junipermist.org.Setting
Explore with Pulumi AI
This resource manages the Org Settings. The Org Settings can be used to customize the Org configuration
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.junipermist.org.Setting;
import com.pulumi.junipermist.org.SettingArgs;
import com.pulumi.junipermist.org.inputs.SettingCradlepointArgs;
import com.pulumi.junipermist.org.inputs.SettingMxedgeMgmtArgs;
import com.pulumi.junipermist.org.inputs.SettingPasswordPolicyArgs;
import com.pulumi.junipermist.org.inputs.SettingSecurityArgs;
import com.pulumi.junipermist.org.inputs.SettingSyntheticTestArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var terraformTest = new Setting("terraformTest", SettingArgs.builder()
.orgId(terraformTestMistOrg.id())
.apUpdownThreshold(10)
.cradlepoint(SettingCradlepointArgs.builder()
.cp_api_id("cp_api_id_test")
.cp_api_key("secret")
.ecm_api_id("ecm_api_id_test")
.ecm_api_key("secret")
.build())
.deviceUpdownThreshold(10)
.disablePcap(false)
.disableRemoteShell(true)
.gatewayUpdownThreshold(10)
.mxedgeMgmt(SettingMxedgeMgmtArgs.builder()
.mist_password("mist_secret_passowrd")
.root_password("root_secret_password")
.oob_ip_type("dhcp")
.oob_ip_type6("disabled")
.build())
.passwordPolicy(SettingPasswordPolicyArgs.builder()
.enabled(true)
.freshness(180)
.min_length(12)
.requires_special_char(true)
.requires_two_factor_auth(false)
.build())
.security(SettingSecurityArgs.builder()
.disable_local_ssh(true)
.build())
.switchUpdownThreshold(10)
.syntheticTest(SettingSyntheticTestArgs.builder()
.disabled(false)
.vlans(
SettingSyntheticTestVlanArgs.builder()
.vlanIds(
"10",
"30")
.customTestUrls(
"http://www.abc.com/",
"https://10.3.5.1:8080/about")
.build(),
SettingSyntheticTestVlanArgs.builder()
.vlanIds("20")
.disabled(true)
.build())
.build())
.uiIdleTimeout(120)
.build());
}
}
resources:
terraformTest:
type: junipermist:org:Setting
name: terraform_test
properties:
orgId: ${terraformTestMistOrg.id}
apUpdownThreshold: 10
cradlepoint:
cp_api_id: cp_api_id_test
cp_api_key: secret
ecm_api_id: ecm_api_id_test
ecm_api_key: secret
deviceUpdownThreshold: 10
disablePcap: false
disableRemoteShell: true
gatewayUpdownThreshold: 10
mxedgeMgmt:
mist_password: mist_secret_passowrd
root_password: root_secret_password
oob_ip_type: dhcp
oob_ip_type6: disabled
passwordPolicy:
enabled: true
freshness: 180
min_length: 12
requires_special_char: true
requires_two_factor_auth: false
security:
disable_local_ssh: true
switchUpdownThreshold: 10
syntheticTest:
disabled: false
vlans:
- vlanIds:
- '10'
- '30'
customTestUrls:
- http://www.abc.com/
- https://10.3.5.1:8080/about
- vlanIds:
- '20'
disabled: true
uiIdleTimeout: 120
Create Setting Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Setting(name: string, args: SettingArgs, opts?: CustomResourceOptions);
@overload
def Setting(resource_name: str,
args: SettingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Setting(resource_name: str,
opts: Optional[ResourceOptions] = None,
org_id: Optional[str] = None,
mgmt: Optional[SettingMgmtArgs] = None,
celona: Optional[SettingCelonaArgs] = None,
mxedge_fips_enabled: Optional[bool] = None,
cloudshark: Optional[SettingCloudsharkArgs] = None,
cradlepoint: Optional[SettingCradlepointArgs] = None,
device_cert: Optional[SettingDeviceCertArgs] = None,
device_updown_threshold: Optional[int] = None,
disable_pcap: Optional[bool] = None,
disable_remote_shell: Optional[bool] = None,
gateway_updown_threshold: Optional[int] = None,
installer: Optional[SettingInstallerArgs] = None,
jcloud: Optional[SettingJcloudArgs] = None,
jcloud_ra: Optional[SettingJcloudRaArgs] = None,
ap_updown_threshold: Optional[int] = None,
wireless_pma: Optional[SettingWirelessPmaArgs] = None,
cacerts: Optional[Sequence[str]] = None,
mxedge_mgmt: Optional[SettingMxedgeMgmtArgs] = None,
optic_port_config: Optional[Mapping[str, SettingOpticPortConfigArgs]] = None,
api_policy: Optional[SettingApiPolicyArgs] = None,
password_policy: Optional[SettingPasswordPolicyArgs] = None,
pcap: Optional[SettingPcapArgs] = None,
security: Optional[SettingSecurityArgs] = None,
switch_mgmt: Optional[SettingSwitchMgmtArgs] = None,
switch_updown_threshold: Optional[int] = None,
synthetic_test: Optional[SettingSyntheticTestArgs] = None,
ui_idle_timeout: Optional[int] = None,
vpn_options: Optional[SettingVpnOptionsArgs] = None,
wan_pma: Optional[SettingWanPmaArgs] = None,
wired_pma: Optional[SettingWiredPmaArgs] = None,
mist_nac: Optional[SettingMistNacArgs] = None)
func NewSetting(ctx *Context, name string, args SettingArgs, opts ...ResourceOption) (*Setting, error)
public Setting(string name, SettingArgs args, CustomResourceOptions? opts = null)
public Setting(String name, SettingArgs args)
public Setting(String name, SettingArgs args, CustomResourceOptions options)
type: junipermist:org:Setting
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SettingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SettingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SettingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SettingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SettingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var settingResource = new JuniperMist.Org.Setting("settingResource", new()
{
OrgId = "string",
Mgmt = new JuniperMist.Org.Inputs.SettingMgmtArgs
{
MxtunnelIds = new[]
{
"string",
},
UseMxtunnel = false,
UseWxtunnel = false,
},
Celona = new JuniperMist.Org.Inputs.SettingCelonaArgs
{
ApiKey = "string",
ApiPrefix = "string",
},
MxedgeFipsEnabled = false,
Cloudshark = new JuniperMist.Org.Inputs.SettingCloudsharkArgs
{
Apitoken = "string",
Url = "string",
},
Cradlepoint = new JuniperMist.Org.Inputs.SettingCradlepointArgs
{
CpApiId = "string",
CpApiKey = "string",
EcmApiId = "string",
EcmApiKey = "string",
},
DeviceCert = new JuniperMist.Org.Inputs.SettingDeviceCertArgs
{
Cert = "string",
Key = "string",
},
DeviceUpdownThreshold = 0,
DisablePcap = false,
DisableRemoteShell = false,
GatewayUpdownThreshold = 0,
Installer = new JuniperMist.Org.Inputs.SettingInstallerArgs
{
AllowAllDevices = false,
AllowAllSites = false,
ExtraSiteIds = new[]
{
"string",
},
GracePeriod = 0,
},
Jcloud = new JuniperMist.Org.Inputs.SettingJcloudArgs
{
OrgApitoken = "string",
OrgApitokenName = "string",
OrgId = "string",
},
JcloudRa = new JuniperMist.Org.Inputs.SettingJcloudRaArgs
{
OrgApitoken = "string",
OrgApitokenName = "string",
OrgId = "string",
},
ApUpdownThreshold = 0,
WirelessPma = new JuniperMist.Org.Inputs.SettingWirelessPmaArgs
{
Enabled = false,
},
Cacerts = new[]
{
"string",
},
MxedgeMgmt = new JuniperMist.Org.Inputs.SettingMxedgeMgmtArgs
{
FipsEnabled = false,
MistPassword = "string",
OobIpType = "string",
OobIpType6 = "string",
RootPassword = "string",
},
OpticPortConfig =
{
{ "string", new JuniperMist.Org.Inputs.SettingOpticPortConfigArgs
{
Channelized = false,
Speed = "string",
} },
},
ApiPolicy = new JuniperMist.Org.Inputs.SettingApiPolicyArgs
{
NoReveal = false,
},
PasswordPolicy = new JuniperMist.Org.Inputs.SettingPasswordPolicyArgs
{
Enabled = false,
ExpiryInDays = 0,
MinLength = 0,
RequiresSpecialChar = false,
RequiresTwoFactorAuth = false,
},
Pcap = new JuniperMist.Org.Inputs.SettingPcapArgs
{
Bucket = "string",
MaxPktLen = 0,
},
Security = new JuniperMist.Org.Inputs.SettingSecurityArgs
{
DisableLocalSsh = false,
FipsZeroizePassword = "string",
LimitSshAccess = false,
},
SwitchMgmt = new JuniperMist.Org.Inputs.SettingSwitchMgmtArgs
{
ApAffinityThreshold = 0,
},
SwitchUpdownThreshold = 0,
SyntheticTest = new JuniperMist.Org.Inputs.SettingSyntheticTestArgs
{
Disabled = false,
Vlans = new[]
{
new JuniperMist.Org.Inputs.SettingSyntheticTestVlanArgs
{
CustomTestUrls = new[]
{
"string",
},
Disabled = false,
VlanIds = new[]
{
"string",
},
},
},
WanSpeedtest = new JuniperMist.Org.Inputs.SettingSyntheticTestWanSpeedtestArgs
