pulumi-oci 1.37.0__py3-none-any.whl → 1.37.0a1715927489__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (307) hide show
  1. pulumi_oci/__init__.py +0 -40
  2. pulumi_oci/adm/_inputs.py +6 -6
  3. pulumi_oci/adm/outputs.py +6 -6
  4. pulumi_oci/aianomalydetection/_inputs.py +8 -10
  5. pulumi_oci/aianomalydetection/outputs.py +8 -22
  6. pulumi_oci/aidocument/_inputs.py +18 -22
  7. pulumi_oci/aidocument/outputs.py +18 -36
  8. pulumi_oci/ailanguage/_inputs.py +20 -4
  9. pulumi_oci/ailanguage/model.py +4 -4
  10. pulumi_oci/ailanguage/outputs.py +20 -4
  11. pulumi_oci/aivision/_inputs.py +16 -0
  12. pulumi_oci/aivision/outputs.py +16 -0
  13. pulumi_oci/analytics/_inputs.py +2 -2
  14. pulumi_oci/analytics/outputs.py +2 -2
  15. pulumi_oci/apigateway/_inputs.py +414 -206
  16. pulumi_oci/apigateway/outputs.py +414 -206
  17. pulumi_oci/apmconfig/_inputs.py +4 -4
  18. pulumi_oci/apmconfig/config.py +7 -7
  19. pulumi_oci/apmconfig/outputs.py +4 -4
  20. pulumi_oci/apmsynthetics/_inputs.py +26 -18
  21. pulumi_oci/apmsynthetics/config.py +7 -7
  22. pulumi_oci/apmsynthetics/outputs.py +26 -18
  23. pulumi_oci/autoscaling/_inputs.py +16 -14
  24. pulumi_oci/autoscaling/auto_scaling_configuration.py +7 -20
  25. pulumi_oci/autoscaling/outputs.py +16 -14
  26. pulumi_oci/bigdataservice/_inputs.py +44 -32
  27. pulumi_oci/bigdataservice/bds_instance.py +4 -4
  28. pulumi_oci/bigdataservice/outputs.py +44 -32
  29. pulumi_oci/certificatesmanagement/_inputs.py +16 -16
  30. pulumi_oci/certificatesmanagement/certificate.py +16 -16
  31. pulumi_oci/certificatesmanagement/certificate_authority.py +8 -8
  32. pulumi_oci/certificatesmanagement/outputs.py +16 -16
  33. pulumi_oci/cloudbridge/_inputs.py +18 -18
  34. pulumi_oci/cloudbridge/outputs.py +18 -18
  35. pulumi_oci/cloudguard/__init__.py +0 -9
  36. pulumi_oci/cloudguard/_inputs.py +488 -1066
  37. pulumi_oci/cloudguard/cloud_guard_configuration.py +57 -25
  38. pulumi_oci/cloudguard/cloud_guard_data_source.py +38 -54
  39. pulumi_oci/cloudguard/data_mask_rule.py +62 -62
  40. pulumi_oci/cloudguard/detector_recipe.py +53 -95
  41. pulumi_oci/cloudguard/get_cloud_guard_configuration.py +7 -9
  42. pulumi_oci/cloudguard/get_data_mask_rule.py +14 -14
  43. pulumi_oci/cloudguard/get_data_mask_rules.py +17 -17
  44. pulumi_oci/cloudguard/get_data_source.py +10 -10
  45. pulumi_oci/cloudguard/get_data_source_events.py +7 -11
  46. pulumi_oci/cloudguard/get_data_sources.py +20 -24
  47. pulumi_oci/cloudguard/get_detector_recipe.py +15 -28
  48. pulumi_oci/cloudguard/get_detector_recipes.py +13 -13
  49. pulumi_oci/cloudguard/get_guard_target.py +14 -14
  50. pulumi_oci/cloudguard/get_guard_targets.py +17 -19
  51. pulumi_oci/cloudguard/get_managed_list.py +14 -14
  52. pulumi_oci/cloudguard/get_managed_lists.py +16 -16
  53. pulumi_oci/cloudguard/get_problem_entities.py +3 -5
  54. pulumi_oci/cloudguard/get_responder_recipe.py +13 -13
  55. pulumi_oci/cloudguard/get_responder_recipes.py +13 -15
  56. pulumi_oci/cloudguard/get_security_policies.py +12 -14
  57. pulumi_oci/cloudguard/get_security_policy.py +8 -12
  58. pulumi_oci/cloudguard/get_security_recipe.py +9 -9
  59. pulumi_oci/cloudguard/get_security_recipes.py +12 -14
  60. pulumi_oci/cloudguard/get_security_zone.py +8 -8
  61. pulumi_oci/cloudguard/get_security_zones.py +15 -17
  62. pulumi_oci/cloudguard/managed_list.py +57 -57
  63. pulumi_oci/cloudguard/outputs.py +1808 -3493
  64. pulumi_oci/cloudguard/responder_recipe.py +39 -41
  65. pulumi_oci/cloudguard/security_recipe.py +27 -43
  66. pulumi_oci/cloudguard/security_zone.py +20 -22
  67. pulumi_oci/cloudguard/target.py +54 -54
  68. pulumi_oci/cloudmigrations/_inputs.py +496 -222
  69. pulumi_oci/cloudmigrations/outputs.py +498 -224
  70. pulumi_oci/cloudmigrations/target_asset.py +15 -15
  71. pulumi_oci/clusterplacementgroups/_inputs.py +2 -2
  72. pulumi_oci/clusterplacementgroups/outputs.py +2 -2
  73. pulumi_oci/computecloud/at_customer_ccc_upgrade_schedule.py +7 -7
  74. pulumi_oci/containerengine/_inputs.py +22 -22
  75. pulumi_oci/containerengine/container_instance.py +21 -21
  76. pulumi_oci/containerengine/outputs.py +22 -22
  77. pulumi_oci/containerengine/virtual_node_pool.py +35 -7
  78. pulumi_oci/core/_inputs.py +668 -402
  79. pulumi_oci/core/boot_volume.py +7 -7
  80. pulumi_oci/core/cluster_network.py +22 -22
  81. pulumi_oci/core/cross_connect_group.py +20 -4
  82. pulumi_oci/core/drg_route_table_route_rule.py +0 -7
  83. pulumi_oci/core/get_image.py +0 -4
  84. pulumi_oci/core/get_instance.py +0 -4
  85. pulumi_oci/core/get_public_ip.py +0 -4
  86. pulumi_oci/core/get_public_ips.py +0 -8
  87. pulumi_oci/core/get_vtap.py +0 -2
  88. pulumi_oci/core/get_vtaps.py +0 -2
  89. pulumi_oci/core/image.py +0 -56
  90. pulumi_oci/core/instance.py +48 -48
  91. pulumi_oci/core/instance_configuration.py +28 -70
  92. pulumi_oci/core/instance_pool.py +7 -7
  93. pulumi_oci/core/ipsec_connection_tunnel_management.py +8 -8
