Aquasec v0.8.29 published on Monday, Jul 22, 2024 by Pulumiverse
aquasec.getFunctionRuntimePolicy
Explore with Pulumi AI
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aquasec from "@pulumi/aquasec";
const functionRuntimePolicy = aquasec.getFunctionRuntimePolicy({
name: "FunctionRuntimePolicyName",
});
export const functionRuntimePolicyDetails = functionRuntimePolicy;
import pulumi
import pulumi_aquasec as aquasec
function_runtime_policy = aquasec.get_function_runtime_policy(name="FunctionRuntimePolicyName")
pulumi.export("functionRuntimePolicyDetails", function_runtime_policy)
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-aquasec/sdk/go/aquasec"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
functionRuntimePolicy, err := aquasec.LookupFunctionRuntimePolicy(ctx, &aquasec.LookupFunctionRuntimePolicyArgs{
Name: "FunctionRuntimePolicyName",
}, nil)
if err != nil {
return err
}
ctx.Export("functionRuntimePolicyDetails", functionRuntimePolicy)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aquasec = Pulumi.Aquasec;
return await Deployment.RunAsync(() =>
{
var functionRuntimePolicy = Aquasec.GetFunctionRuntimePolicy.Invoke(new()
{
Name = "FunctionRuntimePolicyName",
});
return new Dictionary<string, object?>
{
["functionRuntimePolicyDetails"] = functionRuntimePolicy,
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aquasec.AquasecFunctions;
import com.pulumi.aquasec.inputs.GetFunctionRuntimePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var functionRuntimePolicy = AquasecFunctions.getFunctionRuntimePolicy(GetFunctionRuntimePolicyArgs.builder()
.name("FunctionRuntimePolicyName")
.build());
ctx.export("functionRuntimePolicyDetails", functionRuntimePolicy.applyValue(getFunctionRuntimePolicyResult -> getFunctionRuntimePolicyResult));
}
}
variables:
functionRuntimePolicy:
fn::invoke:
Function: aquasec:getFunctionRuntimePolicy
Arguments:
name: FunctionRuntimePolicyName
outputs:
functionRuntimePolicyDetails: ${functionRuntimePolicy}
Using getFunctionRuntimePolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getFunctionRuntimePolicy(args: GetFunctionRuntimePolicyArgs, opts?: InvokeOptions): Promise<GetFunctionRuntimePolicyResult>
function getFunctionRuntimePolicyOutput(args: GetFunctionRuntimePolicyOutputArgs, opts?: InvokeOptions): Output<GetFunctionRuntimePolicyResult>
def get_function_runtime_policy(drift_preventions: Optional[Sequence[GetFunctionRuntimePolicyDriftPrevention]] = None,
executable_blacklists: Optional[Sequence[GetFunctionRuntimePolicyExecutableBlacklist]] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetFunctionRuntimePolicyResult
def get_function_runtime_policy_output(drift_preventions: Optional[pulumi.Input[Sequence[pulumi.Input[GetFunctionRuntimePolicyDriftPreventionArgs]]]] = None,
executable_blacklists: Optional[pulumi.Input[Sequence[pulumi.Input[GetFunctionRuntimePolicyExecutableBlacklistArgs]]]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetFunctionRuntimePolicyResult]
func LookupFunctionRuntimePolicy(ctx *Context, args *LookupFunctionRuntimePolicyArgs, opts ...InvokeOption) (*LookupFunctionRuntimePolicyResult, error)
func LookupFunctionRuntimePolicyOutput(ctx *Context, args *LookupFunctionRuntimePolicyOutputArgs, opts ...InvokeOption) LookupFunctionRuntimePolicyResultOutput
> Note: This function is named LookupFunctionRuntimePolicy
in the Go SDK.
public static class GetFunctionRuntimePolicy
{
public static Task<GetFunctionRuntimePolicyResult> InvokeAsync(GetFunctionRuntimePolicyArgs args, InvokeOptions? opts = null)
public static Output<GetFunctionRuntimePolicyResult> Invoke(GetFunctionRuntimePolicyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetFunctionRuntimePolicyResult> getFunctionRuntimePolicy(GetFunctionRuntimePolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aquasec:index/getFunctionRuntimePolicy:getFunctionRuntimePolicy
arguments:
# arguments dictionary
The following arguments are supported:
- Name string
- Name of the function runtime policy
- Drift
Preventions List<Pulumiverse.Aquasec. Inputs. Get Function Runtime Policy Drift Prevention> - Drift prevention configuration.