{
Enabled = false,
TimeOfDay = "string",
},
},
UiIdleTimeout = 0,
VpnOptions = new JuniperMist.Org.Inputs.SettingVpnOptionsArgs
{
AsBase = 0,
StSubnet = "string",
},
WanPma = new JuniperMist.Org.Inputs.SettingWanPmaArgs
{
Enabled = false,
},
WiredPma = new JuniperMist.Org.Inputs.SettingWiredPmaArgs
{
Enabled = false,
},
MistNac = new JuniperMist.Org.Inputs.SettingMistNacArgs
{
Cacerts = new[]
{
"string",
},
DefaultIdpId = "string",
DisableRsaeAlgorithms = false,
EapSslSecurityLevel = 0,
EuOnly = false,
IdpMachineCertLookupField = "string",
IdpUserCertLookupField = "string",
Idps = new[]
{
new JuniperMist.Org.Inputs.SettingMistNacIdpArgs
{
Id = "string",
UserRealms = new[]
{
"string",
},
ExcludeRealms = new[]
{
"string",
},
},
},
ServerCert = new JuniperMist.Org.Inputs.SettingMistNacServerCertArgs
{
Cert = "string",
Key = "string",
Password = "string",
},
UseIpVersion = "string",
UseSslPort = false,
},
});
example, err := org.NewSetting(ctx, "settingResource", &org.SettingArgs{
OrgId: pulumi.String("string"),
Mgmt: &org.SettingMgmtArgs{
MxtunnelIds: pulumi.StringArray{
pulumi.String("string"),
},
UseMxtunnel: pulumi.Bool(false),
UseWxtunnel: pulumi.Bool(false),
},
Celona: &org.SettingCelonaArgs{
ApiKey: pulumi.String("string"),
ApiPrefix: pulumi.String("string"),
},
MxedgeFipsEnabled: pulumi.Bool(false),
Cloudshark: &org.SettingCloudsharkArgs{
Apitoken: pulumi.String("string"),
Url: pulumi.String("string"),
},
Cradlepoint: &org.SettingCradlepointArgs{
CpApiId: pulumi.String("string"),
CpApiKey: pulumi.String("string"),
EcmApiId: pulumi.String("string"),
EcmApiKey: pulumi.String("string"),
},
DeviceCert: &org.SettingDeviceCertArgs{
Cert: pulumi.String("string"),
Key: pulumi.String("string"),
},
DeviceUpdownThreshold: pulumi.Int(0),
DisablePcap: pulumi.Bool(false),
DisableRemoteShell: pulumi.Bool(false),
GatewayUpdownThreshold: pulumi.Int(0),
Installer: &org.SettingInstallerArgs{
AllowAllDevices: pulumi.Bool(false),
AllowAllSites: pulumi.Bool(false),
ExtraSiteIds: pulumi.StringArray{
pulumi.String("string"),
},
GracePeriod: pulumi.Int(0),
},
Jcloud: &org.SettingJcloudArgs{
OrgApitoken: pulumi.String("string"),
OrgApitokenName: pulumi.String("string"),
OrgId: pulumi.String("string"),
},
JcloudRa: &org.SettingJcloudRaArgs{
OrgApitoken: pulumi.String("string"),
OrgApitokenName: pulumi.String("string"),
OrgId: pulumi.String("string"),
},
ApUpdownThreshold: pulumi.Int(0),
WirelessPma: &org.SettingWirelessPmaArgs{
Enabled: pulumi.Bool(false),
},
Cacerts: pulumi.StringArray{
pulumi.String("string"),
},
MxedgeMgmt: &org.SettingMxedgeMgmtArgs{
FipsEnabled: pulumi.Bool(false),
MistPassword: pulumi.String("string"),
OobIpType: pulumi.String("string"),
OobIpType6: pulumi.String("string"),
RootPassword: pulumi.String("string"),
},
OpticPortConfig: org.SettingOpticPortConfigMap{
"string": &org.SettingOpticPortConfigArgs{
Channelized: pulumi.Bool(false),
Speed: pulumi.String("string"),
},
},
ApiPolicy: &org.SettingApiPolicyArgs{
NoReveal: pulumi.Bool(false),
},
PasswordPolicy: &org.SettingPasswordPolicyArgs{
Enabled: pulumi.Bool(false),
ExpiryInDays: pulumi.Int(0),
MinLength: pulumi.Int(0),
RequiresSpecialChar: pulumi.Bool(false),
RequiresTwoFactorAuth: pulumi.Bool(false),
},
Pcap: &org.SettingPcapArgs{
Bucket: pulumi.String("string"),
MaxPktLen: pulumi.Int(0),
},
Security: &org.SettingSecurityArgs{
DisableLocalSsh: pulumi.Bool(false),
FipsZeroizePassword: pulumi.String("string"),
LimitSshAccess: pulumi.Bool(false),
},
SwitchMgmt: &org.SettingSwitchMgmtArgs{
ApAffinityThreshold: pulumi.Int(0),
},
SwitchUpdownThreshold: pulumi.Int(0),
SyntheticTest: &org.SettingSyntheticTestArgs{
Disabled: pulumi.Bool(false),
Vlans: org.SettingSyntheticTestVlanArray{
&org.SettingSyntheticTestVlanArgs{
CustomTestUrls: pulumi.StringArray{
pulumi.String("string"),
},
Disabled: pulumi.Bool(false),
VlanIds: pulumi.StringArray{
pulumi.String("string"),
},
},
},
WanSpeedtest: &org.SettingSyntheticTestWanSpeedtestArgs{
Enabled: pulumi.Bool(false),
TimeOfDay: pulumi.String("string"),
},
},
UiIdleTimeout: pulumi.Int(0),
VpnOptions: &org.SettingVpnOptionsArgs{
AsBase: pulumi.Int(0),
StSubnet: pulumi.String("string"),
},
WanPma: &org.SettingWanPmaArgs{
Enabled: pulumi.Bool(false),
},
WiredPma: &org.SettingWiredPmaArgs{
Enabled: pulumi.Bool(false),
},
MistNac: &org.SettingMistNacArgs{
Cacerts: pulumi.StringArray{
pulumi.String("string"),
},
DefaultIdpId: pulumi.String("string"),
DisableRsaeAlgorithms: pulumi.Bool(false),
EapSslSecurityLevel: pulumi.Int(0),
EuOnly: pulumi.Bool(false),
IdpMachineCertLookupField: pulumi.String("string"),
IdpUserCertLookupField: pulumi.String("string"),
Idps: org.SettingMistNacIdpArray{
&org.SettingMistNacIdpArgs{
Id: pulumi.String("string"),
UserRealms: pulumi.StringArray{
pulumi.String("string"),
},
ExcludeRealms: pulumi.StringArray{
pulumi.String("string"),
},
},
},
ServerCert: &org.SettingMistNacServerCertArgs{
Cert: pulumi.String("string"),
Key: pulumi.String("string"),
Password: pulumi.String("string"),
},
UseIpVersion: pulumi.String("string"),
UseSslPort: pulumi.Bool(false),
},
})
var settingResource = new Setting("settingResource", SettingArgs.builder()
.orgId("string")
.mgmt(SettingMgmtArgs.builder()
.mxtunnelIds("string")
.useMxtunnel(false)
.useWxtunnel(false)
.build())
.celona(SettingCelonaArgs.builder()
.apiKey("string")
.apiPrefix("string")
.build())
.mxedgeFipsEnabled(false)
.cloudshark(SettingCloudsharkArgs.builder()
.apitoken("string")
.url("string")
.build())
.cradlepoint(SettingCradlepointArgs.builder()
.cpApiId("string")
.cpApiKey("string")
.ecmApiId("string")
.ecmApiKey("string")
.build())
.deviceCert(SettingDeviceCertArgs.builder()
.cert("string")
.key("string")
.build())
.deviceUpdownThreshold(0)
.disablePcap(false)
.disableRemoteShell(false)
.gatewayUpdownThreshold(0)
.installer(SettingInstallerArgs.builder()
.allowAllDevices(false)
.allowAllSites(false)
.extraSiteIds("string")
.gracePeriod(0)
.build())
.jcloud(SettingJcloudArgs.builder()
.orgApitoken("string")
.orgApitokenName("string")
.orgId("string")
.build())
.jcloudRa(SettingJcloudRaArgs.builder()
.orgApitoken("string")
.orgApitokenName("string")
.orgId("string")
.build())
.apUpdownThreshold(0)
.wirelessPma(SettingWirelessPmaArgs.builder()
.enabled(false)
.build())
.cacerts("string")
.mxedgeMgmt(SettingMxedgeMgmtArgs.builder()
.fipsEnabled(false)
.mistPassword("string")
.oobIpType("string")
.oobIpType6("string")
.rootPassword("string")
.build())
.opticPortConfig(Map.of("string", Map.ofEntries(
Map.entry("channelized", false),
Map.entry("speed", "string")
)))
.apiPolicy(SettingApiPolicyArgs.builder()
.noReveal(false)
.build())
.passwordPolicy(SettingPasswordPolicyArgs.builder()
.enabled(false)
.expiryInDays(0)
.minLength(0)
.requiresSpecialChar(false)
.requiresTwoFactorAuth(false)
.build())
.pcap(SettingPcapArgs.builder()
.bucket("string")
.maxPktLen(0)
.build())
.security(SettingSecurityArgs.builder()
.disableLocalSsh(false)
.fipsZeroizePassword("string")
.limitSshAccess(false)
.build())
.switchMgmt(SettingSwitchMgmtArgs.builder()
.apAffinityThreshold(0)
.build())
.switchUpdownThreshold(0)
.syntheticTest(SettingSyntheticTestArgs.builder()
.disabled(false)
.vlans(SettingSyntheticTestVlanArgs.builder()
.customTestUrls("string")
.disabled(false)
.vlanIds("string")
.build())
.wanSpeedtest(SettingSyntheticTestWanSpeedtestArgs.builder()
.enabled(false)
.timeOfDay("string")
.build())
.build())
.uiIdleTimeout(0)
.vpnOptions(SettingVpnOptionsArgs.builder()
.asBase(0)
.stSubnet("string")
.build())
.wanPma(SettingWanPmaArgs.builder()
.enabled(false)
.build())
.wiredPma(SettingWiredPmaArgs.builder()
.enabled(false)
.build())
.mistNac(SettingMistNacArgs.builder()
.cacerts("string")
.defaultIdpId("string")
.disableRsaeAlgorithms(false)
.eapSslSecurityLevel(0)
.euOnly(false)