  94. pulumi_oci/core/network_security_group_security_rule.py +105 -28
  95. pulumi_oci/core/outputs.py +668 -748
  96. pulumi_oci/core/public_ip.py +0 -8
  97. pulumi_oci/core/vnic_attachment.py +24 -8
  98. pulumi_oci/core/volume.py +7 -7
  99. pulumi_oci/core/volume_group.py +7 -7
  100. pulumi_oci/core/vtap.py +0 -14
  101. pulumi_oci/database/_inputs.py +220 -188
  102. pulumi_oci/database/autonomous_database.py +7 -21
  103. pulumi_oci/database/autonomous_database_wallet.py +0 -28
  104. pulumi_oci/database/backup_destination.py +11 -11
  105. pulumi_oci/database/cloud_database_management.py +0 -14
  106. pulumi_oci/database/database.py +44 -28
  107. pulumi_oci/database/database_upgrade.py +4 -4
  108. pulumi_oci/database/db_home.py +13 -0
  109. pulumi_oci/database/get_autonomous_database_wallet.py +0 -8
  110. pulumi_oci/database/outputs.py +220 -188
  111. pulumi_oci/database/vm_cluster_network.py +4 -4
  112. pulumi_oci/databasemanagement/_inputs.py +8 -8
  113. pulumi_oci/databasemanagement/outputs.py +8 -8
  114. pulumi_oci/databasemigration/_inputs.py +34 -34
  115. pulumi_oci/databasemigration/connection.py +7 -7
  116. pulumi_oci/databasemigration/migration.py +7 -7
  117. pulumi_oci/databasemigration/outputs.py +34 -34
  118. pulumi_oci/databasetools/_inputs.py +36 -12
  119. pulumi_oci/databasetools/database_tools_connection.py +4 -4
  120. pulumi_oci/databasetools/database_tools_private_endpoint.py +4 -4
  121. pulumi_oci/databasetools/outputs.py +36 -12
  122. pulumi_oci/dataintegration/_inputs.py +330 -318
  123. pulumi_oci/dataintegration/outputs.py +330 -318
  124. pulumi_oci/dataintegration/workspace_application.py +7 -7
  125. pulumi_oci/dataintegration/workspace_application_patch.py +7 -7
  126. pulumi_oci/dataintegration/workspace_application_schedule.py +11 -11
  127. pulumi_oci/dataintegration/workspace_application_task_schedule.py +29 -29
  128. pulumi_oci/dataintegration/workspace_folder.py +7 -7
  129. pulumi_oci/dataintegration/workspace_project.py +7 -7
  130. pulumi_oci/dataintegration/workspace_task.py +47 -47
  131. pulumi_oci/datalabellingservice/_inputs.py +10 -10
  132. pulumi_oci/datalabellingservice/outputs.py +10 -10
  133. pulumi_oci/datasafe/__init__.py +0 -2
  134. pulumi_oci/datasafe/_inputs.py +80 -72
  135. pulumi_oci/datasafe/library_masing_format.py +7 -7
  136. pulumi_oci/datasafe/masking_policies_masking_column.py +7 -7
  137. pulumi_oci/datasafe/masking_policy.py +7 -7
  138. pulumi_oci/datasafe/outputs.py +80 -72
  139. pulumi_oci/datasafe/report_definition.py +24 -8
  140. pulumi_oci/datasafe/target_database.py +21 -21
  141. pulumi_oci/datascience/_inputs.py +65 -337
  142. pulumi_oci/datascience/get_job_run.py +1 -11
  143. pulumi_oci/datascience/get_model_deployment.py +1 -11
  144. pulumi_oci/datascience/get_pipeline.py +0 -3
  145. pulumi_oci/datascience/get_pipeline_run.py +1 -14
  146. pulumi_oci/datascience/job_run.py +3 -52
  147. pulumi_oci/datascience/model_deployment.py +2 -51
  148. pulumi_oci/datascience/outputs.py +94 -757
  149. pulumi_oci/datascience/pipeline.py +14 -34
  150. pulumi_oci/datascience/pipeline_run.py +0 -65
  151. pulumi_oci/devops/_inputs.py +462 -80
  152. pulumi_oci/devops/deploy_stage.py +4 -4
  153. pulumi_oci/devops/deployment.py +7 -7
  154. pulumi_oci/devops/outputs.py +1143 -210
  155. pulumi_oci/disasterrecovery/_inputs.py +6 -6
  156. pulumi_oci/disasterrecovery/dr_plan_execution.py +4 -4
  157. pulumi_oci/disasterrecovery/dr_protection_group.py +4 -4
  158. pulumi_oci/disasterrecovery/outputs.py +6 -6
  159. pulumi_oci/dns/_inputs.py +8 -20
  160. pulumi_oci/dns/outputs.py +8 -42
  161. pulumi_oci/dns/rrset.py +7 -7
  162. pulumi_oci/dns/steering_policy.py +0 -42
  163. pulumi_oci/events/_inputs.py +12 -4
  164. pulumi_oci/events/outputs.py +12 -4
  165. pulumi_oci/events/rule.py +7 -7
  166. pulumi_oci/functions/_inputs.py +2 -2
  167. pulumi_oci/functions/outputs.py +2 -2
  168. pulumi_oci/goldengate/_inputs.py +4 -2
  169. pulumi_oci/goldengate/outputs.py +4 -2
  170. pulumi_oci/identity/_inputs.py +5954 -4860
  171. pulumi_oci/identity/domains_api_key.py +70 -70
  172. pulumi_oci/identity/domains_app.py +140 -119
  173. pulumi_oci/identity/domains_auth_token.py +21 -21
  174. pulumi_oci/identity/domains_cloud_gate.py +49 -49
  175. pulumi_oci/identity/domains_customer_secret_key.py +21 -21
  176. pulumi_oci/identity/domains_my_api_key.py +70 -70
  177. pulumi_oci/identity/domains_my_auth_token.py +21 -21
  178. pulumi_oci/identity/domains_my_customer_secret_key.py +21 -21
  179. pulumi_oci/identity/domains_my_oauth2client_credential.py +70 -49
  180. pulumi_oci/identity/domains_my_smtp_credential.py +21 -21
  181. pulumi_oci/identity/domains_my_support_account.py +21 -21
  182. pulumi_oci/identity/domains_my_user_db_credential.py +41 -37
  183. pulumi_oci/identity/domains_oauth2client_credential.py +70 -49
  184. pulumi_oci/identity/domains_policy.py +49 -35
  185. pulumi_oci/identity/domains_rule.py +21 -28
  186. pulumi_oci/identity/domains_setting.py +21 -35
