulumi.set(__self__, "rulestack_status", rulestack_status)
|
|
738
1551
|
|
|
739
1552
|
@_builtins.property
|
|
740
|
-
@pulumi.getter
|
|
741
|
-
def
|
|
1553
|
+
@pulumi.getter(name="deviceRulestackCommitStatus")
|
|
1554
|
+
def device_rulestack_commit_status(self) -> _builtins.str:
|
|
742
1555
|
"""
|
|
743
|
-
The
|
|
1556
|
+
The device rulestack commit status.
|
|
744
1557
|
"""
|
|
745
|
-
return pulumi.get(self, "
|
|
1558
|
+
return pulumi.get(self, "device_rulestack_commit_status")
|
|
746
1559
|
|
|
747
1560
|
@_builtins.property
|
|
748
1561
|
@pulumi.getter(name="failureReason")
|
|
@@ -770,123 +1583,207 @@ class GetNgfwStatusResult(dict):
|
|
|
770
1583
|
|
|
771
1584
|
|
|
772
1585
|
@pulumi.output_type
|
|
773
|
-
class
|
|
1586
|
+
class GetNgfwSubnetMappingResult(dict):
|
|
774
1587
|
def __init__(__self__, *,
|
|
775
|
-
|
|
776
|
-
|
|
777
|
-
status: _builtins.str,
|
|
1588
|
+
availability_zone: _builtins.str,
|
|
1589
|
+
availability_zone_id: _builtins.str,
|
|
778
1590
|
subnet_id: _builtins.str):
|
|
779
1591
|
"""
|
|
780
|
-
:param _builtins.str
|
|
781
|
-
:param _builtins.str
|
|
782
|
-
:param _builtins.str
|
|
783
|
-
:param _builtins.str subnet_id: The subnet id.
|
|
1592
|
+
:param _builtins.str availability_zone: The availability zone, for when the endpoint mode is customer managed.
|
|
1593
|
+
:param _builtins.str availability_zone_id: The availability zone ID, for when the endpoint mode is customer managed.
|
|
1594
|
+
:param _builtins.str subnet_id: The subnet id, for when the endpoint mode is service managed.
|
|
784
1595
|
"""
|
|
785
|
-
pulumi.set(__self__, "
|
|
786
|
-
pulumi.set(__self__, "
|
|
787
|
-
pulumi.set(__self__, "status", status)
|
|
1596
|
+
pulumi.set(__self__, "availability_zone", availability_zone)
|
|
1597
|
+
pulumi.set(__self__, "availability_zone_id", availability_zone_id)
|
|
788
1598
|
pulumi.set(__self__, "subnet_id", subnet_id)
|
|
789
1599
|
|
|
790
1600
|
@_builtins.property
|
|
791
|
-
@pulumi.getter(name="
|
|
792
|
-
def
|
|
1601
|
+
@pulumi.getter(name="availabilityZone")
|
|
1602
|
+
def availability_zone(self) -> _builtins.str:
|
|
793
1603
|
"""
|
|
794
|
-
The endpoint
|
|
1604
|
+
The availability zone, for when the endpoint mode is customer managed.
|
|
795
1605
|
"""
|
|
796
|
-
return pulumi.get(self, "
|
|
1606
|
+
return pulumi.get(self, "availability_zone")
|
|
797
1607
|
|
|
798
1608
|
@_builtins.property
|
|
799
|
-
@pulumi.getter(name="
|
|
800
|
-
def
|
|
1609
|
+
@pulumi.getter(name="availabilityZoneId")
|
|
1610
|
+
def availability_zone_id(self) -> _builtins.str:
|
|
801
1611
|
"""
|
|
802
|
-
The
|
|
1612
|
+
The availability zone ID, for when the endpoint mode is customer managed.