.idpMachineCertLookupField("string")
.idpUserCertLookupField("string")
.idps(SettingMistNacIdpArgs.builder()
.id("string")
.userRealms("string")
.excludeRealms("string")
.build())
.serverCert(SettingMistNacServerCertArgs.builder()
.cert("string")
.key("string")
.password("string")
.build())
.useIpVersion("string")
.useSslPort(false)
.build())
.build());
setting_resource = junipermist.org.Setting("settingResource",
org_id="string",
mgmt={
"mxtunnel_ids": ["string"],
"use_mxtunnel": False,
"use_wxtunnel": False,
},
celona={
"api_key": "string",
"api_prefix": "string",
},
mxedge_fips_enabled=False,
cloudshark={
"apitoken": "string",
"url": "string",
},
cradlepoint={
"cp_api_id": "string",
"cp_api_key": "string",
"ecm_api_id": "string",
"ecm_api_key": "string",
},
device_cert={
"cert": "string",
"key": "string",
},
device_updown_threshold=0,
disable_pcap=False,
disable_remote_shell=False,
gateway_updown_threshold=0,
installer={
"allow_all_devices": False,
"allow_all_sites": False,
"extra_site_ids": ["string"],
"grace_period": 0,
},
jcloud={
"org_apitoken": "string",
"org_apitoken_name": "string",
"org_id": "string",
},
jcloud_ra={
"org_apitoken": "string",
"org_apitoken_name": "string",
"org_id": "string",
},
ap_updown_threshold=0,
wireless_pma={
"enabled": False,
},
cacerts=["string"],
mxedge_mgmt={
"fips_enabled": False,
"mist_password": "string",
"oob_ip_type": "string",
"oob_ip_type6": "string",
"root_password": "string",
},
optic_port_config={
"string": {
"channelized": False,
"speed": "string",
},
},
api_policy={
"no_reveal": False,
},
password_policy={
"enabled": False,
"expiry_in_days": 0,
"min_length": 0,
"requires_special_char": False,
"requires_two_factor_auth": False,
},
pcap={
"bucket": "string",
"max_pkt_len": 0,
},
security={
"disable_local_ssh": False,
"fips_zeroize_password": "string",
"limit_ssh_access": False,
},
switch_mgmt={
"ap_affinity_threshold": 0,
},
switch_updown_threshold=0,
synthetic_test={
"disabled": False,
"vlans": [{
"custom_test_urls": ["string"],
"disabled": False,
"vlan_ids": ["string"],
}],
"wan_speedtest": {
"enabled": False,
"time_of_day": "string",
},
},
ui_idle_timeout=0,
vpn_options={
"as_base": 0,
"st_subnet": "string",
},
wan_pma={
"enabled": False,
},
wired_pma={
"enabled": False,
},
mist_nac={
"cacerts": ["string"],
"default_idp_id": "string",
"disable_rsae_algorithms": False,
"eap_ssl_security_level": 0,
"eu_only": False,
"idp_machine_cert_lookup_field": "string",
"idp_user_cert_lookup_field": "string",
"idps": [{
"id": "string",
"user_realms": ["string"],
"exclude_realms": ["string"],
}],
"server_cert": {
"cert": "string",
"key": "string",
"password": "string",
},
"use_ip_version": "string",
"use_ssl_port": False,
})
const settingResource = new junipermist.org.Setting("settingResource", {
orgId: "string",
mgmt: {
mxtunnelIds: ["string"],
useMxtunnel: false,
useWxtunnel: false,
},
celona: {
apiKey: "string",
apiPrefix: "string",
},
mxedgeFipsEnabled: false,
cloudshark: {
apitoken: "string",
url: "string",
},
cradlepoint: {
cpApiId: "string",
cpApiKey: "string",
ecmApiId: "string",
ecmApiKey: "string",
},
deviceCert: {
cert: "string",
key: "string",
},
deviceUpdownThreshold: 0,
disablePcap: false,
disableRemoteShell: false,
gatewayUpdownThreshold: 0,
installer: {
allowAllDevices: false,
allowAllSites: false,
extraSiteIds: ["string"],
gracePeriod: 0,
},
jcloud: {
orgApitoken: "string",
orgApitokenName: "string",
orgId: "string",
},
jcloudRa: {
orgApitoken: "string",
orgApitokenName: "string",
orgId: "string",
},
apUpdownThreshold: 0,
wirelessPma: {
enabled: false,
},
cacerts: ["string"],
mxedgeMgmt: {
fipsEnabled: false,
mistPassword: "string",
oobIpType: "string",
oobIpType6: "string",
rootPassword: "string",
},
opticPortConfig: {
string: {
channelized: false,
speed: "string",
},
},
apiPolicy: {
noReveal: false,
},
passwordPolicy: {
enabled: false,
expiryInDays: 0,
minLength: 0,
requiresSpecialChar: false,
requiresTwoFactorAuth: false,
},
pcap: {
bucket: "string",
maxPktLen: 0,
},
security: {
disableLocalSsh: false,
fipsZeroizePassword: "string",
limitSshAccess: false,
},
switchMgmt: {
apAffinityThreshold: 0,
},
switchUpdownThreshold: 0,
syntheticTest: {
disabled: false,
vlans: [{
customTestUrls: ["string"],
disabled: false,
vlanIds: ["string"],
}],
wanSpeedtest: {
enabled: false,
timeOfDay: "string",
},
},
uiIdleTimeout: 0,
vpnOptions: {
asBase: 0,
stSubnet: "string",
},
wanPma: {
enabled: false,
},
wiredPma: {
enabled: false,
},
mistNac: {
cacerts: ["string"],
defaultIdpId: "string",
disableRsaeAlgorithms: false,
eapSslSecurityLevel: 0,
euOnly: false,
idpMachineCertLookupField: "string",
idpUserCertLookupField: "string",
idps: [{
id: "string",
userRealms: ["string"],
excludeRealms: ["string"],
}],
serverCert: {
cert: "string",
key: "string",
password: "string",
},
useIpVersion: "string",
useSslPort: false,
},
});
type: junipermist:org:Setting
properties:
apUpdownThreshold: 0
apiPolicy:
noReveal: false
cacerts:
- string
celona:
apiKey: string
apiPrefix: string
cloudshark:
apitoken: string
url: string
cradlepoint:
cpApiId: string
cpApiKey: string
ecmApiId: string
ecmApiKey: string
deviceCert:
cert: string
key: string
deviceUpdownThreshold: 0
disablePcap: false
disableRemoteShell: false
gatewayUpdownThreshold: 0
installer:
allowAllDevices: false
allowAllSites: false
extraSiteIds:
- string
gracePeriod: 0
jcloud:
orgApitoken: string
orgApitokenName: string
orgId: string
jcloudRa:
orgApitoken: string
orgApitokenName: string
orgId: string
mgmt:
mxtunnelIds:
- string
useMxtunnel: false
useWxtunnel: false
mistNac:
cacerts:
- string
defaultIdpId: string
disableRsaeAlgorithms: false
eapSslSecurityLevel: 0
euOnly: false
idpMachineCertLookupField: string
idpUserCertLookupField: string
idps:
- excludeRealms:
- string
id: string
userRealms:
- string
serverCert:
cert: string
key: string
password: string
useIpVersion: string
useSslPort: false
mxedgeFipsEnabled: false
mxedgeMgmt:
fipsEnabled: false
mistPassword: string
oobIpType: string
oobIpType6: string
rootPassword: string
opticPortConfig:
string:
channelized: false
speed: string
orgId: string
passwordPolicy:
enabled: false
expiryInDays: 0
minLength: 0
requiresSpecialChar: false
requiresTwoFactorAuth: false
pcap:
bucket: string
maxPktLen: 0
security:
disableLocalSsh: false
fipsZeroizePassword: string
limitSshAccess: false
switchMgmt:
apAffinityThreshold: 0
switchUpdownThreshold: 0
syntheticTest:
disabled: false
vlans:
- customTestUrls:
- string
disabled: false
vlanIds:
- string
wanSpeedtest:
enabled: false
timeOfDay: string
uiIdleTimeout: 0
vpnOptions:
asBase: 0
stSubnet: string
wanPma:
enabled: false
wiredPma:
enabled: false
wirelessPma:
enabled: false
Setting Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Setting resource accepts the following input properties:
- Org
Id string - Ap
Updown intThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - Api
Policy Pulumi.Juniper Mist. Org. Inputs. Setting Api Policy - Cacerts List<string>
- list of PEM-encoded ca certs
- Celona
Pulumi.
Juniper Mist. Org. Inputs. Setting Celona - Cloudshark
Pulumi.
Juniper Mist. Org. Inputs. Setting Cloudshark - Cradlepoint
Pulumi.
Juniper Mist. Org. Inputs. Setting Cradlepoint - Device
Cert Pulumi.Juniper Mist. Org. Inputs. Setting Device Cert - common device cert, optional
- Device
Updown intThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- Disable
Pcap bool - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- Disable
Remote boolShell - whether to disable remote shell access for an entire org
- Gateway
Updown intThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - Installer
Pulumi.
Juniper Mist. Org. Inputs. Setting Installer - Jcloud
Pulumi.
Juniper Mist. Org. Inputs. Setting Jcloud - Jcloud
Ra Pulumi.Juniper Mist. Org. Inputs. Setting Jcloud Ra - JCloud Routing Assurance connexion
- Mgmt
Pulumi.