  187. pulumi_oci/identity/domains_smtp_credential.py +21 -21
  188. pulumi_oci/identity/domains_user.py +175 -189
  189. pulumi_oci/identity/domains_user_db_credential.py +41 -37
  190. pulumi_oci/identity/outputs.py +6007 -4913
  191. pulumi_oci/integration/_inputs.py +0 -4
  192. pulumi_oci/integration/outputs.py +4 -16
  193. pulumi_oci/jms/_inputs.py +8 -0
  194. pulumi_oci/jms/outputs.py +8 -0
  195. pulumi_oci/kms/_inputs.py +6 -6
  196. pulumi_oci/kms/outputs.py +6 -6
  197. pulumi_oci/loadbalancer/_inputs.py +30 -14
  198. pulumi_oci/loadbalancer/load_balancer_routing_policy.py +35 -7
  199. pulumi_oci/loadbalancer/outputs.py +30 -14
  200. pulumi_oci/loganalytics/_inputs.py +34 -26
  201. pulumi_oci/loganalytics/outputs.py +34 -26
  202. pulumi_oci/logging/_inputs.py +60 -60
  203. pulumi_oci/logging/outputs.py +60 -60
  204. pulumi_oci/managementagent/_inputs.py +46 -2
  205. pulumi_oci/managementagent/outputs.py +46 -2
  206. pulumi_oci/marketplace/_inputs.py +6 -6
  207. pulumi_oci/marketplace/outputs.py +6 -6
  208. pulumi_oci/marketplace/publication.py +11 -11
  209. pulumi_oci/mediaservices/_inputs.py +32 -8
  210. pulumi_oci/mediaservices/media_asset.py +18 -18
  211. pulumi_oci/mediaservices/media_workflow.py +38 -22
  212. pulumi_oci/mediaservices/media_workflow_configuration.py +11 -11
  213. pulumi_oci/mediaservices/media_workflow_job.py +11 -11
  214. pulumi_oci/mediaservices/outputs.py +32 -8
  215. pulumi_oci/mediaservices/stream_cdn_config.py +4 -4
  216. pulumi_oci/mediaservices/stream_distribution_channel.py +11 -11
  217. pulumi_oci/mediaservices/stream_packaging_config.py +4 -4
  218. pulumi_oci/meteringcomputation/_inputs.py +2 -2
  219. pulumi_oci/meteringcomputation/outputs.py +2 -2
  220. pulumi_oci/meteringcomputation/usage_statement_email_recipients_group.py +4 -4
  221. pulumi_oci/monitoring/_inputs.py +4 -4
  222. pulumi_oci/monitoring/alarm.py +0 -21
  223. pulumi_oci/monitoring/get_alarm.py +0 -3
  224. pulumi_oci/monitoring/outputs.py +4 -10
  225. pulumi_oci/mysql/_inputs.py +22 -30
  226. pulumi_oci/mysql/outputs.py +22 -30
  227. pulumi_oci/mysql/replica.py +28 -12
  228. pulumi_oci/networkfirewall/get_network_firewall_policy_mapped_secret.py +0 -2
  229. pulumi_oci/networkfirewall/network_firewall_policy_mapped_secret.py +0 -14
  230. pulumi_oci/networkfirewall/outputs.py +0 -4
  231. pulumi_oci/networkloadbalancer/_inputs.py +26 -10
  232. pulumi_oci/networkloadbalancer/outputs.py +26 -10
  233. pulumi_oci/nosql/_inputs.py +12 -4
  234. pulumi_oci/nosql/outputs.py +12 -4
  235. pulumi_oci/objectstorage/_inputs.py +4 -4
  236. pulumi_oci/objectstorage/outputs.py +4 -4
  237. pulumi_oci/ocvp/_inputs.py +42 -86
  238. pulumi_oci/ocvp/get_retrieve_password.py +0 -1
  239. pulumi_oci/ocvp/outputs.py +42 -86
  240. pulumi_oci/ocvp/sddc.py +77 -49
  241. pulumi_oci/ons/subscription.py +0 -63
  242. pulumi_oci/opa/_inputs.py +2 -6
  243. pulumi_oci/opa/outputs.py +6 -18
  244. pulumi_oci/opsi/_inputs.py +6 -6
  245. pulumi_oci/opsi/exadata_insight.py +28 -28
  246. pulumi_oci/opsi/outputs.py +6 -6
  247. pulumi_oci/optimizer/_inputs.py +4 -4
  248. pulumi_oci/optimizer/outputs.py +4 -4
  249. pulumi_oci/osmanagement/_inputs.py +10 -2
  250. pulumi_oci/osmanagement/outputs.py +10 -2
  251. pulumi_oci/osmanagementhub/_inputs.py +8 -24
  252. pulumi_oci/osmanagementhub/event.py +0 -32
  253. pulumi_oci/osmanagementhub/get_event.py +0 -8
  254. pulumi_oci/osmanagementhub/get_events.py +0 -8
  255. pulumi_oci/osmanagementhub/lifecycle_environment.py +14 -14
  256. pulumi_oci/osmanagementhub/outputs.py +8 -40
  257. pulumi_oci/osmanagementhub/software_source.py +7 -7
  258. pulumi_oci/ospgateway/_inputs.py +96 -96
  259. pulumi_oci/ospgateway/outputs.py +96 -96
  260. pulumi_oci/ospgateway/subscription.py +80 -80
  261. pulumi_oci/psql/_inputs.py +18 -10
  262. pulumi_oci/psql/db_system.py +14 -14
  263. pulumi_oci/psql/outputs.py +18 -10
  264. pulumi_oci/pulumi-plugin.json +1 -1
  265. pulumi_oci/queue/get_queue.py +9 -9
  266. pulumi_oci/queue/outputs.py +5 -5
  267. pulumi_oci/queue/queue.py +26 -77
  268. pulumi_oci/sch/_inputs.py +26 -26
  269. pulumi_oci/sch/connector.py +7 -7
  270. pulumi_oci/sch/outputs.py +26 -26
  271. pulumi_oci/servicecatalog/private_application.py +4 -4
  272. pulumi_oci/servicemesh/_inputs.py +24 -8
  273. pulumi_oci/servicemesh/ingress_gateway_route_table.py +7 -7
  274. pulumi_oci/servicemesh/outputs.py +24 -8
  275. pulumi_oci/stackmonitoring/_inputs.py +56 -40
  276. pulumi_oci/stackmonitoring/metric_extension.py +18 -18
  277. pulumi_oci/stackmonitoring/monitored_resource.py +7 -7
  278. pulumi_oci/stackmonitoring/outputs.py +56 -40
  279. pulumi_oci/visualbuilder/_inputs.py +2 -6
  280. pulumi_oci/visualbuilder/outputs.py +6 -18
  281. pulumi_oci/vnmonitoring/_inputs.py +42 -10
  282. pulumi_oci/vnmonitoring/outputs.py +42 -10
  283. pulumi_oci/vulnerabilityscanning/_inputs.py +4 -4
  284. pulumi_oci/vulnerabilityscanning/container_scan_target.py +7 -7