- Executable
Blacklists List<Pulumiverse.Aquasec. Inputs. Get Function Runtime Policy Executable Blacklist> - Executable blacklist configuration.
- Name string
- Name of the function runtime policy
- Drift
Preventions []GetFunction Runtime Policy Drift Prevention - Drift prevention configuration.
- Executable
Blacklists []GetFunction Runtime Policy Executable Blacklist - Executable blacklist configuration.
- name String
- Name of the function runtime policy
- drift
Preventions List<GetFunction Runtime Policy Drift Prevention> - Drift prevention configuration.
- executable
Blacklists List<GetFunction Runtime Policy Executable Blacklist> - Executable blacklist configuration.
- name string
- Name of the function runtime policy
- drift
Preventions GetFunction Runtime Policy Drift Prevention[] - Drift prevention configuration.
- executable
Blacklists GetFunction Runtime Policy Executable Blacklist[] - Executable blacklist configuration.
- name str
- Name of the function runtime policy
- drift_
preventions Sequence[GetFunction Runtime Policy Drift Prevention] - Drift prevention configuration.
- executable_
blacklists Sequence[GetFunction Runtime Policy Executable Blacklist] - Executable blacklist configuration.
- name String
- Name of the function runtime policy
- drift
Preventions List<Property Map> - Drift prevention configuration.
- executable
Blacklists List<Property Map> - Executable blacklist configuration.
getFunctionRuntimePolicy Result
The following output properties are available:
- Application
Scopes List<string> - Indicates the application scope of the service.
- string
- Username of the account that created the service.
- Block
Malicious boolExecutables - If true, prevent creation of malicious executables in functions during their runtime post invocation.
- Block
Malicious List<string>Executables Allowed Processes - List of processes that will be allowed
- Block
Running boolExecutables In Tmp Folder - If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
- Blocked
Executables List<string> - List of executables that are prevented from running in containers.
- Description string
- The description of the function runtime policy
- Enabled bool
- Indicates if the runtime policy is enabled or not.
- Enforce bool
- Indicates that policy should effect container execution (not just for audit).
- Honeypot
Access stringKey - Honeypot User ID (Access Key)
- Honeypot
Apply List<string>Ons - List of options to apply the honeypot on (Environment Vairable, Layer, File)
- Honeypot
Secret stringKey - Honeypot User Password (Secret Key)
- Honeypot
Serverless stringApp Name - Serverless application name
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Name of the function runtime policy
- Scope
Expression string - Logical expression of how to compute the dependency of the scope variables.
- Scope
Variables List<Pulumiverse.Aquasec. Outputs. Get Function Runtime Policy Scope Variable> - List of scope attributes.
- Drift
Preventions List<Pulumiverse.Aquasec. Outputs. Get Function Runtime Policy Drift Prevention> - Drift prevention configuration.
- Executable
Blacklists List<Pulumiverse.Aquasec. Outputs. Get Function Runtime Policy Executable Blacklist> - Executable blacklist configuration.
- Application
Scopes []string - Indicates the application scope of the service.
- string
- Username of the account that created the service.
- Block
Malicious boolExecutables - If true, prevent creation of malicious executables in functions during their runtime post invocation.
- Block
Malicious []stringExecutables Allowed Processes - List of processes that will be allowed
- Block
Running boolExecutables In Tmp Folder - If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
- Blocked
Executables []string - List of executables that are prevented from running in containers.
- Description string
- The description of the function runtime policy
- Enabled bool
- Indicates if the runtime policy is enabled or not.
- Enforce bool
- Indicates that policy should effect container execution (not just for audit).
- Honeypot
Access stringKey - Honeypot User ID (Access Key)
- Honeypot
Apply []stringOns - List of options to apply the honeypot on (Environment Vairable, Layer, File)
- Honeypot
Secret stringKey - Honeypot User Password (Secret Key)
- Honeypot
Serverless stringApp Name - Serverless application name
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Name of the function runtime policy
- Scope
Expression string - Logical expression of how to compute the dependency of the scope variables.