Juniper Mist. Org. Inputs. Setting Mgmt - management-related properties
- Mist
Nac Pulumi.Juniper Mist. Org. Inputs. Setting Mist Nac - Mxedge
Fips boolEnabled - Mxedge
Mgmt Pulumi.Juniper Mist. Org. Inputs. Setting Mxedge Mgmt - Optic
Port Dictionary<string, Pulumi.Config Juniper Mist. Org. Inputs. Setting Optic Port Config Args> - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - Password
Policy Pulumi.Juniper Mist. Org. Inputs. Setting Password Policy - password policy
- Pcap
Pulumi.
Juniper Mist. Org. Inputs. Setting Pcap - Security
Pulumi.
Juniper Mist. Org. Inputs. Setting Security - Switch
Mgmt Pulumi.Juniper Mist. Org. Inputs. Setting Switch Mgmt - Switch
Updown intThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - Synthetic
Test Pulumi.Juniper Mist. Org. Inputs. Setting Synthetic Test - Ui
Idle intTimeout - automatically logout the user when UI session is inactive.
0
means disabled - Vpn
Options Pulumi.Juniper Mist. Org. Inputs. Setting Vpn Options - Wan
Pma Pulumi.Juniper Mist. Org. Inputs. Setting Wan Pma - Wired
Pma Pulumi.Juniper Mist. Org. Inputs. Setting Wired Pma - Wireless
Pma Pulumi.Juniper Mist. Org. Inputs. Setting Wireless Pma
- Org
Id string - Ap
Updown intThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - Api
Policy SettingApi Policy Args - Cacerts []string
- list of PEM-encoded ca certs
- Celona
Setting
Celona Args - Cloudshark
Setting
Cloudshark Args - Cradlepoint
Setting
Cradlepoint Args - Device
Cert SettingDevice Cert Args - common device cert, optional
- Device
Updown intThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- Disable
Pcap bool - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- Disable
Remote boolShell - whether to disable remote shell access for an entire org
- Gateway
Updown intThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - Installer
Setting
Installer Args - Jcloud
Setting
Jcloud Args - Jcloud
Ra SettingJcloud Ra Args - JCloud Routing Assurance connexion
- Mgmt
Setting
Mgmt Args - management-related properties
- Mist
Nac SettingMist Nac Args - Mxedge
Fips boolEnabled - Mxedge
Mgmt SettingMxedge Mgmt Args - Optic
Port map[string]SettingConfig Optic Port Config Args - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - Password
Policy SettingPassword Policy Args - password policy
- Pcap
Setting
Pcap Args - Security
Setting
Security Args - Switch
Mgmt SettingSwitch Mgmt Args - Switch
Updown intThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - Synthetic
Test SettingSynthetic Test Args - Ui
Idle intTimeout - automatically logout the user when UI session is inactive.
0
means disabled - Vpn
Options SettingVpn Options Args - Wan
Pma SettingWan Pma Args - Wired
Pma SettingWired Pma Args - Wireless
Pma SettingWireless Pma Args
- org
Id String - ap
Updown IntegerThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - api
Policy SettingApi Policy - cacerts List<String>
- list of PEM-encoded ca certs
- celona
Setting
Celona - cloudshark
Setting
Cloudshark - cradlepoint
Setting
Cradlepoint - device
Cert SettingDevice Cert - common device cert, optional
- device
Updown IntegerThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- disable
Pcap Boolean - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- disable
Remote BooleanShell - whether to disable remote shell access for an entire org
- gateway
Updown IntegerThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - installer
Setting
Installer - jcloud
Setting
Jcloud - jcloud
Ra SettingJcloud Ra - JCloud Routing Assurance connexion
- mgmt
Setting
Mgmt - management-related properties
- mist
Nac SettingMist Nac - mxedge
Fips BooleanEnabled - mxedge
Mgmt SettingMxedge Mgmt - optic
Port Map<String,SettingConfig Optic Port Config Args> - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - password
Policy SettingPassword Policy - password policy
- pcap
Setting
Pcap - security
Setting
Security - switch
Mgmt SettingSwitch Mgmt - switch
Updown IntegerThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - synthetic
Test SettingSynthetic Test - ui
Idle IntegerTimeout - automatically logout the user when UI session is inactive.
0
means disabled - vpn
Options SettingVpn Options - wan
Pma SettingWan Pma - wired
Pma SettingWired Pma - wireless
Pma SettingWireless Pma
- org
Id string - ap
Updown numberThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - api
Policy SettingApi Policy - cacerts string[]
- list of PEM-encoded ca certs
- celona
Setting
Celona - cloudshark
Setting
Cloudshark - cradlepoint
Setting
Cradlepoint - device
Cert SettingDevice Cert - common device cert, optional
- device
Updown numberThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- disable
Pcap boolean - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- disable
Remote booleanShell - whether to disable remote shell access for an entire org
- gateway
Updown numberThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - installer
Setting
Installer - jcloud
Setting
Jcloud - jcloud
Ra SettingJcloud Ra - JCloud Routing Assurance connexion
- mgmt
Setting
Mgmt - management-related properties
- mist
Nac SettingMist Nac - mxedge
Fips booleanEnabled - mxedge
Mgmt SettingMxedge Mgmt - optic
Port {[key: string]: SettingConfig Optic Port Config Args} - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - password
Policy SettingPassword Policy - password policy
- pcap
Setting
Pcap - security
Setting
Security - switch
Mgmt SettingSwitch Mgmt - switch
Updown numberThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - synthetic
Test SettingSynthetic Test - ui
Idle numberTimeout - automatically logout the user when UI session is inactive.
0
means disabled - vpn
Options SettingVpn Options - wan
Pma SettingWan Pma - wired
Pma SettingWired Pma - wireless
Pma SettingWireless Pma
- org_
id str - ap_
updown_ intthreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - api_
policy SettingApi Policy Args - cacerts Sequence[str]
- list of PEM-encoded ca certs
- celona
Setting
Celona Args - cloudshark
Setting
Cloudshark Args - cradlepoint
Setting
Cradlepoint Args - device_
cert SettingDevice Cert Args - common device cert, optional
- device_
updown_ intthreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- disable_
pcap bool - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- disable_
remote_ boolshell - whether to disable remote shell access for an entire org
- gateway_
updown_ intthreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - installer
Setting
Installer Args - jcloud
Setting
Jcloud Args - jcloud_
ra SettingJcloud Ra Args - JCloud Routing Assurance connexion
- mgmt
Setting
Mgmt Args - management-related properties
- mist_
nac SettingMist Nac Args - mxedge_
fips_ boolenabled - mxedge_
mgmt SettingMxedge Mgmt Args - optic_
port_ Mapping[str, Settingconfig Optic Port Config Args] - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - password_
policy SettingPassword Policy Args - password policy
- pcap
Setting
Pcap Args - security
Setting
Security Args - switch_
mgmt SettingSwitch Mgmt Args - switch_
updown_ intthreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - synthetic_
test SettingSynthetic Test Args - ui_
idle_ inttimeout - automatically logout the user when UI session is inactive.
0
means disabled - vpn_
options SettingVpn Options Args - wan_
pma SettingWan Pma Args - wired_
pma SettingWired Pma Args - wireless_
pma SettingWireless Pma Args
- org
Id String - ap
Updown NumberThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - api
Policy Property Map - cacerts List<String>
- list of PEM-encoded ca certs
- celona Property Map
- cloudshark Property Map
- cradlepoint Property Map
- device
Cert Property Map - common device cert, optional
- device
Updown NumberThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- disable
Pcap Boolean - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- disable
Remote BooleanShell - whether to disable remote shell access for an entire org
- gateway
Updown NumberThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - installer Property Map
- jcloud Property Map
- jcloud
Ra Property Map - JCloud Routing Assurance connexion
- mgmt Property Map
- management-related properties
- mist
Nac Property Map - mxedge
Fips BooleanEnabled - mxedge
Mgmt Property Map - optic
Port Map<Property Map>Config - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - password
Policy Property Map - password policy
- pcap Property Map
- security Property Map
- switch
Mgmt Property Map - switch
Updown NumberThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - synthetic
Test Property Map - ui
Idle NumberTimeout - automatically logout the user when UI session is inactive.
0
means disabled - vpn
Options Property Map - wan
Pma Property Map - wired
Pma Property Map - wireless
Pma Property Map
Outputs
All input properties are implicitly available as output properties. Additionally, the Setting resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Juniper
Pulumi.
Juniper Mist. Org. Outputs. Setting Juniper
- Id string
- The provider-assigned unique ID for this managed resource.
- Juniper
Setting
Juniper
- id String
- The provider-assigned unique ID for this managed resource.
- juniper
Setting
Juniper
- id string
- The provider-assigned unique ID for this managed resource.
- juniper
Setting
Juniper
- id str
- The provider-assigned unique ID for this managed resource.
- juniper
Setting
Juniper
- id String
- The provider-assigned unique ID for this managed resource.