  285. pulumi_oci/vulnerabilityscanning/outputs.py +4 -4
  286. pulumi_oci/waas/_inputs.py +205 -133
  287. pulumi_oci/waas/outputs.py +205 -133
  288. pulumi_oci/waas/policy.py +7 -7
  289. pulumi_oci/waas/protection_rule.py +7 -7
  290. pulumi_oci/waf/_inputs.py +30 -36
  291. pulumi_oci/waf/network_address_list.py +7 -7
  292. pulumi_oci/waf/outputs.py +30 -36
  293. {pulumi_oci-1.37.0.dist-info → pulumi_oci-1.37.0a1715927489.dist-info}/METADATA +1 -1
  294. {pulumi_oci-1.37.0.dist-info → pulumi_oci-1.37.0a1715927489.dist-info}/RECORD +296 -307
  295. pulumi_oci/cloudguard/adhoc_query.py +0 -596
  296. pulumi_oci/cloudguard/get_adhoc_queries.py +0 -253
  297. pulumi_oci/cloudguard/get_adhoc_query.py +0 -249
  298. pulumi_oci/cloudguard/get_saved_queries.py +0 -190
  299. pulumi_oci/cloudguard/get_saved_query.py +0 -235
  300. pulumi_oci/cloudguard/get_wlp_agent.py +0 -258
  301. pulumi_oci/cloudguard/get_wlp_agents.py +0 -136
  302. pulumi_oci/cloudguard/saved_query.py +0 -595
  303. pulumi_oci/cloudguard/wlp_agent.py +0 -654
  304. pulumi_oci/datasafe/set_security_assessment_baseline_management.py +0 -304
  305. pulumi_oci/datasafe/set_user_assessment_baseline_management.py +0 -304
  306. {pulumi_oci-1.37.0.dist-info → pulumi_oci-1.37.0a1715927489.dist-info}/WHEEL +0 -0
  307. {pulumi_oci-1.37.0.dist-info → pulumi_oci-1.37.0a1715927489.dist-info}/top_level.txt +0 -0
pulumi_oci/core/network_security_group_security_rule.py CHANGED
@@ -33,17 +33,28 @@ class NetworkSecurityGroupSecurityRuleArgs:
33
33
  :param pulumi.Input[str] direction: Direction of the security rule. Set to `EGRESS` for rules to allow outbound IP packets, or `INGRESS` for rules to allow inbound IP packets.
34
34
  :param pulumi.Input[str] network_security_group_id: The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the network security group.
35
35
  :param pulumi.Input[str] protocol: The transport protocol. Specify either `all` or an IPv4 protocol number as defined in [Protocol Numbers](http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
36
- :param pulumi.Input[str] description: An optional description of your choice for the rule.
36
+ :param pulumi.Input[str] description: An optional description of your choice for the rule. Avoid entering confidential information.
37
37
  :param pulumi.Input[str] destination: Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
38
+
39
+ Allowed values:
40
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
41
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
42
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
38
43
  :param pulumi.Input[str] destination_type: Type of destination for the rule. Required if `direction` = `EGRESS`.
44
+
45
+ Allowed values:
39
46
  :param pulumi.Input['NetworkSecurityGroupSecurityRuleIcmpOptionsArgs'] icmp_options: Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:
40
47
  * [ICMP Parameters](http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml)
41
48
  * [ICMPv6 Parameters](https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml)
49
+
50
+ If you specify ICMP or ICMPv6 as the protocol but omit this object, then all ICMP types and codes are allowed. If you do provide this object, the type is required and the code is optional. To enable MTU negotiation for ingress internet traffic via IPv4, make sure to allow type 3 ("Destination Unreachable") code 4 ("Fragmentation Needed and Don't Fragment was Set"). If you need to specify multiple codes for a single type, create a separate security list rule for each.
42
51
  :param pulumi.Input[str] source: Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
52
+
53
+ Allowed values:
54
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
55
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
56
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
43
57
  :param pulumi.Input[str] source_type: Type of source for the rule. Required if `direction` = `INGRESS`.
44
- * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation.
45
- * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/) (the rule is for traffic coming from a particular `Service` through a service gateway).
46
- * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/).
47
58
  :param pulumi.Input[bool] stateless: A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
48
59
  :param pulumi.Input['NetworkSecurityGroupSecurityRuleTcpOptionsArgs'] tcp_options: Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
49
60
  :param pulumi.Input['NetworkSecurityGroupSecurityRuleUdpOptionsArgs'] udp_options: Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
@@ -110,7 +121,7 @@ class NetworkSecurityGroupSecurityRuleArgs:
110
121
  @pulumi.getter
111
122
  def description(self) -> Optional[pulumi.Input[str]]:
112
123
  """
113
- An optional description of your choice for the rule.
124
+ An optional description of your choice for the rule. Avoid entering confidential information.
114
125
  """
115
126
  return pulumi.get(self, "description")
116
127
 