- Scope
Variables []GetFunction Runtime Policy Scope Variable - List of scope attributes.
- Drift
Preventions []GetFunction Runtime Policy Drift Prevention - Drift prevention configuration.
- Executable
Blacklists []GetFunction Runtime Policy Executable Blacklist - Executable blacklist configuration.
- application
Scopes List<String> - Indicates the application scope of the service.
- String
- Username of the account that created the service.
- block
Malicious BooleanExecutables - If true, prevent creation of malicious executables in functions during their runtime post invocation.
- block
Malicious List<String>Executables Allowed Processes - List of processes that will be allowed
- block
Running BooleanExecutables In Tmp Folder - If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
- blocked
Executables List<String> - List of executables that are prevented from running in containers.
- description String
- The description of the function runtime policy
- enabled Boolean
- Indicates if the runtime policy is enabled or not.
- enforce Boolean
- Indicates that policy should effect container execution (not just for audit).
- honeypot
Access StringKey - Honeypot User ID (Access Key)
- honeypot
Apply List<String>Ons - List of options to apply the honeypot on (Environment Vairable, Layer, File)
- honeypot
Secret StringKey - Honeypot User Password (Secret Key)
- honeypot
Serverless StringApp Name - Serverless application name
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Name of the function runtime policy
- scope
Expression String - Logical expression of how to compute the dependency of the scope variables.
- scope
Variables List<GetFunction Runtime Policy Scope Variable> - List of scope attributes.
- drift
Preventions List<GetFunction Runtime Policy Drift Prevention> - Drift prevention configuration.
- executable
Blacklists List<GetFunction Runtime Policy Executable Blacklist> - Executable blacklist configuration.
- application
Scopes string[] - Indicates the application scope of the service.
- string
- Username of the account that created the service.
- block
Malicious booleanExecutables - If true, prevent creation of malicious executables in functions during their runtime post invocation.
- block
Malicious string[]Executables Allowed Processes - List of processes that will be allowed
- block
Running booleanExecutables In Tmp Folder - If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
- blocked
Executables string[] - List of executables that are prevented from running in containers.
- description string
- The description of the function runtime policy
- enabled boolean
- Indicates if the runtime policy is enabled or not.
- enforce boolean
- Indicates that policy should effect container execution (not just for audit).
- honeypot
Access stringKey - Honeypot User ID (Access Key)
- honeypot
Apply string[]Ons - List of options to apply the honeypot on (Environment Vairable, Layer, File)
- honeypot
Secret stringKey - Honeypot User Password (Secret Key)
- honeypot
Serverless stringApp Name - Serverless application name
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- Name of the function runtime policy
- scope
Expression string - Logical expression of how to compute the dependency of the scope variables.
- scope
Variables GetFunction Runtime Policy Scope Variable[] - List of scope attributes.
- drift
Preventions GetFunction Runtime Policy Drift Prevention[] - Drift prevention configuration.
- executable
Blacklists GetFunction Runtime Policy Executable Blacklist[] - Executable blacklist configuration.
- application_
scopes Sequence[str] - Indicates the application scope of the service.
- str
- Username of the account that created the service.
- block_
malicious_ boolexecutables - If true, prevent creation of malicious executables in functions during their runtime post invocation.
- block_
malicious_ Sequence[str]executables_ allowed_ processes - List of processes that will be allowed
- block_
running_ boolexecutables_ in_ tmp_ folder - If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
- blocked_
executables Sequence[str] - List of executables that are prevented from running in containers.
- description str
- The description of the function runtime policy
- enabled bool
- Indicates if the runtime policy is enabled or not.
- enforce bool
- Indicates that policy should effect container execution (not just for audit).
- honeypot_
access_ strkey - Honeypot User ID (Access Key)
- honeypot_
apply_ Sequence[str]ons - List of options to apply the honeypot on (Environment Vairable, Layer, File)
- honeypot_
secret_ strkey - Honeypot User Password (Secret Key)
- honeypot_
serverless_ strapp_ name - Serverless application name
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- Name of the function runtime policy
- scope_
expression str - Logical expression of how to compute the dependency of the scope variables.
- scope_
variables Sequence[GetFunction Runtime Policy Scope Variable] - List of scope attributes.