- juniper Property Map
Look up Existing Setting Resource
Get an existing Setting resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SettingState, opts?: CustomResourceOptions): Setting
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
ap_updown_threshold: Optional[int] = None,
api_policy: Optional[SettingApiPolicyArgs] = None,
cacerts: Optional[Sequence[str]] = None,
celona: Optional[SettingCelonaArgs] = None,
cloudshark: Optional[SettingCloudsharkArgs] = None,
cradlepoint: Optional[SettingCradlepointArgs] = None,
device_cert: Optional[SettingDeviceCertArgs] = None,
device_updown_threshold: Optional[int] = None,
disable_pcap: Optional[bool] = None,
disable_remote_shell: Optional[bool] = None,
gateway_updown_threshold: Optional[int] = None,
installer: Optional[SettingInstallerArgs] = None,
jcloud: Optional[SettingJcloudArgs] = None,
jcloud_ra: Optional[SettingJcloudRaArgs] = None,
juniper: Optional[SettingJuniperArgs] = None,
mgmt: Optional[SettingMgmtArgs] = None,
mist_nac: Optional[SettingMistNacArgs] = None,
mxedge_fips_enabled: Optional[bool] = None,
mxedge_mgmt: Optional[SettingMxedgeMgmtArgs] = None,
optic_port_config: Optional[Mapping[str, SettingOpticPortConfigArgs]] = None,
org_id: Optional[str] = None,
password_policy: Optional[SettingPasswordPolicyArgs] = None,
pcap: Optional[SettingPcapArgs] = None,
security: Optional[SettingSecurityArgs] = None,
switch_mgmt: Optional[SettingSwitchMgmtArgs] = None,
switch_updown_threshold: Optional[int] = None,
synthetic_test: Optional[SettingSyntheticTestArgs] = None,
ui_idle_timeout: Optional[int] = None,
vpn_options: Optional[SettingVpnOptionsArgs] = None,
wan_pma: Optional[SettingWanPmaArgs] = None,
wired_pma: Optional[SettingWiredPmaArgs] = None,
wireless_pma: Optional[SettingWirelessPmaArgs] = None) -> Setting
func GetSetting(ctx *Context, name string, id IDInput, state *SettingState, opts ...ResourceOption) (*Setting, error)
public static Setting Get(string name, Input<string> id, SettingState? state, CustomResourceOptions? opts = null)
public static Setting get(String name, Output<String> id, SettingState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Ap
Updown intThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - Api
Policy Pulumi.Juniper Mist. Org. Inputs. Setting Api Policy - Cacerts List<string>
- list of PEM-encoded ca certs
- Celona
Pulumi.
Juniper Mist. Org. Inputs. Setting Celona - Cloudshark
Pulumi.
Juniper Mist. Org. Inputs. Setting Cloudshark - Cradlepoint
Pulumi.
Juniper Mist. Org. Inputs. Setting Cradlepoint - Device
Cert Pulumi.Juniper Mist. Org. Inputs. Setting Device Cert - common device cert, optional
- Device
Updown intThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- Disable
Pcap bool - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- Disable
Remote boolShell - whether to disable remote shell access for an entire org
- Gateway
Updown intThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - Installer
Pulumi.
Juniper Mist. Org. Inputs. Setting Installer - Jcloud
Pulumi.
Juniper Mist. Org. Inputs. Setting Jcloud - Jcloud
Ra Pulumi.Juniper Mist. Org. Inputs. Setting Jcloud Ra - JCloud Routing Assurance connexion
- Juniper
Pulumi.
Juniper Mist. Org. Inputs. Setting Juniper - Mgmt
Pulumi.
Juniper Mist. Org. Inputs. Setting Mgmt - management-related properties
- Mist
Nac Pulumi.Juniper Mist. Org. Inputs. Setting Mist Nac - Mxedge
Fips boolEnabled - Mxedge
Mgmt Pulumi.Juniper Mist. Org. Inputs. Setting Mxedge Mgmt - Optic
Port Dictionary<string, Pulumi.Config Juniper Mist. Org. Inputs. Setting Optic Port Config Args> - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - Org
Id string - Password
Policy Pulumi.Juniper Mist. Org. Inputs. Setting Password Policy - password policy
- Pcap
Pulumi.
Juniper Mist. Org. Inputs. Setting Pcap - Security
Pulumi.
Juniper Mist. Org. Inputs. Setting Security - Switch
Mgmt Pulumi.Juniper Mist. Org. Inputs. Setting Switch Mgmt - Switch
Updown intThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - Synthetic
Test Pulumi.Juniper Mist. Org. Inputs. Setting Synthetic Test - Ui
Idle intTimeout - automatically logout the user when UI session is inactive.
0
means disabled - Vpn
Options Pulumi.Juniper Mist. Org. Inputs. Setting Vpn Options - Wan
Pma Pulumi.Juniper Mist. Org. Inputs. Setting Wan Pma - Wired
Pma Pulumi.Juniper Mist. Org. Inputs. Setting Wired Pma - Wireless
Pma Pulumi.Juniper Mist. Org. Inputs. Setting Wireless Pma
- Ap
Updown intThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - Api
Policy SettingApi Policy Args - Cacerts []string
- list of PEM-encoded ca certs
- Celona
Setting
Celona Args - Cloudshark
Setting
Cloudshark Args - Cradlepoint
Setting
Cradlepoint Args - Device
Cert SettingDevice Cert Args - common device cert, optional
- Device
Updown intThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- Disable
Pcap bool - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- Disable
Remote boolShell - whether to disable remote shell access for an entire org
- Gateway
Updown intThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - Installer
Setting
Installer Args - Jcloud
Setting
Jcloud Args - Jcloud
Ra SettingJcloud Ra Args - JCloud Routing Assurance connexion
- Juniper
Setting
Juniper Args - Mgmt
Setting
Mgmt Args - management-related properties
- Mist
Nac SettingMist Nac Args - Mxedge
Fips boolEnabled - Mxedge
Mgmt SettingMxedge Mgmt Args - Optic
Port map[string]SettingConfig Optic Port Config Args - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - Org
Id string - Password
Policy SettingPassword Policy Args - password policy
- Pcap
Setting
Pcap Args - Security
Setting
Security Args - Switch
Mgmt SettingSwitch Mgmt Args - Switch
Updown intThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - Synthetic
Test SettingSynthetic Test Args - Ui
Idle intTimeout - automatically logout the user when UI session is inactive.
0
means disabled - Vpn
Options SettingVpn Options Args - Wan
Pma SettingWan Pma Args - Wired
Pma SettingWired Pma Args - Wireless
Pma SettingWireless Pma Args
- ap
Updown IntegerThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - api
Policy SettingApi Policy - cacerts List<String>
- list of PEM-encoded ca certs
- celona
Setting
Celona - cloudshark
Setting
Cloudshark - cradlepoint
Setting
Cradlepoint - device
Cert SettingDevice Cert - common device cert, optional
- device
Updown IntegerThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- disable
Pcap Boolean - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- disable
Remote BooleanShell - whether to disable remote shell access for an entire org
- gateway
Updown IntegerThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - installer
Setting
Installer - jcloud
Setting
Jcloud - jcloud
Ra SettingJcloud Ra - JCloud Routing Assurance connexion
- juniper
Setting
Juniper - mgmt
Setting
Mgmt - management-related properties
- mist
Nac SettingMist Nac - mxedge
Fips BooleanEnabled - mxedge
Mgmt SettingMxedge Mgmt - optic
Port Map<String,SettingConfig Optic Port Config Args> - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - org
Id String - password
Policy SettingPassword Policy - password policy
- pcap
Setting
Pcap - security
Setting
Security - switch
Mgmt SettingSwitch Mgmt - switch
Updown IntegerThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - synthetic
Test SettingSynthetic Test - ui
Idle IntegerTimeout - automatically logout the user when UI session is inactive.
0
means disabled - vpn
Options SettingVpn Options - wan
Pma SettingWan Pma - wired
Pma SettingWired Pma - wireless
Pma SettingWireless Pma
- ap
Updown numberThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - api
Policy SettingApi Policy - cacerts string[]
- list of PEM-encoded ca certs
- celona
Setting
Celona - cloudshark
Setting
Cloudshark - cradlepoint
Setting
Cradlepoint - device
Cert SettingDevice Cert - common device cert, optional
- device
Updown numberThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- disable
Pcap boolean - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- disable
Remote booleanShell - whether to disable remote shell access for an entire org
- gateway
Updown numberThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - installer
Setting
Installer - jcloud
Setting
Jcloud - jcloud
Ra SettingJcloud Ra - JCloud Routing Assurance connexion
- juniper
Setting
Juniper - mgmt
Setting
Mgmt - management-related properties
- mist
Nac SettingMist Nac - mxedge
Fips booleanEnabled - mxedge
Mgmt SettingMxedge Mgmt - optic
Port {[key: string]: SettingConfig Optic Port Config Args} - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - org
Id string - password
Policy SettingPassword Policy - password policy
- pcap
Setting
Pcap - security
Setting
Security - switch
Mgmt SettingSwitch Mgmt - switch
Updown numberThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - synthetic
Test SettingSynthetic Test - ui
Idle numberTimeout - automatically logout the user when UI session is inactive.
0
means disabled - vpn
Options SettingVpn Options - wan
Pma SettingWan Pma - wired
Pma SettingWired Pma - wireless
Pma SettingWireless Pma
- ap_
updown_ intthreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - api_
policy SettingApi Policy Args - cacerts Sequence[str]
- list of PEM-encoded ca certs
- celona
Setting
Celona Args - cloudshark
Setting
Cloudshark Args - cradlepoint
Setting
Cradlepoint Args - device_
cert SettingDevice Cert Args - common device cert, optional
- device_
updown_ intthreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- disable_
pcap bool - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- disable_
remote_ boolshell - whether to disable remote shell access for an entire org
- gateway_
updown_ intthreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - installer
Setting
Installer Args - jcloud
Setting
Jcloud Args - jcloud_
ra SettingJcloud Ra Args - JCloud Routing Assurance connexion
- juniper
Setting
Juniper Args - mgmt
Setting
Mgmt Args - management-related properties
- mist_
nac SettingMist Nac Args - mxedge_
fips_ boolenabled - mxedge_
mgmt SettingMxedge Mgmt Args - optic_
port_ Mapping[str, Settingconfig Optic Port Config Args] - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - org_
id str - password_
policy SettingPassword Policy Args - password policy
- pcap
Setting
Pcap Args - security
Setting
Security Args - switch_
mgmt SettingSwitch Mgmt Args - switch_
updown_ intthreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - synthetic_
test SettingSynthetic Test Args - ui_
idle_ inttimeout - automatically logout the user when UI session is inactive.