@@ -123,6 +134,11 @@ class NetworkSecurityGroupSecurityRuleArgs:
123
134
  def destination(self) -> Optional[pulumi.Input[str]]:
124
135
  """
125
136
  Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
137
+
138
+ Allowed values:
139
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
140
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
141
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
126
142
  """
127
143
  return pulumi.get(self, "destination")
128
144
 
@@ -135,6 +151,8 @@ class NetworkSecurityGroupSecurityRuleArgs:
135
151
  def destination_type(self) -> Optional[pulumi.Input[str]]:
136
152
  """
137
153
  Type of destination for the rule. Required if `direction` = `EGRESS`.
154
+
155
+ Allowed values:
138
156
  """
139
157
  return pulumi.get(self, "destination_type")
140
158
 
@@ -149,6 +167,8 @@ class NetworkSecurityGroupSecurityRuleArgs:
149
167
  Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:
150
168
  * [ICMP Parameters](http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml)
151
169
  * [ICMPv6 Parameters](https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml)
170
+
171
+ If you specify ICMP or ICMPv6 as the protocol but omit this object, then all ICMP types and codes are allowed. If you do provide this object, the type is required and the code is optional. To enable MTU negotiation for ingress internet traffic via IPv4, make sure to allow type 3 ("Destination Unreachable") code 4 ("Fragmentation Needed and Don't Fragment was Set"). If you need to specify multiple codes for a single type, create a separate security list rule for each.
152
172
  """
153
173
  return pulumi.get(self, "icmp_options")
154
174
 