|
|
803
1613
|
"""
|
|
804
|
-
return pulumi.get(self, "
|
|
1614
|
+
return pulumi.get(self, "availability_zone_id")
|
|
1615
|
+
|
|
1616
|
+
@_builtins.property
|
|
1617
|
+
@pulumi.getter(name="subnetId")
|
|
1618
|
+
def subnet_id(self) -> _builtins.str:
|
|
1619
|
+
"""
|
|
1620
|
+
The subnet id, for when the endpoint mode is service managed.
|
|
1621
|
+
"""
|
|
1622
|
+
return pulumi.get(self, "subnet_id")
|
|
1623
|
+
|
|
1624
|
+
|
|
1625
|
+
@pulumi.output_type
|
|
1626
|
+
class GetNgfwUserIdResult(dict):
|
|
1627
|
+
def __init__(__self__, *,
|
|
1628
|
+
agent_name: _builtins.str,
|
|
1629
|
+
collector_name: _builtins.str,
|
|
1630
|
+
custom_include_exclude_networks: Sequence['outputs.GetNgfwUserIdCustomIncludeExcludeNetworkResult'],
|
|
1631
|
+
enabled: _builtins.bool,
|
|
1632
|
+
port: _builtins.int,
|
|
1633
|
+
secret_key_arn: _builtins.str,
|
|
1634
|
+
user_id_status: _builtins.str):
|
|
1635
|
+
"""
|
|
1636
|
+
:param _builtins.str agent_name: Agent Name for UserID
|
|
1637
|
+
:param _builtins.str collector_name: The Collector Name
|
|
1638
|
+
:param Sequence['GetNgfwUserIdCustomIncludeExcludeNetworkArgs'] custom_include_exclude_networks: List of Custom Include Exclude Networks
|
|
1639
|
+
:param _builtins.bool enabled: Enable UserID Config
|
|
1640
|
+
:param _builtins.int port: The Port
|
|
1641
|
+
:param _builtins.str secret_key_arn: AWS Secret Key ARN
|
|
1642
|
+
:param _builtins.str user_id_status: Status and State of UserID Configuration
|
|
1643
|
+
"""
|
|
1644
|
+
pulumi.set(__self__, "agent_name", agent_name)
|
|
1645
|
+
pulumi.set(__self__, "collector_name", collector_name)
|
|
1646
|
+
pulumi.set(__self__, "custom_include_exclude_networks", custom_include_exclude_networks)
|
|
1647
|
+
pulumi.set(__self__, "enabled", enabled)
|
|
1648
|
+
pulumi.set(__self__, "port", port)
|
|
1649
|
+
pulumi.set(__self__, "secret_key_arn", secret_key_arn)
|
|
1650
|
+
pulumi.set(__self__, "user_id_status", user_id_status)
|
|
1651
|
+
|
|
1652
|
+
@_builtins.property
|
|
1653
|
+
@pulumi.getter(name="agentName")
|
|
1654
|
+
def agent_name(self) -> _builtins.str:
|
|
1655
|
+
"""
|
|
1656
|
+
Agent Name for UserID
|
|
1657
|
+
"""
|
|
1658
|
+
return pulumi.get(self, "agent_name")
|
|
1659
|
+
|
|
1660
|
+
@_builtins.property
|
|
1661
|
+
@pulumi.getter(name="collectorName")
|
|
1662
|
+
def collector_name(self) -> _builtins.str:
|
|
1663
|
+
"""
|
|
1664
|
+
The Collector Name
|
|
1665
|
+
"""
|
|
1666
|
+
return pulumi.get(self, "collector_name")
|
|
1667
|
+
|
|
1668
|
+
@_builtins.property
|
|
1669
|
+
@pulumi.getter(name="customIncludeExcludeNetworks")
|
|
1670
|
+
def custom_include_exclude_networks(self) -> Sequence['outputs.GetNgfwUserIdCustomIncludeExcludeNetworkResult']:
|
|
1671
|
+
"""
|
|
1672
|
+
List of Custom Include Exclude Networks
|
|
1673
|
+
"""
|
|