0
means disabled - vpn_
options SettingVpn Options Args - wan_
pma SettingWan Pma Args - wired_
pma SettingWired Pma Args - wireless_
pma SettingWireless Pma Args
- ap
Updown NumberThreshold - enable threshold-based device down delivery for AP devices only. When configured it takes effect for AP devices and
device_updown_threshold
is ignored. - api
Policy Property Map - cacerts List<String>
- list of PEM-encoded ca certs
- celona Property Map
- cloudshark Property Map
- cradlepoint Property Map
- device
Cert Property Map - common device cert, optional
- device
Updown NumberThreshold - enable threshold-based device down delivery via * device-updowns webhooks topic, * Mist Alert Framework; e.g. send AP/SW/GW down event only if AP/SW/GW Up is not seen within the threshold in minutes; 0 - 240, default is 0 (trigger immediate)
- disable
Pcap Boolean - whether to disallow Mist to analyze pcap files (this is required for marvis pcap)
- disable
Remote BooleanShell - whether to disable remote shell access for an entire org
- gateway
Updown NumberThreshold - enable threshold-based device down delivery for Gateway devices only. When configured it takes effect for GW devices and
device_updown_threshold
is ignored. - installer Property Map
- jcloud Property Map
- jcloud
Ra Property Map - JCloud Routing Assurance connexion
- juniper Property Map
- mgmt Property Map
- management-related properties
- mist
Nac Property Map - mxedge
Fips BooleanEnabled - mxedge
Mgmt Property Map - optic
Port Map<Property Map>Config - Property key is the interface name or range (e.g.
et-0/0/47
,et-0/0/48-49
) - org
Id String - password
Policy Property Map - password policy
- pcap Property Map
- security Property Map
- switch
Mgmt Property Map - switch
Updown NumberThreshold - enable threshold-based device down delivery for Switch devices only. When configured it takes effect for SW devices and
device_updown_threshold
is ignored. - synthetic
Test Property Map - ui
Idle NumberTimeout - automatically logout the user when UI session is inactive.
0
means disabled - vpn
Options Property Map - wan
Pma Property Map - wired
Pma Property Map - wireless
Pma Property Map
Supporting Types
SettingApiPolicy, SettingApiPolicyArgs
- No
Reveal bool - by default, API hides password/secrets when the user doesn't have write access
true
: API will hide passwords/secrets for all usersfalse
: API will hide passwords/secrets for read-only users
- No
Reveal bool - by default, API hides password/secrets when the user doesn't have write access
true
: API will hide passwords/secrets for all usersfalse
: API will hide passwords/secrets for read-only users
- no
Reveal Boolean - by default, API hides password/secrets when the user doesn't have write access
true
: API will hide passwords/secrets for all usersfalse
: API will hide passwords/secrets for read-only users
- no
Reveal boolean - by default, API hides password/secrets when the user doesn't have write access
true
: API will hide passwords/secrets for all usersfalse
: API will hide passwords/secrets for read-only users
- no_
reveal bool - by default, API hides password/secrets when the user doesn't have write access
true
: API will hide passwords/secrets for all usersfalse
: API will hide passwords/secrets for read-only users
- no
Reveal Boolean - by default, API hides password/secrets when the user doesn't have write access
true
: API will hide passwords/secrets for all usersfalse
: API will hide passwords/secrets for read-only users
SettingCelona, SettingCelonaArgs
- api_
key str - api_
prefix str
SettingCloudshark, SettingCloudsharkArgs
SettingCradlepoint, SettingCradlepointArgs
- cp_
api_ strid - cp_
api_ strkey - ecm_
api_ strid - ecm_
api_ strkey
SettingDeviceCert, SettingDeviceCertArgs
SettingInstaller, SettingInstallerArgs
- Allow
All boolDevices - Allow
All boolSites - Extra
Site List<string>Ids - Grace
Period int
- Allow
All boolDevices - Allow
All boolSites - Extra
Site []stringIds - Grace
Period int
- allow
All BooleanDevices - allow
All BooleanSites - extra
Site List<String>Ids - grace
Period Integer
- allow
All booleanDevices - allow
All booleanSites - extra
Site string[]Ids - grace
Period number
- allow_
all_ booldevices - allow_
all_ boolsites - extra_
site_ Sequence[str]ids - grace_
period int
- allow
All BooleanDevices - allow
All BooleanSites - extra
Site List<String>Ids - grace
Period Number
SettingJcloud, SettingJcloudArgs
- Org
Apitoken string - JCloud Org Token
- Org
Apitoken stringName - JCloud Org Token Name
- Org
Id string - JCloud Org ID
- Org
Apitoken string - JCloud Org Token
- Org
Apitoken stringName - JCloud Org Token Name
- Org
Id string - JCloud Org ID
- org
Apitoken String - JCloud Org Token
- org
Apitoken StringName - JCloud Org Token Name
- org
Id String - JCloud Org ID
- org
Apitoken string - JCloud Org Token
- org
Apitoken stringName - JCloud Org Token Name
- org
Id string - JCloud Org ID
- org_
apitoken str - JCloud Org Token
- org_
apitoken_ strname - JCloud Org Token Name
- org_
id str - JCloud Org ID
- org
Apitoken String - JCloud Org Token
- org
Apitoken StringName - JCloud Org Token Name
- org
Id String - JCloud Org ID
SettingJcloudRa, SettingJcloudRaArgs
- Org
Apitoken string - JCloud Routing Assurance Org Token
- Org
Apitoken stringName - JCloud Routing Assurance Org Token Name
- Org
Id string - JCloud Routing Assurance Org ID
- Org
Apitoken string - JCloud Routing Assurance Org Token
- Org
Apitoken stringName - JCloud Routing Assurance Org Token Name
- Org
Id string - JCloud Routing Assurance Org ID
- org
Apitoken String - JCloud Routing Assurance Org Token
- org
Apitoken StringName - JCloud Routing Assurance Org Token Name
- org
Id String - JCloud Routing Assurance Org ID
- org
Apitoken string - JCloud Routing Assurance Org Token
- org
Apitoken stringName - JCloud Routing Assurance Org Token Name
- org
Id string - JCloud Routing Assurance Org ID
- org_
apitoken str - JCloud Routing Assurance Org Token
- org_
apitoken_ strname - JCloud Routing Assurance Org Token Name
- org_
id str - JCloud Routing Assurance Org ID
- org
Apitoken String - JCloud Routing Assurance Org Token
- org
Apitoken StringName - JCloud Routing Assurance Org Token Name
- org
Id String - JCloud Routing Assurance Org ID
SettingJuniper, SettingJuniperArgs
SettingJuniperAccount, SettingJuniperAccountArgs
SettingMgmt, SettingMgmtArgs
- Mxtunnel
Ids List<string> - list of Mist Tunnels
- Use
Mxtunnel bool - whether to use Mist Tunnel for mgmt connectivity, this takes precedence over use_wxtunnel
- Use
Wxtunnel bool - whether to use wxtunnel for mgmt connectivity
- Mxtunnel
Ids []string - list of Mist Tunnels
- Use
Mxtunnel bool - whether to use Mist Tunnel for mgmt connectivity, this takes precedence over use_wxtunnel
- Use
Wxtunnel bool - whether to use wxtunnel for mgmt connectivity
- mxtunnel
Ids List<String> - list of Mist Tunnels
- use
Mxtunnel Boolean - whether to use Mist Tunnel for mgmt connectivity, this takes precedence over use_wxtunnel
- use
Wxtunnel Boolean - whether to use wxtunnel for mgmt connectivity
- mxtunnel
Ids string[] - list of Mist Tunnels
- use
Mxtunnel boolean - whether to use Mist Tunnel for mgmt connectivity, this takes precedence over use_wxtunnel
- use
Wxtunnel boolean - whether to use wxtunnel for mgmt connectivity
- mxtunnel_
ids Sequence[str] - list of Mist Tunnels
- use_
mxtunnel bool - whether to use Mist Tunnel for mgmt connectivity, this takes precedence over use_wxtunnel
- use_
wxtunnel bool - whether to use wxtunnel for mgmt connectivity
- mxtunnel
Ids List<String> - list of Mist Tunnels
- use
Mxtunnel Boolean - whether to use Mist Tunnel for mgmt connectivity, this takes precedence over use_wxtunnel
- use
Wxtunnel Boolean - whether to use wxtunnel for mgmt connectivity
SettingMistNac, SettingMistNacArgs
- Cacerts List<string>
- list of PEM-encoded ca certs
- Default
Idp stringId - use this IDP when no explicit realm present in the incoming username/CN OR when no IDP is explicitly mapped to the incoming realm.
- Disable
Rsae boolAlgorithms - to disable RSAE_PSS_SHA256, RSAE_PSS_SHA384, RSAE_PSS_SHA512 from server side. see https://www.openssl.org/docs/man3.0/man1/openssl-ciphers.html
- Eap
Ssl intSecurity Level - eap ssl security level see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR
- Eu
Only bool - By default NAC POD failover considers all NAC pods available around the globe, i.e. EU, US, or APAC based, failover happens based on geo IP of the originating site. For strict GDPR compliancy NAC POD failover would only happen between the PODs located within the EU environment, and no authentication would take place outside of EU. This is an org setting that is applicable to WLANs, switch templates, mxedge clusters that have mist_nac enabled
- Idp
Machine stringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field to use for IDP Machine Groups lookup. enum:
automatic
,cn
,dns
- Idp
User stringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field
to use for IDP User Groups lookup. enum:
automatic
,cn
,email
,upn
- Idps
List<Pulumi.
Juniper Mist. Org. Inputs. Setting Mist Nac Idp> - Server
Cert Pulumi.Juniper Mist. Org. Inputs. Setting Mist Nac Server Cert - radius server cert to be presented in EAP TLS
- Use
Ip stringVersion - by default NAS devices(switches/aps) and proxies(mxedge) are configured to reach mist-nac via IPv4. enum:
v4
,v6
- Use
Ssl boolPort - By default NAS devices (switches/aps) and proxies(mxedge) are configured to use port TCP2083(radsec) to reach mist-nac.