@@ -161,6 +181,11 @@ class NetworkSecurityGroupSecurityRuleArgs:
161
181
  def source(self) -> Optional[pulumi.Input[str]]:
162
182
  """
163
183
  Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
184
+
185
+ Allowed values:
186
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
187
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
188
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
164
189
  """
165
190
  return pulumi.get(self, "source")
166
191
 
@@ -173,9 +198,6 @@ class NetworkSecurityGroupSecurityRuleArgs:
173
198
  def source_type(self) -> Optional[pulumi.Input[str]]:
174
199
  """
175
200
  Type of source for the rule. Required if `direction` = `INGRESS`.
176
- * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation.
177
- * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/) (the rule is for traffic coming from a particular `Service` through a service gateway).
178
- * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/).
179
201
  """
180
202
  return pulumi.get(self, "source_type")
181
203
 
@@ -239,21 +261,32 @@ class _NetworkSecurityGroupSecurityRuleState:
239
261
  udp_options: Optional[pulumi.Input['NetworkSecurityGroupSecurityRuleUdpOptionsArgs']] = None):
240
262
  """
241
263
  Input properties used for looking up and filtering NetworkSecurityGroupSecurityRule resources.
242
- :param pulumi.Input[str] description: An optional description of your choice for the rule.
264
+ :param pulumi.Input[str] description: An optional description of your choice for the rule. Avoid entering confidential information.
243
265
  :param pulumi.Input[str] destination: Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
266
+
267
+ Allowed values:
268
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
269
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
270
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
244
271
  :param pulumi.Input[str] destination_type: Type of destination for the rule. Required if `direction` = `EGRESS`.
272
+
273
+ Allowed values:
245
274
  :param pulumi.Input[str] direction: Direction of the security rule. Set to `EGRESS` for rules to allow outbound IP packets, or `INGRESS` for rules to allow inbound IP packets.
246
275
  :param pulumi.Input['NetworkSecurityGroupSecurityRuleIcmpOptionsArgs'] icmp_options: Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:
247
276
  * [ICMP Parameters](http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml)
248
277
  * [ICMPv6 Parameters](https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml)
278
+
279
+ If you specify ICMP or ICMPv6 as the protocol but omit this object, then all ICMP types and codes are allowed. If you do provide this object, the type is required and the code is optional. To enable MTU negotiation for ingress internet traffic via IPv4, make sure to allow type 3 ("Destination Unreachable") code 4 ("Fragmentation Needed and Don't Fragment was Set"). If you need to specify multiple codes for a single type, create a separate security list rule for each.
249
280
  :param pulumi.Input[bool] is_valid: Whether the rule is valid. The value is `True` when the rule is first created. If the rule's `source` or `destination` is a network security group, the value changes to `False` if that network security group is deleted.
250
281
  :param pulumi.Input[str] network_security_group_id: The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the network security group.
251
282
  :param pulumi.Input[str] protocol: The transport protocol. Specify either `all` or an IPv4 protocol number as defined in [Protocol Numbers](http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
252
283
  :param pulumi.Input[str] source: Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
284
+
285
+ Allowed values:
286
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
287
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
288
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
253
289
  :param pulumi.Input[str] source_type: Type of source for the rule. Required if `direction` = `INGRESS`.
254
- * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation.
255
- * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/) (the rule is for traffic coming from a particular `Service` through a service gateway).
256
- * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/).
257
290
  :param pulumi.Input[bool] stateless: A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
258
291
  :param pulumi.Input['NetworkSecurityGroupSecurityRuleTcpOptionsArgs'] tcp_options: Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
259
292
  :param pulumi.Input[str] time_created: The date and time the security rule was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339).
@@ -292,7 +325,7 @@ class _NetworkSecurityGroupSecurityRuleState:
292
325
  @pulumi.getter
293
326
  def description(self) -> Optional[pulumi.Input[str]]:
294
327
  """
295
- An optional description of your choice for the rule.
328
+ An optional description of your choice for the rule. Avoid entering confidential information.
296
329
  """
297
330
  return pulumi.get(self, "description")
298
331
 
@@ -305,6 +338,11 @@ class _NetworkSecurityGroupSecurityRuleState:
305
338
  def destination(self) -> Optional[pulumi.Input[str]]:
306
339
  """
307
340
  Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
341
+
342
+ Allowed values:
343
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
344
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
345
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
308
346
  """
309
347
  return pulumi.get(self, "destination")
310
348
 