1674
|
+
return pulumi.get(self, "custom_include_exclude_networks")
|
|
805
1675
|
|
|
806
1676
|
@_builtins.property
|
|
807
1677
|
@pulumi.getter
|
|
808
|
-
def
|
|
1678
|
+
def enabled(self) -> _builtins.bool:
|
|
809
1679
|
"""
|
|
810
|
-
|
|
1680
|
+
Enable UserID Config
|
|
811
1681
|
"""
|
|
812
|
-
return pulumi.get(self, "
|
|
1682
|
+
return pulumi.get(self, "enabled")
|
|
813
1683
|
|
|
814
1684
|
@_builtins.property
|
|
815
|
-
@pulumi.getter
|
|
816
|
-
def
|
|
1685
|
+
@pulumi.getter
|
|
1686
|
+
def port(self) -> _builtins.int:
|
|
817
1687
|
"""
|
|
818
|
-
The
|
|
1688
|
+
The Port
|
|
819
1689
|
"""
|
|
820
|
-
return pulumi.get(self, "
|
|
1690
|
+
return pulumi.get(self, "port")
|
|
1691
|
+
|
|
1692
|
+
@_builtins.property
|
|
1693
|
+
@pulumi.getter(name="secretKeyArn")
|
|
1694
|
+
def secret_key_arn(self) -> _builtins.str:
|
|
1695
|
+
"""
|
|
1696
|
+
AWS Secret Key ARN
|
|
1697
|
+
"""
|
|
1698
|
+
return pulumi.get(self, "secret_key_arn")
|
|
1699
|
+
|
|
1700
|
+
@_builtins.property
|
|
1701
|
+
@pulumi.getter(name="userIdStatus")
|
|
1702
|
+
def user_id_status(self) -> _builtins.str:
|
|
1703
|
+
"""
|
|
1704
|
+
Status and State of UserID Configuration
|
|
1705
|
+
"""
|
|
1706
|
+
return pulumi.get(self, "user_id_status")
|
|
821
1707
|
|
|
822
1708
|
|
|
823
1709
|
@pulumi.output_type
|
|
824
|
-
class
|
|
1710
|
+
class GetNgfwUserIdCustomIncludeExcludeNetworkResult(dict):
|
|
825
1711
|
def __init__(__self__, *,
|
|
826
|
-
|
|
827
|
-
|
|
828
|
-
|
|
1712
|
+
discovery_include: _builtins.bool,
|
|
1713
|
+
enabled: _builtins.bool,
|
|
1714
|
+
name: _builtins.str,
|
|
1715
|
+
network_address: _builtins.str):
|
|
1716
|
+
"""
|
|
1717
|
+
:param _builtins.bool discovery_include: Include or exclude this subnet from user-id configuration
|
|
1718
|
+
:param _builtins.bool enabled: Enable this specific custom include/exclude network
|
|
1719
|
+
:param _builtins.str name: Name of subnet filter
|
|
1720
|
+
:param _builtins.str network_address: Network IP address of the subnet filter
|
|
1721
|
+
"""
|
|
1722
|
+
pulumi.set(__self__, "discovery_include", discovery_include)
|
|
1723
|
+
pulumi.set(__self__, "enabled", enabled)
|
|
1724
|
+
pulumi.set(__self__, "name", name)
|
|
1725
|
+
pulumi.set(__self__, "network_address", network_address)
|
|
1726
|
+
|
|
1727
|
+
@_builtins.property
|
|
1728
|
+
@pulumi.getter(name="discoveryInclude")
|
|
1729
|
+
def discovery_include(self) -> _builtins.bool:
|
|
829
1730
|
"""
|
|
830
|
-
|
|
831
|
-
:param _builtins.str availability_zone_id: The availability zone ID, for when the endpoint mode is customer managed.
|
|
832
|
-
:param _builtins.str subnet_id: The subnet id, for when the endpoint mode is service managed.
|
|
1731
|
+
Include or exclude this subnet from user-id configuration
|
|
833
1732
|
"""
|
|
834
|
-
pulumi.