Set
use_ssl_port
==true
to override that port with TCP43 (ssl), This is a org level setting that is applicable to wlans, switch_templates, and mxedge_clusters that have mist-nac enabled
- Cacerts []string
- list of PEM-encoded ca certs
- Default
Idp stringId - use this IDP when no explicit realm present in the incoming username/CN OR when no IDP is explicitly mapped to the incoming realm.
- Disable
Rsae boolAlgorithms - to disable RSAE_PSS_SHA256, RSAE_PSS_SHA384, RSAE_PSS_SHA512 from server side. see https://www.openssl.org/docs/man3.0/man1/openssl-ciphers.html
- Eap
Ssl intSecurity Level - eap ssl security level see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR
- Eu
Only bool - By default NAC POD failover considers all NAC pods available around the globe, i.e. EU, US, or APAC based, failover happens based on geo IP of the originating site. For strict GDPR compliancy NAC POD failover would only happen between the PODs located within the EU environment, and no authentication would take place outside of EU. This is an org setting that is applicable to WLANs, switch templates, mxedge clusters that have mist_nac enabled
- Idp
Machine stringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field to use for IDP Machine Groups lookup. enum:
automatic
,cn
,dns
- Idp
User stringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field
to use for IDP User Groups lookup. enum:
automatic
,cn
,email
,upn
- Idps
[]Setting
Mist Nac Idp - Server
Cert SettingMist Nac Server Cert - radius server cert to be presented in EAP TLS
- Use
Ip stringVersion - by default NAS devices(switches/aps) and proxies(mxedge) are configured to reach mist-nac via IPv4. enum:
v4
,v6
- Use
Ssl boolPort - By default NAS devices (switches/aps) and proxies(mxedge) are configured to use port TCP2083(radsec) to reach mist-nac.
Set
use_ssl_port
==true
to override that port with TCP43 (ssl), This is a org level setting that is applicable to wlans, switch_templates, and mxedge_clusters that have mist-nac enabled
- cacerts List<String>
- list of PEM-encoded ca certs
- default
Idp StringId - use this IDP when no explicit realm present in the incoming username/CN OR when no IDP is explicitly mapped to the incoming realm.
- disable
Rsae BooleanAlgorithms - to disable RSAE_PSS_SHA256, RSAE_PSS_SHA384, RSAE_PSS_SHA512 from server side. see https://www.openssl.org/docs/man3.0/man1/openssl-ciphers.html
- eap
Ssl IntegerSecurity Level - eap ssl security level see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR
- eu
Only Boolean - By default NAC POD failover considers all NAC pods available around the globe, i.e. EU, US, or APAC based, failover happens based on geo IP of the originating site. For strict GDPR compliancy NAC POD failover would only happen between the PODs located within the EU environment, and no authentication would take place outside of EU. This is an org setting that is applicable to WLANs, switch templates, mxedge clusters that have mist_nac enabled
- idp
Machine StringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field to use for IDP Machine Groups lookup. enum:
automatic
,cn
,dns
- idp
User StringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field
to use for IDP User Groups lookup. enum:
automatic
,cn
,email
,upn
- idps
List<Setting
Mist Nac Idp> - server
Cert SettingMist Nac Server Cert - radius server cert to be presented in EAP TLS
- use
Ip StringVersion - by default NAS devices(switches/aps) and proxies(mxedge) are configured to reach mist-nac via IPv4. enum:
v4
,v6
- use
Ssl BooleanPort - By default NAS devices (switches/aps) and proxies(mxedge) are configured to use port TCP2083(radsec) to reach mist-nac.
Set
use_ssl_port
==true
to override that port with TCP43 (ssl), This is a org level setting that is applicable to wlans, switch_templates, and mxedge_clusters that have mist-nac enabled
- cacerts string[]
- list of PEM-encoded ca certs
- default
Idp stringId - use this IDP when no explicit realm present in the incoming username/CN OR when no IDP is explicitly mapped to the incoming realm.
- disable
Rsae booleanAlgorithms - to disable RSAE_PSS_SHA256, RSAE_PSS_SHA384, RSAE_PSS_SHA512 from server side. see https://www.openssl.org/docs/man3.0/man1/openssl-ciphers.html
- eap
Ssl numberSecurity Level - eap ssl security level see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR
- eu
Only boolean - By default NAC POD failover considers all NAC pods available around the globe, i.e. EU, US, or APAC based, failover happens based on geo IP of the originating site. For strict GDPR compliancy NAC POD failover would only happen between the PODs located within the EU environment, and no authentication would take place outside of EU. This is an org setting that is applicable to WLANs, switch templates, mxedge clusters that have mist_nac enabled
- idp
Machine stringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field to use for IDP Machine Groups lookup. enum:
automatic
,cn
,dns
- idp
User stringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field
to use for IDP User Groups lookup. enum:
automatic
,cn
,email
,upn
- idps
Setting
Mist Nac Idp[] - server
Cert SettingMist Nac Server Cert - radius server cert to be presented in EAP TLS
- use
Ip stringVersion - by default NAS devices(switches/aps) and proxies(mxedge) are configured to reach mist-nac via IPv4. enum:
v4
,v6
- use
Ssl booleanPort - By default NAS devices (switches/aps) and proxies(mxedge) are configured to use port TCP2083(radsec) to reach mist-nac.
Set
use_ssl_port
==true
to override that port with TCP43 (ssl), This is a org level setting that is applicable to wlans, switch_templates, and mxedge_clusters that have mist-nac enabled
- cacerts Sequence[str]
- list of PEM-encoded ca certs
- default_
idp_ strid - use this IDP when no explicit realm present in the incoming username/CN OR when no IDP is explicitly mapped to the incoming realm.
- disable_
rsae_ boolalgorithms - to disable RSAE_PSS_SHA256, RSAE_PSS_SHA384, RSAE_PSS_SHA512 from server side. see https://www.openssl.org/docs/man3.0/man1/openssl-ciphers.html
- eap_
ssl_ intsecurity_ level - eap ssl security level see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR
- eu_
only bool - By default NAC POD failover considers all NAC pods available around the globe, i.e. EU, US, or APAC based, failover happens based on geo IP of the originating site. For strict GDPR compliancy NAC POD failover would only happen between the PODs located within the EU environment, and no authentication would take place outside of EU. This is an org setting that is applicable to WLANs, switch templates, mxedge clusters that have mist_nac enabled
- idp_
machine_ strcert_ lookup_ field - allow customer to choose the EAP-TLS client certificate's field to use for IDP Machine Groups lookup. enum:
automatic
,cn
,dns
- idp_
user_ strcert_ lookup_ field - allow customer to choose the EAP-TLS client certificate's field
to use for IDP User Groups lookup. enum:
automatic
,cn
,email
,upn
- idps
Sequence[Setting
Mist Nac Idp] - server_
cert SettingMist Nac Server Cert - radius server cert to be presented in EAP TLS
- use_
ip_ strversion - by default NAS devices(switches/aps) and proxies(mxedge) are configured to reach mist-nac via IPv4. enum:
v4
,v6
- use_
ssl_ boolport - By default NAS devices (switches/aps) and proxies(mxedge) are configured to use port TCP2083(radsec) to reach mist-nac.
Set
use_ssl_port
==true
to override that port with TCP43 (ssl), This is a org level setting that is applicable to wlans, switch_templates, and mxedge_clusters that have mist-nac enabled
- cacerts List<String>
- list of PEM-encoded ca certs
- default
Idp StringId - use this IDP when no explicit realm present in the incoming username/CN OR when no IDP is explicitly mapped to the incoming realm.
- disable
Rsae BooleanAlgorithms - to disable RSAE_PSS_SHA256, RSAE_PSS_SHA384, RSAE_PSS_SHA512 from server side. see https://www.openssl.org/docs/man3.0/man1/openssl-ciphers.html
- eap
Ssl NumberSecurity Level - eap ssl security level see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR
- eu
Only Boolean - By default NAC POD failover considers all NAC pods available around the globe, i.e. EU, US, or APAC based, failover happens based on geo IP of the originating site. For strict GDPR compliancy NAC POD failover would only happen between the PODs located within the EU environment, and no authentication would take place outside of EU. This is an org setting that is applicable to WLANs, switch templates, mxedge clusters that have mist_nac enabled
- idp
Machine StringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field to use for IDP Machine Groups lookup. enum:
automatic
,cn
,dns
- idp
User StringCert Lookup Field - allow customer to choose the EAP-TLS client certificate's field
to use for IDP User Groups lookup. enum:
automatic
,cn
,email
,upn
- idps List<Property Map>
- server
Cert Property Map - radius server cert to be presented in EAP TLS
- use
Ip StringVersion - by default NAS devices(switches/aps) and proxies(mxedge) are configured to reach mist-nac via IPv4. enum:
v4
,v6
- use
Ssl BooleanPort - By default NAS devices (switches/aps) and proxies(mxedge) are configured to use port TCP2083(radsec) to reach mist-nac.