@@ -317,6 +355,8 @@ class _NetworkSecurityGroupSecurityRuleState:
317
355
  def destination_type(self) -> Optional[pulumi.Input[str]]:
318
356
  """
319
357
  Type of destination for the rule. Required if `direction` = `EGRESS`.
358
+
359
+ Allowed values:
320
360
  """
321
361
  return pulumi.get(self, "destination_type")
322
362
 
@@ -343,6 +383,8 @@ class _NetworkSecurityGroupSecurityRuleState:
343
383
  Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:
344
384
  * [ICMP Parameters](http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml)
345
385
  * [ICMPv6 Parameters](https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml)
386
+
387
+ If you specify ICMP or ICMPv6 as the protocol but omit this object, then all ICMP types and codes are allowed. If you do provide this object, the type is required and the code is optional. To enable MTU negotiation for ingress internet traffic via IPv4, make sure to allow type 3 ("Destination Unreachable") code 4 ("Fragmentation Needed and Don't Fragment was Set"). If you need to specify multiple codes for a single type, create a separate security list rule for each.
346
388
  """
347
389
  return pulumi.get(self, "icmp_options")
348
390
 
@@ -391,6 +433,11 @@ class _NetworkSecurityGroupSecurityRuleState:
391
433
  def source(self) -> Optional[pulumi.Input[str]]:
392
434
  """
393
435
  Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
436
+
437
+ Allowed values:
438
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
439
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
440
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
394
441
  """
395
442
  return pulumi.get(self, "source")
396
443
 
@@ -403,9 +450,6 @@ class _NetworkSecurityGroupSecurityRuleState:
403
450
  def source_type(self) -> Optional[pulumi.Input[str]]:
404
451
  """
405
452
  Type of source for the rule. Required if `direction` = `INGRESS`.
406
- * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation.
407
- * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/) (the rule is for traffic coming from a particular `Service` through a service gateway).
408
- * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/).
409
453
  """
410
454
  return pulumi.get(self, "source_type")
411
455
 
@@ -537,20 +581,31 @@ class NetworkSecurityGroupSecurityRule(pulumi.CustomResource):
537
581
 
538
582
  :param str resource_name: The name of the resource.
539
583
  :param pulumi.ResourceOptions opts: Options for the resource.
540
- :param pulumi.Input[str] description: An optional description of your choice for the rule.
584
+ :param pulumi.Input[str] description: An optional description of your choice for the rule. Avoid entering confidential information.
541
585
  :param pulumi.Input[str] destination: Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
586
+
587
+ Allowed values:
588
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
589
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
590
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
542
591
  :param pulumi.Input[str] destination_type: Type of destination for the rule. Required if `direction` = `EGRESS`.
592
+
593
+ Allowed values:
543
594
  :param pulumi.Input[str] direction: Direction of the security rule. Set to `EGRESS` for rules to allow outbound IP packets, or `INGRESS` for rules to allow inbound IP packets.
544
595
  :param pulumi.Input[pulumi.InputType['NetworkSecurityGroupSecurityRuleIcmpOptionsArgs']] icmp_options: Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:
545
596
  * [ICMP Parameters](http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml)
546
597
  * [ICMPv6 Parameters](https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml)
598
+
599
+ If you specify ICMP or ICMPv6 as the protocol but omit this object, then all ICMP types and codes are allowed. If you do provide this object, the type is required and the code is optional. To enable MTU negotiation for ingress internet traffic via IPv4, make sure to allow type 3 ("Destination Unreachable") code 4 ("Fragmentation Needed and Don't Fragment was Set"). If you need to specify multiple codes for a single type, create a separate security list rule for each.
547
600
  :param pulumi.Input[str] network_security_group_id: The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the network security group.
548
601
  :param pulumi.Input[str] protocol: The transport protocol. Specify either `all` or an IPv4 protocol number as defined in [Protocol Numbers](http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
549
602
  :param pulumi.Input[str] source: Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
603
+
604
+ Allowed values:
605
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
606
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
607
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
550
608
  :param pulumi.Input[str] source_type: Type of source for the rule. Required if `direction` = `INGRESS`.
551
- * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation.
552
- * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/) (the rule is for traffic coming from a particular `Service` through a service gateway).
553
- * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/).
554
609
  :param pulumi.Input[bool] stateless: A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
555
610
  :param pulumi.Input[pulumi.InputType['NetworkSecurityGroupSecurityRuleTcpOptionsArgs']] tcp_options: Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
556
611
  :param pulumi.Input[pulumi.InputType['NetworkSecurityGroupSecurityRuleUdpOptionsArgs']] udp_options: Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
@@ -703,21 +758,32 @@ class NetworkSecurityGroupSecurityRule(pulumi.CustomResource):
703
758
  :param str resource_name: The unique name of the resulting resource.
704
759
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
705
760
  :param pulumi.ResourceOptions opts: Options for the resource.
706
- :param pulumi.Input[str] description: An optional description of your choice for the rule.
761
+ :param pulumi.Input[str] description: An optional description of your choice for the rule. Avoid entering confidential information.
707
762
  :param pulumi.Input[str] destination: Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
763
+
764
+ Allowed values:
765
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
766
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
767
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
708
768
  :param pulumi.Input[str] destination_type: Type of destination for the rule. Required if `direction` = `EGRESS`.
769
+
770
+ Allowed values:
709
771
  :param pulumi.Input[str] direction: Direction of the security rule. Set to `EGRESS` for rules to allow outbound IP packets, or `INGRESS` for rules to allow inbound IP packets.
710
772
  :param pulumi.Input[pulumi.InputType['NetworkSecurityGroupSecurityRuleIcmpOptionsArgs']] icmp_options: Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:
711
773
  * [ICMP Parameters](http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml)
712
774
  * [ICMPv6 Parameters](https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml)
775
+
776
+ If you specify ICMP or ICMPv6 as the protocol but omit this object, then all ICMP types and codes are allowed. If you do provide this object, the type is required and the code is optional. To enable MTU negotiation for ingress internet traffic via IPv4, make sure to allow type 3 ("Destination Unreachable") code 4 ("Fragmentation Needed and Don't Fragment was Set"). If you need to specify multiple codes for a single type, create a separate security list rule for each.
713
777
  :param pulumi.Input[bool] is_valid: Whether the rule is valid. The value is `True` when the rule is first created. If the rule's `source` or `destination` is a network security group, the value changes to `False` if that network security group is deleted.
714
778
  :param pulumi.Input[str] network_security_group_id: The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the network security group.
715
779
  :param pulumi.Input[str] protocol: The transport protocol. Specify either `all` or an IPv4 protocol number as defined in [Protocol Numbers](http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
716
780
  :param pulumi.Input[str] source: Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
781
+
782
+ Allowed values:
783
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
784
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
785
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
717
786
  :param pulumi.Input[str] source_type: Type of source for the rule. Required if `direction` = `INGRESS`.
718
- * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation.
719
- * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/) (the rule is for traffic coming from a particular `Service` through a service gateway).
720
- * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/).
721
787
  :param pulumi.Input[bool] stateless: A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
722
788
  :param pulumi.Input[pulumi.InputType['NetworkSecurityGroupSecurityRuleTcpOptionsArgs']] tcp_options: Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
723
789
  :param pulumi.Input[str] time_created: The date and time the security rule was created. Format defined by [RFC3339](https://tools.ietf.org/html/rfc3339).
@@ -747,7 +813,7 @@ class NetworkSecurityGroupSecurityRule(pulumi.CustomResource):
747
813
  @pulumi.getter
748
814
  def description(self) -> pulumi.Output[str]:
749
815
  """
750
- An optional description of your choice for the rule.
816
+ An optional description of your choice for the rule. Avoid entering confidential information.
751
817
  """
752
818
  return pulumi.get(self, "description")
753
819
 