|
|
835
|
-
pulumi.set(__self__, "availability_zone_id", availability_zone_id)
|
|
836
|
-
pulumi.set(__self__, "subnet_id", subnet_id)
|
|
1733
|
+
return pulumi.get(self, "discovery_include")
|
|
837
1734
|
|
|
838
1735
|
@_builtins.property
|
|
839
|
-
@pulumi.getter
|
|
840
|
-
def
|
|
1736
|
+
@pulumi.getter
|
|
1737
|
+
def enabled(self) -> _builtins.bool:
|
|
841
1738
|
"""
|
|
842
|
-
|
|
1739
|
+
Enable this specific custom include/exclude network
|
|
843
1740
|
"""
|
|
844
|
-
return pulumi.get(self, "
|
|
1741
|
+
return pulumi.get(self, "enabled")
|
|
845
1742
|
|
|
846
1743
|
@_builtins.property
|
|
847
|
-
@pulumi.getter
|
|
848
|
-
def
|
|
1744
|
+
@pulumi.getter
|
|
1745
|
+
def name(self) -> _builtins.str:
|
|
849
1746
|
"""
|
|
850
|
-
|
|
1747
|
+
Name of subnet filter
|
|
851
1748
|
"""
|
|
852
|
-
return pulumi.get(self, "
|
|
1749
|
+
return pulumi.get(self, "name")
|
|
853
1750
|
|
|
854
1751
|
@_builtins.property
|
|
855
|
-
@pulumi.getter(name="
|
|
856
|
-
def
|
|
1752
|
+
@pulumi.getter(name="networkAddress")
|
|
1753
|
+
def network_address(self) -> _builtins.str:
|
|
857
1754
|
"""
|
|
858
|
-
|
|
1755
|
+
Network IP address of the subnet filter
|
|
859
1756
|
"""
|
|
860
|
-
return pulumi.get(self, "
|
|
1757
|
+
return pulumi.get(self, "network_address")
|
|
861
1758
|
|
|
862
1759
|
|
|
863
1760
|
@pulumi.output_type
|
|
864
1761
|
class GetNgfwsInstanceResult(dict):
|
|
865
1762
|
def __init__(__self__, *,
|
|
866
|
-
|
|
867
|
-
|
|
1763
|
+
firewall_id: _builtins.str,
|
|
1764
|
+
region: _builtins.str):
|
|
868
1765
|
"""
|
|
869
|
-
:param _builtins.str
|
|
870
|
-
:param _builtins.str
|
|
1766
|
+
:param _builtins.str firewall_id: The NGFW ID.
|
|
1767
|
+
:param _builtins.str region: The region the NGFW is in.
|
|
871
1768
|
"""
|
|
872
|
-
pulumi.set(__self__, "
|
|
873
|
-
pulumi.set(__self__, "
|
|
1769
|
+
pulumi.set(__self__, "firewall_id", firewall_id)
|
|
1770
|
+
pulumi.set(__self__, "region", region)
|
|
874
1771
|
|
|
875
1772
|
@_builtins.property
|
|
876
|
-
@pulumi.getter(name="
|
|
877
|
-
def
|
|
1773
|
+
@pulumi.getter(name="firewallId")
|
|
1774
|
+
def firewall_id(self) -> _builtins.str:
|
|
878
1775
|
"""
|
|
879
|
-
The
|
|
1776
|
+
The NGFW ID.
|
|
880
1777
|
"""
|
|
881
|
-
return pulumi.get(self, "
|
|
1778
|
+
return pulumi.get(self, "firewall_id")
|
|
882
1779
|
|
|
883
1780
|
@_builtins.property
|
|
884
1781
|
@pulumi.getter
|
|
885
|
-
def
|
|
1782
|
+
def region(self) -> _builtins.str:
|
|
886
1783
|
"""
|
|
887
|
-
The NGFW
|
|
1784
|
+
The region the NGFW is in.
|
|
888
1785
|
"""
|
|
889
|
-
return pulumi.get(self, "
|
|
1786
|
+
return pulumi.get(self, "region")
|
|
890
1787
|
|
|
891
1788
|
|
|
892
1789
|
@pulumi.output_type
|