- drift_
preventions Sequence[GetFunction Runtime Policy Drift Prevention] - Drift prevention configuration.
- executable_
blacklists Sequence[GetFunction Runtime Policy Executable Blacklist] - Executable blacklist configuration.
- application
Scopes List<String> - Indicates the application scope of the service.
- String
- Username of the account that created the service.
- block
Malicious BooleanExecutables - If true, prevent creation of malicious executables in functions during their runtime post invocation.
- block
Malicious List<String>Executables Allowed Processes - List of processes that will be allowed
- block
Running BooleanExecutables In Tmp Folder - If true, prevent running of executables in functions locate in /tmp folder during their runtime post invocation.
- blocked
Executables List<String> - List of executables that are prevented from running in containers.
- description String
- The description of the function runtime policy
- enabled Boolean
- Indicates if the runtime policy is enabled or not.
- enforce Boolean
- Indicates that policy should effect container execution (not just for audit).
- honeypot
Access StringKey - Honeypot User ID (Access Key)
- honeypot
Apply List<String>Ons - List of options to apply the honeypot on (Environment Vairable, Layer, File)
- honeypot
Secret StringKey - Honeypot User Password (Secret Key)
- honeypot
Serverless StringApp Name - Serverless application name
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Name of the function runtime policy
- scope
Expression String - Logical expression of how to compute the dependency of the scope variables.
- scope
Variables List<Property Map> - List of scope attributes.
- drift
Preventions List<Property Map> - Drift prevention configuration.
- executable
Blacklists List<Property Map> - Executable blacklist configuration.
Supporting Types
GetFunctionRuntimePolicyDriftPrevention
- Enabled bool
- Whether drift prevention is enabled.
- Exec
Lockdown bool - Whether to lockdown execution drift.
- Exec
Lockdown List<string>White Lists - List of items in the execution lockdown white list.
- Image
Lockdown bool - Whether to lockdown image drift.
- Enabled bool
- Whether drift prevention is enabled.
- Exec
Lockdown bool - Whether to lockdown execution drift.
- Exec
Lockdown []stringWhite Lists - List of items in the execution lockdown white list.
- Image
Lockdown bool - Whether to lockdown image drift.
- enabled Boolean
- Whether drift prevention is enabled.
- exec
Lockdown Boolean - Whether to lockdown execution drift.
- exec
Lockdown List<String>White Lists - List of items in the execution lockdown white list.
- image
Lockdown Boolean - Whether to lockdown image drift.
- enabled boolean
- Whether drift prevention is enabled.
- exec
Lockdown boolean - Whether to lockdown execution drift.
- exec
Lockdown string[]White Lists - List of items in the execution lockdown white list.
- image
Lockdown boolean - Whether to lockdown image drift.
- enabled bool
- Whether drift prevention is enabled.
- exec_
lockdown bool - Whether to lockdown execution drift.
- exec_
lockdown_ Sequence[str]white_ lists - List of items in the execution lockdown white list.
- image_
lockdown bool - Whether to lockdown image drift.
- enabled Boolean
- Whether drift prevention is enabled.
- exec
Lockdown Boolean - Whether to lockdown execution drift.
- exec
Lockdown List<String>White Lists - List of items in the execution lockdown white list.
- image
Lockdown Boolean - Whether to lockdown image drift.
GetFunctionRuntimePolicyExecutableBlacklist
- Enabled bool
- Whether the executable blacklist is enabled.
- Executables List<string>
- List of blacklisted executables.
- Enabled bool
- Whether the executable blacklist is enabled.
- Executables []string
- List of blacklisted executables.
- enabled Boolean
- Whether the executable blacklist is enabled.
- executables List<String>
- List of blacklisted executables.
- enabled boolean
- Whether the executable blacklist is enabled.
- executables string[]
- List of blacklisted executables.
- enabled bool
- Whether the executable blacklist is enabled.
- executables Sequence[str]
- List of blacklisted executables.
- enabled Boolean
- Whether the executable blacklist is enabled.
- executables List<String>
- List of blacklisted executables.
GetFunctionRuntimePolicyScopeVariable
Package Details
- Repository
- aquasec pulumiverse/pulumi-aquasec
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aquasec
Terraform Provider.