@@ -756,6 +822,11 @@ class NetworkSecurityGroupSecurityRule(pulumi.CustomResource):
756
822
  def destination(self) -> pulumi.Output[str]:
757
823
  """
758
824
  Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
825
+
826
+ Allowed values:
827
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
828
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic destined for a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
829
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
759
830
  """
760
831
  return pulumi.get(self, "destination")
761
832
 
@@ -764,6 +835,8 @@ class NetworkSecurityGroupSecurityRule(pulumi.CustomResource):
764
835
  def destination_type(self) -> pulumi.Output[str]:
765
836
  """
766
837
  Type of destination for the rule. Required if `direction` = `EGRESS`.
838
+
839
+ Allowed values:
767
840
  """
768
841
  return pulumi.get(self, "destination_type")
769
842
 
@@ -782,6 +855,8 @@ class NetworkSecurityGroupSecurityRule(pulumi.CustomResource):
782
855
  Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:
783
856
  * [ICMP Parameters](http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml)
784
857
  * [ICMPv6 Parameters](https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml)
858
+
859
+ If you specify ICMP or ICMPv6 as the protocol but omit this object, then all ICMP types and codes are allowed. If you do provide this object, the type is required and the code is optional. To enable MTU negotiation for ingress internet traffic via IPv4, make sure to allow type 3 ("Destination Unreachable") code 4 ("Fragmentation Needed and Don't Fragment was Set"). If you need to specify multiple codes for a single type, create a separate security list rule for each.
785
860
  """
786
861
  return pulumi.get(self, "icmp_options")
787
862
 
@@ -814,6 +889,11 @@ class NetworkSecurityGroupSecurityRule(pulumi.CustomResource):
814
889
  def source(self) -> pulumi.Output[Optional[str]]:
815
890
  """
816
891
  Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
892
+
893
+ Allowed values:
894
+ * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` IPv6 addressing is supported for all commercial and government regions. See [IPv6 Addresses](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
895
+ * The `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/), if you're setting up a security rule for traffic coming from a particular `Service` through a service gateway. For example: `oci-phx-objectstorage`.
896
+ * The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/) in the same VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control traffic between VNICs in the same NSG.
817
897
  """
818
898
  return pulumi.get(self, "source")
819
899
 
@@ -822,9 +902,6 @@ class NetworkSecurityGroupSecurityRule(pulumi.CustomResource):
822
902
  def source_type(self) -> pulumi.Output[str]:
823
903
  """
824
904
  Type of source for the rule. Required if `direction` = `INGRESS`.
825
- * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation.
826
- * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a [Service](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/Service/) (the rule is for traffic coming from a particular `Service` through a service gateway).
827
- * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of a [NetworkSecurityGroup](https://docs.cloud.oracle.com/iaas/api/#/en/iaas/latest/NetworkSecurityGroup/).
828
905
  """
829
906
  return pulumi.get(self, "source_type")
830
907