Set
use_ssl_port
==true
to override that port with TCP43 (ssl), This is a org level setting that is applicable to wlans, switch_templates, and mxedge_clusters that have mist-nac enabled
SettingMistNacIdp, SettingMistNacIdpArgs
- Id string
- ID of the
mist_nacidp
- User
Realms List<string> - which realm should trigger this IDP. User Realm is extracted from:
- Username-AVP (
mist.com
from john@mist.com) - Cert CN
- Username-AVP (
- Exclude
Realms List<string> - when the IDP of mxedge_proxy type, exclude the following realms from proxying in addition to other valid home realms in this org
- Id string
- ID of the
mist_nacidp
- User
Realms []string - which realm should trigger this IDP. User Realm is extracted from:
- Username-AVP (
mist.com
from john@mist.com) - Cert CN
- Username-AVP (
- Exclude
Realms []string - when the IDP of mxedge_proxy type, exclude the following realms from proxying in addition to other valid home realms in this org
- id String
- ID of the
mist_nacidp
- user
Realms List<String> - which realm should trigger this IDP. User Realm is extracted from:
- Username-AVP (
mist.com
from john@mist.com) - Cert CN
- Username-AVP (
- exclude
Realms List<String> - when the IDP of mxedge_proxy type, exclude the following realms from proxying in addition to other valid home realms in this org
- id string
- ID of the
mist_nacidp
- user
Realms string[] - which realm should trigger this IDP. User Realm is extracted from:
- Username-AVP (
mist.com
from john@mist.com) - Cert CN
- Username-AVP (
- exclude
Realms string[] - when the IDP of mxedge_proxy type, exclude the following realms from proxying in addition to other valid home realms in this org
- id str
- ID of the
mist_nacidp
- user_
realms Sequence[str] - which realm should trigger this IDP. User Realm is extracted from:
- Username-AVP (
mist.com
from john@mist.com) - Cert CN
- Username-AVP (
- exclude_
realms Sequence[str] - when the IDP of mxedge_proxy type, exclude the following realms from proxying in addition to other valid home realms in this org
- id String
- ID of the
mist_nacidp
- user
Realms List<String> - which realm should trigger this IDP. User Realm is extracted from:
- Username-AVP (
mist.com
from john@mist.com) - Cert CN
- Username-AVP (
- exclude
Realms List<String> - when the IDP of mxedge_proxy type, exclude the following realms from proxying in addition to other valid home realms in this org
SettingMistNacServerCert, SettingMistNacServerCertArgs
SettingMxedgeMgmt, SettingMxedgeMgmtArgs
- Fips
Enabled bool - Mist
Password string - Oob
Ip stringType - enum:
dhcp
,disabled
,static
- Oob
Ip stringType6 - enum:
autoconf
,dhcp
,disabled
,static
- Root
Password string
- Fips
Enabled bool - Mist
Password string - Oob
Ip stringType - enum:
dhcp
,disabled
,static
- Oob
Ip stringType6 - enum:
autoconf
,dhcp
,disabled
,static
- Root
Password string
- fips
Enabled Boolean - mist
Password String - oob
Ip StringType - enum:
dhcp
,disabled
,static
- oob
Ip StringType6 - enum:
autoconf
,dhcp
,disabled
,static
- root
Password String
- fips
Enabled boolean - mist
Password string - oob
Ip stringType - enum:
dhcp
,disabled
,static
- oob
Ip stringType6 - enum:
autoconf
,dhcp
,disabled
,static
- root
Password string
- fips_
enabled bool - mist_
password str - oob_
ip_ strtype - enum:
dhcp
,disabled
,static
- oob_
ip_ strtype6 - enum:
autoconf
,dhcp
,disabled
,static
- root_
password str
- fips
Enabled Boolean - mist
Password String - oob
Ip StringType - enum:
dhcp
,disabled
,static
- oob
Ip StringType6 - enum:
autoconf
,dhcp
,disabled
,static
- root
Password String
SettingOpticPortConfig, SettingOpticPortConfigArgs
- Channelized bool
- enable channelization
- Speed string
- interface speed (e.g.
25g
,50g
), use the chassis speed by default
- Channelized bool
- enable channelization
- Speed string
- interface speed (e.g.
25g
,50g
), use the chassis speed by default
- channelized Boolean
- enable channelization
- speed String
- interface speed (e.g.
25g
,50g
), use the chassis speed by default
- channelized boolean
- enable channelization
- speed string
- interface speed (e.g.
25g
,50g
), use the chassis speed by default
- channelized bool
- enable channelization
- speed str
- interface speed (e.g.
25g
,50g
), use the chassis speed by default
- channelized Boolean
- enable channelization
- speed String
- interface speed (e.g.
25g
,50g
), use the chassis speed by default
SettingPasswordPolicy, SettingPasswordPolicyArgs
- Enabled bool
- whether the policy is enabled
- Expiry
In intDays - password expiry in days
- Min
Length int - required password length
- Requires
Special boolChar - whether to require special character
- Requires
Two boolFactor Auth - whether to require two-factor auth
- Enabled bool
- whether the policy is enabled
- Expiry
In intDays - password expiry in days
- Min
Length int - required password length
- Requires
Special boolChar - whether to require special character
- Requires
Two boolFactor Auth - whether to require two-factor auth
- enabled Boolean
- whether the policy is enabled
- expiry
In IntegerDays - password expiry in days
- min
Length Integer - required password length
- requires
Special BooleanChar - whether to require special character
- requires
Two BooleanFactor Auth - whether to require two-factor auth
- enabled boolean
- whether the policy is enabled
- expiry
In numberDays - password expiry in days
- min
Length number - required password length
- requires
Special booleanChar - whether to require special character
- requires
Two booleanFactor Auth - whether to require two-factor auth
- enabled bool
- whether the policy is enabled
- expiry_
in_ intdays - password expiry in days
- min_
length int - required password length
- requires_
special_ boolchar - whether to require special character
- requires_
two_ boolfactor_ auth - whether to require two-factor auth
- enabled Boolean
- whether the policy is enabled
- expiry
In NumberDays - password expiry in days
- min
Length Number - required password length
- requires
Special BooleanChar - whether to require special character
- requires
Two BooleanFactor Auth - whether to require two-factor auth
SettingPcap, SettingPcapArgs
- bucket str
- max_
pkt_ intlen - max_len of non-management packets to capture
SettingSecurity, SettingSecurityArgs
- Disable
Local boolSsh - whether to disable local SSH (by default, local SSH is enabled with allow_mist in Org is enabled
- Fips
Zeroize stringPassword - password required to zeroize devices (FIPS) on site level
- Limit
Ssh boolAccess - whether to allow certain SSH keys to SSH into the AP (see Site:Setting)
- Disable
Local boolSsh - whether to disable local SSH (by default, local SSH is enabled with allow_mist in Org is enabled
- Fips
Zeroize stringPassword - password required to zeroize devices (FIPS) on site level
- Limit
Ssh boolAccess - whether to allow certain SSH keys to SSH into the AP (see Site:Setting)
- disable
Local BooleanSsh - whether to disable local SSH (by default, local SSH is enabled with allow_mist in Org is enabled
- fips
Zeroize StringPassword - password required to zeroize devices (FIPS) on site level
- limit
Ssh BooleanAccess - whether to allow certain SSH keys to SSH into the AP (see Site:Setting)
- disable
Local booleanSsh - whether to disable local SSH (by default, local SSH is enabled with allow_mist in Org is enabled
- fips
Zeroize stringPassword - password required to zeroize devices (FIPS) on site level
- limit
Ssh booleanAccess - whether to allow certain SSH keys to SSH into the AP (see Site:Setting)
- disable_
local_ boolssh - whether to disable local SSH (by default, local SSH is enabled with allow_mist in Org is enabled
- fips_
zeroize_ strpassword - password required to zeroize devices (FIPS) on site level
- limit_
ssh_ boolaccess - whether to allow certain SSH keys to SSH into the AP (see Site:Setting)
- disable
Local BooleanSsh - whether to disable local SSH (by default, local SSH is enabled with allow_mist in Org is enabled
- fips
Zeroize StringPassword - password required to zeroize devices (FIPS) on site level
- limit
Ssh BooleanAccess - whether to allow certain SSH keys to SSH into the AP (see Site:Setting)
SettingSwitchMgmt, SettingSwitchMgmtArgs
- Ap
Affinity intThreshold - If the field is set in both site/setting and org/setting, the value from site/setting will be used.
- Ap
Affinity intThreshold - If the field is set in both site/setting and org/setting, the value from site/setting will be used.
- ap
Affinity IntegerThreshold - If the field is set in both site/setting and org/setting, the value from site/setting will be used.
- ap
Affinity numberThreshold - If the field is set in both site/setting and org/setting, the value from site/setting will be used.
- ap_
affinity_ intthreshold - If the field is set in both site/setting and org/setting, the value from site/setting will be used.
- ap
Affinity NumberThreshold - If the field is set in both site/setting and org/setting, the value from site/setting will be used.
SettingSyntheticTest, SettingSyntheticTestArgs
SettingSyntheticTestVlan, SettingSyntheticTestVlanArgs
- Custom
Test List<string>Urls - Disabled bool
- for some vlans where we don't want this to run
- Vlan
Ids List<string>
- Custom
Test []stringUrls - Disabled bool
- for some vlans where we don't want this to run
- Vlan
Ids []string
- custom
Test List<String>Urls - disabled Boolean
- for some vlans where we don't want this to run
- vlan
Ids List<String>
- custom
Test string[]Urls - disabled boolean
- for some vlans where we don't want this to run
- vlan
Ids string[]
- custom_
test_ Sequence[str]urls - disabled bool
- for some vlans where we don't want this to run
- vlan_
ids Sequence[str]
- custom
Test List<String>Urls - disabled Boolean
- for some vlans where we don't want this to run
- vlan
Ids List<String>
SettingSyntheticTestWanSpeedtest, SettingSyntheticTestWanSpeedtestArgs
- enabled bool
- time_
of_ strday - any / HH:MM (24-hour format)
SettingVpnOptions, SettingVpnOptionsArgs
SettingWanPma, SettingWanPmaArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
SettingWiredPma, SettingWiredPmaArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
SettingWirelessPma, SettingWirelessPmaArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
Import
Using pulumi import
, import mist_org_setting
with:
Org Setting can be imported by specifying the org_id
$ pulumi import junipermist:org/setting:Setting setting_one 17b46405-3a6d-4715-8bb4-6bb6d06f316a
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- junipermist pulumi/pulumi-junipermist
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
mist
Terraform Provider.